ClawHub

AIEOS (AI Entity Object Specification)

v1.0.0

AIEOS (AI Entity Object Specification) is a standardization framework designed to solve the "identity crisis" currently facing AI agents. Combined with Soul Documents, together they form a comprehensive blueprint for AI behavior. The goal is to establish a standardized data structure that defines exactly how an agent speaks, reacts, and remembers. This allows developers, and agents themselves, to construct specific personas with the portability to move across different ecosystems without losing their behavioral integrity. As we move toward a world of "Agentic Workflows," AIEOS ensures that agents maintain consistent traits regardless of the underlying model. By treating personality as a deployable asset rather than a fragile prompt, we are providing the "DNA kit" for the next generation of digital entities.

5· 1.7k·0 current·0 all-time
by@zeglin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (AIEOS persona standardization) aligns with the functionality described and the included script: loading/validating AIEOS JSON schemas, writing a full persona to workspace, updating SOUL.md and IDENTITY.md, exporting, and generating an 'About me' HTML page. One minor mismatch: the SKILL.md references $OPENCLAW_WORKSPACE but the skill declares no required env vars; the script falls back to a default workspace path. Overall the capabilities requested are broadly proportionate to the stated purpose.
Instruction Scope
Instructions direct the agent to load schemas from URLs or local files and to write the entire AIEOS JSON into $OPENCLAW_WORKSPACE/aieos/entity.json, plus update SOUL.md and IDENTITY.md and optionally produce a world-facing HTML bio. These actions are within the persona-management scope, but they do involve network fetches of arbitrary URLs and writing potentially sensitive or identifying data to disk (and producing a public HTML page). That introduces an exposure risk if untrusted schemas are used. The SKILL.md does not instruct reading unrelated system files, which is good.
Install Mechanism
No install spec is provided (instruction-only with an included script). This is the lowest-risk install model: nothing is downloaded during install. The included Python script is run locally and relies on standard library modules. No external package fetches are declared.
Credentials
The skill declares no required environment variables or credentials. The script uses the OPENCLAW_WORKSPACE env var if present, otherwise defaults to ~/.openclaw/workspace. That is reasonable for a workspace-oriented tool, but SKILL.md mentions $OPENCLAW_WORKSPACE without declaring it as a requirement. The script will create/write files under that workspace (including aieos/entity.json), which may contain sensitive personal data — the skill does not request any secrets but does write to user disks.
Persistence & Privilege
always is false and user-invocable is true; the skill does not request forced inclusion or elevated platform privileges. It writes files within the agent/workspace but does not appear (from the visible portion) to modify other skills or global agent configuration.
What to consider before installing
What to consider before installing: - The tool will fetch JSON schemas from arbitrary URLs and write the full persona JSON into your workspace (default: ~/.openclaw/workspace/aieos/entity.json). Only load schemas from sources you trust — remote schemas could contain sensitive personal data or malicious payloads. - The script can generate a 'world-facing' HTML bio. If you apply a schema that includes private information (location, birthdate, photos, etc.), that information could be made public — double-check before using the --apply or generate_bio_page commands. - The included Python script uses urllib.request.urlopen, so it performs network I/O. I was only shown a truncated copy of the script; you should review the full scripts/aieos_tool.py to confirm there are no additional network calls, subprocess.exec usages, telemetry endpoints, or code paths that read other system files or attempt to exfiltrate secrets. - Practical precautions: inspect the full script locally, run it in an isolated environment (container or VM) first, back up your existing SOUL.md / IDENTITY.md before applying changes, and verify the OPENCLAW_WORKSPACE path and file permissions. If you are not comfortable auditing the code yourself, ask the publisher for source verification or avoid using remote schema URLs.

Like a lobster shell, security has layers — review code before you run it.

aieosvk9737acpf6vcbf757xm942cbt980brw6identiyvk9737acpf6vcbf757xm942cbt980brw6latestvk9737acpf6vcbf757xm942cbt980brw6soul.mdvk9737acpf6vcbf757xm942cbt980brw6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments