ClawHub

Self Improvement

v0.1.0

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

0· 230·11 current·12 all-time
by@buradly·duplicate of @pskoett/self-improving-agent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (self-improvement / capture learnings) align with the provided files: README-style SKILL.md, templates, logging files, hook handlers, and small helper scripts. Required env/config/credentials are none, which matches the non-privileged nature of the task.
Instruction Scope
SKILL.md instructs agents to create and update local .learnings files, promote entries to workspace docs, and optionally use OpenClaw session utilities (sessions_list, sessions_history, sessions_send, sessions_spawn). Those inter-session utilities are platform features — their mention is in-scope for a cross-session learning workflow but you should be aware they read or send session transcripts when used. The scripts/hooks themselves only inject text or inspect tool output (CLAUDE_TOOL_OUTPUT) and do not attempt network exfiltration.
Install Mechanism
No install spec is present (instruction-only), which is low risk. The repository contains optional hook files and three small shell scripts plus hook handlers; manual copy instructions target user-owned paths (~/.openclaw, project dirs). The extract-skill.sh helper writes new skill scaffolds but includes checks (rejects absolute paths and '..') and requires explicit invocation.
Credentials
The skill declares no environment variables, no credentials, and no config paths. The scripts read CLAUDE_TOOL_OUTPUT (documented) for error detection — that is proportional to the stated purpose of detecting command errors. There are no unexpected SECRET/TOKEN environment requirements.
Persistence & Privilege
always is false and the skill does not request permanent/system-wide privileges. Hooks are opt-in and must be explicitly enabled. The provided activator and error-detector scripts run with the same user permissions as the agent — normal for hooks — and the extract script writes only to a relative ./skills directory (with checks).
Assessment
This skill appears coherent and low-risk for its stated purpose. Before enabling it: 1) review and, if needed, run the shell scripts in a safe/test workspace (they only print reminders or scan local tool output for error patterns); 2) enable hooks only at the project level (not globally) unless you trust the behavior site-wide; 3) note that promoting learnings or using sessions_history/sessions_send uses OpenClaw session features that can access other session transcripts—only use those when appropriate; 4) if you plan to use extract-skill.sh, keep it in a project workspace (it refuses absolute and .. paths but will create files under the given relative path); and 5) set executable permissions intentionally (chmod +x) and inspect scripts before running. Overall this skill is internally consistent with its description.

Like a lobster shell, security has layers — review code before you run it.

latestvk9767s641dr9pkcnkxtz63tqxs831hgv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments