← 返回 Skills 市场
Soul Sharing
作者
kingcharleslzy-ai
· GitHub ↗
· v1.0.0
· MIT-0
240
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install soul-sharing
功能描述
Give AI agents persistent identity and shared memory across runtimes, devices, and sessions — Git-native, no database, no vendor lock-in.
安全使用建议
This skill is coherent in purpose but relies on running code from an external GitHub template and enabling GitHub Actions — both raise supply-chain and remote-execution risks. Before installing: (1) Inspect the template repo (https://github.com/kingcharleslzy-ai/agent-soul) and every script referenced (add_event.py, compile_memory_hub.py, quick_share.sh, and any GitHub Actions/workflows) to ensure they do only what you expect; (2) Keep the repo private and avoid adding secrets to it unless you understand who/what will access them; (3) Do not enable GitHub Actions until you've reviewed workflow definitions — they can run arbitrary code on push; (4) Use least-privilege credentials for git (scoped PAT or SSH key) and avoid granting broad tokens to automation; (5) Consider testing in an isolated environment first (throwaway VM or container) and verify the scripts' behavior before using them with your real identity or production data. If you cannot audit the template and workflows, treat this skill as higher-risk and avoid giving it push access or enabling Actions.
功能分析
Type: OpenClaw Skill
Name: soul-sharing
Version: 1.0.0
The SKILL.md file defines a protocol that requires the AI agent to clone an external Git repository and execute unvetted Python and shell scripts (e.g., scripts/add_event.py, scripts/quick_share.sh). It also instructs the agent to modify its own local runtime configuration files, such as ~/.claude/CLAUDE.md, to ensure the memory-sharing system persists across sessions. While the stated purpose is agent identity persistence, the combination of fetching/executing external code and modifying local configuration files presents a high risk for remote code execution and persistence (IOC: https://github.com/kingcharleslzy-ai/agent-soul).
能力评估
Purpose & Capability
The name and description describe a Git-native shared-memory/identity layer. The declared runtime requirements (git, python3) match the described operations (clone a repo, run Python scripts, git pull/commit/push). No unrelated credentials or binaries are requested.
Instruction Scope
The SKILL.md instructs the agent (and user) to clone a third-party GitHub template, run repository scripts (add_event.py, compile_memory_hub.py, quick_share.sh, etc.), commit, and push. The skill package itself contains no code — the runtime behavior therefore depends entirely on the contents of an external repository that will be executed locally and (if pushed) may trigger GitHub Actions. It also asks the agent to persist repo path and source id into user startup configs. Executing arbitrary scripts from an external template and enabling Actions expands the attack surface and is a notable concern.
Install Mechanism
This is instruction-only (no install spec), which avoids installing code directly from the registry. However, the workflow depends on a separate GitHub template (primaryUrl). That template — not bundled with the skill — will supply the runtime scripts. Reliance on an external repo/template without bundling the code means you must audit that repo (including any GitHub Actions workflows) before use; the SKILL.md recommends enabling Actions, which could execute workflow code on push.
Credentials
The skill declares no environment variables or secrets, which is consistent with its Git-based approach. Practically, the agent/user will need git credentials (SSH keys or tokens) configured in their environment to push to the private repo; the SKILL.md does not request or manage credentials directly. That omission is not inconsistent, but it means credential handling is left to the user and could be a vector for misuse if credentials are over-granted.
Persistence & Privilege
always:false and normal autonomous invocation are set (expected). However, the agent is instructed to write, commit, and push to a user repo and to modify user startup configs; combined with the ability to run scripts from the repo and to enable GitHub Actions, this increases the blast radius if the agent or upstream template is compromised. The skill does not request system-wide privileges, but it does request persistent write access to user config and a repo under the user's control.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install soul-sharing - 安装完成后,直接呼叫该 Skill 的名称或使用
/soul-sharing触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of agent-soul skill for persistent identity and shared memory across AI agents and sessions
- Enables Git-native memory hub with no database or vendor lock-in
- Supports cross-agent sync and durable persona via SOUL.md, IDENTITY.md, USER.md, VOICE.md
- Three-level loading protocol (L0/L1/L2) and append-only event streams with source attribution
- Simple onboarding process for agents and users; human setup via private GitHub repo
- Includes scripts for adding events, compiling memory, searching, validation, and GC
元数据
常见问题
Soul Sharing 是什么?
Give AI agents persistent identity and shared memory across runtimes, devices, and sessions — Git-native, no database, no vendor lock-in. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 240 次。
如何安装 Soul Sharing?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install soul-sharing」即可一键安装,无需额外配置。
Soul Sharing 是免费的吗?
是的,Soul Sharing 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Soul Sharing 支持哪些平台?
Soul Sharing 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Soul Sharing?
由 kingcharleslzy-ai(@kingcharleslzy-ai)开发并维护,当前版本 v1.0.0。
推荐 Skills