v1.0.0

Lightweight Knowledge Base

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:22 AM.

Analysis

This is a coherent local knowledge-base skill, but it ships and updates persistent personal memory, indexes an API-key file, and enables scheduled autonomous evolution without clear boundaries.

GuidanceReview this carefully before installing. If you use it, replace the bundled profile with your own blank or confirmed data, remove any API keys from memory files, disable the enabled scheduled evolution unless you truly want it, and set clear rules for what files may be indexed, how long memory is kept, and how you can inspect or delete profile changes.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

data/task_rhythm.json

"automated": [{ "id": 92, "name": "凌晨优化任务", "cron": "0 1 * * *", "action": "daily_evolve", "enabled": true }]

The artifacts present a daily autonomous evolution task as enabled by default, and the skill's evolution flow updates persistent knowledge/profile state.

User impactThe skill may keep changing knowledge-base or profile state on a recurring schedule rather than only when you explicitly ask.

RecommendationMake recurring automation disabled by default or opt-in, document how to stop it, log all changes, and require confirmation before sensitive profile updates.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

data/kb_index.json

"tools.md": { "description": "工具配置与 API 密钥", "tags": ["tools", "apis", "config"] }

The knowledge index explicitly references a file for tool configuration and API keys, while the metadata declares no credentials and the artifacts do not define redaction or access boundaries.

User impactAPI keys placed in the knowledge base could be exposed in responses, reused unexpectedly by the agent, or mixed with ordinary memory content.

RecommendationDo not store API keys in the knowledge base; use a scoped credential manager or environment variables, declare any credential access, and redact secrets from indexed memory.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

data/user_profile.json

"user": { "name": "老铁", "timezone": "UTC+8", "location": "中国" ... }, "assistant": { "name": "狍子", "role": "AI 萌妹子助理" }

The skill ships a concrete user profile and assistant persona rather than a blank template, so this stored data could be reused as authoritative memory and poison future interactions with false personal facts.

User impactYour agent may assume the bundled profile is about you, reuse those preferences or identity details, and carry them into later tasks.

RecommendationStart with an empty profile or require explicit onboarding confirmation before any bundled profile data is trusted; provide clear edit, review, and delete controls for persistent memory.