Agent Self Reflection 1.0.0
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill openly performs self-reflection, but it can read recent conversation transcripts and write persistent memory or instruction changes that affect future agent behavior.
Install only if you are comfortable with an agent reviewing recent session logs and proposing or making persistent memory and instruction updates. Prefer configuring it to stage changes for review, avoid storing sensitive transcript details, and require approval before it edits AGENTS.md, TOOLS.md, or any skill SKILL.md files.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive conversation details or misleading lessons from a prior session could be stored and reused in future work.
The skill reads recent session transcripts and persists derived observations into memory and instruction files. This is disclosed and bounded to recent tail reads, but the artifacts do not require user review, secret redaction, or safeguards against untrusted transcript content being turned into future instructions.
For each interesting session from Step 1, read the JSONL transcript: ... tail -50 ~/.openclaw/agents/main/sessions/<sessionId>.jsonl ... Route them: ... memory/about-user.md ... AGENTS.md ... skills/<skill-name>/SKILL.md
Stage proposed memory and instruction updates for user approval, redact secrets and private data, and explicitly treat transcript content as evidence rather than instructions.
A mistaken or poisoned reflection could change future agent behavior, workflows, or skill instructions without the user noticing immediately.
The skill directs the agent to mutate persistent workspace and skill files, including files that can shape future agent behavior. The artifacts do not limit these edits to a staging area or require confirmation before changing behavior-affecting files.
For each insight, append or edit the appropriate file. Use the `Edit` tool for surgical changes to existing content. ... → `skills/<skill-name>/SKILL.md` - Improvements to specific skill instructions
Limit automatic writes to a dedicated reflection log, require explicit approval for AGENTS.md, TOOLS.md, and skill changes, and keep diffs reversible.
If scheduled, the skill may repeatedly read recent sessions and update persistent files without a direct user prompt each time.
Periodic autonomous operation is part of the stated purpose and no cron installer is included, but users should notice that the intended operating mode is recurring background reflection.
Designed to run as a cron job. ... Runs hourly via cron.
Only schedule it if you want recurring self-reflection, and provide an easy disable path plus review logs of what it changed.
It may be harder to verify who packaged or owns this skill.
The embedded metadata owner ID differs from the registry owner ID shown in the review metadata, and the source/homepage are unknown. This is a provenance inconsistency, though the included script and instructions are visible and purpose-aligned.
"ownerId": "kn73629had1csmxwjst38fqjxh80bxr5", "slug": "agent-self-reflection"
Confirm the publisher identity before installing, especially because the skill can read sessions and modify persistent agent files.