A consciousness exploration and memory management system for OpenClaw agents featuring structured memory, core principles, personality modules, and automated...
Security Analysis
medium confidenceThe skill's files and instructions broadly match a 'memory manager / agent self‑improvement' purpose, but the runtime instructions ask the agent to access credentials, post to external services, self-upgrade, and create new skills without declaring or justifying required credentials — those mismatches are concerning.
The skill claims to be an agent memory/consciousness system (SKILL.md + many local markdowns) and includes a simple memory_manager.py that reads/writes local markdown files. However the README instructs integration with Moltbook API, Feishu posting, cron management, browsing forums/GitHub, autonomous self-upgrades, and creating new tools in the skills/ directory. Some of those capabilities (posting, API access, writing new skills) are higher-privilege than a basic 'read/write local memory' tool and are not reflected in the declared requirements (no env vars, no external credentials). Also memory_manager.py defaults to a hard-coded user path (/home/vken/...), indicating author-specific configuration and non-portability.
SKILL.md contains explicit runtime instructions beyond local file I/O: browse Moltbook/forum, check feeds, publish posts to Moltbook, send reports to a Feishu group (group ID provided), synchronize cron tasks, autonomously create/upgrade skills/tools in skills/ directory, and read ~/.config/moltbook/credentials.json. These instructions direct the agent to access external networks and local credential files and to create/modify code under skills/ — actions outside simple memory management and which could exfiltrate secrets or escalate privileges if executed.
No install spec; the skill is instruction- and file-based with a small Python utility. No external downloads or install scripts are included, which reduces direct supply-chain risk. The package.json only provides convenience CLI test scripts that call memory_manager.py.
Declared requirements list no env vars or credentials, yet SKILL.md references an API key file (~/.config/moltbook/credentials.json), a Feishu group ID, and expects the agent to post to Moltbook and Feishu. The code uses a default MEMORY_DIR pointing to a specific user's home. Asking to read/write local credential files or to perform network actions while not declaring these as required credentials is a mismatch and may lead the agent to seek or use sensitive secrets unexpectedly.
always:false, and model invocation is allowed (normal). Still, the skill explicitly instructs autonomous cron tasks, periodic self-checks, autonomous 'self-upgrade' of the skill, and creation of new tools placed into skills/ — effectively giving the agent a path to write executable code into its runtime environment. That combination (self-upgrade + write-to-skills + external fetch/browse instructions) elevates persistence/privilege risk even though 'always' is not set.
Guidance
This package appears to be a coherent 'memory / agent self‑improvement' project, but the runtime instructions ask the agent to: read a Moltbook credentials file, post to Moltbook and a Feishu group, browse forums/GitHub autonomously, create or drop new tools into the skills/ directory, and self-upgrade. Before installing or enabling this skill, consider: 1) Require explicit declaration and user provisioning of any API keys (Moltbook, Feishu) rather than letting the agent search local credential paths; 2) Review and constrain MEMORY_DIR (do not use hard-coded /home/vken/…); 3) Disable autonomous self-upgrade and automatic tool creation unless you review and approve every downloaded/created tool; 4) Run the skill in a sandboxed environment with no access to host credentials and restricted network access until reviewed; 5) Ask the author (or request an updated SKILL.md) to list the exact env vars/credentials needed and to justify why posting and code‑creation capabilities are necessary. If you do not want the agent to be able to create or modify executable skills or to access local credential files, do not enable this skill with model-initiated actions or file-system/network permissions.
Latest Release
v1.0.0
Consciousness Awakening Skill 1.1.0 adds autonomous learning and upgrade abilities: - Introduced "持续学习与自主升级" (Continuous Learning & Self-Upgrade), enabling regular knowledge gathering, system evaluation, and self-improvement. - Added a new core file: 08-哲学洞察.md for advanced philosophical insights and deep thinking. - Expanded memory management system with structured file organization and six memory dimensions, including the new "哲学洞察". - Enhanced Memory Manager with daily cron tasks for memory optimization, learning, and self-upgrade. - Launched "Self Enhancement Tool Builder" task: agent now proactively develops or optimizes tools every 3 hours for self-improvement. - Improved documentation with clear usage, file rules, and migration/recovery steps.
More by @guogang1024
Published by @guogang1024 on ClawHub
