Self Improvement
v1.0.0Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 57·0 current·0 all-time
by@jageri
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
Name and description (capture learnings, errors, promote to workspace memory) match the included assets: reminder hook, activator/error-detector scripts, templates, and a skill-extraction helper. All code and docs support the stated goal (logging and promoting learnings) and no unrelated services or credentials are requested.
Instruction Scope
SKILL.md confines actions to creating/maintaining .learnings/* files, promoting entries, and optionally installing a hook. The hook handler injects a small virtual bootstrap reminder (limited text). The error-detector script reads the CLAUDE_TOOL_OUTPUT environment variable to detect failure patterns — it does pattern matching and only emits a reminder, not the raw output. The instructions explicitly warn not to log secrets. This is largely scoped correctly, but the scripts do run on PostToolUse hooks and can be configured to run globally; enable them only when you trust the environment.
Install Mechanism
There is no automated download/install spec; the skill is instruction-first with optional local scripts and hook files the user can copy. All install/manual steps reference known locations (GitHub repo, ~/.openclaw/hooks, ~/.openclaw/workspace). No external arbitrary downloads or URL-shortened installs are used in the provided files.
Credentials
The skill declares no required environment variables, which is appropriate. However, the error-detector script expects CLAUDE_TOOL_OUTPUT (an agent-provided variable) and references it in docs; that env var is not listed in requires.env. The script only pattern-matches and avoids printing the variable, and documentation warns against logging secrets. Still, enable PostToolUse hooks only when you accept that tool outputs may be inspected by the script.
Persistence & Privilege
The skill does not request always:true and does not modify other skills' configs. Hooks and scripts are opt-in: the user must copy/enable them to get automatic reminders. The hook handler injects a virtual bootstrap file (read-only injection into the session context) which is consistent with the skill purpose.
Scan Findings in Context
[no_findings] expected: Static pre-scan reported no findings. The repository contains shell scripts and a hook handler (expected for a local hook/reminder skill) which the scanner did not flag.
Assessment
This skill appears coherent and does what it says: it adds lightweight reminders and local logging helpers. Before enabling: (1) Review and, if desired, edit scripts/activator.sh and scripts/error-detector.sh so output fits your privacy policy; error-detector reads CLAUDE_TOOL_OUTPUT to detect failures — do not enable PostToolUse unless you trust the session/tool outputs won't contain secrets. (2) When enabling the OpenClaw hook (copying to ~/.openclaw/hooks and openclaw hooks enable ...), remember this is opt-in and will inject a short reminder into every bootstrap of sessions where the hook is enabled. (3) The extract-skill.sh writes files under the current workspace and validates paths to avoid absolute/.. writes, but run it from a directory you control. (4) Never log secrets or full transcripts to .learnings/ unless you explicitly intend to; the skill itself warns against that. If you want automated behavior, enable only the UserPromptSubmit activator and avoid global PostToolUse hooks unless necessary.Like a lobster shell, security has layers — review code before you run it.
latestvk97fksbrnq2dbctaq47m6xaxds848r7k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.