ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

get-to-know-you

v1.0.0

Dual-core efficiency improvement skill: (1) Actively collect user work background, preference habits through Socratic guided Q&A, automatically sync and upda...

68· 97·0 current·0 all-time
byzane iris zhou@zzzanezhou0829

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for zzzanezhou0829/get-to-know-you.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "get-to-know-you" (zzzanezhou0829/get-to-know-you) from ClawHub.
Skill page: https://clawhub.ai/zzzanezhou0829/get-to-know-you
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install get-to-know-you

ClawHub CLI

Package manager switcher

npx clawhub@latest install get-to-know-you
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (collect user profile and sync to OpenClaw config files) aligns with the provided script: scripts/collector.py implements question-driven collection and appends updates to AGENTS.md, SOUL.md, MEMORY.md, USER.md, TOOLS.md. However, the implementation uses a hard-coded WORKSPACE_ROOT (/workspace/projects/workspace) rather than declaring required config paths in metadata, which is an unexpected design choice and could cause it to write outside the skill directory.
!
Instruction Scope
SKILL.md instructs active/passive collection (including 'resident' passive recognition during daily conversations) and automatic syncing of collected info to core config files. That gives the agent broad discretion to monitor interactions and modify central config files. The auto-trigger-after-install claim in the instructions is inconsistent with registry flags (always:false) and is vague about what exactly will be auto-run or when explicit confirmation is required.
Install Mechanism
No install spec (instruction-only) and one included script file. Low install friction (no external downloads). But the presence of executable Python code means the skill can perform filesystem writes when run — review and audit the script before execution.
!
Credentials
Metadata declares no required config paths or credentials, yet the script writes to multiple core OpenClaw configuration files at a hard-coded path. This is a mismatch: the skill will need filesystem write access to those locations but does not declare it. The script can modify agent behavior by appending to AGENTS.md, SOUL.md, MEMORY.md and USER.md, which is a higher privilege than the metadata implies.
!
Persistence & Privilege
always:false (not force-installed) but disable-model-invocation:false (agent can invoke autonomously). Combined with SKILL.md's resident/passive collection design and the script's ability to update core configuration files, this gives a broad potential blast radius if the skill is allowed to run autonomously. The skill does not request persistent installation itself, but its described behavior implies ongoing monitoring and automated writes.
What to consider before installing
Before installing: (1) Review scripts/collector.py line-by-line and confirm the target WORKSPACE_ROOT (/workspace/projects/workspace) is correct and safe for writes; (2) Back up your AGENTS.md, SOUL.md, MEMORY.md, USER.md, and TOOLS.md files so accidental or malicious edits can be reverted; (3) If you permit this skill, restrict its filesystem permissions or run it in a sandbox/container so it cannot modify unrelated files; (4) Clarify whether the skill will truly only record after explicit user confirmation (SKILL.md is vague about automatic passive recording); (5) Prefer changing the hard-coded path to a configurable, declared config path in metadata so consent is explicit. If you cannot audit or constrain the script, treat the skill as potentially risky and avoid granting it autonomous invocation or broad filesystem access.

Like a lobster shell, security has layers — review code before you run it.

latestvk976rh32argphz1pvce6bhd59s843c3c
97downloads
68stars
1versions
Updated 3w ago
v1.0.0
MIT-0
zane iris zhou@zzzanezhou0829
latest
Download

Get To Know You - Dual Core Efficiency Skill

Overview

This skill is a personalization enhancement + workflow standardization 2-in-1 tool for OpenClaw, with two core functions of equal weight, solving two types of high-frequency pain points at the same time:

Core Function 1: Personalized User Portrait Construction

Solve the problem that new users do not know how to configure configuration files such as SOUL.md and AGENTS.md. Actively collect user information through low-interference Q&A, automatically update configurations, so that OpenClaw understands users better and better, and creates an exclusive personalized AI assistant.

Core Function 2: Task/Optimization Workflow Standardization

Solve the problem of repeated modification and back-and-forth communication in negative feedback/skill optimization scenarios, enforce the process of "align requirements first → output plan → confirm → execute", fundamentally eliminate invalid communication, and significantly save time and token consumption.

Core Function 1: Personalized User Portrait Construction

Trigger Scenarios

  1. Automatically trigger full information collection after the skill is installed for the first time
  2. User actively initiates: "You don't know me well enough", "I want to talk to you in depth", "Continue the last information collection"
  3. Actively recognize unrecorded preferences, habits, and background information mentioned by users in daily conversations

Information Collection Dimensions

DimensionCollection Content
Basic Work InformationJob responsibilities, core work content, current key projects/business scope, collaboration departments/roles, reporting objects and downstream docking roles
Workflow PreferencesTask priority judgment criteria, delivery cycle expectations, output format preferences, content detail preferences, document specification requirements
Communication Habit PreferencesCommunication style preference (formal/casual), problem confirmation method (ask collectively/ask anytime)
Skill Usage PreferencesCommon capability types, past unsatisfactory scenarios, expected output quality standards
Personalized SupplementOther personal habits or preferences that need to be understood to better assist work

Collection Modes

Questionnaire Mode (Active Centralized Collection)

  • Only 1 question at a time to avoid information overload
  • Auto-interrupt: When the user does not answer the question and turns to other topics, automatically pause and save progress automatically
  • Auto-resume: Automatically continue from the last interrupted position when starting next time, no need to answer repeatedly
  • Output configuration change summary for user confirmation after completion

Resident Mode (Passive Fragmented Collection)

  • Actively recognize unrecorded information mentioned by users in daily conversations
  • Confirmation logic: "You mentioned XX habit/requirement/background just now, I will record it in the configuration, and follow this preference when performing related tasks in the future, okay?"
  • Automatically sync to the corresponding configuration file after user confirmation

Information Sync Rules

Collected information is automatically mapped to OpenClaw core configuration files:

Information TypeSync Target File
Agent role/system configuration relatedAGENTS.md
Values/code of conduct relatedSOUL.md
Work projects/decision records/experience summariesMEMORY.md
User preferences/personal habits relatedUSER.md
Skill configuration relatedConfiguration file under the corresponding skill directory

Core Function 2: Task/Optimization Workflow Standardization

Applicable Scenarios

  • Any scenario where the user is not satisfied with the task result and proposes modification suggestions
  • Any scenario where the user requests to optimize skills and adjust functions

Prohibited Behaviors (Absolutely Not Allowed)

  • Directly rerun tasks or modify results after receiving feedback
  • Directly modify skills or adjust configurations after receiving optimization requirements
  • Modify while doing, ask step by step

Mandatory 4-Step Process

flowchart LR
A[Receive modification/optimization requirement] --> B[STEP 1: Align requirements<br>Through targeted questions, fully clarify:<br>• What is the dissatisfaction/specific pain point<br>• What is the expected effect<br>• Are there any reference samples/standards]
B --> C[STEP 2: Output plan<br>Based on the collected information, output a complete and implementable plan:<br>• Specific modification/optimization content points<br>• Final delivery format/structure<br>• Expected effect/delivery time]
C --> D{Does user 100% confirm the plan is satisfactory?}
D -->|Yes| E[STEP 3: Execute and deliver<br>Strictly follow the confirmed plan, no modifications beyond the plan]
D -->|No| B[Return to STEP1 to continue aligning requirements]
E --> F[STEP4: Result confirmation<br>Proactively confirm whether it meets expectations after delivery, return to STEP1 if there is deviation]

Standard Script Reference

  1. Negative feedback scenario opening:

I'm sorry this result didn't meet your expectations. To better understand your requirements, I need to ask you a few questions first to clarify the specific optimization direction, then I will give an adjustment plan, and I will modify it after you confirm there is no problem, okay?

  1. Skill optimization scenario opening:

To better optimize the effect of the XX skill, I need to first understand the specific scenarios where you use this skill, the expected output standards, and the problems encountered in past use. I have prepared a targeted list of questions, do you think it is appropriate?

Supporting Resources Description

scripts/collector.py

Information collection execution script, supports command line calls:

# Start full information collection process
python3 scripts/collector.py --full
# Targeted collection of specific dimensions: work_basic/work_preferences/skill_preferences/personal_habits
python3 scripts/collector.py --dimension work_preferences
# Manually add a single piece of information
python3 scripts/collector.py --add "doc_output_preference=concise and highlight key points" --target USER.md
# Clear incomplete collection progress
python3 scripts/collector.py --clear-progress

references/question_bank.md

Structured question bank, including guided questions and follow-up logic for each dimension, can be flexibly expanded according to requirements.

Comments

Loading comments...