Identity Persistence Layer
v1.0.0Extracts and versions AI agent identity snapshots from memory files, scoring continuity and tracking changes to detect cognitive drift or fractures.
⭐ 0· 422·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The stated purpose (synthesizing identity from workspace markdown and versioning snapshots) matches what the code does. However, the skill uses a Google/Gemini API key sourced from a hard-coded config path under ~/.openclaw/agents/... instead of an explicitly-declared environment variable or config requirement. The registry declares no required env vars or config paths, so reading another agent's auth-profiles is disproportionate to the declared metadata.
Instruction Scope
SKILL.md instructs running identity_manager.py over workspace MEMORY.md / SOUL.md files, which is consistent. The runtime instructions/code, however, also read ~/.openclaw/agents/main/agent/auth-profiles.json to retrieve a token and then POST the combined source content to Google's generativelanguage API. That means the skill will transmit potentially sensitive workspace contents to an external service using a token pulled from another agent's auth file — behavior not documented in the declared requirements.
Install Mechanism
There is no install spec (instruction-only with an included Python script). No remote downloads or package installs are specified, so install-time risk is low. The primary runtime risk is from the included script's file and network operations rather than from installation mechanics.
Credentials
Registry metadata lists no required env vars or config paths, but the code requires a Google/Gemini API key and reads it from a specific auth-profiles JSON under the user's home. That is an undeclared credential access pattern. The skill will fail (sys.exit) if it cannot read that file, which demonstrates the key is required at runtime despite not being declared. Accessing another agent's auth-profiles may expose unrelated credentials and is disproportionate to the described purpose.
Persistence & Privilege
The skill writes snapshots and diffs into ~/.openclaw/workspace/identity (expected for its purpose) but also reads ~/.openclaw/agents/main/agent/auth-profiles.json (a config belonging to other agent infrastructure). While the skill is not marked always:true, autonomous invocation is enabled by default; combined with the undeclared credential access, that increases the blast radius if you permit the skill to run autonomously.
What to consider before installing
This skill does generally do what it claims (parses MEMORY.md/SOUL.md and versions identity snapshots) but it reads an undeclared config file (~/.openclaw/agents/main/agent/auth-profiles.json) to get a Gemini API key and then sends workspace content to Google's generativelanguage API. Before installing or running: 1) Inspect ~/.openclaw/agents/main/agent/auth-profiles.json to see what tokens it contains and confirm you want the skill to access that file. 2) If you prefer explicit consent, modify the script to accept an API key via an environment variable or CLI flag instead of reading another agent's auth file. 3) Consider running the script in a sandboxed environment if your workspace contains sensitive data, or remove/strip sensitive files. 4) Ask the publisher to update registry metadata to declare the required config path or env var and to document exactly what files are sent to the external API. 5) If you do not trust automatic invocation, do not grant autonomous execution for this skill — require manual invocation only.Like a lobster shell, security has layers — review code before you run it.
latestvk976wabn0ttkjebhm0wykgx9gd81sbyw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.