OpenClaw Bootstrap
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill matches its bootstrap purpose, but it installs unpinned external components and enables persistent self-improvement hooks and cron jobs that can change future agent behavior.
Use this only if you want a persistent self-improving OpenClaw environment. Before running it, inspect the bootstrap script, pin or manually verify the external clawhub and self-improving-agent installs, and plan how to review or disable the created hooks, cron jobs, MEMORY.md, and .learnings files.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A changed or compromised external package or community skill could affect the user's OpenClaw environment and future agent behavior.
The one-command bootstrap installs an unpinned global npm package and an unpinned external skill whose contents and hooks are not included in the reviewed artifacts.
npm i -g clawhub ... clawhub install self-improving-agent --workdir "$WORKSPACE"
Review and pin the exact clawhub package and self-improving-agent version before running, and inspect the installed skill and hook before enabling it.
The assistant may continue running background self-improvement or maintenance actions after the initial setup, including actions that alter persistent memory or instructions.
The script copies and enables a persistent self-improvement hook and creates scheduled OpenClaw cron jobs, with no explicit opt-in per job or uninstall/disable instructions.
cp -r "$WORKSPACE/skills/self-improving-agent/hooks/openclaw" "$HOME/.openclaw/hooks/self-improvement" openclaw hooks enable self-improvement ... openclaw cron add --name "$name"
After installation, run `openclaw cron list` and inspect `~/.openclaw/hooks/self-improvement`; disable any hook or cron job you do not explicitly want.
Private, incorrect, or stale notes could be reused as trusted context and influence later agent decisions without the user noticing.
The installed workspace rules make personal memory and daily notes persistent context for future sessions and encourage automatic promotion of observed preferences into long-term memory.
Read `SOUL.md` ... `USER.md` ... `memory/YYYY-MM-DD.md` ... `MEMORY.md` ... 用户提出的偏好和规则 → 立刻写入 MEMORY.md ... 心跳周期 → 扫描 daily notes,提炼到 MEMORY.md
Keep MEMORY.md, memory/, and .learnings/ under user review; require confirmation before promoting notes into AGENTS.md or MEMORY.md; and remove sensitive entries you do not want reused.
The bootstrap may rely on the user's ClawHub account to install skills or access account-scoped resources.
The setup asks the user to authenticate to ClawHub, which is expected for installing community skills but means the local CLI may gain account-backed authority.
`clawhub login` — 登录 ClawHub
Log in only with the account you intend to use for this workspace, and review what the CLI installs or changes while authenticated.