Taku Reflect
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: taku-reflect Version: 1.0.0 The 'taku-reflect' skill bundle is a productivity tool designed to help AI agents record project-specific learnings, perform git-based retrospectives, and codify recurring patterns into new skills. The core logic is handled by a clean Python script (scripts/learnings.py) that manages local JSONL files and project documentation (AGENTS.md/CLAUDE.md) using safe path handling and explicit user-confirmation prompts. No evidence of data exfiltration, unauthorized network activity, or malicious prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Saved learnings may guide future agent behavior in the project, so inaccurate or overly broad entries could lead to bad recommendations later.
The skill creates persistent project-local memory and allows future Taku phases to retrieve it as context. This is central to the skill’s purpose and is bounded by confirmation rules, but stale or incorrect learnings could affect future work.
Learnings live in `.taku/learnings/{project-slug}.jsonl` ... Other Taku phases may search existing learnings automatically, but only as contextOnly save stable, intended learnings; periodically prune or export-review the JSONL file; and treat recalled learnings as advisory rather than authoritative.
The agent may run the included local Python script and write or edit project files when you ask it to manage learnings or skills.
The skill exposes local command execution and file mutation so it can manage learnings, exports, pruning suggestions, retrospectives, and skill-writing. These tools are purpose-aligned, and the visible instructions require confirmation for persistent changes.
allowed-tools: - Bash - Read - Write - Edit - Glob - Grep ... Use `scripts/learnings.py` for all learnings file operations.
Review proposed file changes before accepting them, especially changes to project instruction files such as AGENTS.md or CLAUDE.md.
If installed into project instructions, future agents may automatically consider saved learnings during planning and implementation.
The bootstrap protocol is designed to make future agents consult the saved learning file. The protocol explicitly says to treat entries as context rather than hard rules, which reduces risk, but it still creates persistent influence over future sessions.
If `.taku/learnings/{project-slug}.jsonl` exists, consult it before non-trivial planning, implementation, review, or debugging. Treat matching entries as context, not hard rules.Install the bootstrap protocol only if you want this persistent behavior, and keep the learning file accurate and limited to non-sensitive project guidance.