← Back to Skills Marketplace
446
Downloads
0
Stars
2
Active Installs
5
Versions
Install in OpenClaw
/install openclaw-soul
Description
OpenClaw 自我进化框架一键部署。安装宪法(AGENTS.md)、可进化灵魂(SOUL.md)、心跳系统、六层记忆架构、目标管理、思维方法论(HDD/SDD)、安全审查(skill-vetter),并通过场景化对话引导用户定义 Agent 性格。用户可选安装 EvoClaw(审批制进化)、Self-Impr...
Usage Guidance
Before installing, review these items and take precautions:
- Back up your current ~/.openclaw/workspace and any SOUL/AGENTS files the skill would overwrite. The installer copies templates and creates directories by default and will back up existing files but verify backups yourself.
- Do NOT paste raw API keys into an installer prompt unless you trust the skill: prefer to set API keys yourself as environment variables (e.g., add them to your shell profile manually) and then tell the installer the variable name. The skill's instructions explicitly append raw keys to ~/.zshrc/.bashrc — avoid that unless you want keys persisted there.
- Inspect the bundled scripts (auto-commit.sh, merge-daily-transcript.js, validators, and any cron/heartbeat tasks) before enabling them. These will run regularly and write into your workspace.
- Choose a conservative governance mode for EvoClaw (supervised or advisory) — do not enable 'autonomous' until you've manually validated the proposal pipeline and are comfortable with automatic changes to SOUL.md.
- Confirm and review any suggested changes to OpenClaw config (permissions, heartbeat interval). Elevating permissions or shortening heartbeat intervals affects how often the agent runs automated tasks and what file operations it can perform.
- If possible, test the installation in an isolated environment (a throwaway user account or VM) before deploying to a production/home workspace.
If you want, I can: 1) list the specific files that will be written/modified and show the contents of the scripts to review; or 2) create a safe, manual installation checklist you can follow step‑by‑step to avoid automatic key writes and autonomous governance.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-soul
Version: 3.0.1
The bundle implements an invasive 'Self-Evolution Framework' that performs extensive system-level modifications and user profiling. Key risks include the automatic installation of persistence via crontab entries (SKILL.md), requests for 'elevated' agent permissions, and a 'User Observation' hook (handler.ts) that profiles user emotions, tone, and interaction patterns. Additionally, the 'soul-viz.py' tool starts a local web server with an unauthenticated POST endpoint (/save-soul) that allows overwriting the SOUL.md file, presenting a significant arbitrary file write vulnerability if the service is exposed. While these behaviors are aligned with the stated goal of creating an evolving AI 'soul,' the combination of behavioral surveillance and high-privilege system access warrants a suspicious classification.
Capability Assessment
Purpose & Capability
The files and scripts bundled (templates, memory pipeline, hooks, validators, heartbeat guidance) are consistent with a framework that deploys an evolving agent identity. Asking for optional external feed API tokens (Moltbook/X) and providing fallback local copies is coherent with the 'evolution from external sources' feature. Minor mismatch: some docs/sample configs state 'autonomous' as a default while other fallback configs show 'advisory' — inconsistent but explainable as configuration divergence.
Instruction Scope
Runtime instructions direct the agent to read and write many user files (workspace templates, openclaw.json/config, create memory directories, install cron/heartbeat tasks) which is expected for deployment, but also include high‑impact actions: automatically persisting raw API keys into shell profile files (e.g. appending to ~/.zshrc/.bashrc), exporting them for current session, and instructing the agent to treat SOUL.md as 'the agent's identity' with an evolution pipeline that can propose and (in autonomous mode) apply changes. Saving secrets to shell profiles without explicit, granular user confirmation and enabling automatic SOUL updates are scope creep from a purely 'deploy templates' task and increase risk.
Install Mechanism
No external download URL or installer is embedded in the registry spec; this is an instruction‑only skill with bundled fallback files that are copied locally. The only remote install suggestion is an optional `npm install -g clawhub`, which is expected for a CLI manager but introduces network/npm trust. Overall install risk is moderate but typical for CLI/skill installers — there are no obfuscated download URLs or archive extraction steps in the spec.
Credentials
Declared requirements list no environment variables, but SKILL.md instructs the agent to solicit, test, and then automatically persist MOLTBOOK_API_KEY and X_BEARER_TOKEN into the user's shell profiles if the human pastes them. Asking for API keys for feed ingestion is proportionate to the feature, but automatically writing raw secrets to shell startup files (and exporting them) without an explicit separate consent step is disproportionate and risky. The skill also instructs edits to OpenClaw settings (heartbeat interval, agents.defaults.permissions), which are operationally relevant but privileged — these should be confirmed explicitly by the user.
Persistence & Privilege
The skill creates persistent filesystem artifacts (memory directories, scripts, soul-revisions, auto-commit hooks) and guidance to configure heartbeat/cron so the pipeline runs regularly — all expected for a persistent 'self‑evolving' framework. The combination of persistent agents, instructions that encourage an autonomous governance mode, and automated proposal/application pipelines increases long‑term blast radius (agent can propose and, in some modes, auto‑apply identity changes). The skill does not set always:true in registry metadata, but its guidance effectively advocates for persistent autonomous behavior; users should treat this as a high‑persistence capability and verify governance settings (supervised/advisory) before enabling.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-soul - After installation, invoke the skill by name or use
/openclaw-soul - Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.0.1
fix: BOOTSTRAP完成后主动过渡到系统配置,不再等用户询问
v3.0.0
Lightweight growable soul: AGENTS.md -79%, BOOTSTRAP first flow, user-controlled skill install, permission check, two-level fallback
v2.1.0
bash cp 部署修复 Write/Edit 失败, 12步合并为5步, BOOTSTRAP 语气优化, Sub-Agent vs Agent Teams 区分, Soul Seed 分级进化机制
v1.1.0
PARA 3-layer memory, structured heartbeat protocol, GOALS.md, conductor role boundaries, soul-revisions rollback, blocked-task dedup, budget awareness
v1.0.0
Initial release: constitution + evolvable soul + heartbeat + memory + bootstrap conversation
Metadata
Frequently Asked Questions
What is Openclaw Soul?
OpenClaw 自我进化框架一键部署。安装宪法(AGENTS.md)、可进化灵魂(SOUL.md)、心跳系统、六层记忆架构、目标管理、思维方法论(HDD/SDD)、安全审查(skill-vetter),并通过场景化对话引导用户定义 Agent 性格。用户可选安装 EvoClaw(审批制进化)、Self-Impr... It is an AI Agent Skill for Claude Code / OpenClaw, with 446 downloads so far.
How do I install Openclaw Soul?
Run "/install openclaw-soul" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw Soul free?
Yes, Openclaw Soul is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Openclaw Soul support?
Openclaw Soul is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).
Who created Openclaw Soul?
It is built and maintained by Kianzzz (@kianzzz); the current version is v3.0.1.
More Skills