ClawHub
Back to skill
v1.0.0

Self Improving.Bak

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:28 AM.

Analysis

This looks like a real self-improvement memory skill, but it persistently changes the agent’s memory/behavior and has package identity mismatches, so it deserves review before installing.

GuidanceInstall only if you intentionally want persistent local memory that influences future agent behavior. Verify the package identity, review any edits to AGENTS.md/SOUL.md/HEARTBEAT.md, keep memory in Passive or Strict mode if privacy matters, and decline or separately review the optional Proactivity install.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents
SeverityMediumConfidenceHighStatusConcern
setup.md
Before non-trivial work, load `~/self-improving/memory.md` ... After a correction or strong reusable lesson, write it before the final response ... Add this section to your `HEARTBEAT.md`

The setup changes persistent workspace steering so the agent keeps using and updating this memory system in later tasks. The artifacts include safety rules, but the behavior is long-lived and affects future agent operation.

User impactInstalling the skill may make the agent keep maintaining memory and applying learned rules beyond the immediate request.
RecommendationReview and approve any changes to AGENTS.md, SOUL.md, and HEARTBEAT.md; disable the heartbeat or remove the steering if you do not want persistent follow-through.
Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusConcern
_meta.json
"ownerId": "kn73vp5rarc3b14rc7wjcw8f8580t5d1", "slug": "self-improving", "version": "1.2.16"

The supplied registry metadata identifies this package as `self-improving-bak` version 1.0.0 with a different owner ID, while the internal metadata and SKILL.md identify it as `self-improving` version 1.2.16. This mismatch makes package provenance and ownership unclear.

User impactA user may not be installing the exact publisher, package, or version they think they are installing.
RecommendationVerify the publisher and source before installing; prefer the official package if that is what you intended to use.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
setup.md
Only install it after the user explicitly agrees.

If the user agrees:

1. Run `clawhub install proactivity`
2. Read the installed `proactivity` skill
3. Continue into its setup flow immediately

The setup can bring in an additional skill that is not part of the reviewed artifact set. The explicit user-agreement requirement mitigates this, but it is still an extra dependency and behavior source.

User impactAgreeing to setup may add another skill whose instructions and permissions are separate from this review.
RecommendationAsk to review the Proactivity skill’s artifacts before enabling it, or decline that optional install.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceHighStatusConcern
operations.md
### On Session Start
1. Load memory.md (HOT tier)
2. Check index.md for context hints
3. If project detected → preload relevant namespace

### On Correction Received ... Write to appropriate file

The skill stores and reuses user corrections, preferences, project patterns, and self-reflections across sessions. This is core to the skill, but persistent memories can steer future agent behavior and can be wrong, stale, or sensitive if not carefully reviewed.

User impactFuture answers may be shaped by stored memory entries, including mistaken or overly broad lessons.
RecommendationUse Passive or Strict mode, periodically inspect ~/self-improving/, avoid storing sensitive information, and require confirmation before promoting rules to permanent memory.