Autonomous Learning Cycle
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is not clearly malicious, but it sets up a persistent autonomous learning loop and uses broad shell/npm commands and persistent memory to change future tasks or skills, so it needs careful review before use.
Install only if you intentionally want a background self-improvement system. Before running setup-cron.js, inspect the scheduled commands, use a dedicated workspace, avoid sensitive projects, and disable or rewrite the npx/execSync paths unless they are safely pinned and sanitized.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The system may keep running and changing agent workspace state after setup, even when the user is not actively supervising it.
The skill documents a recurring autonomous loop and additional scheduled reflection and learning-direction jobs, creating persistent agent activity rather than one user-bounded action.
自主进化循环 | */17 * * * * | 每 17 分钟执行一轮学习循环
Only enable the scheduler in a sandbox or dedicated workspace, review the cron entries, and require an obvious disable/rollback path before relying on it.
A malformed or poisoned task category could make the skill run unintended commands on the local machine.
Task queue data is inserted directly into a shell command. If a category contains shell metacharacters, it could cause unintended local command execution, especially when the auto workflow is scheduled.
const categories = [...new Set(queue.tasks.map(t => t.category || 'general'))]; ... execSync(`npx skills find ${category}`, {Replace shell interpolation with execFile/spawn using argument arrays, strictly whitelist category values, and avoid running this path automatically on untrusted task data.
The behavior can depend on external package state or an unexpected package version, increasing supply-chain risk.
The skill invokes an npx command without a pinned dependency or declared runtime requirement, which can cause remote package resolution/execution in an autonomous discovery flow.
execSync(`npx skills find ${category}`, { cwd: WORKSPACE, encoding: 'utf-8' })Declare and pin the dependency, vendor the tool, or use a fixed trusted API/library instead of unpinned npx execution.
Bad or manipulated learning records could be promoted into future tasks or skills and affect later agent behavior.
Persistent learned patterns and confidence scores are intended to drive future skill creation. The artifacts do not show clear provenance checks, human approval, or rollback for poisoned or low-quality learned content.
提取学习模式 → 评估自信度 → 高自信 → 自动创建技能
Require user approval before converting patterns into skills, store provenance for learned records, and provide review and rollback controls.