ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Strict Self-Improving Agent (Rule of 3)

v1.0.2

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

0· 345·0 current·0 all-time
by@jayv29
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Rule of 3 self-improvement) aligns with the included artifacts: hooks that inject reminders, scripts to detect errors, scripts to scaffold extracted skills, and a promoter that aggregates candidate promotions. All code and documentation support the declared goal; no unrelated cloud credentials, binaries, or external services are required.
Instruction Scope
SKILL.md and the hook handlers clearly instruct creating workspace memory files, enabling an optional OpenClaw hook, and optionally wiring scripts into agent hooks (UserPromptSubmit, PostToolUse). The scripts operate on local files and environment variables expected in the agent environment (e.g., CLAUDE_TOOL_OUTPUT). The instructions do not direct reading of unrelated system credentials or exfiltration to external endpoints.
Install Mechanism
This is instruction-only (no remote install/download). All executable helpers are included in the package (bash scripts, hook handlers). There are no network download or extract steps that would pull arbitrary code from personal servers or shorteners.
Credentials
The skill declares no required environment variables or credentials. Runtime scripts read CLAUDE_TOOL_OUTPUT (a platform-provided variable) and respect SKILLS_DIR/SKILLS_DIR-like overrides; they write files under the user's workspace or $HOME. While no secrets are requested, logs and learned entries written to workspace files may contain command output or user-supplied context — users should consider whether such persisted logs may include sensitive data.
Persistence & Privilege
The skill is opt-in (always: false). Installing the hook (openclaw hooks enable ...) gives it ongoing presence during agent bootstrap and hook-triggered events. This is expected for a self-improvement hook, but note the hook and scripts will run with the same permissions as the agent and will create/modify files in the user's OpenClaw workspace (~/.openclaw/workspace and memory/core).
Assessment
This skill appears to do what it says — it only injects reminders, detects command errors locally, scaffolds new skills from learnings, and aggregates promotion candidates. Before enabling it: 1) review the scripts (activator.sh, error-detector.sh, extract-skill.sh, promote-review.sh) so you understand what files they write and where; 2) be aware hooks run with the agent's permissions and will create/modify files under ~/.openclaw/workspace and memory/core; 3) logs and learning entries may contain command output or context that could include secrets — decide whether to redact or avoid logging sensitive output; 4) if activations are too frequent, use matcher filters (as documented) to limit when hooks run; and 5) only enable the OpenClaw hook(s) if you trust the skill and want persistent reminders and local file writes. If you want additional assurance, run the scripts in a dry-run or test workspace first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e5mb4cb6cxjsbtgvyem08x1823532

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments