ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

自动学习技能

v1.0.0

自动学习技能 - 从对话中自动提取知识并创建技能。基于Memento-Skills的Read-Write循环机制。适用于AI Agent自进化、知识积累、技能自动创建等场景。

0· 26·0 current·0 all-time
by@534422530

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for 534422530/auto-learn-skill.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "自动学习技能" (534422530/auto-learn-skill) from ClawHub.
Skill page: https://clawhub.ai/534422530/auto-learn-skill
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install auto-learn-skill

ClawHub CLI

Package manager switcher

npx clawhub@latest install auto-learn-skill
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (auto-learn, skill creation) align with instructions to scan dialog, detect patterns, and create/update skill files. However the SKILL.md references a local source path (D:\coze-local\...) and promises cross-session learning and skill creation without specifying where or how new skills will be stored/published—this gap is disproportionate to the declared metadata (no required config paths) and raises questions about intended write targets.
!
Instruction Scope
Instructions explicitly tell the agent to 'scan recent dialog history' and to 'create or update skill files'. They do not define limits on which conversations are scanned, what constitutes personally identifiable or secret data, where generated skills are written, nor whether user approval is required before creating/publishing a skill. That ambiguity grants the agent broad discretion to read and persist conversation content across sessions.
Install Mechanism
Instruction-only skill with no install spec, no binaries, and no code files — minimal disk footprint from the manifest itself. This is expected and lowers supply-chain risk.
Credentials
The skill declares no required environment variables or credentials, which is appropriate. However it will rely on access to conversation history and (implicitly) write access to a skills storage location. Because those accesses are not declared or constrained, the agent could persist sensitive data (secrets from conversations) into newly created files.
!
Persistence & Privilege
The skill is allowed to be invoked autonomously (default) and its purpose is to create/update skills. Autonomous creation of new skills or files without explicit approval increases blast radius: a compromised or buggy model behavior could proliferate new skills or store sensitive content. The skill does not request always:true, but its write-capability combined with autonomous invocation is high-risk unless tightly constrained.
What to consider before installing
This skill can read recent conversation history and automatically create or update skill files across sessions. Before installing: (1) require explicit user confirmation before any creation/publishing step (do not allow fully automatic publish), (2) restrict and declare the exact writable path(s) and run the skill in a sandboxed directory, (3) audit any generated skill content prior to enabling it, (4) disable autonomous invocation if you do not want it running without prompts, and (5) ensure it cannot write to locations containing credentials or system config. If those safety controls cannot be added, treat the skill as risky and avoid installing it in production or on devices with sensitive data.

Like a lobster shell, security has layers — review code before you run it.

auto-learnvk97fvxsezpbh4k1k72ewe5x0nn85qpqflatestvk97fvxsezpbh4k1k72ewe5x0nn85qpqfself-evolutionvk97fvxsezpbh4k1k72ewe5x0nn85qpqfskill-creationvk97fvxsezpbh4k1k72ewe5x0nn85qpqf
26downloads
0stars
1versions
Updated 9h ago
v1.0.0
MIT-0
@534422530
auto-learnlatestself-evolutionskill-creation
Download

⚠️ 发布规则

所有发布到ClawHub的技能必须严格测试,确定没有问题再发布

技能测试验证清单

  • frontmatter格式正确
  • 功能描述准确
  • 工作流程完整
  • 无语法错误

Auto-Learn Skill - 自动学习技能

基于Memento-Skills的Read-Write循环机制 激活词: 自动学习 / 提取经验 / 创建技能

核心原理

对话 → 检测模式 → 提取知识 → 创建/更新技能

触发条件

自动触发

  • 同一问题解决2次以上
  • 发现新的工作流/工具
  • 遇到错误并找到解决方案

手动触发

  • 说"自动学习"
  • 说"提取经验"
  • 说"创建技能"

工作流程

1. 读取 (Read)

  • 扫描最近对话历史
  • 识别重复出现的模式

2. 分析 (Analyze)

重复问题特征:
- 问题类型相同
- 解决方案相似
- 可泛化到其他场景

3. 写入 (Write)

创建或更新技能文件

检测规则

高信号场景

场景权重
解决新类型问题+2
重复问题≥2次+1
发现新工具+2
错误→解决+1

创建阈值

总分 ≥ 3 → 创建新技能

应用场景

  1. 跨会话学习 - 从多次对话中提取通用模式
  2. 技能自动创建 - 将解决方案转化为可复用技能
  3. 错误模式识别 - 记录错误→解决的过程
  4. 工具发现积累 - 记录新发现的有用工具

来源

  • 老四AutoLearn系统: D:\coze-local\simple-agent\skills_learned\auto_learn.md

Comments

Loading comments...