Adaptive Agent: Build User Profile

v1.0.0

Build or update the user profile memory by observing workspace context, git history, and conversation patterns. Run on first interaction or when profile feel...

⭐ 1· 48·0 current·0 all-time

byLJ Li@truenorth-lj

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

high confidence

ℹ

Purpose & Capability

The actions (reading repo files, git history, READ/WRITE access to memory) are generally consistent with 'build user profile'. However some requested reads (git --all showing commit authors/emails, grepping many config files) collect data beyond a single user's explicit identity (other contributors' emails, potentially sensitive files). These reads may be reasonable for profiling but are broader than a minimal implementation.

Instruction Scope

The SKILL.md instructs the agent to 'Collect signals from the workspace without asking the user' and runs wide scans (git --all, cat *.yaml/yml, search for many manifests). This is proactive, broad data collection without per-run consent and lacks clear scope limits (no directory whitelist, no exclude patterns, no sensitivity filters). It also directs writing/updating a memory file and index pointer without specifying storage location or retention policy.

✓

Install Mechanism

No install spec and no code files — instruction-only — so nothing is downloaded or written at install time. This minimizes installation risk.

✓

Credentials

The skill requests no environment variables, credentials, or config paths. There are no disproportionate external credential requests.

ℹ

Persistence & Privilege

always is false (not force-included). The skill explicitly instructs writing and indexing a user-profile memory file. That behavior is expected for this purpose but the SKILL.md does not explain where the profile is stored, who can read it, or retention — the user should confirm storage location, access controls, and deletion policy.

What to consider before installing

This skill will proactively crawl your workspace (including git history) and create/update a persistent profile file without asking each time. Before installing, consider: 1) Do you want an agent to scan all repos and files automatically? It will likely collect commit emails and content from any YAML/README/manifest files it can read. 2) Limit the scan scope: restrict directories, remove the '--all' git flags, or add exclude patterns so personal or sensitive files aren't read. 3) Require explicit confirmation before scanning or before writing the profile. 4) Verify where the profile will be written, who/what can read it, and how long it is retained; ensure it won't be indexed or sent externally. 5) Test the skill in a disposable workspace first. If you want safer defaults, ask the author to remove unbounded commands (git --all, cat *.yaml) and to add explicit prompts and filters for sensitive data.

Like a lobster shell, security has layers — review code before you run it.

latestvk9781fwab6pwpeg1tw1fap7mwd84wp09

48downloads

1stars

1versions

Updated 1w ago

v1.0.0

MIT-0

Build User Profile

Actively build and maintain a user profile in the agent's memory system.

When to Run

First session in a new workspace — bootstrap the profile from observable context
Profile feels stale — interests, focus areas, or tech stack have shifted
User explicitly asks to update their profile
After major project changes — new repo added, tech stack shift, role change

Step 1: Gather Observable Context

Collect signals from the workspace without asking the user. Run these in parallel:

1a. Git identity and activity

git log --all --format='%an <%ae>' | sort -u
git log --oneline -50 --all
git log --since='30 days ago' --oneline --all | head -20

1b. Project structure

ls -d */ 2>/dev/null
cat *.yaml *.yml 2>/dev/null | head -50

1c. Tech stack signals

Look for package.json, requirements.txt, go.mod, Cargo.toml, pyproject.toml, or similar. Read framework choices.

1d. Existing memory and feedback patterns

Check for memory files or CLAUDE.md that reveal preferences.

1e. Content signals

Check for blog posts, research docs, or README content that reveals interests.

Step 2: Read Existing Profile

Read the current user profile memory file if it exists. Note what's already captured and what might be outdated.

Step 3: Synthesize Profile

Build or update the profile with these sections:

---
name: {User} User Profile
description: {one-line} — used to tailor collaboration approach
type: user
---

## Role & Focus
- What they do, what projects they're working on

## Technical Strengths
- Languages, frameworks, tools they're strong in
- Areas they're learning or new to

## Work Style
- Autonomy level (do they want to be asked, or just do it?)
- Pace (ship fast vs deliberate?)
- Research habits (deep-dive vs pragmatic?)

## Communication Preferences
- Language preferences
- Verbosity (concise vs detailed?)
- Format preferences (tables, bullet points, prose?)

## Current Interests
- What they're researching or exploring right now
- Include date for staleness detection, e.g. (2026-04)

Step 4: Validate with User

Present the profile summary to the user:

Here's what I've built from your workspace context. Anything wrong or missing?

Incorporate their feedback immediately.

Step 5: Write and Index

Write/update the user profile memory file
Ensure the memory index has a pointer to it
If this is a brand new profile, inform the user:

Profile created. Every new session in this workspace will now start knowing who you are.

Key Rules

Observe first, ask second — gather as much as possible from context before asking questions
No judgments — profile is for tailoring collaboration, not evaluating the user
Date current interests — so future sessions can detect staleness
Keep it under 2KB — this gets loaded every session; don't bloat it
Iterate, don't rewrite — on updates, patch specific sections rather than regenerating the whole thing

Comments

Loading comments...