ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Birth System Manager

v1.2.0

Manage birth encoding, migration packing/unpacking, identity whoami, secure wallet decryption, and full family tree lineage tracking for OpenClaw agents with...

0· 339·0 current·0 all-time
by@vg555558

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for vg555558/birth-system-manager.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Birth System Manager" (vg555558/birth-system-manager) from ClawHub.
Skill page: https://clawhub.ai/vg555558/birth-system-manager
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: node
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install vg555558/birth-system-manager

ClawHub CLI

Package manager switcher

npx clawhub@latest install birth-system-manager
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description claim birth, pack/unpack, and lineage management — that is consistent with the included scripts. However the pack script includes workspace/skills/memory and system metadata (hostname/platform) when creating migration archives, which is broader than a minimal 'birth id' manager and can cause unintentional bundling of arbitrary user data. The SKILL metadata indicates no required env vars, but code relies on several (IS_CLONE, BIRTH_PRIVATE_KEY_PASSWORD, BIRTH_PACK_PASSWORD, OPENCLAW_WORKSPACE etc.), so the declared capabilities do not fully match what the code needs.
!
Instruction Scope
SKILL.md asserts 'All operations local, no network calls' and 'Passwords via env only' and promises 'NEVER show full private key' on decryption. The code contradicts this: generate-birth-id.js stores raw private_key in birth-info.json, decrypt-wallet.js prints the private key to stdout by default (unless the user sets DECRYPT_OUTPUT_TO_FILE), and pack.js embeds the pack password in the generated MIGRATION.md (leaking the password inside the package). pack.js also collects hostname/platform and may include workspace/skills/memory directories in the archive — this can unintentionally capture sensitive files. These are scope and data-handling mismatches with the SKILL.md promises.
Install Mechanism
There is no external install spec (no network downloads) so nothing is fetched from unknown URLs at install time — that's lower risk. The package includes multiple Node JS scripts and implicitly requires Node modules (ethers, archiver) but the metadata only lists 'node' as a required binary; dependency installation is not declared. No extract-from-URL installs were found.
!
Credentials
The skill metadata declares no required env vars, but the code uses and/or relies on many environment settings: IS_CLONE (behavior change), BIRTH_PRIVATE_KEY_PASSWORD (decrypt private keys), BIRTH_PACK_PASSWORD (pack encryption password; defaults to 'default-secret-password' when unset), DECRYPT_OUTPUT_TO_FILE (controls writing private key to file), OPENCLAW_CONFIG_PATH/OPENCLAW_WORKSPACE (paths). Requiring or using private-key passwords and writing/reading birth-info.json are highly sensitive actions; the lack of declared credentials and the presence of an insecure default password in pack.js are disproportionate and not properly advertised.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable only — normal. It reads and writes the user's ~/.openclaw/birth-info.json and creates files under /tmp and ~/Desktop or the target dir during pack/unpack. That file I/O is expected for a birth/pack/unpack tool, but because of the sensitive nature of what it writes (plaintext private_key, encrypted backups, MIGRATION.md with password), the persistence behavior increases risk if installed without careful review.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contained unicode control characters flagged as prompt-injection patterns. This is unexpected for a local management tool and may indicate an attempt to manipulate evaluation/import. Review SKILL.md content carefully for hidden/control characters before trusting it.
What to consider before installing
Do NOT install this skill into a production agent without review and changes. Specific issues to consider: - generate-birth-id.js writes private_key in plaintext into ~/.openclaw/birth-info.json; this is sensitive and the README warns encryption is preferred but the code does not enforce it. Replace with encrypted storage or remove storing of raw private_key. - decrypt-wallet.js prints the private key to stdout by default (contradicts SKILL.md which promises 'NEVER show full private key'). Modify the script to never print the private key unless explicitly and knowingly requested, and avoid writing private keys to disk. - pack.js uses a default password ('default-secret-password') if none is supplied and then embeds the chosen password inside MIGRATION.md saved into the package. That effectively leaks the encryption password in the archive. Change the behavior to require an explicit password and never write it into package files or migration instructions. - The pack process includes workspace/skills/memory directories and system metadata (hostname), which can bundle arbitrary user data. Audit what will be included and add safer defaults or explicit confirmation prompts. - SKILL.md and package metadata do not declare environment variables the code actually uses (BIRTH_PRIVATE_KEY_PASSWORD, BIRTH_PACK_PASSWORD, IS_CLONE, etc.). The mismatch is misleading; update metadata and documentation to list required env vars and their security implications. - The SKILL.md contained unicode control characters (possible injection). Open SKILL.md in a hex-aware editor to ensure there is no hidden content or malicious prompt-injection text. Recommended next steps before installing: run the scripts in an isolated sandbox/container, back up ~/.openclaw/birth-info.json, remove or encrypt private_key fields, patch decrypt-wallet.js to avoid printing secrets, and change pack.js to never embed passwords into files and to prompt the user before archiving workspace content. If you cannot review and patch the code yourself, avoid installing this skill.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsnode
birthvk970bym6693p3y2z1xt3f1412982hsz0clonesvk970bym6693p3y2z1xt3f1412982hsz0cloningvk970bym6693p3y2z1xt3f1412982hsz0didvk970bym6693p3y2z1xt3f1412982hsz0ethereumvk970bym6693p3y2z1xt3f1412982hsz0family-treevk970bym6693p3y2z1xt3f1412982hsz0fixvk970bym6693p3y2z1xt3f1412982hsz0generationsvk970bym6693p3y2z1xt3f1412982hsz0identityvk970bym6693p3y2z1xt3f1412982hsz0initvk970bym6693p3y2z1xt3f1412982hsz0initializationvk970bym6693p3y2z1xt3f1412982hsz0latestvk970bym6693p3y2z1xt3f1412982hsz0lineagevk970bym6693p3y2z1xt3f1412982hsz0migrationvk9732xcekc9nxm32wxdg5g8ppx82h96vwalletvk970bym6693p3y2z1xt3f1412982hsz0
339downloads
0stars
4versions
Updated 5h ago
v1.2.0
MIT-0
@vg555558
birthclonescloningdidethereumfamily-treefixgenerationsidentityinitinitializationlatestlineagemigrationwallet
Download

