Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Andara Self Improvement
v1.0.0Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 136·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code and scripts: this is a local 'self-improvement' logger with optional OpenClaw/OpenClaw-hook integration. Required binaries/credentials/configs are none, and bundled hooks/scripts align with the stated purpose (reminders, error detection, skill extraction).
Instruction Scope
SKILL.md explicitly instructs logging 'Full source of all included files' into error entries and to promote high-value learnings into workspace-level files (CLAUDE.md, AGENTS.md, TOOLS.md) that are injected into sessions. That scope goes beyond ephemeral reminders: it encourages capturing potentially sensitive code, command outputs, or secrets and making them persistent and globally visible to future sessions/agents.
Install Mechanism
No external downloads or installers. The skill is instruction-first with small included scripts and a hook handler. extract-skill.sh writes local files but validates names/paths and refuses absolute or parent paths, reducing risk. No network fetches or archive extraction are present.
Credentials
The skill requests no credentials or env vars. The error detector script reads CLAUDE_TOOL_OUTPUT (a platform-provided env var) even though it's not listed in frontmatter — this is expected for hook scripts but worth noting because CLAUDE_TOOL_OUTPUT can contain command output that may include secrets. There are no unrelated credential requests.
Persistence & Privilege
Although always:false, the skill explicitly instructs installing workspace files under ~/.openclaw/workspace and copying/enabling hooks under ~/.openclaw/hooks. Promoted learnings become part of the workspace that OpenClaw injects into future sessions, increasing persistence and cross-session exposure. Hooks and scripts run with the same user permissions as the agent, so enabling global/user-level hooks can make the behavior system-wide for that user.
What to consider before installing
This skill is internally coherent and doesn't request credentials or external code, but it guides you to capture and promote full file contents and command outputs into a shared workspace that future agent sessions will automatically ingest. Before installing or enabling hooks: (1) don't log full source or paste secrets into .learnings/ entries; sanitize entries (remove secrets, keys, credentials, or entire sensitive files); (2) prefer project-local .learnings/ rather than the user-wide ~/.openclaw/workspace if you want to limit blast radius; (3) review and test scripts (activator.sh, error-detector.sh, extract-skill.sh) and only enable the PostToolUse error detector if you trust the environment content in CLAUDE_TOOL_OUTPUT; (4) inspect and control who can read ~/.openclaw/workspace files and avoid promoting learnings to global CLAUDE.md/AGENTS.md unless reviewed; (5) if you expect sensitive data to appear in command output, disable automatic hooks or add stricter matchers so logging only happens in safe contexts. If you want, I can produce a sanitized checklist and a safe-hook configuration (matcher rules) to reduce the risk of accidental data capture before you enable this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97dk6yhnsc6madsvk0ftd3c51834rp0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.