AI持续学习系统
PassAudited by ClawScan on May 10, 2026.
Overview
The skill appears to fetch public GitHub/arXiv items and store learning notes, but users should verify any scheduling, memory use, and the local model command it relies on.
This skill is reasonable if you want an agent to collect public GitHub/arXiv updates and keep local learning notes. Before installing or scheduling it, confirm whether cron jobs will be created, how to stop them, whether the local mmx model command is trusted, and how generated learnings or memory files will be reviewed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If scheduled, the skill may run repeatedly without prompting, consuming resources and updating learning files over time.
The skill advertises recurring unattended learning behavior. The provided code does not install cron jobs, so this is a disclosed operational model rather than hidden persistence, but users should verify any scheduler they enable.
| `idle_learning` | 每小时xx:00 | 整点自动学习GitHub趋势 |
Only enable cron or background scheduling intentionally, document how to disable it, and periodically review the generated learning files.
Automatically saved notes could become stale, inaccurate, or influenced by untrusted public content if the agent later treats them as reliable memory.
The script stores fetched findings and summaries persistently. Those findings come from public GitHub/arXiv content, which is purpose-aligned but still untrusted if later reused as agent memory.
notes.insert(0, note)
notes = notes[:50] # 保留最近50条
with open(note_file, 'w') as f:
json.dump(notes, f, ensure_ascii=False, indent=2)Treat generated learning notes as unverified research notes, review them before using them as long-term memory, and avoid mixing them with sensitive personal or business memory.
Running the skill may execute the local mmx CLI and use whatever model/provider configuration is attached to it.
The skill invokes a local mmx command to summarize fetched content. This is directly related to the stated summarization purpose and does not use shell=True, but the dependency and model backend should be trusted.
subprocess.run(
['/root/.nvm/versions/node/v22.22.2/bin/mmx', 'text', 'chat',
'--model', 'abab6.5-chat', '--message', prompt, '--output', 'json'],Confirm the mmx binary path and model configuration are trusted, and be aware that summaries may be sent to the configured model backend.
The skill may fail or behave differently depending on what local packages and binaries already exist in the environment.
The registry does not declare runtime setup, while the code depends on Python modules and a hard-coded mmx binary. This is an under-declared dependency issue rather than evidence of malicious behavior.
No install spec — this is an instruction-only skill. Required binaries (all must exist): none
Before use, verify Python dependencies such as feedparser and the mmx CLI are installed from trusted sources and match the expected paths.