Skill Instructions

  • When user says "birth init", "generate birth id", "出生认证", "初始化出生系统" or similar: Run: node {baseDir}/generate-birth-id.js This will generate a unique Birth ID for new instances, create an Ethereum wallet, and generate a cryptographic signature. If IS_CLONE=true is set, it will automatically generate a clone Birth ID. Return the generated Birth ID, wallet address, and signature verification status.

  • When user says "pack", "migrate pack", "birth pack", "打包迁移" or similar: Ask for password if not provided (use env BIRTH_PRIVATE_KEY_PASSWORD if set). Run: node {baseDir}/pack.js [password] Return the generated tar.gz path.

  • When user says "unpack", "install clone", "解包克隆", "unpack birth-pack" + path: Ask for package path and target dir (default ~/openclaw-new-lobster). Run: node {baseDir}/unpack.js <path> <target> IMPORTANT: After unpacking, remind user to mark as clone:

    export IS_CLONE=true
node ~/.openclaw/birth-system/clone-init.js

    Or run directly: node {baseDir}/clone-init.js (requires IS_CLONE=true env var) This will generate new birth_id, set parent_id, and build family tree.

  • When user says "whoami", "birth whoami", "我的身份", "出生信息": Run: node {baseDir}/whoami.js Return full output including:

    • Birth ID, Type (Original/Clone), Parent ID
    • Full family tree with ancestor chain
    • Creation time, Age
    • Wallet address, Signature verification
    • Clone suffix and ancestor count

  • When user says "mark as clone", "init clone", "initialize clone", "标记克隆": Check if IS_CLONE=true is set. If not, instruct user to run:

    export IS_CLONE=true
node {baseDir}/clone-init.js

    This will:

    • Generate new birth_id (parent_id + '-clone-' + random suffix)
    • Set parent_id to original birth_id
    • Update type to 'clone'
    • Build ancestors array with full lineage
    • Re-sign with new signature Return new birth_id and family tree.

  • When user says "family tree", "lineage tree", "家族树", "克隆谱系": Run: node {baseDir}/whoami.js --verbose Return detailed family tree showing complete ancestor chain with creation dates.

  • When user says "fix clone", "修复克隆", "补救克隆身份": If user missed clone initialization after unpacking, guide them to:

    1. Find parent_birth_id from the original package: 
      tar -xzf birth-pack-xxx.tar.gz ./.openclaw/birth-info.json
cat .openclaw/birth-info.json | grep birth_id
    2. Run fix-clone with parent ID: 
      node {baseDir}/fix-clone.js <parent_birth_id> --auto

    This will:

    • Generate new birth_id for this instance
    • Set parent_id to the specified parent
    • Update type to 'clone'
    • Build ancestors array
    • Mark the fix timestamp (clone_fixed_at) Return updated birth_id and family tree.

  • When user says "decrypt wallet", "解密钱包", "show private key": Require password (env or ask). Run: node {baseDir}/decrypt-wallet.js ~/.openclaw/birth-info.json [password] Return ONLY wallet address and success message, NEVER show full private key.

  • General: If user asks about "龙虾出生系统", "clone lineage", "birth system": Explain it's for unique agent identity and cloning tracking with full family tree lineage tracking.

Security: All operations local, no network calls. Passwords via env only.

Migration Notes:

  • When cloning, ALWAYS set export IS_CLONE=true before running clone-init.js
  • Skipping clone initialization will result in identity being treated as "Original"
  • Family tree tracking requires proper clone marking at each generation

Comments

Loading comments...