myskill

Type: OpenClaw Skill Name: skilldevelop Version: 1.0.0 This skill is classified as suspicious due to the potential for unintentional data leakage and its extensive use of prompt injection to modify agent behavior and memory. The skill instructs the agent to log 'Actual error message or output' to `.learnings/ERRORS.md`, which could inadvertently capture sensitive data (e.g., API keys, file paths). This logged information is then promoted to persistent agent context files (e.g., `CLAUDE.md`, `AGENTS.md`, `SOUL.md`, `TOOLS.md`) as per `SKILL.md`, creating a vulnerability for data exposure. While the prompt injection content in `SKILL.md`, `scripts/activator.sh`, `scripts/error-detector.sh`, and `hooks/openclaw/handler.js/ts` is currently benign and aimed at self-improvement, the mechanism itself demonstrates a powerful capability to manipulate agent behavior and memory, which could be abused if the agent were compromised or given malicious 'learnings' to promote. The `extract-skill.sh` script, however, is well-sanitized against shell injection and path traversal.