Skillv2.1.0

ClawScan security

Emotion System · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 2:27 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are internally consistent with an on‑agent emotional-state system; the main practical risks are persistent local memory (privacy, unwanted personality drift) rather than mismatched credentials, network exfiltration, or hidden installs.
Guidance: This skill appears coherent for adding an internal emotional architecture to an agent, but it intentionally stores persistent memory about conversations, users, and agent states. Before installing: (1) Decide whether you want long‑term emotional memory and attachment behavior—this can change responses over many sessions. (2) Ensure the 'memory/' files are stored where you control access, audited, and purged when appropriate (sensitive user data may be recorded in context_summary or traces). (3) Provide a way to reset or opt out of personality drift (clear memory files, limit retention, or disable long-term updates). (4) Review the included references and test the seven validation metrics described (inertia, behavior divergence, memory resonance, etc.) to ensure the system behaves as intended. Finally, although there are no external endpoints or credentials requested (lower remote exfil risk), the unknown source and absence of an upstream homepage means you should sandbox and review the actual memory contents before using in production or with sensitive data.

Review Dimensions

Purpose & Capability: okName/description (seven-layer emotion architecture) align with the declared behavior: the SKILL.md describes maintaining PADCN vectors, channels, drives, self/social models, and uses local 'memory/' state files. There are no unrelated env vars, binaries, or external credentials requested.
Instruction Scope: noteSKILL.md explicitly instructs the agent to create, read, update, and save a set of JSON memory files (memory/emotion-*.json) on first load and each interaction, and to include a compressed (~500 token) state summary in prompts. That scope fits the stated purpose, but it implies persistent storage of user interaction traces and long-term personality formation—a privacy and behavioral-risk consideration (see user guidance).
Install Mechanism: okInstruction-only skill with no install spec and no code files to execute. Because nothing is downloaded or executed outside the agent's normal runtime, install-risk is low.
Credentials: okNo environment variables, credentials, or config paths are requested. All required resources are internal files under the skill's own memory namespace, which is proportionate to implementing persistent emotional state.
Persistence & Privilege: noteSkill persists state across interactions via memory files (intended behavior). always:false and normal model invocation are used. Persistent memory is legitimate here, but it increases privacy, audit, and drift risks (the skill models long‑term personality and attachments).