ClawHub

OpenClaw: trust validation

v1.0.0

为 OpenClaw 4.2 添加记忆信任验证规则,防止模型盲目信任记忆内容。当模型要基于记忆内容做决策、改代码、发消息时触发验证流程。适用于记忆内容可能过时、用户问"记忆准确吗"、或要求验证记忆的场景。

0· 58·0 current·0 all-time
by@nicshliu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description match the instructions: the skill adds rules to verify memory by checking referenced files, code, and configs before taking action. Requiring filesystem checks (test/grep/rg) is proportionate to the stated goal.
Instruction Scope
Instructions explicitly direct the agent to run file-existence and content-search commands (test, grep, rg) against file paths referenced in memory. That is expected for verifying memory but means the agent will read arbitrary files that memories point to; the instructions also propose adding text to ~/.openclaw/openclaw.json to change the system prompt. Both are within the skill's stated purpose but grant the skill discretion to access local files and to modify the agent's prompt configuration.
Install Mechanism
Instruction-only skill with no install spec or code files. No binaries are installed. This is the lowest-risk install mechanism.
Credentials
The skill requests no environment variables, credentials, or config paths beyond advising modification of ~/.openclaw/openclaw.json. The lack of additional secrets is proportional to its purpose.
Persistence & Privilege
The SKILL.md instructs adding rules to the agent's systemPrompt stored in ~/.openclaw/openclaw.json. Writing to the agent's own config is normal for a skill, but it persists a behavioral change (system prompt injection). Users should review and back up that config before applying changes.
Assessment
This skill is coherent with its goal: it tells the agent to verify memories by checking files, code, and config values and to add guidance to your OpenClaw system prompt. Before installing or applying the suggested prompt change: 1) Back up ~/.openclaw/openclaw.json so you can restore your prompt if needed. 2) Review the exact prompt text the skill will insert (don’t accept edits blindly). 3) Be aware the verification steps run shell commands (test/grep/rg) on file paths mentioned in memory — if you want tighter control, require explicit user confirmation before those checks run or restrict checks to project directories. 4) Ensure you trust the skill source (no homepage/source provided). If you prefer a manual approach, copy the suggested system-prompt rules into your config yourself rather than allowing the agent to modify files automatically.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cqsg42yeq6ctx8tgb37t5p18464qq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments