Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
LX Agent Optimizer
v1.3.0A battle-tested agent self-improvement system built by a non-coder from weeks of real-world usage with OpenClaw. No fluff, no theory — every rule here was le...
⭐ 2· 143·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description (agent self‑improvement, cost control, cron/heartbeat checks) align with the included docs and the token_report.py script which analyzes local OpenClaw session logs. The skill legitimately needs access to the agent workspace files it references (improvement_log.md, HEARTBEAT.md, ~/.openclaw/agents/*/sessions/*.jsonl). Some examples reference a specific user's local paths (Paolo's Mac paths) which are just examples but may confuse non-technical users.
Instruction Scope
SKILL.md explicitly instructs the agent to read conversation history and many workspace files and to 'do without asking' for actions including reading files, updating memory/logs, organizing workspace and 'commit workspace changes'. That grants the agent broad discretion to read private transcripts and to modify files and commit changes. 'Infer before asking' is vague and increases risk of unintended file accesses. While these actions fit the optimizer's goal, the instructions permit silent, potentially intrusive writes and modifications which are out-of-band relative to a simple auditing/analysis skill.
Install Mechanism
Instruction-only skill with no install spec. No remote downloads or package installs. Included script (scripts/token_report.py) is a small local Python script that reads session JSONL logs and prints token summaries — behavior is transparent and expected.
Credentials
The skill requests no environment variables or external credentials. Its access is file-based (home-directory OpenClaw files), which is proportionate to the described analysis and cron/cron-script patterns. There are no unrelated credentials requested.
Persistence & Privilege
The skill does not set always:true, but SKILL.md encourages creating cron jobs, writing improvement_log.md, and committing workspace changes. Combined with the platform default that skills may be invoked autonomously, these instructions would let the agent create persistent scheduled jobs and modify files without additional explicit user confirmation. That persistent/automated write capability increases blast radius and deserves caution.
What to consider before installing
This skill appears to do what it says (audit, weekly improvement, token reports), but it asks the agent to read and write many files in your OpenClaw workspace and to create/advise cron jobs — including instructions that allow committing workspace changes without asking. Before installing:
- Review SKILL.md and all reference files yourself. Confirm you are comfortable with an agent reading conversation logs and writing to ~/.openclaw/*.
- Inspect scripts/token_report.py (already included) and any other scripts you will run; run them manually first (python3 scripts/token_report.py) to see outputs.
- If you want to limit risk, disable autonomous invocation for this skill or only invoke it manually. Consider removing or editing the lines that say 'do without asking' / 'commit workspace changes'.
- Backup important files (improvement_log.md, TOOLS.md, HEARTBEAT.md, session logs) before letting the skill write or create cron jobs.
- When adding cron jobs from the guide, create them yourself rather than letting the agent do it automatically.
If you want, I can suggest a minimal safe checklist or a trimmed SKILL.md that removes auto-write/commit instructions and keeps only audit/reporting behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk975f2ggv0e3qgdb5njg01efeh841qm2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.