ClawHub

self-improving-agent

v3.0.16

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

3.2k· 395k·5.9k current·6.2k all-time
by@pskoett
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (capture learnings, errors, feature requests) matches the included files and behavior: README, SKILL.md, .learnings templates, small helper scripts (activator, error detector, extractor) and OpenClaw hook handlers. No unrelated credentials, binaries, or surprising capabilities are requested.
Instruction Scope
Runtime instructions are focused on creating/maintaining .learnings/ files and optionally installing a hook to inject reminders at bootstrap. The error-detector hook reads CLAUDE_TOOL_OUTPUT to detect failures; although the SKILL.md explicitly warns not to log secrets, reading tool output means sensitive data could be observed or recorded if the agent or user chooses to include full transcripts.
Install Mechanism
No automated install spec or remote archive fetch is used. Installation is via Clawdhub or manual git clone / copy into ~/.openclaw, and copying hooks into ~/.openclaw/hooks. These are standard and transparent operations; there are no downloads from shorteners/personal servers or opaque extract steps.
Credentials
The skill declares no required env vars or credentials. In practice the error-detector script expects CLAUDE_TOOL_OUTPUT (a hook-provided context variable) and the hooks receive event.context. This is proportionate to an error-detection hook, but it means command/tool output (which can contain secrets) is accessible to the skill when hooks are enabled.
Persistence & Privilege
The skill is not always: true and does not request forced global inclusion. Hook installation and enabling is opt-in (user must copy/enable hooks). The hook injects a virtual reminder file and avoids overwriting existing files; the skill does not modify other skills' configs or demand system-wide privileges.
Assessment
This skill appears coherent and implements what it claims: logging learnings and providing optional hooks for reminders and basic error-detection. Before enabling it: (1) Review the provided scripts (activator.sh, error-detector.sh, extract-skill.sh) yourself to confirm they match your expectations; (2) Be cautious enabling the PostToolUse / error-detector hook globally — it reads tool output (CLAUDE_TOOL_OUTPUT) which can contain secrets or sensitive command output; prefer enabling hooks only in trusted/workspace-scoped environments; (3) Follow the SKILL.md guidance not to record secrets — if you ask the agent to include full transcripts or raw command output, sensitive data may be persisted; (4) If you plan to install via git clone, verify the repository URL and contents; (5) Test in a disposable project or safe workspace before enabling system- or user-level hooks.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d424jyd3pag4d6q7rzm0rkn84yxze

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments