Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Self Evolving Skill 1.0.2
v1.0.0Meta-cognitive self-learning system - Automated skill evolution based on predictive coding and value-driven mechanisms.
⭐ 0· 733·7 current·7 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims a Python core implementing SVD/PCA, a mcp_server, and persistent experience storage, but the repository bundle does not include the referenced core/ Python modules (residual_pyramid.py, skill_engine.py, mcp_server.py, etc.). package.json only lists TypeScript dependencies (no Python deps), and install.sh doesn't create or install a Python virtualenv. This mismatch means the heavy ML capabilities described are not present in the distributed files and the adapter will fail or behave unexpectedly; that's disproportionate to the simple files included.
Instruction Scope
SKILL.md and INSTALLATION.md instruct users to run a MCP server (run_mcp.sh / mcp_server.py) and to place configuration in OpenClaw mcp_servers.json. The provided install.sh merely symlinks the skill and copies mcporter_adapter.py — it does not create the venv or the Python core files. mcporter_adapter.py manipulates MCP_STORAGE_DIR (defaulting to a hardcoded /Users/blitz path) and imports core modules that are absent, which will cause runtime failures or unexpected behavior. The skill also suggests auto-start integration into agent MCP config (an action that, if performed, grants a persistent server process), but no safe defaults or verification steps are provided.
Install Mechanism
There is no registry install spec; the included install.sh performs local filesystem operations only (symlink into ~/.openclaw/skills, copy adapter, create storage dirs). No remote downloads or archives are fetched. That is low risk in terms of remote code retrieval, but the script and docs reference additional scripts/files (venv/, run_mcp.sh, core/) that are not packaged, leaving installation incomplete and ambiguous.
Credentials
The manifest declares no required environment variables or credentials, but mcporter_adapter.py and the TypeScript code read and set environment values (MCP_STORAGE_DIR, STORAGE_DIR, HOME). mcporter_adapter.py sets a default storage path pointing to /Users/blitz/... which is hardcoded and likely incorrect for other users. The codebase implies persistent storage of skill objects; if the missing Python core's storage uses Python pickling, that could create a deserialization risk when loading saved skills (the repo provides no storage implementation to review). Overall, requested and used environment/config paths are inconsistent and not justified by the manifest.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable. However, the docs provide an mcp_servers.json snippet that — if a user adds it to their agent config — will cause the skill's Python MCP server to be started automatically (a persistent process). Because the actual server code is not packaged, this would require the user to supply or download additional files; still, the guidance to add an auto-start entry increases the potential blast radius if the missing core were later supplied or tampered with. As-distributed, the skill does not force persistence.
What to consider before installing
This package is inconsistent: it advertises a Python ML core and an MCP server but those core Python files are not included. Before installing or enabling it: 1) Do NOT add the suggested mcp_servers.json auto-start entry until you have inspected the actual mcp_server.py and core/ modules. 2) Inspect any storage implementation (core/storage.py) for pickling/deserialization of arbitrary objects — loading untrusted pickles can execute code. 3) Check and correct hardcoded paths (the adapter defaults to /Users/blitz/...) so it won't read/write unexpected locations. 4) Prefer installing this only in an isolated environment (container or isolated user) and only after obtaining the missing core source from a trusted origin and reviewing it. 5) If you don't want to run a local Python MCP server, note that the TypeScript side has a JS fallback with static/simulated outputs — expect reduced functionality. If you want a clear pass/fail: include the missing core Python files (or confirm they will be installed by a vetted installer) and re-run the review.Like a lobster shell, security has layers — review code before you run it.
latestvk973gprn9nstt5yq3vk05kpx7s826kbb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.