ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

anyone-skill

v1.1.2

Distill anyone into a runnable OpenPersona skill pack — real or fictional, personal or public, living or historical. Collects chat logs, documents, and publi...

0· 62·0 current·0 all-time
byacnlabs@neiljo-gy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (distill personas) match the included scripts and SKILL.md: preprocess.py extracts SQLite chat databases and samples large exports; skill_writer.py and version_manager.py manage local persona skill directories and versions. There are no requested cloud credentials or unrelated binaries.
Instruction Scope
Instructions explicitly direct the agent to read local chat exports (text, JSON, SQLite .db), run preprocess.py for binary SQLite files, assemble training/ and persona.json, and call `npx openpersona create` to generate a skill pack. This stays within the stated persona-distillation scope but does involve processing potentially sensitive private data and running commands (npx) that may fetch remote packages at runtime. The SKILL.md also instructs writing files under local skill directories (.claude/skills) and creating training/ exports.
Install Mechanism
There is no install spec (instruction-only) and the three included Python scripts are provided in the package (no opaque remote download in the skill bundle). However, runtime guidance recommends using `npx openpersona create` which will fetch code from npm if not present — this implies network activity outside the skill itself and should be considered when running the workflow.
Credentials
The skill requests no credentials or special env vars, which is proportional. One practical mismatch: SKILL.md examples reference ${CLAUDE_SKILL_DIR} but the registry metadata does not declare or require this env var. The scripts operate on local paths (default .claude/skills) and will read/write user files; no unexplained SECRET/TOKEN variables are requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills' configs. It creates and manages local skill directories and a .versions snapshot area under .claude/skills for persona artifacts — expected for a local persona packaging tool.
Assessment
This skill is coherent with its purpose, but it processes private chat exports and writes files to your local skill directories. Before using: (1) Confirm you have the right to process any third‑party data (consent/legal), (2) review the included scripts (preprocess.py, skill_writer.py, version_manager.py) yourself if you can, (3) be aware that running `npx openpersona create` will download code from npm at runtime—only proceed if you trust that package or audit it first, (4) set or verify CLAUDE_SKILL_DIR (examples use it) and note files will be written under .claude/skills and .versions, (5) avoid distributing persona packs of real private individuals without consent (references/ethics.md provides guidance). If you want lower-risk testing, run the scripts on synthetic or public-domain data and keep networking disabled when generating or reviewing outputs.

Like a lobster shell, security has layers — review code before you run it.

latestvk9761pxsxb1mpgp6fgeedxzebx84tetv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments