Skillv1.1.0

ClawScan security

Super Self Improving · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 5, 2026, 3:24 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's description and runtime instructions broadly match a self‑improving memory agent, but the SKILL.md refers to persistent files, CLI commands, and token/usage monitoring without declaring config paths, binaries, or credentials — an internal inconsistency that warrants caution.
Guidance: This skill conceptually fits a self‑improving memory agent, but there are mismatches you should resolve before installing or running it: 1) The SKILL.md expects persistent files in ~/.super-self-improving and CLI commands (e.g., super-self-improving) yet the package declares no config paths or binaries — ask the publisher which files will be created and inspect them. 2) Token monitoring and scheduling features imply access to usage/billing data or orchestration credentials; confirm what data sources it will read and whether any credentials are required. 3) The skill promises not to store sensitive data, but that is not enforceable — avoid letting it store any secrets, or run it in a sandboxed account. 4) Because no code is included, do not install third‑party code to satisfy referenced commands unless you review its source. If you decide to proceed, run in an isolated environment, inspect any created files under ~/.super-self-improving, and verify there are no unexpected network endpoints or credential reads.

Review Dimensions

Purpose & Capability: noteThe declared purpose (self‑improving agent with memory, feedback loops, meta‑learning and confidence calibration) is consistent with the prose in SKILL.md. However, the skill references persistent storage under ~/.super-self-improving and CLI commands (e.g., super-self-improving stats) while the registry metadata declares no required config paths or binaries. That mismatch is unexpected: a memory/monitoring skill legitimately needs a place to store data and potentially tooling, but those requirements are not declared.
Instruction Scope: concernSKILL.md instructs storing and reading memory files (hot.md, preferences.md, etc.) under the user's home directory and defines workflows that imply reading session/context and tracking token consumption and performance metrics. The instructions do not explicitly ask for unrelated system files or credentials, but they do assume persistent local file I/O and implicit access to usage/token metrics. The guidance 'do not store sensitive information' is advisory only — there is no enforcement or mechanism described to prevent sensitive data from being written or transmitted.
Install Mechanism: okThis is an instruction‑only skill with no install spec and no code files packaged. That minimizes immediate supply‑chain risk because nothing is downloaded or executed by an installer. However, the README references a python script (super_self_improving.py) and CLI commands which are not included; if a user later installs code from an external source to satisfy these commands, that introduces risk not captured here.
Credentials: concernThe skill declares no required environment variables or credentials, yet it describes token monitoring, cost estimation, and agent scheduling/auto‑scaling features that in practice often require access to provider APIs, billing info, or orchestration credentials. The absence of declared env vars/config paths but the presence of features that normally need them is an inconsistency. Also, persistent memory in the user's home could unintentionally capture secrets even if the skill 'promises' not to.
Persistence & Privilege: noteThe skill intends to persist data under ~/.super-self-improving (detailed directory layout and files). The registry metadata lists no required config paths, so this persistence is an implicit privilege not declared up front. The skill does not request always:true or attempt to change other skills/settings, which reduces the privilege concerns, but users should be aware it expects to create and maintain local persisted state.