Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
xiaowei-skill
v1.0.0Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 29·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The files and SKILL.md implement a 'self-improvement' / learnings-capture skill (scripts, hook handlers, templates) and are coherent with that purpose. However the registry-level metadata shown at the top (Name: xiaowei-skill, Slug: be-strong, Source: unknown) does not match the package's internal metadata and file layout (internal slug/self-improvement-agent and references to a peterskoett GitHub repo). Verify the true source/author before trusting the package.
Instruction Scope
Runtime instructions are narrowly scoped to creating .learnings files, prompting the agent to log errors/insights, and optionally installing an OpenClaw hook. The scripts reference CLAUDE_TOOL_OUTPUT and OpenClaw session APIs (sessions_history, sessions_send, sessions_spawn) in docs; these operations can surface sensitive transcripts if used, but the docs repeatedly admonish sanitization and explicit user consent. None of the scripts transmit data externally, but the docs encourage cross-session sharing — only do that in trusted environments.
Install Mechanism
There is no opaque remote installer: the package is instruction-only with included scripts and hook code. The recommended manual install is a git clone from GitHub (traceable). No downloads from untrusted URLs or archive extraction steps are present in the manifest. Scripts do write files (scaffold skills, create .learnings) under the workspace or skill directories as expected.
Credentials
The registry lists no required environment variables or credentials, which is appropriate. However: the error-detector script reads the CLAUDE_TOOL_OUTPUT environment variable at runtime (not declared as required). CLAUDE_TOOL_OUTPUT can contain sensitive command output; the script currently only scans for error patterns and prints reminders, but you should confirm you are comfortable with hooks/scripts having access to this environment variable before enabling PostToolUse hooks globally.
Persistence & Privilege
The skill is not always:true and does not request elevated OS privileges. Installing the optional OpenClaw hook copies files to your OpenClaw hooks directory and enables injection of a virtual bootstrap file (SELF_IMPROVEMENT_REMINDER.md) on agent:bootstrap. That capability increases the skill's ability to influence agent prompt context (intended for reminders here) — enable only in environments you control and audit the hook code first.
What to consider before installing
Review and verify the package source before installing: the manifest files implement a self-improvement skill, but the registry header metadata you were shown is inconsistent with the files (different names/slugs). Inspect the included scripts (activator.sh, error-detector.sh, extract-skill.sh) and hook handlers yourself. Do not enable the PostToolUse hook globally unless you trust the environment — the error detector reads CLAUDE_TOOL_OUTPUT (possible sensitive command output). Keep .learnings/ files out of version control or ensure they are sanitized (the docs advise not logging secrets). If you install, prefer a project-scoped install (not user-global), run scripts with --dry-run where available, and grant hook permissions only after manual review. If anything is unclear, ask the skill author for the original repo URL, a signed release, or a provenance explanation before enabling hooks.Like a lobster shell, security has layers — review code before you run it.
latestvk97f0w3ghf19arvtdd3acs3z51842tpq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.