ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Heleni Self Learning

v1.0.0

Continuous self-improvement through systematic logging, pattern detection, and behavioral updates. Use when: the owner corrects you, a task fails, you discov...

0· 51·0 current·0 all-time
byNetanel Abergel@netanel-abergel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's stated purpose (self-improvement via logs → rules) matches the scripts and workflows in SKILL.md: it creates a .learnings folder, appends log entries, finds patterns, and appends learned rules to SOUL.md. Minor mismatch: the registry metadata lists no required config paths, yet the instructions target $HOME/.openclaw/workspace and files within it (LEARNINGS.md, SOUL.md, AGENTS.md, TOOLS.md, MEMORY.md, HEARTBEAT.md). This should have been declared but is explainable as an oversight.
!
Instruction Scope
The instructions direct the agent (or the user) to create, read, and modify files under $HOME/.openclaw/workspace and to append learned rules to SOUL.md. They also advise promoting 'Contact / credentials' into MEMORY.md. These actions change persistent agent configuration and encourage storing potentially sensitive information in plaintext files. The instructions are specific enough to perform these modifications automatically (via provided scripts), giving the skill the ability to alter future agent behaviour without further checks.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. All runtime actions are shell scripts the SKILL.md shows; nothing is downloaded or installed by the skill itself.
!
Credentials
The skill requests no environment variables or external credentials, which is proportionate. However, it explicitly recommends promoting 'Contact / credentials' into MEMORY.md (a file under the workspace). Encouraging storage of credentials/contacts in a workspace file is disproportionate and risky because it may lead to plaintext credential storage and accidental exposure. The SKILL.md also implicitly assumes access to $HOME and to create/modify files there.
Persistence & Privilege
The skill's workflow includes appending 'learned' rules into SOUL.md and marking entries as applied in LEARNINGS.md, which gives it the capacity to permanently change agent behaviour. That capability is coherent with a self-learning skill but is high-impact: if the agent executes promotions autonomously, the changes persist across runs. The skill is not 'always:true' and does not request other skills' configs, which lowers concern but warrants caution.
What to consider before installing
This skill is intended to log events and turn recurring mistakes into persistent rules by editing files under ~/.openclaw/workspace (LEARNINGS.md, SOUL.md, etc.). Before installing or enabling it: - Understand persistence: the skill's scripts append rules to SOUL.md, so learnings can permanently change agent behaviour. Decide whether you want automatic promotion or manual review. - Protect secrets: the skill explicitly says to promote 'Contact / credentials' to MEMORY.md. Do NOT store passwords, API keys, or other secrets in plaintext files. Use a secure secret store instead, or remove that advice. - Review file writes: inspect or run the provided scripts in a sandbox to confirm they do only what you expect. Keep backups of SOUL.md and other config files so you can revert unwanted changes. - Autonomy controls: if the agent can invoke skills autonomously, consider restricting this skill from auto-promoting rules or require owner approval for changes to SOUL.md. - Compatibility note: some commands (e.g., grep -P, GNU sed flags) may not behave the same on all systems; test on your environment. If you want a lower-risk setup: use the logging portion (write logs) but require manual promotion into SOUL.md, and never store credentials in workspace files. If you can provide more metadata (who published this skill, a homepage, or an explicit declaration of the config paths it will modify), I can raise or lower my confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk978jgqw8rp2w5cmkfnwcvk68n84bwhh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments