Self-Improving Coding Skill
v1.1.0Captures lint errors, type mismatches, runtime bugs, anti-patterns, refactoring opportunities, language idiom gaps, debugging insights, and tooling issues to...
⭐ 0· 53·0 current·0 all-time
byJosé I. O.@jose-compu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (capture lint/type/runtime learnings and promote them) align with the included files and scripts: activator, error detector, extraction helper, and OpenClaw hook handlers. Required env vars/binaries are none, which matches the stated lightweight logging purpose.
Instruction Scope
SKILL.md instructs creating .learnings/ logs in the project or OpenClaw workspace and to use hooks for automatic reminders. The scripts and handlers only inject reminder text or emit recommendations; they do not automatically write learnings to project files. The error detector reads the CLAUDE_TOOL_OUTPUT environment variable to detect error output (expected for a PostToolUse hook). Important: enabling the OpenClaw hook causes a virtual bootstrap file (CODING_SELF_IMPROVEMENT_REMINDER.md) to be injected into sessions, which is a form of workspace prompt injection — this is intended but worth noting because it changes agent context whenever the hook is enabled.
Install Mechanism
No installation spec is provided in the registry entry (instruction-only), and the package already includes scripts and hook handlers. SKILL.md mentions an optional git clone from a GitHub repo as a manual installation path — if you choose that route, treat it as you would any external repository. There are no remote downloads or archive extraction in the provided scripts.
Credentials
The skill declares no required environment variables or credentials. The only environment variable observed in code is CLAUDE_TOOL_OUTPUT (read-only input for the error-detector hook), which is consistent with detecting tool output and is proportional to the stated purpose. The SKILL.md warns not to log secrets, which is appropriate guidance.
Persistence & Privilege
always:false (no forced persistence). The optional hook, if enabled, will add a virtual reminder file into agent bootstrap context on agent:bootstrap events — this gives the skill influence over session context but only when explicitly enabled. The handler.ts also contains a guard to skip subagents. No code modifies other skills or global agent config by itself.
Assessment
This skill appears to do what it says: provide lightweight reminders and helpers for capturing coding learnings. Before enabling or installing, consider: 1) If you enable the OpenClaw hook (openclaw hooks enable ...), the skill will inject a reminder file into each agent bootstrap — review the reminder text and accept that it becomes part of the agent's context. 2) The scripts are local and do not exfiltrate data, but the error-detector reads CLAUDE_TOOL_OUTPUT — do not enable PostToolUse globally if you are concerned about accidentally capturing sensitive command output. 3) If you install manually via the suggested git clone, inspect the repo (and commit history) first — the registry package includes the scripts, but cloning an external URL pulls remote code. 4) The skill explicitly instructs not to log secrets; keep that practice and review any entries before promoting or sharing. If you want to be conservative, enable only project-level hooks (not user/global) and review/limit the PostToolUse hook to specific matchers (lint|test|build) so it only runs on known tool outputs.Like a lobster shell, security has layers — review code before you run it.
latestvk97emexqkvv51q3a5ppy2r965184sx5k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.