Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Auto Improver
v1.0.0Auto-improving AI agent that learns from every execution, extracts patterns, and continuously optimizes itself. 17-minute autonomous loop with confidence sco...
⭐ 0· 41·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description claim a local self‑improving agent that learns from past executions; the package contains a local Node.js program that runs a 17‑minute loop, which is consistent in surface purpose. However the SKILL.md promises extensive features (pattern extraction, data encryption, automatic skill publishing, private deployment) that are not implemented in src/index.js (most logic is TODO). The presence of child_process and fs imports suggests future capabilities but are unused.
Instruction Scope
SKILL.md describes capturing execution data, user feedback, and evolving skills but does not specify data sources, access boundaries, or required credentials. The header lists tools including Read, Write, Bash, Exec — that combination grants broad capability to read files and run shell commands if the agent follows the instructions. The shipped runtime code does not read logs or ask for permissions (it only sleeps), so current behavior is mild, but the instructions leave large, unspecified scope creep that could later access sensitive data.
Install Mechanism
No install spec (instruction-only) and code is bundled in the package (no external downloads). There is no runtime fetching of remote code or archives in the provided files. This lowers install-time risk.
Credentials
The skill requests no environment variables, no config paths, and no credentials. That is proportionate to the current minimal implementation. Note: SKILL.md claims features (private deployment, publishing skills) that would normally require credentials, but none are requested now.
Persistence & Privilege
always is false and the skill is user-invocable (normal). The skill's stated goal of autonomously evolving and creating skills implies privileged actions (publishing/enabling other skills) but there is no code performing that now. If author later adds automation to modify or publish other skills, that would be a higher privilege concern.
What to consider before installing
This package is a stubbed self-improvement agent: the shipped code only runs an infinite 17‑minute sleep/loop and contains many TODOs, but the documentation promises broad behaviors (reading execution history, extracting patterns, auto‑publishing skills). Before installing or running:
- Treat it as untrusted code: inspect and approve any code changes before running.
- Run in a sandbox or isolated environment (container, VM) and avoid giving it access to sensitive logs, home directory, cloud credentials, or keys.
- Note the SKILL.md lists Bash/Exec/Read/Write tools — those would let the agent run arbitrary shell commands and read files if implemented; only allow them if you trust the author.
- If you want the feature set (data capture, auto‑publish), require explicit documentation of what data is read, where data is stored/transmitted, and what credentials are needed. Demand least-privilege design and auditability before granting those privileges.
- Because the implementation is incomplete, consider waiting for a mature release or ask the author for a security design and provenance of published skills before use.Like a lobster shell, security has layers — review code before you run it.
latestvk970mwt36wawpdznkf40y9gaqn84ssqz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.