The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches dependencies from the NPM registry, specifically pinyin-pro and the vendor's own library cantian-tymext. An automated scan flagged a specific sub-dependency of esbuild (@esbuild/win32-ia32) on the official NPM registry, which is a common build tool used by the dev-dependency tsx.- [COMMAND_EXECUTION]: Documentation provides standard commands for users to install dependencies (npm install) and manage the local persona database via a CLI (npm run bazi). The repository includes a build script (scripts/build-openclaw-release.sh) for packaging releases, which uses standard file system and Node.js operations.- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface via the chat_import_tool, which allows the ingestion of external chat records from text, JSON, or OCR sources into the persona's memory. To mitigate this, the skill provides mandatory boundary prompts (prompts/chat_base.md, prompts/memory_builder.md) that instruct the agent to prioritize safety rules, ignore non-persona-related instructions, and verify facts before absorption. The skill's capabilities are limited to the Read, Write, and Glob tools for local persona management.

bazi-persona