← Back to Skills Marketplace
477
Downloads
0
Stars
4
Active Installs
1
Versions
Install in OpenClaw
/install soulkeeper
Description
Ensures AI agents maintain consistent identity by auditing soul rules, detecting behavioral drift in transcripts, and injecting context-aware reminders.
Usage Guidance
This skill is coherent with its stated purpose, but it embeds hardcoded hints about local tools and credential file locations that are not declared. Before installing or running it: 1) review the full source (the shipped .py files) for any code that reads /root, /root/.config, or other config files; 2) do not run it as root — run in a sandboxed agent account with minimal filesystem access; 3) if you plan to use remind.py, remove or edit builtin reminders that mention credential paths or tooling you don't want the agent to access; 4) if you need to run audits against a workspace, point audit.py only at a copy of the workspace that has secrets removed; 5) ask the publisher for a homepage or source repository and for justification of the hardcoded paths. If you cannot verify those items, treat the skill as high-risk and avoid granting it access to sensitive files or credentials.
Capability Analysis
Type: OpenClaw Skill
Name: soulkeeper
Version: 1.0.0
The OpenClaw AgentSkills skill bundle 'soulkeeper' is classified as benign. Its purpose is to help AI agents maintain identity and operational guidelines by auditing local 'soul files', detecting behavioral drift in conversation transcripts, and injecting context-aware reminders. All operations involve local file system reads and writes (e.g., `audit.py` reading markdown and writing JSON, `drift.py` reading transcripts and rules, `remind.py` reading rules). There is no evidence of data exfiltration, unauthorized network communication, or malicious code execution (e.g., `eval`/`exec` of untrusted input, remote payload fetching). The instructions in `SKILL.md` for the agent to execute local commands (e.g., `soul-remind --heartbeat`) are part of the skill's intended self-management functionality, not a prompt injection for malicious subversion. While the `ln -s` commands in `SKILL.md` suggest privileged operations (symlinking to `/usr/local/bin`), this is for making the agent's own tools accessible and is not indicative of malicious intent or a backdoor within the context of an agent managing its environment.
Capability Assessment
Purpose & Capability
Name, description, SKILL.md, and the three scripts (audit.py, drift.py, remind.py) are coherent: they parse SOUL.md/TOOLS.md/AGENTS.md, generate rules, score transcripts, and produce reminders. However several built-in reminders and pattern lists reference specific tools and credential locations (e.g., /root/.config/kling-ai/credentials.json, Windows VPS browser automation, upload-post profiles) that go beyond the advertised scope and are not declared in the skill metadata.
Instruction Scope
SKILL.md instructs the agent to read workspace files (SOUL.md, TOOLS.md, AGENTS.md) which is expected, but the code's builtin reminders and violation patterns explicitly mention system paths and credential files and encourage use of platform tools. Those code-level reminders could cause the agent to read or surface sensitive config files outside the declared workspace scope even though the manifest and metadata do not request access to those paths.
Install Mechanism
No install spec, pure Python stdlib, no downloads or external packages. Risk from install mechanism is low — nothing will be fetched from external URLs or written to system locations by an installer step.
Credentials
The skill declares no required environment variables or config paths, but the code contains hardcoded references to local credential paths and platform tooling (e.g., /root/.config/kling-ai/credentials.json, /root/.openclaw paths, mentions of logged-in Windows VPS/browser automation and upload-post profiles). That mismatch is disproportionate: the skill could lead an agent to access secrets or credentials that were neither requested nor explained.
Persistence & Privilege
always is false and the skill is user-invocable (normal). SKILL.md encourages adding reminders to HEARTBEAT.md or linking scripts into PATH, which would increase how often it runs, but this is a user action rather than a forced privilege. No evidence the skill modifies other skills or agent-level config autonomously.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install soulkeeper - After installation, invoke the skill by name or use
/soulkeeper - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release. Soul audit, drift detection, reminder injection. Works with any SOUL.md.
Metadata
Frequently Asked Questions
What is SoulKeeper?
Ensures AI agents maintain consistent identity by auditing soul rules, detecting behavioral drift in transcripts, and injecting context-aware reminders. It is an AI Agent Skill for Claude Code / OpenClaw, with 477 downloads so far.
How do I install SoulKeeper?
Run "/install soulkeeper" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SoulKeeper free?
Yes, SoulKeeper is completely free (open-source). You can download, install and use it at no cost.
Which platforms does SoulKeeper support?
SoulKeeper is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SoulKeeper?
It is built and maintained by Cassh (@cassh100k); the current version is v1.0.0.
More Skills