ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Self Improving Agent

v2.0.0

AI Self-Improving Agent v2 - Learn from mistakes, corrections, and successes. Three-layer system: passive capture + proactive check + proactive skill generat...

0· 33·0 current·0 all-time
by@haiqingge
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with the provided code: the scripts log errors/corrections/best-practices, check remembered items, and can generate simple SKILL.md files and a local registry. Nothing in the code requests unrelated credentials or system access. However, the manifest and documentation claim more advanced, always-on capabilities (automatic pattern detection, heartbeat scans, proactive auto-generalization) that are not implemented by the included scripts.
!
Instruction Scope
SKILL.md describes proactive, autonomous behavior (heartbeat scans, detecting repeated patterns, auto-generalize after 3 repeats, proactive proposals), but the runtime artifacts are simple CLI tools that only operate when invoked and have no background process, pattern-detection logic, or model integration. skill.json declares hooks (on_task_complete, on_error, etc.) pointing to the scripts, but those scripts expect CLI arguments and do not implement a robust event-driven API. This mismatch could cause unexpected behavior if the platform invokes hooks with different inputs, or it could be over-promising functionality to users.
Install Mechanism
No install spec or network downloads; this is effectively instruction-only with small local Python scripts. No external packages or downloads are pulled in. Files write to user home under ~/.openclaw by default which is expected for a local memory/skill generator.
Credentials
The code optionally reads OPENCLAW_HOME to locate storage but otherwise requires no credentials, no environment secrets, and no special system paths. All storage is under a user-writable path (~/.openclaw or similar). This is proportional to the stated purpose.
Persistence & Privilege
The skill writes persistent data under ~/.openclaw (memory files, skills-generated and a local registry). always is false and the code does not modify other skills or global system settings. However, skill.json declares hooks that a host platform might invoke; depending on how the platform supplies arguments, that could lead to automatic skill generation or error messages. Generated skills are auto_trigger:true by default in generated registry entries, so generated SKILL.md can be later recommended by the agent — review required.
What to consider before installing
This package appears to implement local logging and a simple skill-generation CLI that stores data under ~/.openclaw — that part is coherent and low-risk. The red flag is a mismatch: the README and SKILL.md describe autonomous, always-on behaviors (heartbeat, auto-generalization, proactive detection) but the included Python scripts are manual/CLI tools and contain no background or pattern-detection logic. Before installing or enabling this skill: - Understand that the code only runs when invoked; it does not include a daemon or network calls. If you want automatic behavior, this package does not implement it. - Confirm how your OpenClaw host will invoke hooks from skill.json. If the platform automatically calls on_task_complete or other hooks, check what arguments it will pass — generate_skill.py expects specific CLI args and may fail or create entries if invoked differently. - Review and periodically inspect ~/.openclaw/memory/self-improving and ~/.openclaw/skills-generated for generated SKILL.md files; manually review any generated Skill before trusting it. - Backup any existing ~/.openclaw data before first run. Given the mismatch between claimed autonomous features and the actual implementation, treat this as potentially sloppy or over-promising rather than overtly malicious; proceed with caution and prefer manual invocation until you confirm platform hook behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cvjbpm07xtk872jzxnbhvfd84v0j6learningvk97cvjbpm07xtk872jzxnbhvfd84v0j6memoryvk97cvjbpm07xtk872jzxnbhvfd84v0j6skill-generationvk97cvjbpm07xtk872jzxnbhvfd84v0j6v2vk97cvjbpm07xtk872jzxnbhvfd84v0j6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments