Improvement Generator
AdvisoryAudited by VirusTotal on Apr 6, 2026.
Overview
Type: OpenClaw Skill Name: improvement-generator Version: 1.1.1 The skill is designed to automate the improvement of other skills by using the `claude` CLI to analyze failure traces and propose modifications (scripts/propose.py). While the code appears functionally aligned with its stated purpose, it is classified as suspicious due to high-risk capabilities, specifically the use of `subprocess.run` to execute external commands and the generation of `execution_plan` objects intended for automated file edits. These mechanisms are inherently vulnerable to prompt injection if the target `SKILL.md` files being analyzed contain malicious instructions designed to manipulate the LLM's output into proposing harmful changes.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the script may execute helper code outside this skill package, which limits what can be verified from the provided artifacts alone.
The script depends on shared repository helper modules that are not included in the provided manifest, so the visible skill behavior is partly dependent on external local code.
_REPO_ROOT = Path(__file__).resolve().parents[3] ... sys.path.insert(0, str(_REPO_ROOT)) ... from lib.common import ... read_json ... write_json ... from lib.state_machine import ... update_state
Run it only in a trusted OpenClaw repository environment and review the referenced shared libraries if you need a complete code audit.
Bad, stale, or overly broad history files could steer future improvement suggestions in the wrong direction.
The skill intentionally uses historical memory, feedback, and failure traces to influence future generated candidates.
结合 memory 和 feedback 多源信号生成高优先级候选 ... With memory | Candidates informed by historical patterns and past successes
Provide only scoped and trusted trace, memory, or feedback files, and inspect generated candidates before passing them to discriminator, gate, or executor stages.
A poor generated candidate could affect downstream improvement workflows if later approval or gate stages are too permissive.
The generated candidates are designed to feed a larger improvement pipeline where later components may score, gate, and execute changes.
在 autoloop 场景下由 orchestrator 自动调用,注入历史 trace ... improvement-executor: Executes the top-ranked candidate approved by gate
Keep human or gate review in place before execution, especially for non-documentation changes or candidates marked medium/high risk.