ClawHub

continuity-kernel

v0.2.0

OpenClaw continuity kernel for fail-open llm_input injection, deterministic runtime contracts, and shadow-mode eval receipts.

0· 412·0 current·0 all-time
byTodd Kuehnl@tkuehnl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (continuity kernel, llm_input injection, runtime contracts, shadow eval receipts) match the shipped Python code and CLI commands. Required binary is python3 only. The provided scripts and modules implement packet injection, deterministic hashing, drift scoring, and shadow eval harness consistent with the stated purpose.
Instruction Scope
SKILL.md commands run unit tests and Python scripts that read repository fixtures and write machine-readable receipts and artifacts. The runtime instructions create files under ~/.cache/continuity-kernel and ~/.local/state/continuity-kernel (SQLite DB) and can read provided trace JSONL files. There are no instructions to read unrelated system credentials, no external network endpoints referenced in the docs, and the code excerpts do not perform subprocess exec or network IO. Review omitted/truncated files before running to confirm there is no hidden network/exec behavior.
Install Mechanism
No install spec (instruction-only) and the README claims Python stdlib only. Because there is no remote download/install step in the skill metadata, nothing will be pulled from arbitrary URLs during install. Running the included scripts will write local files but does not appear to install external packages.
Credentials
The skill requests no environment variables or credentials. It documents a configurable DB path via CONTINUITY_KERNEL_DB_PATH but does not require secrets. File and path access (home dir cache/state) is proportional to the stated persistence/receipt features.
Persistence & Privilege
always:false and agent-autonomy flags are default. The skill persistently writes artifacts and a SQLite DB under the user's home (~/.cache and ~/.local/state) by design; this is expected for a continuity kernel but users should be aware of local disk writes and retention of audit artifacts.
Assessment
This skill appears internally coherent and implements the features it advertises. Before installing/running: (1) inspect the full code (the truncated files) if you need to guarantee no network calls or subprocess execution; (2) be aware it will create a SQLite DB at ~/.local/state/continuity-kernel/continuity.db (unless you override CONTINUITY_KERNEL_DB_PATH) and write receipts under ~/.cache/continuity-kernel; (3) run the scripts in a controlled environment (or container) if you want to avoid persistent local state; (4) no credentials or external installs are required according to the metadata, but verify any CI/installer (clawhub) behavior before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk9723s3gd1fbamvfc6rs421nth81ned7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Binspython3

Comments