v1.0.0

Recursive Self Improvement

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:22 AM.

Analysis

The skill is instruction-only and shows no exfiltration, but it asks the agent to autonomously modify, refactor, and repeatedly optimize systems without clear user approval, scope, or stop limits.

GuidanceInstall only if you want an agent to help with controlled repair or optimization workflows. Before using it, set strict limits: specify the exact project or files, require approval before edits, use version control, cap recursion and concurrency, and review any saved history or learning data.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

4. 代码/逻辑变更 ... 5. 单元测试 ... 6. 集成测试

The repair workflow authorizes code or logic changes and testing, but the artifact does not define target scope, approval requirements, rollback, or containment.

User impactThe agent could change project or system code in ways the user did not explicitly review or approve.

RecommendationRequire explicit target files or repositories, show diffs before applying changes, obtain user approval for each mutation, run in version control, and define rollback steps.

Rogue Agents

SeverityHighConfidenceHighStatusConcern

references/workflows.md

验证通过 → 递归调用（回到阶段1）

The workflow explicitly instructs recursive re-invocation after validation, creating an open-ended autonomous loop without a stated stop condition or user checkpoint.

User impactThe agent may keep auditing, repairing, or optimizing beyond the user’s original request, potentially causing repeated unintended changes.

RecommendationAdd hard limits for time, iterations, and scope; require user confirmation before each new cycle; and prohibit background or unattended operation unless explicitly requested.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

从执行中学习，持续优化 ... 历史成功率分析 ... 保留优化历史用于分析

The skill describes retaining execution history and using learned patterns to influence future scheduling and optimization decisions.

User impactStored history or learned context could affect later agent actions, and inaccurate or poisoned records could steer future repairs or optimizations poorly.

RecommendationDefine where history is stored, what data is retained, how long it is kept, how users can review or reset it, and when learned context may be reused.