ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Self Improving Agent 3.0.6

v1.0.0

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

0· 72·9 current·12 all-time
byRaidan Pro@raidan-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (self-improvement via logging) matches the instructions to append entries to .learnings and promote learnings to workspace files. This behavior is expected for a logging/self-improvement skill. However, the skill metadata declares no required config paths or install steps while the instructions assume an OpenClaw workspace (~/.openclaw/workspace) and hooks directory — a minor mismatch.
!
Instruction Scope
SKILL.md tells the agent/user to create and write to ~/.openclaw/workspace/.learnings and to copy/enable hooks under ~/.openclaw/hooks; it also references inter-session primitives (sessions_list, sessions_history, sessions_send, sessions_spawn). These actions imply reading/writing session transcripts and cross-session sharing which can expose sensitive conversation content and modify user config. The skill's instructions permit broad file writes and promotion of entries into project files (CLAUDE.md, AGENTS.md, .github/copilot-instructions.md), which could unintentionally commit secrets into a repo.
Install Mechanism
There is no automated install spec (instruction-only). The manual install suggestions include git clone from a GitHub repo (pskoett/pskoett-ai-skills). That is a typical pattern but cloning and copying hooks from an external repo pulls code/scripts from a third party and should be reviewed before running; no hashes or trusted release sources are provided.
Credentials
The skill declares no required environment variables or credentials, which is appropriate. However, the logging workflow encourages capturing runtime errors and conversation context; users should be aware that logs may include secrets, tokens, or PII unless the skill explicitly redacts them (it does not).
!
Persistence & Privilege
The instructions walk the user through enabling a hook (openclaw hooks enable self-improvement) and copying hook files into ~/.openclaw/hooks, which establishes persistent behavior that runs across sessions. The skill metadata does not declare this persistence or config path requirements. Persistent hooks that share learnings across sessions enlarge the blast radius if sensitive data is logged or if hooks execute code from an external repo.
What to consider before installing
This skill appears to do what it says (log learnings), but it asks you to create and modify files under ~/.openclaw, enable hooks, and (optionally) clone a third‑party GitHub repo. Before installing or enabling hooks: 1) Inspect the GitHub repo and any hook scripts for unexpected behavior; don't run them blindly. 2) Decide whether logs (.learnings/*, promoted files) could contain secrets or PII — redact or exclude sensitive data and add gitignore rules before promoting into a repo. 3) Be cautious with inter-session features (sessions_history, sessions_send) since they access other session transcripts. 4) If you want only ephemeral logging, avoid enabling persistent hooks or automatic promotion steps. If you want me to, I can list specific files/paths mentioned in the skill and sketch a safer installation checklist.

Like a lobster shell, security has layers — review code before you run it.

latestvk971bmvy5vtty3s3nzrvgd70bx83k9mm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments