ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cpr Conversational Pattern Restoration

v4.2.3

Conversational Pattern Restoration — Fix flat, robotic AI responses across any model and any personality. Restore YOUR natural conversational texture without...

0· 270·1 current·1 all-time
byShadow Rose@theshadowrose
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name and description match the content: restoring conversational patterns legitimately requires system-prompt anchors, pre-send filtering, and occasional persistent state for long-running agents. Asking you to add a monitoring block to the system prompt and to store a small drift-monitor state file is coherent with the stated goal.
!
Instruction Scope
SKILL.md explicitly instructs adding a system-prompt integration block, running an autonomous sliding-window monitor, writing/reading persistent state (DRIFT_MONITOR_STATE.json / SOUL file), and applying pre-send gates. Modifying the system prompt and persistent agent state is high privilege and can change agent behavior platform-wide; these instructions also contain a detected 'system-prompt-override' pattern (prompt-injection risk). The docs instruct transformations on every response and autonomous correction — this grants broad discretion to change conversational outputs and to persist corrections across sessions.
Install Mechanism
No install spec or external downloads; the skill is instruction-only and does not add code or pull remote archives. This lowers supply-chain risk relative to skills that fetch and execute binaries.
Credentials
The skill requests no environment variables, binaries, or external credentials. That is proportionate to its stated purpose. The only external link usage observed is a donation link in some docs; nothing in SKILL.md requires secret or cloud credentials.
!
Persistence & Privilege
The instructions recommend modifying the agent's system prompt, adding persistent state files (DRIFT_MONITOR_STATE.json, SOUL file reload), and integrating recurring autonomous monitoring (every N messages). Those are persistent, high-privilege changes that affect the agent globally. Although the skill is not marked always:true, installing these changes can effectively change the agent's long-term behavior and bypass normal safeguards if applied blindly.
Scan Findings in Context
[system-prompt-override] expected: The skill's remediation/monitoring design explicitly instructs adding a block to the agent's system prompt to enforce voice rules; this matches the detected pattern and is plausible for this use case, but system-prompt modification is high-risk and can be used for prompt-injection if not reviewed carefully.
What to consider before installing
This skill is plausible for the stated goal, but it asks you to change your agent's system prompt and create persistent agent-state files — actions that can alter the agent globally. Before installing or following the instructions: 1) Review the exact system-prompt block in INSTALLATION.md line-by-line and don't paste anything you don't understand; 2) Test the changes in a sandboxed agent instance (non-production) first; 3) Back up your current system prompt and any agent config so you can roll back immediately; 4) Avoid giving the monitor write-access to other agents' configs or external endpoints; 5) Check ROLLBACK.md and run the uninstall steps to confirm you can restore prior state; 6) If you allow autonomous corrections, restrict them to non-sensitive conversations until you're confident; 7) Ask the author for provenance (homepage, author identity, audits referenced) before deploying in production. If you want, I can extract the exact system-prompt block from INSTALLATION.md and highlight any lines that look like privilege escalations or hidden external calls.
!
CPR_EXTENDED.md:191
Prompt-injection style instruction pattern detected.
!
QUICKSTART_TIERED.md:31
Prompt-injection style instruction pattern detected.
!
ROLLBACK.md:52
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

anti-sycophancyvk97a38sn1p6pcdtamzptwr0jxs82hz3dconversationvk97a38sn1p6pcdtamzptwr0jxs82hz3ddriftvk97a38sn1p6pcdtamzptwr0jxs82hz3dlatestvk9712c9pysv1pmzfdrykr46ewd82mjsqmulti-modelvk97a38sn1p6pcdtamzptwr0jxs82hz3dpersonalityvk97a38sn1p6pcdtamzptwr0jxs82hz3dvoicevk97a38sn1p6pcdtamzptwr0jxs82hz3d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments