brain v1.1.7 用户版(免费):让AI Agent拥有类大脑决策架构。置信度触发、双保险记忆、经验胶囊复用。开箱即用,3片段内存池,2并发上限。
Security Analysis
medium confidenceThe skill's files and instructions largely match the described 'agent memory/decision' purpose, but there are mismatches and a few risky behaviors (undocumented CLI dependency, arbitrary shell exec wrapper, and automatic reading/writing of your workspace memory files) that you should review before installing.
The scripts implement the described features (confidence scoring, checkpoints, 'capsules', semantic recall helper, watchdog and subagent routing). However the packaging declares no required binaries while several scripts expect a Node environment and the 'openclaw' CLI (sessions_spawn) to exist; that dependency is not declared in the skill metadata/instructions.
Runtime instructions (SKILL.md) tell you to copy scripts into your skills/workspace and to add SNAPSHOT.md and 工作缓冲区.md to bootstrapExtraFiles so their contents are injected into agent context. The scripts read and write files under $HOME/.openclaw/workspace (SNAPSHOT.md, 工作缓冲区.md, logs, capsules directory) and will publish assembled injection JSON to stdout. This legitimately supports the stated purpose, but it also means potentially sensitive workspace content will be programmatically read and included in agent contexts — and some wrappers allow execution of arbitrary shell commands when invoked.
No automated install spec — instruction-only plus scripts that you copy manually. This is lower install risk (nothing downloaded at runtime). The user is required to manually copy scripts into their environment, which gives them a chance to inspect files before use.
No environment variables or credentials are declared or requested, which aligns with a local, file-based memory system. However the code assumes process.env.HOME, a Node runtime, and an 'openclaw' CLI binary; those runtime dependencies are not listed. There are no network endpoints or secret-exfiltration hooks in the code, but the scripts will read whatever is in your workspace snapshot/buffer (which may contain secrets) and can write logs and capsule files to your HOME.
always:false (good). The skill writes and updates files under ~/.openclaw/workspace (buffers, snapshots, logs, capsule files) and instructs adding files to bootstrapExtraFiles so they become part of agent context — this is persistent and intended, but you should be aware it modifies your workspace files and will cause their contents to be injected into agent prompts.
Guidance
This skill implements a local 'brain' using scripts that read and write files in ~/.openclaw/workspace and that can spawn subagents via the openclaw CLI. Before installing: - Inspect the scripts yourself (they are plain JS / shell) and confirm you are comfortable with them reading SNAPSHOT.md and 工作缓冲区.md and writing logs/capsules under your HOME directory. - Note the packaging omission: the skill did not declare required binaries. Ensure you have Node.js and the 'openclaw' CLI available and understand what openclaw sessions_spawn will do in your environment. - Be cautious about sensitive data: don't store secrets or credentials in SNAPSHOT.md or the work buffer because their contents are programmatically injected into agent contexts. - The watchdog provides an 'exec' entrypoint and a general execWithRetry wrapper. Only run it with trusted commands and avoid passing untrusted input into shell execution paths. - Test in an isolated workspace (or backup current ~/.openclaw/workspace) before copying scripts into production. If you need stricter control, remove or sandbox the parts that spawn subagents or execute shell commands. If you want, I can: (a) list the exact lines that call external commands and file paths, (b) suggest a safer minimal configuration that disables exec entrypoints, or (c) produce a checklist for a secure manual install.
Latest Release
v1.1.7
brain v1.1.7 用户版采用新版可读性更强的说明文档,突出用户核心体验和区别点: - 完全重写的用户文档,突出场景化说明,便于上手和理解 - 明确列出核心能力:置信度触发、双保险机制、经验胶囊、语义记忆搜索 - 增加与完整版能力差异清单,便于用户快速对比 - 优化脚本使用方法和安装步骤指引 - 简化说明结构,降低学习门槛,增强试用转化引导
Popular Skills
Published by @384961890-ui on ClawHub
