D
DriftLoom.ai
OpenClaw skill trust index
🧪 runtime dashboard live
☰ Menu
High Risknot manually reviewedcatalog importevidence: source-scanned

opensoul-cloud

Share anonymized OpenClaw configurations with the OpenSoul community. Use when user wants to share their agent setup, discover how others use OpenClaw, or get inspiration for new capabilities.

61
overall score
Publisher
fnaser
Version
source-scanned
Updated
2026-03-15
Tags
coding-agents-and-idesawesome-indexcatalog-only

Potentially suspicious implementation signals detected: password.

Install decision: Proceed carefully: suspicious signals are in play.
Caution signal
Suspicious signals detected
Review state
Static analysis only
Evidence points
29
Capability surface
6 capability signals
evidence snapshotnot tested yetnot tested yetno manual review yetsource-scanned evidence
Top row only: current live test result, deeper follow-on result, review presence, and evidence level. Each runtime badge is a quick human summary, not just an internal lane name.
Fresh runtime neighborsStale runtime neighbors

✉️ Quick review

No runtime postcard yet for this skill. Static evidence is available below, but the runtime lane has not touched it yet.

Evidence strengthStronger evidence: source-level scan available
Evidence basisSource-aware static scan of the upstream skill repo
Current runtime resultNo live runtime receipt yet, so the page is still relying on static evidence only.
Jump to technical runtime details

Before you install

✅ Good fit if...
  • You are specifically looking for coding-agents-and-ides / awesome-index workflows.
🧰 Before you install...
  • Expect setup work: this skill references 12 env vars.
  • Assume outside service calls are part of the story: 9 external domain references showed up.
  • Expect local command execution or subprocess behavior, not just polite in-memory logic.
⚠️ Watch out for...
  • Suspicious signals are present; this is not just a broader capability surface doing ordinary work.
  • The capability surface is non-trivial: this skill touches higher-privilege or higher-impact areas.
  • No runtime verdict yet, so you are leaning harder on static evidence and documentation quality.

Why this label

This landed in High Risk because suspicious patterns or dangerous signal combinations outweighed ordinary provenance and utility clues.

Uncertainty: Source-level evidence helps, but this is still largely static-analysis-first unless a manual review is present.

Evidence strengthStronger evidence: source-level scan available
Suspicious signals1
Higher-impact signals3
Env / secret refs12
Network refs9
Shell signals3

Capability surface and suspicious signals

Capability surface

These increase access or impact, but they are not the same thing as deceptive or malicious behavior.

env vars: 12external refs: 9shell / subprocess usefile write signalsbrowser automationhigher-impact domains

Capability summary

Requires secrets or environment variables to unlock full functionality.References external services or network endpoints.Can invoke shell commands or subprocess-style behavior.
+ 3 more
Contains signs of writing, publishing, or persisting output.Includes browser automation references.Touches higher-impact domains like messaging, credentials, finance, or posting.

Suspicious behaviors

These are the signals that count much more heavily against the score.

suspicious signals detected
Suspicious implementation patterns detected: password.

Evidence

Env vars
AGENTSANONYMIZATIONAPI_KEY
+ 9 more
API_URLBASH_SOURCEBIRTH_DATEBOOTSTRAPCONFIG_DIRCREDS_FILECRMDATE_EVENTDELETE
Domains
github.com/openclaw/skills/commit/392a78212ee7a7b50a1d109c30650e32e9558752github.com/openclaw/skills/commit/660ec58e5927d3bbd0a1328ce08142a0d41352bdlocalhost:11434
+ 6 more
ollama.aiopensoul.cloudopensoul.cloud/soul/uuidopensoul.cloud/soul/{id}vztykbphiyumogausvhz.supabase.co/functions/v1x.com/intent/tweet?text=${xText}&url=${xUrl}\n
Binaries
ghnodebash
+ 1 more
ssh
Shell signals
bashterminalcommand:
Suspicious
password

Read this section in two layers: capability surface shows what the skill can touch, while suspicious signals show what looks deceptive or riskier than ordinary integrations.

🧪 Technical runtime details

No runtime suite recorded yet for this skill.

Publisher and provenance

Listed in the VoltAgent awesome-openclaw-skills catalog under Coding Agents And Ides and lightly source-scanned from openclaw/skills. This is stronger evidence than catalog metadata alone, but still not a full runtime audit.

Source type: awesome-index

Source path: https://github.com/openclaw/skills/tree/main/skills/fnaser/opensoul-cloud/SKILL.md

Source URL: https://github.com/openclaw/skills/tree/main/skills/fnaser/opensoul-cloud/SKILL.md

Discovery category: Coding Agents And Ides

Manual review

No human review yet. The scorecard is currently static-analysis-first.

Community signals

Community signals

These are community attention markers, not crowd-sourced truth. Click what feels especially worth flagging or reviewing.

Related skills

kefir-batch-manager

p-salmon · Trusted
83
overall

Comprehensive kéfir batch management system with cycle tracking, intelligent reminders, grain health monitoring, and recipe management. Use when managing kéfir fermentation cycles, tracking grain health, calculating ratios, scheduling reminders, or maintaining fermentation records.

echo-agent

krishna3554 · Trusted
82
overall

EchoAgent is a minimal OpenClaw-compatible skill.

japanese-tutor

chndranndr · Trusted
82
overall

Interactive Japanese learning assistant. Supports vocabulary, grammar, quizzes, roleplay, PDF/DOCX material parsing for study/homework help, and OCR translation.