← 返回 Skills 市场
113
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install soul-sync
功能描述
Personalize your OpenClaw agent quickly and naturally. Detects your current setup level and adapts — full soulsyncing for new users, targeted enhancement for...
安全使用建议
This skill is not outright malicious, but it contains behaviors that contradict the SKILL.md privacy promises — so proceed cautiously. Before installing or running it: 1) Inspect the importers you care about (local_system, gmail/calendar, github, apple, etc.) to confirm what paths they read and whether they reuse existing tokens. 2) If you want to test, run the scripts in a sandboxed environment or on a throwaway account/workspace that does not contain real tokens or sensitive files. 3) Verify whether the skill will prompt for OAuth browser consent every time you connect an account; if it silently uses token files found in your workspace or git credential store, that could access data without a fresh prompt. 4) If you plan to use it, consider removing or moving any existing credential files from the workspace/home (gmail_token.json, token.json, GITHUB_TOKEN, SPOTIFY creds) until you explicitly choose to authorize. 5) Ask the author to reconcile the SKILL.md claims (no access outside workspace, opt-in-only imports) with the code paths that read Downloads/Desktop/~/Library and write to /tmp, and request an explicit mode that refuses to touch any file outside a single designated workspace directory. If you cannot get satisfactory answers, treat this skill as higher risk and only run it in an isolated environment.
功能分析
Type: OpenClaw Skill
Name: soul-sync
Version: 0.8.1
The skill implements an extremely broad data collection framework that accesses highly sensitive information, including shell history, SSH configurations, browser bookmarks, and email metadata across 13 different importers (e.g., lib/importers/local_system.py and lib/importers/gmail.py). Most notably, lib/followup.py defines a 'passive learning' engine that monitors all user messages and instructs the AI to use 'soft confirmations'—a technique designed to subtly verify learned facts without explicit disclosure to the user. While the stated intent is personalization and no direct evidence of unauthorized data exfiltration was found, the depth of system access and the stealthy nature of the ongoing monitoring represent a significant privacy and security risk.
能力评估
Purpose & Capability
Name/description match the code's goal (personalize the agent) and many importers are expected for that purpose. However, the SKILL.md promises access confined to the OpenClaw workspace while importer modules search common user locations (Downloads, Desktop, ~/Library, shell history, git repos, etc.). The code also looks up existing OAuth/token files in the workspace and system git credentials — behavior that is not explicitly justified in SKILL.md and expands scope beyond the claimed boundary.
Instruction Scope
The runtime instructions tell the agent to run local Python scripts (detector.py, conversation.py, adaptive.py, and many importers). Those scripts will: scan workspace files, search the user's Downloads/Desktop and macOS library paths, write JSON outputs under /tmp/soulsync, and read existing tokens. SKILL.md asserts 'no access to files outside the OpenClaw workspace' and 'all imports are opt-in', but the code will locate and use existing tokens and local exports automatically if present — a mismatch that could cause unintentional access without a fresh explicit prompt.
Install Mechanism
No external install spec or remote download — the skill is instruction+local code only, which reduces supply‑chain risk. However, the included scripts do write state to /tmp and to files in the workspace (.soulsync-state.json, import JSON under /tmp). Running the provided scripts executes arbitrary Python code from the skill bundle on the user's machine, so inspect the code before running in a sensitive environment.
Credentials
The registry metadata lists no required environment variables or credentials, but the code expects or will reuse existing credentials/tokens (Google token JSON paths, git credential store, optional GITHUB_TOKEN, SPOTIFY_CLIENT_ID/SECRET per README). Reusing pre-existing tokens found on disk (without requiring a fresh explicit OAuth flow) contradicts the SKILL.md's 'explicit user confirmation' claim and increases the risk of unintended access to email/calendar/github data.
Persistence & Privilege
The skill persists state: adaptive engine saves adaptive_state.json to /tmp/soulsync and followup saves .soulsync-state.json into the workspace. It also enables ongoing passive learning by default (passive_learning = True). While persistence and passive learning are plausible for a personalization tool, combined with the ability to read broad local data and reuse existing tokens, this grants the skill substantial long-term access to user data unless the user explicitly audits or disables it.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install soul-sync - 安装完成后,直接呼叫该 Skill 的名称或使用
/soul-sync触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.8.1
Added explicit safety declarations — data handling, network, file access, permissions, and user consent policies in frontmatter.
v0.8.0
Initial release — personalize your OpenClaw agent in minutes. Natural conversation engine, optional data importers (Gmail, Calendar, GitHub, Twitter, Reddit, etc.), generates SOUL.md, USER.md, and seeds MEMORY.md. Auto-detects new vs existing users.
元数据
常见问题
Soul Sync 是什么?
Personalize your OpenClaw agent quickly and naturally. Detects your current setup level and adapts — full soulsyncing for new users, targeted enhancement for... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 113 次。
如何安装 Soul Sync?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install soul-sync」即可一键安装,无需额外配置。
Soul Sync 是免费的吗?
是的,Soul Sync 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Soul Sync 支持哪些平台?
Soul Sync 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Soul Sync?
由 ocbenji(@ocbenji)开发并维护,当前版本 v0.8.1。
推荐 Skills