ClawHub

Self Improving Agent 1.0.11

v1.0.0

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

0· 774·93 current·100 all-time
by@kgy7247
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's files (hook handlers, activator/error-detector scripts, extraction helper, templates) align with the described goal of capturing and promoting learnings. Minor metadata inconsistencies exist (registry metadata/version vs _meta.json version and ownerId), which look like packaging/registry bookkeeping issues rather than functional mismatches.
Instruction Scope
SKILL.md and hook handlers stay within scope: creating .learnings files, injecting a reminder at agent bootstrap, and optionally running local scripts on hook events. The error-detector reads a platform-provided CLAUDE_TOOL_OUTPUT variable (not an undeclared secret). Instructions are explicit and opt-in for hook installation and enabling.
Install Mechanism
There is no remote download/install step — the skill is distributed as files and local scripts. The provided scripts do writes only into relative ./skills or user workspace paths and the extract-skill.sh includes safety checks to avoid absolute paths or '..' segments. No external URLs or arbitrary archives are fetched during install.
Credentials
The skill declares no required env vars or credentials. The only environment usage is reading CLAUDE_TOOL_OUTPUT in error-detector (a platform-provided variable) and normal shell variables; no secrets or unrelated credentials are requested.
Persistence & Privilege
The skill is not always-enabled (always: false) and hooks are opt-in. If you enable the provided hooks in user-level settings (~/.claude or ~/.openclaw), the activator/error-detector scripts will run with the agent's user permissions — this is expected but worth noting because hook scripts execute locally.
Assessment
This skill appears to do what it says: add lightweight reminders and helpers for logging learnings and optionally install simple hooks. Before installing or enabling hooks: (1) inspect the hook scripts (activator.sh, error-detector.sh, extract-skill.sh) yourself to confirm they are acceptable; they are small and benign here, but hook scripts run with your user permissions when enabled; (2) prefer project-level or minimal hook configuration rather than global user-level activation if you want to limit blast radius; (3) the extract helper creates files under a relative ./skills directory — the script prevents absolute/../ writes, but avoid running it in directories where creating files could be problematic; (4) be aware of small metadata/version inconsistencies in the package listing (non-security-critical but worth noting); and (5) only enable the OpenClaw/OpenClawdHub hook integration if you trust the source or have reviewed the files, and consider running first in an isolated workspace.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e8q1yjhk3d3ajc3t3wf669h81qg0f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments