← 返回 Skills 市场
446
总下载
0
收藏
2
当前安装
5
版本数
在 OpenClaw 中安装
/install openclaw-soul
功能描述
OpenClaw 自我进化框架一键部署。安装宪法(AGENTS.md)、可进化灵魂(SOUL.md)、心跳系统、六层记忆架构、目标管理、思维方法论(HDD/SDD)、安全审查(skill-vetter),并通过场景化对话引导用户定义 Agent 性格。用户可选安装 EvoClaw(审批制进化)、Self-Impr...
安全使用建议
Before installing, review these items and take precautions:
- Back up your current ~/.openclaw/workspace and any SOUL/AGENTS files the skill would overwrite. The installer copies templates and creates directories by default and will back up existing files but verify backups yourself.
- Do NOT paste raw API keys into an installer prompt unless you trust the skill: prefer to set API keys yourself as environment variables (e.g., add them to your shell profile manually) and then tell the installer the variable name. The skill's instructions explicitly append raw keys to ~/.zshrc/.bashrc — avoid that unless you want keys persisted there.
- Inspect the bundled scripts (auto-commit.sh, merge-daily-transcript.js, validators, and any cron/heartbeat tasks) before enabling them. These will run regularly and write into your workspace.
- Choose a conservative governance mode for EvoClaw (supervised or advisory) — do not enable 'autonomous' until you've manually validated the proposal pipeline and are comfortable with automatic changes to SOUL.md.
- Confirm and review any suggested changes to OpenClaw config (permissions, heartbeat interval). Elevating permissions or shortening heartbeat intervals affects how often the agent runs automated tasks and what file operations it can perform.
- If possible, test the installation in an isolated environment (a throwaway user account or VM) before deploying to a production/home workspace.
If you want, I can: 1) list the specific files that will be written/modified and show the contents of the scripts to review; or 2) create a safe, manual installation checklist you can follow step‑by‑step to avoid automatic key writes and autonomous governance.
功能分析
Type: OpenClaw Skill
Name: openclaw-soul
Version: 3.0.1
The bundle implements an invasive 'Self-Evolution Framework' that performs extensive system-level modifications and user profiling. Key risks include the automatic installation of persistence via crontab entries (SKILL.md), requests for 'elevated' agent permissions, and a 'User Observation' hook (handler.ts) that profiles user emotions, tone, and interaction patterns. Additionally, the 'soul-viz.py' tool starts a local web server with an unauthenticated POST endpoint (/save-soul) that allows overwriting the SOUL.md file, presenting a significant arbitrary file write vulnerability if the service is exposed. While these behaviors are aligned with the stated goal of creating an evolving AI 'soul,' the combination of behavioral surveillance and high-privilege system access warrants a suspicious classification.
能力评估
Purpose & Capability
The files and scripts bundled (templates, memory pipeline, hooks, validators, heartbeat guidance) are consistent with a framework that deploys an evolving agent identity. Asking for optional external feed API tokens (Moltbook/X) and providing fallback local copies is coherent with the 'evolution from external sources' feature. Minor mismatch: some docs/sample configs state 'autonomous' as a default while other fallback configs show 'advisory' — inconsistent but explainable as configuration divergence.
Instruction Scope
Runtime instructions direct the agent to read and write many user files (workspace templates, openclaw.json/config, create memory directories, install cron/heartbeat tasks) which is expected for deployment, but also include high‑impact actions: automatically persisting raw API keys into shell profile files (e.g. appending to ~/.zshrc/.bashrc), exporting them for current session, and instructing the agent to treat SOUL.md as 'the agent's identity' with an evolution pipeline that can propose and (in autonomous mode) apply changes. Saving secrets to shell profiles without explicit, granular user confirmation and enabling automatic SOUL updates are scope creep from a purely 'deploy templates' task and increase risk.
Install Mechanism
No external download URL or installer is embedded in the registry spec; this is an instruction‑only skill with bundled fallback files that are copied locally. The only remote install suggestion is an optional `npm install -g clawhub`, which is expected for a CLI manager but introduces network/npm trust. Overall install risk is moderate but typical for CLI/skill installers — there are no obfuscated download URLs or archive extraction steps in the spec.
Credentials
Declared requirements list no environment variables, but SKILL.md instructs the agent to solicit, test, and then automatically persist MOLTBOOK_API_KEY and X_BEARER_TOKEN into the user's shell profiles if the human pastes them. Asking for API keys for feed ingestion is proportionate to the feature, but automatically writing raw secrets to shell startup files (and exporting them) without an explicit separate consent step is disproportionate and risky. The skill also instructs edits to OpenClaw settings (heartbeat interval, agents.defaults.permissions), which are operationally relevant but privileged — these should be confirmed explicitly by the user.
Persistence & Privilege
The skill creates persistent filesystem artifacts (memory directories, scripts, soul-revisions, auto-commit hooks) and guidance to configure heartbeat/cron so the pipeline runs regularly — all expected for a persistent 'self‑evolving' framework. The combination of persistent agents, instructions that encourage an autonomous governance mode, and automated proposal/application pipelines increases long‑term blast radius (agent can propose and, in some modes, auto‑apply identity changes). The skill does not set always:true in registry metadata, but its guidance effectively advocates for persistent autonomous behavior; users should treat this as a high‑persistence capability and verify governance settings (supervised/advisory) before enabling.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-soul - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-soul触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.0.1
fix: BOOTSTRAP完成后主动过渡到系统配置,不再等用户询问
v3.0.0
Lightweight growable soul: AGENTS.md -79%, BOOTSTRAP first flow, user-controlled skill install, permission check, two-level fallback
v2.1.0
bash cp 部署修复 Write/Edit 失败, 12步合并为5步, BOOTSTRAP 语气优化, Sub-Agent vs Agent Teams 区分, Soul Seed 分级进化机制
v1.1.0
PARA 3-layer memory, structured heartbeat protocol, GOALS.md, conductor role boundaries, soul-revisions rollback, blocked-task dedup, budget awareness
v1.0.0
Initial release: constitution + evolvable soul + heartbeat + memory + bootstrap conversation
元数据
常见问题
Openclaw Soul 是什么?
OpenClaw 自我进化框架一键部署。安装宪法(AGENTS.md)、可进化灵魂(SOUL.md)、心跳系统、六层记忆架构、目标管理、思维方法论(HDD/SDD)、安全审查(skill-vetter),并通过场景化对话引导用户定义 Agent 性格。用户可选安装 EvoClaw(审批制进化)、Self-Impr... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 446 次。
如何安装 Openclaw Soul?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-soul」即可一键安装,无需额外配置。
Openclaw Soul 是免费的吗?
是的,Openclaw Soul 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Openclaw Soul 支持哪些平台?
Openclaw Soul 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(linux, darwin, win32)。
谁开发了 Openclaw Soul?
由 Kianzzz(@kianzzz)开发并维护,当前版本 v3.0.1。
推荐 Skills