Training Manager
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions); human review is required before treating this skill as clean.
This skill looks consistent with its stated purpose and does not show exfiltration or hidden destructive behavior. Before installing, understand that it is meant to edit your OpenClaw workspace and future agent behavior. Review generated AGENTS.md, SOUL.md, MEMORY.md, USER.md, and skill files, avoid saving secrets, and keep backups before large training or consolidation changes. ClawScan detected prompt-injection indicators (ignore-previous-instructions), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and using this skill can change how your agent behaves in later sessions.
The skill includes a writer that can modify core OpenClaw workspace files. The filename whitelist, overwrite protection, rate limiting, and injection checks make this purpose-aligned, but these are still important behavior-control files.
Allowed: SOUL.md, AGENTS.md, USER.md, TOOLS.md, IDENTITY.md, MEMORY.md
Review proposed edits to core workspace files before accepting them, and keep backups before major changes.
Incorrect, sensitive, or overly broad training notes could persist and shape future agent responses.
The skill intentionally stores user preferences, corrections, behavioral rules, and facts into persistent memory/context files that may influence future agent behavior.
corrections and preferences get categorized and logged automatically: Behavioral rules → `AGENTS.md` ... Facts → `MEMORY.md` or daily logs
Do not store secrets in training files, periodically review MEMORY.md and daily logs, and remove or correct stale instructions.
You have less independent context for who maintains the code or where updates come from.
The registry metadata does not provide a clear source or homepage for a skill that ships executable bash scripts. The provided scripts are readable and local, but provenance is still limited.
Source: unknown; Homepage: none
Inspect the included scripts before use and install updates only from a trusted ClawHub listing or verified repository.