test1123123
v1.0.3Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 74·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (self-improvement / capture learnings and errors) matches the included artifacts: scripts to remind about learnings (activator.sh), detect command errors (error-detector.sh), and scaffold new skills from learnings (extract-skill.sh). All actions (creating .learnings/, writing markdown logs, scaffolding ./skills/<name>/) are coherent with the stated purpose.
Instruction Scope
SKILL.md stays mostly within scope: it instructs creating .learnings/ logs, wiring optional hooks, and promoting high-value items to workspace files. It explicitly warns not to log secrets and to prefer redaction. One operational note: enabling the hook causes workspace files to be injected into sessions (intentional for OpenClaw) — that can influence model outputs (prompt injection risk) and should be enabled only in trusted environments. Also, error-detector.sh reads the CLAUDE_TOOL_OUTPUT environment variable (expected for the hook) — the doc warns treating that content as sensitive but scripts do not automatically redact outputs beyond pattern matching.
Install Mechanism
There is no packaged install step in the registry entry (instruction-only), and the SKILL.md suggests manual installation or cloning from a GitHub repo. The included scripts are local and do not download or execute remote archives. No high-risk download/extract behavior is present in the provided files.
Credentials
The skill does not declare required environment variables, credentials, or config paths. The only runtime env used in scripts is CLAUDE_TOOL_OUTPUT (used by error-detector.sh), which is reasonable for a PostToolUse hook. No unrelated secrets or cloud credentials are requested.
Persistence & Privilege
always:false (default) and agent-autonomous invocation is allowed (platform default). The skill recommends installing hooks and placing files under ~/.openclaw/workspace which will persist and be injected into sessions — this is part of its design but elevates the impact of any mistaken or malicious workspace content. Enable hooks only if you trust the source and review workspace files before promoting content into global workspace files.
Assessment
This skill is internally consistent with its purpose: it creates local .learnings/ logs, emits short hook reminders, detects simple error patterns from tool output, and scaffolds new skills from learnings. Before installing or enabling hooks: 1) Inspect the scripts (activator.sh, error-detector.sh, extract-skill.sh) yourself and ensure you’re comfortable with their behavior; they run locally and will write files. 2) Do not enable the PostToolUse hook unless you trust the environment, because it inspects CLAUDE_TOOL_OUTPUT (potentially sensitive). 3) Follow the skill's own advice: never log secrets, tokens, full private files, or raw transcripts unless you explicitly want them stored. 4) If you enable hooks, prefer project-level or matcher-restricted configuration (only trigger on error-related prompts) to reduce accidental injection of sensitive or noisy content into every session. 5) If unsure, keep the skill user-invocable only (don’t enable automatic hooks) and test in an isolated workspace first.Like a lobster shell, security has layers — review code before you run it.
latestvk976jckevs8kw3qmfte8yey4td83ytkx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.