OpenClaw Workspace Starter Agent Home Template
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a no-code workspace template for agent identity and memory, with disclosed local persistence and optional scheduled check-ins that users should review.
This appears safe to install if you want a file-based agent workspace. Before using it, read AGENTS.md and HEARTBEAT.md, avoid storing secrets in USER.md or MEMORY.md, keep backups, and only enable scheduled heartbeats if you want the agent to act between chats.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect or modify workspace files without prompting, so mistakes could change local notes or project materials.
The template gives the agent broad default authority inside the workspace. This is disclosed and partly balanced by safety rules, but users should confirm that broad workspace access is acceptable.
What It Can Do Without Asking - Read files and explore your workspace - Search the web - Organize files and take notes - Do anything within the workspace
Keep important files backed up and edit AGENTS.md to require approval for file changes if you want stricter control.
Sensitive, stale, or incorrect notes may be carried into later conversations and shape the agent's responses.
The template intentionally reuses local identity, user, and memory files across sessions, which can preserve personal information and influence future agent behavior.
every session, it: 1. Reads SOUL.md 2. Reads USER.md 3. Reads today's and yesterday's notes from memory/ 4. Reads MEMORY.md
Do not store passwords or secrets in these files, and periodically review USER.md, MEMORY.md, and memory/ for accuracy and privacy.
If enabled too broadly, heartbeats may consume tokens, read/update workspace files, or produce unexpected check-ins.
The heartbeat feature is optional and user-configured, but it enables autonomous background check-ins and maintenance outside active chat.
Your agent can periodically "wake up" and check if anything needs attention — even when you're not talking to it.
Enable cron heartbeats only if you want background activity, choose a conservative schedule, and review or disable the job if behavior is noisy.