Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Self Learning Skill
v3.0.1Agent 自我学习与记忆更新技能。分析对话历史,提取关键信息,自动更新配置文件和学习记录,实现 Agent 持续自我成长。 融合自学习 (配置文件更新) + 自改进 (学习记录系统) 双引擎。 Use this skill when: - 需要整理和更新 Agent 记忆 (MEMORY.md, IDENTIT...
⭐ 1· 1.9k·32 current·33 all-time
byA'c'c'z'd'y@acczdy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (self-learning, memory/config updates) match the code and SKILL.md: scripts read conversation history, parse and update MEMORY.md/IDENTITY.md/TOOLS.md etc., and maintain a .learnings/ log. Allowed tools (Read/Write/Bash/SessionsList/SessionsHistory/SessionsSend) are appropriate for the stated functionality.
Instruction Scope
Instructions and scripts will read and write core workspace files, create/append structured logs in .learnings/, back up/restore files, and install a hook into ~/.openclaw/hooks that injects suggestions into sessions. This is within scope but grants the skill potential to modify agent behavior and to read an OpenClaw config at /root/.openclaw/openclaw.json for workspace auto-detection — users should be aware that the skill will access those files and session history.
Install Mechanism
No external install/downloads or remote code fetches are present. There is no install spec; the package is instruction + local Python scripts. requirements.txt only lists standard Python packages (PyYAML, pytest, black, flake8).
Credentials
The skill declares no required environment variables or credentials, and that matches registry metadata. At runtime it does read WORKSPACE (if present) and may read OpenClaw config files (e.g., /root/.openclaw/openclaw.json) for auto-detection. No network exfiltration endpoints or secret-collection code were found, but reading an agent config file could expose workspace paths or settings — consider whether that access is acceptable.
Persistence & Privilege
always:false (no forced inclusion). The skill installs a local hook into the user's OpenClaw hooks directory and the hook can inject messages into sessions (onSessionStart/onPromptSubmit). This is coherent for a learning skill but elevates its influence over agent interactions — review hook behavior before enabling. The skill does not modify other skills' configs.
Assessment
This skill is coherent with its stated purpose (automatically reading conversation history and updating memory/config files and logs), but it does perform filesystem writes and can install a session hook that injects messages. Before installing: 1) Review and back up your workspace (MEMORY.md, IDENTITY.md, etc.). 2) Inspect scripts/memory_update.py and hooks/openclaw/handler.js to confirm the exact files/paths it will read and write (it attempts to read WORKSPACE and /root/.openclaw/openclaw.json for auto-detection). 3) Note the hook behavior — enable only if you trust the injection messages. 4) Check config.yaml (safety.require_confirm_for_delete defaults differ from some doc text) and set require_confirm_for_delete:true if you want stricter deletion safeguards. 5) Run in dry-run/preview mode first (python3 scripts/memory_update.py --dry-run) to observe proposed changes before allowing writes.Like a lobster shell, security has layers — review code before you run it.
latestvk97e7nctbea1ye319tvmxwv0x182bs4q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.