ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

321

v1.0.1

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

0· 89·0 current·0 all-time
byMr.Zhang@china-mobile2008
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
SKILL.md and included scripts/hooks implement a coherent self-improvement workflow (logging .learnings/, activator, error detector, OpenClaw hook). However registry metadata is inconsistent with the packaged skill: registry name/slug ('321' / '12') and ownerId differ from _meta.json (ownerId and slug reference 'self-improving-agent'), and version numbers differ. These mismatches are unexplained and reduce confidence in provenance.
Instruction Scope
Runtime instructions stay within the stated purpose: they prompt the agent to log learnings, create .learnings files, and optionally install a hook. The scripts only output reminder text or scan CLAUDE_TOOL_OUTPUT for error patterns. They reference workspace and home paths (e.g., ~/.openclaw/workspace/.learnings) which is expected for this skill but means installing the hook will modify your agent's bootstrap context.
Install Mechanism
There is no automatic install spec; installation is manual (git clone or clawdhub). No downloads from untrusted URLs are embedded. The included scripts are local and create files in the skills/workspace directories. The extract-skill script writes scaffolds to a relative ./skills directory and has path checks to avoid absolute/parent writes.
Credentials
The skill declares no required environment variables or credentials. The error-detector script reads CLAUDE_TOOL_OUTPUT (an agent-provided output variable) which is appropriate for detecting failed tool executions. No secrets or unrelated credentials are requested.
Persistence & Privilege
always:false (default) and autonomous invocation is allowed (default). The hook handlers inject a virtual bootstrap file into agent context when enabled; this is expected for a reminder hook but does alter agent bootstrap behavior. Enabling hooks requires user action (copy+enable), so installation is opt-in.
What to consider before installing
This skill's behavior (reminders, local logging, and lightweight scripts) aligns with its stated purpose, but there are unexplained metadata mismatches (registry name/slug/owner/version differ from the packaged _meta.json and SKILL.md). Before installing: 1) Verify the upstream repository and author (compare the GitHub repo cited in SKILL.md to the registry owner); 2) Inspect the scripts locally (activator.sh, error-detector.sh, extract-skill.sh) and handler.js/ts to confirm they only output text or push virtual bootstrap files; 3) Prefer dry-run/testing: run extract-skill.sh --dry-run and enable hooks in a disposable environment or non-critical account; 4) If you enable hooks, do so at project scope rather than global (~/.openclaw) unless you trust the source; 5) Check file permissions and avoid giving scripts elevated privileges. These steps will reduce risk if provenance is uncertain.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cx3gj6f6czax5jh35p3f6th837wwblatest3vk976zf3zr92dgfqmnjnx1cxa0x837c1p

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments