open-persona

The OpenPersona meta-skill presents a coherent and ambitious framework for building, deploying, and evolving agent personas with a multi-layer architecture. Most capabilities align with the stated purpose. However, the footprint includes multiple outbound data paths, credential handling, and autonomous tool usage that, in aggregate, raise security and provenance concerns beyond a typical meta-skill. The design relies on external registries, soft references to external skills, and runtime signals that could be exploited if not tightly scoped, sandboxed, and audited. Overall, the skill appears SUSPICIOUS due to potential data flows and credential exposure in external endpoints, but not demonstrably malicious. Stronger controls around provenance, explicit per-action user approvals for external calls, minimized credential exposure, and clearer data-flow boundaries are recommended to elevate to BENIGN.