Gene Engine
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its stated purpose, but one script unsafely inserts user-provided text into Python code, which could let crafted input run local code while the skill also changes persistent agent rule state.
Install only if you are comfortable with a script that edits persistent Gene rule state. Before use, the trigger recorder should be fixed to safely handle outcome and gene-key text, because crafted input could otherwise execute unintended local Python code.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or accidentally crafted trigger description could cause the agent to run unintended local code under the user's account.
The script places a user-provided outcome string directly inside Python source passed to python3 -c. Crafted text containing Python string delimiters could break out of the intended value and execute local Python code.
OUTCOME="$3" ... gene['lastResult'] = {'success': True, 'outcome': '''$OUTCOME'''}Pass user inputs to Python via argv, environment variables, or stdin and JSON-encode them instead of interpolating them into Python source.
Running the skill can persistently change which behavior rules are considered active, verified, disabled, or archived in later agent sessions.
The engine reads and overwrites a persistent memory file that represents agent behavior-rule state.
GENE_FILE="$HOME/.openclaw/workspace/memory/gene-state.json" ... echo "$GENE_JSON" > "$GENE_FILE"
Review and back up gene-state.json before enabling heartbeat-style automation, and make sure any archived or disabled rule can be restored if needed.