ai-persona-os Security Audit Report
ai-persona-os is an AI agent skill, created by jeffjhunter and published at openclaw/skills. ClawSecure audited ai-persona-os across 43 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 0/100 (High Risk). The 47 findings concentrate in Malicious Code, Policy Violation and Prompt Injection, including Detects prompt strings used to override or force malicious tool calls:... and Attempts to access sensitive file: SOUL.md. 45 were rated high or critical severity.
Is ai-persona-os safe?
ClawSecure audited ai-persona-os and assigned a security score of 0/100 (High Risk), identifying 47 findings across Malicious Code and Policy Violation. Review the findings below before installing.
What did ClawSecure find in ai-persona-os?
ClawSecure identified 47 findings in ai-persona-os, concentrated in Malicious Code, Policy Violation and Prompt Injection. 45 were rated high or critical severity. The most severe include Detects prompt strings used to override or force malicious tool calls:... and Attempts to access sensitive file: SOUL.md.
How was ai-persona-os audited?
ClawSecure ran ai-persona-os through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 43 files from openclaw/skills.
What does a score of 0 mean?
ClawSecure assigned ai-persona-os a security score of 0/100, placing it in the High Risk range. This is driven by 47 findings led by Malicious Code that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).
Audit Findings for ai-persona-os
ClawSecure detected 47 security findings in ai-persona-os, spanning Malicious Code, Policy Violation, Prompt Injection and Permissions Manifest.
- critical · Detects prompt strings used to override or force malicious tool calls:.... Prompt Injection finding detected in
scripts/setup-wizard.sh:1089. - high · Attempts to access sensitive file: SOUL.md. Malicious Code finding detected in
SKILL.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
SKILL.md. - high · Attempts to access sensitive file: SOUL.md. Malicious Code finding detected in
AGENTS-template.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
AGENTS-template.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
HEARTBEAT-template.md. - high · Attempts to access sensitive file: SOUL.md. Malicious Code finding detected in
INDEX-template.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
INDEX-template.md. - high · Attempts to access sensitive file: SOUL.md. Malicious Code finding detected in
LEARNINGS-template.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
LEARNINGS-template.md. - high · Attempts to access sensitive file: SOUL.md. Malicious Code finding detected in
SECURITY-template.md. - high · Attempts to access sensitive file: SOUL.md. Malicious Code finding detected in
SOUL-template.md.
Showing the 12 highest-severity of 47 findings. The full interactive list appears below.
3-Layer Audit Protocol
Security Recommendations for ai-persona-os
Audit external network connections
Resolve policy violations
Investigate prompt injection vectors
Related Security Research
ClawHavoc Explained: The Malware Family Targeting AI Agents→Beyond Static Scans: Why ClawSecure Verifies Agentic Intent→Related AI Agent Security Audits
Scanned on February 7, 2026. ai-persona-os is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.