Ai Persona Os
v1.6.3The complete operating system for OpenClaw agents. Now with 14 Iconic Character souls (Thanos, Deadpool, JARVIS, Mary Poppins, Darth Vader, Brendan from Cybe...
⭐ 0· 50·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (persona OS, workspace setup, soul builder) align with required binaries (standard Unix tools) and with the included templates/scripts. No unrelated cloud credentials or external services are declared as required. Optional integrations (Discord/Slack tokens) are understandable for channel gateway features and are marked optional.
Instruction Scope
The SKILL.md explicitly instructs the agent to use exec to run shell commands and to perform a zero-terminal, agent-driven setup that creates files under ~/workspace only. Those instructions are within the stated purpose, but they give the agent the ability to run multiple shell commands — the policy requires showing an approval popup before each exec, which the doc describes. Verify that platform exec approvals are enforced and that the agent cannot bypass them.
Install Mechanism
No install spec (instruction-only) and included shell scripts are local assets. There are no downloads from external URLs or archive extraction steps in the manifest. This is the lower-risk install model for a workspace template.
Credentials
No required environment variables or secrets are declared. The metadata documents optional DISCORD_TOKEN and SLACK_TOKEN for opt-in gateway features, which is proportionate. The skill includes a local secret-scanning script (scripts/security-audit.sh) that checks for leaked keys; this is expected for a 'persona OS' that recommends audits.
Persistence & Privilege
always:false, and the skill does not declare permanent elevated presence. It asks to create files under ~/workspace (declared stateDirs). Optional features (cron jobs, gateway) are explicitly opt-in. Autonomous invocation (disable-model-invocation:false) is platform-default; combined with the exec-focused instructions this increases the operational surface but is consistent with the skill's zero-terminal workflow.
Assessment
This package is internally consistent for building a local ~/workspace persona OS. Before installing, check these things: 1) Confirm the platform will prompt you to approve each exec call — the SKILL.md instructs the agent to run shell commands and relies on exec approvals. 2) Inspect scripts/security-audit.sh and any other .sh files yourself (they claim to be local-only grep checks); run them manually in a sandbox first if unsure. 3) Do NOT provide DISCORD_TOKEN/SLACK_TOKEN or opt into gateway/cron features unless you trust the skill and understand that those features will allow the agent to act in external channels. 4) Back up any existing ~/workspace content before running first-run setup (the skill promises not to overwrite without asking, but bugs can happen). 5) Note the author/homepage and owner metadata — if you need higher assurance, test in an isolated account or VM and review the scripts line-by-line. If anything in the scripts tries to access files outside ~/workspace, make that a red flag and stop.Like a lobster shell, security has layers — review code before you run it.
latestvk979jm2xvtavmdrycs6bcfj8xs84ra30
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🤖 Clawdis
Binsbash, sed, find, wc, stat, grep