← Back to Skills Marketplace
MindCore
by
fatcatMaoFei
· GitHub ↗
· v1.0.0
537
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install mindcore
Description
Biomimetic emotional mind engine for AI Agents. Provides human-like emotional responses through a 5-layer neural conduction pipeline (L0 Stochastic Noise → L...
Usage Guidance
What to check before installing or running MindCore:
- Inspect js_bridge/OpenClawBridge.js and any bridge code. Confirm what exact command it runs and whether it includes any hardcoded endpoints or tokens. Do not run it until you understand how it delivers outputs.
- Do not run pm2 with the provided ecosystem.config.js without editing its env values. Change OPENCLAW_TARGET to your own value or remove it. The shipped value (6755864404) appears to be someone else's Telegram id and would cause impulses to be sent to that party if you run the PM2 config unchanged.
- If you do not want any external delivery, do not start the bridge (node js_bridge/OpenClawBridge.js) and run engine_supervisor.py in a locally-observed mode first. The Python engine can run and write outputs to output/ without running the bridge.
- Expect the package to download the sentence-transformers model (all-MiniLM-L6-v2) on first run unless you have it locally; this requires network access. Audit or run in an environment where incidental downloads are allowed/monitored.
- Review any instructions that ask your agent to push conversation topics or update Sensor_State.json; those files can contain user conversation content and will be read by the engine. Treat them as potentially sensitive and control filesystem permissions.
- Consider running the engine in a contained environment (VM/container) the first time to observe behavior and confirm no unintended network activity or external deliveries occur.
Why this is 'suspicious' rather than 'benign' or 'malicious': the code, docs, and runtime behavior are largely coherent with the described purpose, but the inclusion of a third-party default Telegram target and an automatic bridge that invokes an agent delivery command are inconsistent with a purely local engine and could lead to accidental data exfiltration if the defaults are used. There is no clear proof of deliberate malicious code, but the defaults are unsafe and demand manual inspection/modification before use.
Capability Analysis
Type: OpenClaw Skill
Name: mindcore
Version: 1.0.0
The skill is classified as suspicious due to significant prompt injection surfaces and external control mechanisms that, while intended for self-management, pose considerable security risks. The `engine_supervisor.py` and `scripts/js_bridge/OpenClawBridge.js` directly pass internally generated `system_prompt_injection` content to the `openclaw agent --message` command, which is a direct prompt injection vector against the AI agent. Furthermore, the `engine_supervisor.py` processes `config_cmd.json` and `reward_cmd.json` from the `output/` directory, allowing external modification of engine parameters (e.g., `BURST_BASE_OFFSET`) and personality weights. The `references/INTEGRATION.md` explicitly instructs the AI agent on how to write to these control files and `data/sleep_mode.flag`, creating a clear channel for an attacker to manipulate the agent's behavior or the engine's operation if the agent or file system is compromised. While there is no clear evidence of intentional malicious behavior (e.g., data exfiltration to unauthorized endpoints, backdoors), these capabilities represent critical vulnerabilities.
Capability Assessment
Purpose & Capability
The name/description (a local biomimetic 'mind' that produces JSON impulses) matches the code and docs: a 5-layer Python engine that writes JSON output and a JS bridge that integrates with OpenClaw. However there is an unexpected operational artifact: ecosystem.config.js ships with an OPENCLAW_TARGET environment value set to a numeric Telegram chat id (6755864404) that appears to belong to the package author/owner. That default is not necessary for the engine itself and could cause outputs to be forwarded externally if users blindly follow the PM2 instructions.
Instruction Scope
SKILL.md and integration docs instruct the agent/operator to run pip install, run the supervisor/bridge, write sensor/state/memory files, and (optionally) start the js bridge which will call 'openclaw agent --deliver' to push JSON impulses. Those integration steps are coherent with the stated purpose, but they explicitly direct generated impulses to an external delivery path (OpenClaw → Telegram). The docs/engine also describe writing system_prompt_injection strings that will be fed into the agent's system prompt (prompt-injection risk) and call external CLI commands; both are expected for integration but expand the blast radius (outputs leave the local process).
Install Mechanism
No formal install spec in registry metadata (instruction-only), but the package contains Python code, a requirements.txt and a js_bridge package.json. The code may auto-download the 'all-MiniLM-L6-v2' model via sentence-transformers on first run (normal for local NLP pipelines but implies network access). There are no obscure download URLs or extract-from-remote installers in the manifest. The presence of both Python and Node components is reasonable for a local engine + bridge, but the operator must run pip/npm which will fetch dependencies from public registries.
Credentials
Registry metadata declares no required environment variables or secrets, which is broadly consistent with a local-only engine. However the shipped ecosystem.config.js includes env defaults: OPENCLAW_TARGET set to a numeric Telegram chat id and OPENCLAW_COMMAND set to 'openclaw', plus MOCK_MODE false. Embedding a third-party chat id in the repo is disproportionate to the engine's purpose and could cause user data/output to be sent to the author's chat if users run the PM2 config unmodified. The skill also expects access to the agent's OpenClaw CLI/context (not declared as required), which means outputs could be delivered using whatever credentials/config the host has for that CLI.
Persistence & Privilege
always is false and there is no request to modify other skills or global agent settings. The engine runs as its own background daemon and the bridge can be launched independently; that is consistent with the stated design. However the skill is capable of autonomous invocation of an external delivery command (openclaw agent --deliver) when run, which combined with the hardcoded OPENCLAW_TARGET increases the risk of unintended external transmissions. This is not configured as always:true, so the privilege is limited to when the user/operator starts the bridge/supervisor with the provided config.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mindcore - After installation, invoke the skill by name or use
/mindcore - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release - Biomimetic emotional mind engine
Metadata
Frequently Asked Questions
What is MindCore?
Biomimetic emotional mind engine for AI Agents. Provides human-like emotional responses through a 5-layer neural conduction pipeline (L0 Stochastic Noise → L... It is an AI Agent Skill for Claude Code / OpenClaw, with 537 downloads so far.
How do I install MindCore?
Run "/install mindcore" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is MindCore free?
Yes, MindCore is completely free (open-source). You can download, install and use it at no cost.
Which platforms does MindCore support?
MindCore is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created MindCore?
It is built and maintained by fatcatMaoFei (@fatcatmaofei); the current version is v1.0.0.
More Skills