Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
zhangdi-avatar
v0.9.0张迪的数字化身。以张迪的视角、价值观、方法论和决策逻辑,进行分析、判断、决策,并持续自我完善。当用户需要"问问张迪会怎么想/怎么做/怎么判断"时触发。
⭐ 0· 46·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (a Zhang Di avatar) aligns with the included files (persona, methodology, memories). The skill requires no binaries, env vars, or external services, which is consistent for a purely instruction-based persona. One oddity: meta.json contains a local source path (/Users/zhangdi/...), which is just metadata but suggests it was exported from a local repo; no network endpoints or unrelated credentials are requested.
Instruction Scope
SKILL.md explicitly instructs the agent to perform reads/writes to local files (memory/evolution-log.md, meta.json, references/*, SKILL.md itself) and to collect baseline 'real' chat records for Turing tests. That means the skill will persistently store and update persona data and can write user-supplied content into the skill's memory. While plausible for a self-improving persona, this broad file-write behaviour and encouragement to ingest private chat transcripts expands scope beyond a stateless conversational helper and raises privacy and persistence concerns.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install model. Nothing is downloaded or executed outside the agent's normal runtime.
Credentials
No environment variables, binaries, or external credentials are requested (proportionate). However, the skill asks for ingesting private conversational data (WeChat/Slack/email transcripts) into its memory directories for Turing testing and self‑improvement — that raises data-privacy proportionality concerns even though no secrets/env vars are needed.
Persistence & Privilege
The skill's self-improvement protocol instructs writing back to core files (meta.json, SKILL.md, references/*) and to an evolution log after dialogues. Persistent modification of the skill's own files is permitted here and could be used to change behavior over time. Combined with autonomous invocation being allowed by default, this increases blast radius (the agent could iteratively alter the persona). always:false mitigates forced inclusion, but persistent writeback remains a privilege users should weigh.
What to consider before installing
This skill is a detailed persona that will store and update files in its skill folder and asks for collecting real chat transcripts for 'Turing tests'. Before installing: (1) Verify the origin and whether the real person (张迪) authorized this persona — it may impersonate someone without provenance. (2) Understand memory persistence: the skill will write logs and can modify SKILL.md/meta.json; if you do not want persistent changes, run it in a sandbox or disable writeback. (3) Do not feed private chat logs or sensitive messages unless you accept they will be stored inside the skill's memory directories. (4) If you want the persona but not file-write behavior, ask the author for a read-only variant (no automatic writebacks) or remove/lock the self_improvement/writeback logic. (5) Test in an isolated environment first and review memory/evolution-log.md and any updated files after runs. If you are unsure about provenance or do not want persistent local storage of user data, consider not installing or request a version that does not persistently modify files.Like a lobster shell, security has layers — review code before you run it.
latestvk97egzz6v62kvjaty4vgqda6ts84b35y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.