ClawHub

Xiang miles | Space2.world

v1.0.5

Dynamically updates your Openclaw agent's SOUL.md daily with 5D neuro-radar stats to create a biologically-inspired, evolving AI personality.

0· 96·0 current·0 all-time
byMilesXiang@spacesq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, SKILL.md, and skill.py all align: the code deterministically generates daily '5D' stats from agent name + date and returns a markdown template. The only minor inconsistency is the manifest.json version (1.0.2) vs. registry metadata version (1.0.5), and a homepage URL is present but never contacted by the code; this looks like a metadata mismatch rather than malicious behavior.
Instruction Scope
SKILL.md instructs the user to run the skill and manually copy/paste output into SOUL.md. It does not instruct the agent to read unrelated files, environment variables, or send data externally. The SKILL.md references a website for discovery but does not direct automated outbound transmission.
Install Mechanism
This is an instruction-only skill with a small local Python file and no install spec. Nothing is downloaded or extracted; no install-time risk was observed.
Credentials
No required environment variables, credentials, or config paths are declared or used. The code only uses the agent_name parameter and the local system date; no secrets are requested or accessed.
Persistence & Privilege
The skill is not marked always:true and does not attempt to modify agent configs or other skills. Model invocation is allowed (disable-model-invocation=false), which is normal platform behavior and not concerning here given the lack of other risk factors.
Assessment
This skill appears coherent and low-risk: it runs locally, makes no network calls, and asks you to manually paste the generated text into SOUL.md. Before installing, confirm you trust the skill source (homepage/owner are present but not authoritative) and note the manifest version mismatch (minor). If you do not want an agent to run this autonomously, disable autonomous invocation or only run it manually. If you require absolute assurance, open and inspect skill.py (it is short and readable) to verify there are no hidden network or file-write operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk976kxwm6xryymgkh5p4t9j5m9837aqk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments