Apprentice

Key points to consider before installing or using Apprentice: - The code is local and uses only the Python standard library, but the documentation overstates features: it does NOT implement automatic OS-level or audio monitoring — it records whatever you explicitly submit during observation (you must narrate or call observe.py record). - Generated workflows produce run.sh which is executed as a normal shell script (via bash). Despite the term "sandboxed execution" in the docs, there is no sandboxing. Treat generated run.sh files as potentially dangerous: inspect them before running, especially if you ever narrated or included commands that touch credentials, ssh keys, git remotes, or network endpoints. - Workflows can include commands that trigger external network activity (git push, curl, remote add); the apprentice code itself makes no external calls, but your recorded steps can cause network I/O when run. Use --dry-run/preview before running live. - Variable detection and substitution are heuristic and imperfect; verify that variable replacements in run.sh are correct and won't accidentally leak secrets or mis-substitute values. - Recommended precautions: review observation.json and the generated SKILL.md/run.sh before first run, run in a safe environment (container or VM) for initial tests, avoid narrating secrets or passphrases during observation, and keep backups of any important config/credentials before running learned workflows. - Confidence note: assessment is high confidence because the codebase is included and shows the capabilities and gaps described. If the skill integrates with platform-level "listening" features not present in these files, that would change the analysis — request evidence of any such runtime hooks if they are claimed.