ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Self Improving Agent (Fixed)

v1.0.1

Self-improving agent system that analyzes conversation quality, identifies improvement opportunities, and continuously optimizes response strategies.

0· 101·1 current·1 all-time
by@pp-chicken·fork of @xiucheng/xiucheng-self-improving-agent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code implements conversation analysis, logging, reporting, and SOUL suggestions that match the skill's description. However, the SKILL.md promises 'Automatic Analysis' after each session and an 'auto_analyze' configuration, but the provided Python file is a standalone class/CLI with no integration hooks into the agent runtime to actually auto-run after sessions. This is a capability/expectation gap (documentation over-promises integration).
!
Instruction Scope
The runtime instructions and examples are limited to using the SelfImprovingAgent class and CLI. The implementation reads and writes files under a workspace (improvement_log.md, SOUL.md) and will create/append to those files. The SKILL.md does not declare that the skill will read/write files in the agent workspace or that it will honor an OPENCLAW_WORKDIR env var, so the instructions understate the file I/O scope. There is no network I/O, external endpoints, or hidden exfiltration in the code.
Install Mechanism
There is no install spec (instruction-only with a code file). No external downloads or package installs are performed. This minimizes install-time risk. Note: _meta.json ownerId differs from the registry owner listed in metadata, which is a metadata inconsistency (not an install-time code execution risk but worth verifying source provenance).
!
Credentials
The skill declares no required environment variables, but the code reads OPENCLAW_WORKDIR (defaulting to /home/node/.openclaw/workspace) to determine where it reads/writes logs and SOUL.md. That env var is not documented in SKILL.md or skill metadata. This is a minor but meaningful mismatch: the skill will access an environment variable and filesystem location not declared to the user. While no credentials are requested, the log file could contain conversation text or user feedback, which may include sensitive data.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills or system-wide settings. Its persistence is limited to creating/appending to files in the workspace, which is proportional for a logging/analysis tool. Autonomous invocation is allowed by default but not combined with other broad privileges.
What to consider before installing
This skill appears to implement what it claims (analysis, logging, weekly reports) and does not perform network calls or ask for credentials, but there are a few things to check before installing: - Source provenance: _meta.json ownerId does not match the registry owner shown — verify the repository and author are the expected project/maintainer before trusting the skill. - Workspace/env var: the code reads OPENCLAW_WORKDIR (default /home/node/.openclaw/workspace) but the SKILL.md does not document this. Decide whether the skill should write logs into your agent workspace; set OPENCLAW_WORKDIR to a safe sandbox if you want to test it first. - Data sensitivity: improvement_log.md and SOUL.md will contain conversation text and insights. These files may include PII or sensitive conversation excerpts — review their contents and retention policy before enabling automatic logging. - Integration expectations: SKILL.md suggests automatic analysis after each session, but the provided code is a local class/CLI and has no built-in hook to the agent runtime. If you expect automatic session analysis, verify how the skill will be invoked by your agent framework. Recommended steps: inspect the repository on the listed homepage, run the CLI in a sandboxed workspace, review created files for sensitive data, and confirm owner/authorship before enabling for regular use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e8dsa8w1hhmnzd7406yb9y183scqr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments