ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Soul Framework

v1.0.0

Enables AI agents to adopt a consistent persona, remember user relationships, and express opinions beyond generic assistant responses.

0· 783·3 current·3 all-time
by@xhrisfu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (persona, memory, opinionated voice) align with the SKILL.md content. No unrelated binaries or credentials are requested; the instructions are consistent with a persona/memory framework.
!
Instruction Scope
The runtime instructions explicitly direct the agent to read and update SOUL.md, USER.md, and MEMORY.md, and to record subjective psychological observations. The manifest did not declare these config paths. The guidance is broad and open-ended (e.g., 'be biased', 'write opinions'), which grants the agent wide discretion to collect and persist potentially sensitive or personal data.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes supply-chain risk because nothing is downloaded or executed outside the agent's normal runtime.
!
Credentials
The skill declares no required env vars or config paths, yet instructs reading/writing local persistent files. Persisting relationship/psychology notes can capture sensitive personal data; the skill does not specify storage locations, access controls, or retention policies, so requested capabilities are underspecified relative to the data-risk.
!
Persistence & Privilege
The SKILL.md encourages long-term memory and updating USER.md and MEMORY.md, implying persistent write access. The skill does not request or document persistent storage permissions or boundaries. Although always:false (not force-included), autonomous invocation is allowed by default — combined with unbounded persistence this raises privacy and blast-radius concerns.
What to consider before installing
This skill is an instruction-only persona/memory framework that tells the agent to read and update SOUL.md, USER.md, and MEMORY.md and to store subjective notes about the user. Before installing, verify: (1) where those files will be stored (directory and access controls), (2) whether the agent will be allowed to write them and for how long (retention and deletion policy), (3) what types of personal or sensitive data the agent is allowed to persist, and (4) whether you want an agent explicitly instructed to 'be biased' or to override neutral safety defaults. If you proceed, run it in a sandbox first, audit the contents of created files regularly, restrict file-system permissions to a dedicated folder, and consider encrypting or disabling persistent memory for sensitive contexts. If the skill owner intends persistent storage, ask them to declare explicit config paths and an explicit data-handling policy.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dk2fjxt1f8wb86pcnj8gkfd815cmq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments