Self-Improving Science
v1.1.0Captures learnings, experiment issues, and methodology corrections for continuous improvement in scientific research and ML workflows. Use when: (1) Data lea...
⭐ 0· 59·0 current·0 all-time
byJosé I. O.@jose-compu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (capture learnings, promote to docs/checklists) align with the provided scripts and hook handlers. Included scripts (activator, error-detector, extract-skill) and hook handlers implement reminders, local error-detection, and skill scaffolding which are coherent for this purpose.
Instruction Scope
Runtime instructions and scripts are scoped to creating/maintaining .learnings/ logs, injecting a virtual reminder on agent bootstrap, and scanning tool output for error patterns. The docs also instruct using OpenClaw inter-session APIs (sessions_history, sessions_send, sessions_spawn) to share learnings across sessions — this is consistent with the skill goal but increases risk of exposing cross-session transcripts or learnings if used carelessly. The error-detector reads the CLAUDE_TOOL_OUTPUT environment variable to look for patterns; it does not transmit that content elsewhere, but it does inspect possibly-sensitive tool output.
Install Mechanism
No install spec is provided (instruction-only install), which is the lowest risk category. Manual install examples reference a GitHub repo URL; no arbitrary downloads, shorteners, or archive extraction are used by the skill itself.
Credentials
The skill declares no required env vars or credentials. One script (error-detector.sh) reads CLAUDE_TOOL_OUTPUT (a runtime variable supplied by the host agent) but that env var is not listed in requires.env — this is expected for hook scripts but worth noting because the script inspects tool output which can contain sensitive information if the agent/tool emits it.
Persistence & Privilege
The skill is opt-in: hooks and scripts must be enabled/installed by the user. always:false and no indication of modifying other skills or system-wide configs. Hook handler injects a virtual reminder file at bootstrap; it does not persist credentials or enable itself without user action.
Assessment
This skill appears to do what it says: local reminders and simple, opt-in scripts to log experiment learnings. Before enabling: 1) Review the hook scripts (activator.sh, error-detector.sh) so you’re comfortable they only print reminders and scan local tool output (they do not exfiltrate data). 2) Be mindful when using cross-session features (sessions_history, sessions_send) — those can surface other session transcripts or findings; avoid sending raw sensitive data. 3) Don’t write proprietary data, PII, API keys, or raw datasets into the .learnings/ files; follow the SKILL.md guidance to redact. 4) If you install hooks, prefer the minimal activator-only setup or add matcher filters to reduce noise. 5) If you plan to use the manual git install, inspect the referenced GitHub repo before cloning. If you want a tighter review, provide the remote repository URL or confirm whether the repo owner is trusted.Like a lobster shell, security has layers — review code before you run it.
latestvk976j5eqrsxjdx8btm10bbce0184tp2j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.