Adityasagar
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a legitimate self-improvement logger, but it needs review because it can persist learnings into future agent instructions and cross-session workflows without clear approval or redaction boundaries.
Install only if you want an agent memory/self-improvement workflow. Keep secrets out of .learnings files, require review before promoting entries into CLAUDE.md/AGENTS.md/SOUL.md/TOOLS.md, be careful with cross-session transcript sharing, and verify the package source before enabling persistent hooks.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken, sensitive, or over-broad learning could influence future sessions or be exposed in persistent project/workspace memory.
The skill directs learnings and corrections to be stored and promoted into files that become future agent context. That is central to the skill, but the artifacts do not clearly require user review, redaction, or rollback before persistent instructions are changed.
OpenClaw injects these files into every session ... AGENTS.md ... SOUL.md ... TOOLS.md ... MEMORY.md ... .learnings/ ... Broadly applicable learning | Promote to `CLAUDE.md`, `AGENTS.md`, and/or `.github/copilot-instructions.md`
Review all promoted entries before they are added to instruction or memory files, keep secrets out of learning logs, and periodically prune stale or incorrect entries.
Information from one session could be read or forwarded into another session without clear boundaries, potentially exposing private task context.
The documentation encourages cross-session transcript access, message sending, and sub-agent spawning, but does not define consent, redaction, origin verification, or limits on what session data may be shared.
sessions_history ... Read transcript from another session ... sessions_send ... Send message to another session ... sessions_spawn ... Spawn a background sub-agent
Use cross-session tools only with explicit user intent, avoid sending secrets or full transcripts unless necessary, and add redaction/approval rules for inter-session sharing.
If enabled, future sessions will receive recurring self-improvement reminders that may affect agent behavior.
The hook creates persistent bootstrap-time behavior, but it is documented as opt-in and the included handler only injects a reminder rather than running hidden tasks.
Fires on `agent:bootstrap` ... Adds a reminder block ... Enable with: `openclaw hooks enable self-improvement`
Enable the hook only if you want persistent reminders, and disable the hook if it becomes noisy or inappropriate for a workspace.
Users may have difficulty confirming whether this package matches the intended upstream skill before enabling hooks or scripts.
The embedded metadata differs from the supplied registry identity for Adityasagar/aditya v1.0.0, and the registry source/homepage are unknown. This is a provenance/packaging ambiguity, not direct evidence of malicious code.
"slug": "self-improving-agent", "version": "1.0.11", "ownerId": "kn70cjr952qdec1nx70zs6wefn7ynq2t"
Verify the publisher and upstream repository before installing, especially before copying hooks into a persistent OpenClaw hooks directory.