Skillv1.0.0

ClawScan security

Self-Improving Proactive Decision Making Agent · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 4:18 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and runtime instructions largely match its stated purpose (a local, self-improving decision memory), but there are inconsistencies and a few instructive steps that deserve caution before installing or running it.
Guidance: What to check before installing/running: - Back up SOUL.md, AGENTS.md, and HEARTBEAT.md before applying any suggested edits. The skill asks you to append steering snippets to these files; review and approve exact text first. - Fix the path mismatch: most files use ~/decision-making/, but one memory.md example references ~/self-improving/. Decide which path you want and update the templates so files are created where you expect. - Understand persistence: the skill suggests adding lines that make it load memory automatically before decision tasks. If you prefer to invoke the skill only when needed, skip adding the auto-load snippets and call the skill manually instead. - Inspect created files after the first run (memory.md, domains/, decisions/, heartbeat-state.md). Confirm the skill is not logging anything you consider sensitive. The skill includes explicit boundaries (do not store credentials, medical data, etc.), but it will store whatever the agent is given — avoid giving secrets in decision contexts. - Test in a disposable environment (separate user account or container) if you want to verify behavior before granting it ongoing presence in your main agent configuration. Why I flagged it as suspicious rather than benign: the overall design matches the declared purpose, but the path inconsistency and the requested edits to global agent steering/config increase the chance of accidental misconfiguration or broader persistence than a casual user may expect. If you resolve the path inconsistency and explicitly approve any SOUL/AGENTS/HEARTBEAT changes, the concerns are largely mitigated.

Review Dimensions

Purpose & Capability: noteThe name/description (a decision-support agent with persistent memory) aligns with the actions requested: creating and maintaining a ~/decision-making/ workspace, logging decisions, and learning from signals. Requesting no credentials and no external binaries is proportionate. However, the repo contains one internal path mismatch: a sample memory.md refers to ~/self-improving/memory.md while the rest of the skill uses ~/decision-making/. This copy/paste/path inconsistency could cause the agent to create or read the wrong directory.
Instruction Scope: concernThe SKILL.md and companion docs instruct the agent to create, read, update, and compact files inside the user's home (~/decision-making/), and to append guidance into global agent configuration files (SOUL.md, AGENTS.md, HEARTBEAT.md). Persisting user preferences and decision records in a local directory is expected for this skill, but modifying agent config files is a higher-impact action — the skill provides non-destructive wording but still asks to insert operational steering that will cause the agent to load memory before decision tasks. Confirm the exact edits before applying. Also watch the path inconsistency noted above: instructions sometimes reference a different base path, which could lead to files being created in an unexpected location.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code to execute or download. That is the lowest-risk install model and matches the declared metadata.
Credentials: okThe skill requests no environment variables, no credentials, and no privileged config paths. It explicitly forbids storing credentials and other sensitive categories. The environment/credential footprint is minimal and appropriate for a local memory agent.
Persistence & Privilege: concernThe skill requests changes that increase its persistence in the agent workflow: it asks the user to add steering to SOUL.md and AGENTS.md so the memory is loaded 'Before any decision request' and to add heartbeat checks. Although always: false in the registry, these manual edits would give the skill persistent behavior across sessions. That is reasonable for a memory skill but is higher privilege than a purely ephemeral helper — users should review and approve the exact config edits and consider whether they want the skill auto-loading.