Self-Evolving Agent π§
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skillβs purpose is coherent, but it reads highly sensitive local agent history and its local-only/privacy claims conflict with documented optional external API and delivery features.
Install only if you are comfortable with a local automation reading OpenClaw session history, memory, logs, and fleet data. If you want local-only operation, use Ollama or provider "none", disable external delivery/webhooks, and verify the cron/monitor settings. Read SECURITY.md critically because some local-only and network-access claims conflict with the documented optional integrations.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may enable the skill under a stronger privacy assumption than the rest of the documentation supports.
This broad local-only assurance conflicts with other supplied artifacts documenting optional Claude/OpenAI synthesis and Discord/Slack/Telegram/Webhook delivery. Users could reasonably believe no derived analysis or proposal content leaves the machine when some configured workflows may send content externally.
**No data is sent to any remote server.** ... Only **one script** (`benchmark.sh`) makes optional network calls
Treat external LLM and delivery integrations as opt-in network transmission paths; the publisher should align SECURITY.md, metadata, and setup docs to state exactly what is sent and when.
The analysis may include sensitive private conversations or persistent memory-derived signals, even if the skill is designed to process them locally.
The skill intentionally reads full local conversation history, memory, logs, self-review records, proposals, and rejection logs to generate future improvement proposals.
Session transcripts | `~/.openclaw/agents/*/sessions/*.jsonl` ... Long-term memory | `~/openclaw/MEMORY.md` ... **Session transcripts contain full conversation history.**
Before enabling, review the configured paths, analysis window, fleet scope, cache/output directories, and any external delivery or LLM settings.
Proposal summaries or alerts may be visible to people or services with access to the configured channel or webhook.
The skill can deliver generated reports or alerts to external messaging/webhook providers, which is purpose-aligned but creates an external data boundary.
"deliveryChannel": "Discord (configurable: Slack / Telegram / Webhook)"
Use private channels, least-privilege webhooks/tokens, and confirm whether proposal content includes excerpts or sensitive derived information.
If configured, provider or delivery credentials give the skill delegated authority to call third-party services or post messages.
The skill supports optional hosted LLM providers that require API credentials, and other artifacts also describe delivery integrations such as Slack, Telegram, and webhooks.
| **Anthropic** | ~$0.05 | Required | Required | ... | **OpenAI** | ~$0.05 | Required | Required |
Prefer Ollama or provider "none" for local-only operation, or use narrowly scoped credentials and avoid placing unrelated secrets in the skill configuration.
The skill can continue monitoring or running on a schedule after setup until the user stops the monitor or removes the cron job.
The skill includes disclosed persistent behavior: a real-time log monitor and scheduled weekly cron automation, with documented removal support.
`tail -F` κΈ°λ° μ€μκ° λ‘κ·Έ κ°μ ... `register-cron.sh` ... `--remove` νλκ·Έ: ν¬λ‘ μ κ±°
Enable persistence only intentionally, verify the registered cron entry, and keep the documented removal command available.
A user following setup instructions may execute code or install dependencies from sources that are not pinned to a reviewed commit or version.
The documented setup uses an unpinned external GitHub clone, package installation, model download, background service startup, and cron registration. These steps are user-directed and purpose-aligned, but they increase provenance and setup risk.
"git clone https://github.com/ramsbaby/openclaw-skills.git /tmp/sea-install", ... "brew install ollama && ollama pull nomic-embed-text && ollama serve &", ... "bash ~/openclaw/skills/self-evolving-agent/scripts/register-cron.sh"
Install from a trusted release or reviewed commit, audit scripts before running them, and confirm the cron entry and background Ollama process are desired.
Incorrect or unwanted scheduling could cause repeated runs, recurring alerts, or unexpected analysis of local logs.
The skill can modify the OpenClaw cron registry to schedule automation. This is disclosed and central to the weekly-review purpose, but it is a meaningful environment mutation.
Read/Write `~/.openclaw/cron/jobs.json` | `register-cron.sh` only | Schedule the weekly cron job
Review the cron configuration before and after registration, and use the documented remove/update options when changing or uninstalling the skill.