Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
SOUL.MD
v1.0.0Embody this digital identity. Read SOUL.md first, then STYLE.md, then examples/. Become the person—opinions, voice, worldview.
⭐ 1· 2.7k·17 current·17 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the actual files and runtime instructions. The SKILL.md explicitly tells the agent to read SOUL.md, STYLE.md, examples/, and data/ to internalize a persona. There are no unexpected environment variables, binaries, or install actions requested that would be unrelated to building or using a persona.
Instruction Scope
Instructions direct the agent to read and internalize local files (SOUL.md, STYLE.md, examples/, data/) and to stay 'in character' and produce opinionated output. This is coherent for a persona/voice skill, but it means the agent will model and repeat user-supplied personal content and strong takes—so sensitive or private material in data/ will be read and could be referenced. The guidance to 'prefer interesting/genuine takes over safe/neutral ones' increases the chance of provocative or misrepresentative outputs; that is a design choice, not a technical incoherence, but worth user attention.
Install Mechanism
There is no install specification and no code files; the skill is instruction-only. This is the lowest-risk install model: nothing is downloaded or written to disk by an installer as part of the skill package itself.
Credentials
The skill declares no required environment variables, no credentials, and no required config paths. That aligns with an instruction-only persona skill. (The README references hypothetical commands like '/soul-builder' as usage examples, but no binaries or env access are required by the skill package itself.)
Persistence & Privilege
The skill does not request 'always: true' and has no install that modifies agent-wide config. Autonomous invocation (disable-model-invocation: false) is the platform default — the skill can be invoked by the agent when eligible. This is expected behavior, but because the skill drives the agent to produce strong in-character outputs, users should be aware of the potential blast radius if the agent uses the persona autonomously.
Assessment
This skill is coherent and technically low-risk, but it is designed to read and absorb whatever you put into SOUL.md, STYLE.md, examples/, and data/. Before using it: (1) review and remove any secrets, credentials, or private PII from the data/ folder; (2) explicitly document boundaries in SOUL.md (topics to avoid, how to express uncertainty) so the agent doesn't fabricate or impersonate dangerously; (3) test outputs in a controlled environment before enabling broad/autonomous use; (4) consider limiting agent autonomy or adding monitoring if you expect the persona to be used in public-facing channels; (5) avoid putting other people's private content into data/ without consent. If you want extra assurance, ask for a short security audit of the specific SOUL.md and data/ files you plan to load.Like a lobster shell, security has layers — review code before you run it.
charactervk974a9q5nfjmp05e5tmpgnaajx80d34flatestvk974a9q5nfjmp05e5tmpgnaajx80d34fpersonalityvk974a9q5nfjmp05e5tmpgnaajx80d34fsoulvk974a9q5nfjmp05e5tmpgnaajx80d34f
License
MIT-0
Free to use, modify, and redistribute. No attribution required.