The complete operating system for OpenClaw agents. Now with 13 Iconic Character souls (Thanos, Deadpool, JARVIS, Mary Poppins, Darth Vader, and more), SOUL.m...
Security Analysis
high confidenceThe skill's files, declared requirements, and runtime instructions are internally consistent with a workspace-oriented 'agent OS' that runs shell commands under ~/workspace and offers optional channel integrations; nothing requests unrelated credentials or installs arbitrary remote code without explicit opt-in.
The name/description (an 'OS' for OpenClaw agents) aligns with the actual contents: many workspace templates, session/heartbeat/security policies, cron templates, and a few shell scripts. Required binaries (bash, sed, find, wc, stat, grep) are reasonable for text/file operations the skill performs. Optional tokens (DISCORD_TOKEN, SLACK_TOKEN) are declared for channel integrations and match the TEAM/TOOLS docs. No unexpected cloud or admin credentials are required.
SKILL.md tightly scopes operations to ~/workspace and explicitly forbids modifying files outside that tree without explicit user approval, which is coherent. It does, however, instruct the agent to use the exec tool to run shell commands (zero-terminal flow) and to run one exec at a time — this gives the agent the ability to execute shell commands in the user's environment. The skill also mandates presenting each exec for user approval and explaining the command beforehand. This is powerful but documented and constrained; users should verify each command before approving.
There is no automated install spec and the asset files are instruction/templates and small shell scripts; nothing downloads or extracts remote archives during install. Because it's instruction-first with included local templates/scripts, the install surface is minimal and there is no high-risk remote download step.
The skill declares no required environment variables and only lists optional DISCORD_TOKEN and SLACK_TOKEN for integrations that are documented in TEAM/TOOLS files. That matches the stated features (shared-channel discipline, gateway integration). No unrelated secrets or high-privilege credentials are requested.
The skill does not request always:true and uses normal autonomous invocation defaults. It writes only under ~/workspace per its own policy and treats cron/gateway changes as opt-in via the openclaw CLI. There is no evidence it attempts to modify other skills or system-wide configs without explicit approval.
Guidance
This skill is coherent with its stated purpose, but it is powerful because it expects to run shell commands (via exec) to create and manage files under ~/workspace. Before installing or approving any execs: 1) Review the provided shell scripts (e.g., scripts/security-audit.sh and the cron templates) so you understand what will run. 2) Keep DISCORD_TOKEN/SLACK_TOKEN disabled unless you want channel integration — the skill treats these as optional. 3) When the agent asks to run a command, verify the exact command text and scope (it claims to operate only under ~/workspace). 4) If you do enable cron/gateway features, confirm the openclaw CLI commands shown are what you expect. 5) Because the skill was published by an unknown owner and references an external homepage, prefer manual review of the assets before granting broad approvals. If you want, I can list the contents of scripts/security-audit.sh and the cron templates line-by-line to help you audit them before use.
Latest Release
v1.6.2
v1.6.2 — Onboarding Fix + VirusTotal Compliance The v1.6.0 Iconic Characters update shipped with a broken onboarding flow. Option 4 (SOUL.md Maker) still showed the old "12 personalities" menu with Data included and zero iconic characters. Users had to already know character names to find them. This patch fixes the entire setup experience and resolves all VirusTotal scanner findings. 🔥 Redesigned SOUL.md Maker Sub-Menu Option 4 now opens a clear 4-way menu instead of the old 3-way: A. 🎭 Original Soul Gallery (11 personalities) Rook, Nyx, Keel, Sage, Cipher, Blaze, Zen, Beau, Vex, Lumen, Gremlin B. 🎬 Iconic Characters Gallery (13 characters) Thanos, Deadpool, JARVIS, Ace Ventura, Austin Powers, Dr. Evil, Seven of Nine, Captain Kirk, Mary Poppins, Darth Vader, Terminator, Alfred, Data C. 🎯 Quick Forge (~2 min) 5 targeted questions, one custom SOUL.md D. 🔬 Deep Forge (~10 min) Full guided interview, highly optimized SOUL.md Users can also skip the menu entirely by naming any soul or character directly — "give me JARVIS" or "blend Rook + Zen" just works. 🎬 New Iconic Characters Gallery Display Full Step 1d added with all 13 characters, descriptions, "tell me more about [name]" support, and cross-gallery blending. Say "show characters" during setup to jump to it. Say "show souls" to jump back. 📋 Main Menu Updated Option 4 now reads: 🔥 SOUL.md Maker 24 ready-to-use souls across two galleries: 🎭 11 Original Personalities (Rook, Nyx, Sage, Zen...) 🎬 13 Iconic Characters (Thanos, Deadpool, JARVIS, Mary Poppins...) OR build your own from scratch with a guided interview Users see what's available before they choose. 🔀 Cross-Gallery Blending Blend any two souls from either gallery. "Rook + JARVIS" reads one from prebuilt-souls and one from iconic-characters, generates a hybrid SOUL.md. Works during setup and via "blend souls" command anytime. 🛡️ VirusTotal Compliance Cron templates: Removed "copy and paste into your terminal" language. Now says "the agent will run this via exec." Consistent with the exec-first agent rule. Missing script: Created scripts/security-audit.sh — local-only grep scanner, zero network calls. Was referenced in 4 files but never shipped. Stale versions: Updated heartbeat templates from 1.4.1 to 1.6.2. Gateway config: Softened requireMention directive in AGENTS-template to clearly mark it as optional.
More by @jeffjhunter
Published by @jeffjhunter on ClawHub
