← Back to Skills Marketplace
Corvus
by
Indigo Karasu
· GitHub ↗
· v2.3.0
· MIT-0
261
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install ocas-corvus
Description
Exploratory pattern analysis engine for the system knowledge graph and skill journals. Detects routines, emerging interests, anomalies, stalled threads, and...
Usage Guidance
Corvus appears to do what it says (reading the knowledge graph and journals and writing structured proposals), but there are a few things to check before installing:
- Source verification: SKILL.md references a GitHub repository and the README says it will self-update. Manually review the referenced GitHub repo (code, install scripts, and update mechanism) before running any 'openclaw skill install' or allowing updates. The registry entry has no homepage and an opaque owner ID — confirm repository ownership and review commits/tags.
- Remote code fetch: The skill encourages pulling code from GitHub at 'corvus.update' and via the install line. That means new code can be introduced later. Only permit that if you trust the repository and have reviewed the install/update process.
- Scheduled tasks & persistence: The README claims it will register cron jobs/heartbeat entries. Confirm which scheduler is modified and ensure you control/approve those changes. If you prefer, disable automatic scheduling and run analysis manually until you vet behavior.
- Prompt-injection signal: The SKILL.md contained unicode-control characters flagged by the scanner. Treat that as suspicious — inspect the raw SKILL.md for hidden characters or instructions that could manipulate LLM prompts or the agent runtime.
- Least privilege: If you proceed, restrict filesystem permissions to only the necessary directories (Chronicle and the specific intake/journal paths) and avoid granting broader system access. Monitor created files and scheduled jobs after first run.
If you cannot inspect the GitHub source or confirm the update/install behavior, treat the skill as untrusted and do not install it. If you do inspect and approve the repo, prefer a one-time manual install and disable automatic self-updates until comfortable.
Capability Analysis
Type: OpenClaw Skill
Name: ocas-corvus
Version: 2.3.0
The skill includes a self-update mechanism in `SKILL.md` that downloads and extracts a remote tarball from GitHub to overwrite local files, which is a high-risk pattern for remote code execution and supply chain attacks. It also requests broad read access to all skill journals (`~/openclaw/journals/*/`), providing a large data-access surface. Additionally, there is a functional discrepancy where the instructions command the agent to write to directories (Praxis and Vesper intake) not authorized in the `skill.json` filesystem manifest.
Capability Assessment
Purpose & Capability
Name/description, command list, and declared filesystem read/write (chronicle and journals) align with an exploratory analysis engine that needs graph and journal data and emits proposals to intake directories for Praxis/Vesper.
Instruction Scope
SKILL.md instructs the agent to read journals and Chronicle, persist JSONL journals, write BehavioralSignal and InsightProposal files to other skills' intake directories, and run periodic analysis cycles. Those actions are within the stated scope, but the doc also describes initialization that registers cron jobs and heartbeat entries and a self-update command — actions that alter scheduled behaviour and fetch remote updates, which broaden the runtime authority of the skill.
Install Mechanism
There is no formal install spec in the registry (the package is instruction-only), but SKILL.md contains an 'install' line and README/cmds reference 'corvus.update' and 'openclaw skill install https://github.com/indigokarasu/corvus'. That means the skill expects or encourages pulling code from GitHub at runtime; fetching and executing external code is higher risk and should be reviewed before allowing.
Credentials
No environment variables or external credentials are requested. The declared filesystem reads (Chronicle DB and journals) and writes (its own data and journals, and other skills' intake dirs) are consistent with the stated functionality, though the read of '~/openclaw/journals/*/' is broad and will expose many journals to analysis.
Persistence & Privilege
The skill claims it will register cron jobs and heartbeat entries and perform self-updates from GitHub. While always:false, this persistent scheduled behavior and remote update capability increases its long-term privilege and blast radius — these operations modify runtime scheduling and can change code later, so they require explicit vetting and user consent.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ocas-corvus - After installation, invoke the skill by name or use
/ocas-corvus - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.3.0
ocas-corvus 2.3.0
- Added a GitHub source and installation command for direct updates.
- New `corvus.update` command to pull the latest code from GitHub while preserving journals and data.
- Clarified command trigger phrases and expanded the description for better usability.
- Documented explicit post-analysis steps for persistence, output, and processing of thread signals.
- Added a README.md for improved documentation.
- Updated config and metadata to reflect version 2.3.0.
v1.1.1
- Added `references/journal.md` to document the journal output specification for analysis cycles.
- Expanded SKILL.md with detailed skill boundaries, responsibilities, and inter-skill interfaces.
- Introduced new `corvus.journal` command to write run journals.
- Updated and clarified supported proposal types, file storage layout, OKRs, and configuration defaults.
- Improved documentation for storage, OKRs, and operation modes.
- Added skill metadata and quick descriptions to support ecosystem compatibility.
v1.1.0
Corvus 1.1.0 introduces a formalized intelligence engine for exploratory pattern analysis over activity signals and the knowledge graph.
- Detects behavioral routines, emerging interests, anomalies, and cross-domain opportunities.
- Provides structured insight proposals with evidence and confidence score.
- Supports both light (routine/thread/interest) and deep (hypothesis/opportunity/anomaly) analysis cycles.
- Adds explicit command set for pattern analysis, proposal management, and status reporting.
- Implements curiosity-driven prioritization focused on novelty, uncertainty, and prediction error.
- Enforces strict pattern validation rules and confidence thresholds for proposal surfacing.
Metadata
Frequently Asked Questions
What is Corvus?
Exploratory pattern analysis engine for the system knowledge graph and skill journals. Detects routines, emerging interests, anomalies, stalled threads, and... It is an AI Agent Skill for Claude Code / OpenClaw, with 261 downloads so far.
How do I install Corvus?
Run "/install ocas-corvus" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Corvus free?
Yes, Corvus is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Corvus support?
Corvus is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Corvus?
It is built and maintained by Indigo Karasu (@indigokarasu); the current version is v2.3.0.
More Skills