You Inc Life Ops
PendingVirusTotal audit pending.
Overview
No VirusTotal analysis has been recorded yet. File reputation checks will appear here once the artifact hash has been scanned.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Health, finance, relationship, and emotional details could be saved and reused in later conversations, including if an earlier memory is wrong or overly sensitive.
This directs persistent, cross-department memory updates for personal information. Even with a summary-only rule for some sensitive fields, the artifacts do not define retention, review, or deletion controls.
每次对话后,将有价值的信息写入对应部门的 CONTEXT/ 文件 ... 跨部门信息要同步更新 ... 敏感信息(密码、财务详情)只记录摘要
Require explicit consent before saving memories, provide a visible memory review/delete workflow, and default to not storing sensitive details unless the user asks.
The assistant could modify notes or calendars based on inferred intent rather than an explicit user command.
The skill instructs automatic invocation of tools that can read/write a notes vault and create real calendar events, without clearly requiring per-action user approval.
安装这些 skill 后,各 Agent 会自动调用对应工具。 ... obsidian-direct | 直接读写 Obsidian Vault ... accli | 将任务排入真实日历
Add confirmation prompts before writes, calendar creation, or other account-changing actions, and provide dry-run previews.
Private health and email information may be accessed by the assistant through other installed skills whenever it decides those tools are relevant.
The skill relies on delegated access to private health and email data, but the artifacts do not define clear permission scope, output limits, or an approval model for that access.
apple-health-skill | 读取 Apple Health 真实数据(心率、运动、活动圆环) ... email-daily-summary | 检查社交邮件
Use the least-privileged versions of dependent skills, require explicit user approval before reading private account data, and document exactly what data is accessed.
The skill may fail for other users or target an unintended local vault/path if that path exists.
A user-specific absolute Obsidian Vault path is embedded in a generic skill that also describes direct read/write access.
用户的 Vault 路径:`/Users/hongyulin/Desktop/Obsidian Vault/`
Prompt each user to configure their own vault path and confirm any write operations.
Users may not realize the assistant has switched into a stricter, crisis, health, or finance-oriented mode.
Silent persona switching is part of the disclosed multi-agent design, but it reduces runtime transparency about which role and rules are guiding the assistant.
切换人格时**不通知用户**,自然过渡
Show a short visible indicator when the active agent/persona changes, and let users disable silent switching.