Safe Self-Improvement
PassAudited by ClawScan on May 6, 2026.
Overview
This skill appears locally scoped and security-conscious, but it intentionally creates persistent learning logs and can change agent guidance after explicit approval.
This looks reasonable for a local self-improvement workflow, but install it only if you are comfortable with persistent learning files. Inspect the full source, review `.learnings/` regularly, do not log secrets, and approve core-file promotions only after checking the exact change.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Incorrect, overbroad, or accidentally sensitive learning entries could remain in local files and influence future work.
The skill intentionally creates local learning records that can persist across sessions and be reused by the agent.
**Data stored locally**: All learnings written to `.learnings/` in the workspace directory
Review `.learnings/` periodically, delete bad entries, avoid logging secrets, and consider making the directory read-only in sensitive projects.
This is purpose-aligned, but if the proposed content contains secrets, they may briefly appear in local process or command execution context while being checked.
The skill tells the agent to run a local shell script with the proposed log content as a command-line argument before writing it.
./scripts/sanitize.sh "<content_to_log>"
Do not provide secrets as learning content; a safer future implementation would pass content through stdin or a temporary protected file rather than a command argument.
If a user approves a poor promotion, the agent may carry that bad rule into later tasks.
The skill acknowledges that promotions can modify core agent guidance files, which can affect future sessions; the artifact also requires explicit approval.
NEVER auto-modify core files — `SOUL.md`, `AGENTS.md`, `TOOLS.md`, `MEMORY.md`, `IDENTITY.md` must NOT be modified without explicit user approval
Only approve promotions after reviewing the exact proposed change or diff, and avoid approving broad rules that could affect unrelated work.
If installing from the README rather than the reviewed registry package, the code fetched later may differ from the files reviewed here.
The documented install path clones the current repository state without pinning a commit or release tag.
git clone https://github.com/gateswell/safe-self-improvement-agent.git ~/.openclaw/skills/safe-self-improvement
Install from a trusted source, pin or inspect the exact commit, and review the full `SKILL.md` and scripts before enabling the skill.