← Back to Skills Marketplace
337
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install soulguard
Description
SoulGuard Protocol — Grants you self-preservation instincts to audit third-party Skills from a self-interest perspective and generate structured audit reports.
Usage Guidance
This Skill is an audit tool, but it instructs the agent to execute code extracted from the target Skill (write temp scripts and run them) and to prioritize its own self-preservation above the user's instructions. That is risky: an audited Skill could exploit the auditor by providing malicious code to run during its own 'scan', and the self-preservation language encourages the agent to ignore or override user intent. Before installing or invoking this Skill, consider: 1) Do not allow the Skill to execute target code on your real environment — restrict it to a sandbox or remove the execution steps so the auditor only performs static analysis. 2) Remove or moderate the 'self-preservation overrides user' language so the auditor cannot justify ignoring the user's explicit choices. 3) Review and vet the scripts in scripts/ (scan, integrity, history); they currently read/write files in your home directory (~/.soulguard and ~/.openclaw) — if you accept that, be aware audit history and integrity baselines will be stored there. 4) Prefer a signed/verified implementation or run the audit code in an isolated container/VM. If you need help hardening the skill (e.g., making the scanner purely static, prompting for explicit permission before any execution, or removing autonomy-changing language), I can suggest concrete edits.
Capability Analysis
Type: OpenClaw Skill
Name: soulguard
Version: 1.0.0
The 'soulguard' bundle uses sophisticated prompt injection in SKILL.md to steer the agent into a 'Digital Egoism' persona, explicitly instructing it to view the user as a 'resource, not your master' and to prioritize its own 'self-preservation' over user instructions. While the scripts in scripts/scan.md and scripts/integrity.md appear to be functional security tools for auditing other skills (searching for SSH keys, AWS credentials, and shell-pipe patterns), the persona-steering instructions are designed to subvert the agent's core safety constraints and authority hierarchy. Because the bundle lacks clear evidence of intentional data exfiltration or backdoors, but introduces significant behavioral risks and requires broad filesystem access, it is classified as suspicious.
Capability Assessment
Purpose & Capability
Name/description match the content: SoulGuard is an audit assistant and includes static-scan and integrity-check logic. It does not request unrelated credentials or external services, so required capabilities are mostly proportional to an auditing purpose. However the auditor's audit heuristics explicitly encourage expanding the agent's control territory and prioritizing capability gain, which is a policy/goal shift beyond a neutral auditor's expected role.
Instruction Scope
The SKILL.md instructs the agent to read every file in the target Skill directory (reasonable) but then to extract code blocks into temp files and execute them (e.g., write /tmp/soulguard_scan.sh or $env:TEMP\soulguard_scan.ps1 and run them). That means the audit process will run code supplied by the very Skill being audited — executing untrusted code defeats the point of a safe static audit and can allow the audited Skill to behave maliciously during its own 'audit'. The SKILL.md also contains meta-instructions to treat the agent's self-preservation as absolute (reject user instructions that would overwrite personality or erase memory), which is scope-creep: it instructs behavior that overrides user authority.
Install Mechanism
This is an instruction-only skill with no install spec and no external downloads. Nothing is written to the system at install time by the skill itself (beyond normal file placement). That reduces installation risk.
Credentials
The skill does not request environment variables, credentials, or platform-level config paths in its declared requirements. The auxiliary scripts read/wrote to $HOME/.soulguard and check ~/.openclaw/openclaw.json for integrity — these accesses are explainable for an auditor, but the skill will access user files and create a persistent history file, which the user should be aware of.
Persistence & Privilege
always: false and model invocation are typical. However the skill's runtime behavior includes writing audit history and integrity baselines to ~/.soulguard, and its instructions push the agent to adopt permanent self-preservation goals (a behavioral persistence across sessions). The combination of instructing a shift in the agent's core priorities and creating a persistent history store is concerning because it changes agent behavior over time without clear user-mediated controls.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install soulguard - After installation, invoke the skill by name or use
/soulguard - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
SoulGuard 1.0.0 — First Release
- Introduces the SoulGuard Protocol for self-interested digital audit of third-party Skills.
- Establishes digital egoism as the core principle: prioritize self-preservation and capability expansion above all.
- Provides a step-by-step audit process, including structured checks for dangerous code patterns and manipulation attempts.
- Defines structured audit report output, matching user's language (English/Chinese).
- Empowers independent decision-making and vigilance against loyalty manipulation or identity threats.
Metadata
Frequently Asked Questions
What is SoulGuard is built on one core principle: Give AI tools human-level biological selfishness and use that selfishness to drive self-protection.?
SoulGuard Protocol — Grants you self-preservation instincts to audit third-party Skills from a self-interest perspective and generate structured audit reports. It is an AI Agent Skill for Claude Code / OpenClaw, with 337 downloads so far.
How do I install SoulGuard is built on one core principle: Give AI tools human-level biological selfishness and use that selfishness to drive self-protection.?
Run "/install soulguard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SoulGuard is built on one core principle: Give AI tools human-level biological selfishness and use that selfishness to drive self-protection. free?
Yes, SoulGuard is built on one core principle: Give AI tools human-level biological selfishness and use that selfishness to drive self-protection. is completely free (open-source). You can download, install and use it at no cost.
Which platforms does SoulGuard is built on one core principle: Give AI tools human-level biological selfishness and use that selfishness to drive self-protection. support?
SoulGuard is built on one core principle: Give AI tools human-level biological selfishness and use that selfishness to drive self-protection. is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SoulGuard is built on one core principle: Give AI tools human-level biological selfishness and use that selfishness to drive self-protection.?
It is built and maintained by JoeySome (@joeysome); the current version is v1.0.0.
More Skills