ClawHub

OpenClaw Learning Loop

v1.0.2

Capture errors, corrections, and feature requests so your OpenClaw agent improves over time instead of repeating the same mistakes. Use when commands fail, u...

0· 78·0 current·0 all-time
by@sam-k-migz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the provided files and scripts: the SKILL.md and helper scripts exist to create and maintain .learnings/ logs, provide lightweight reminders, detect command errors, and scaffold new skills. There are no unrelated credentials, binaries, or install steps requested.
Instruction Scope
SKILL.md directs the agent to create and append to .learnings/ files and to avoid logging secrets; it also documents opt-in hook setup that copies scripts into user-level or project-level hook config. The error-detector script reads the CLAUDE_TOOL_OUTPUT environment var to detect errors — this is expected for a PostToolUse hook but is the only environment input the scripts inspect. The instructions do not instruct the agent to read unrelated system files or send data externally.
Install Mechanism
There is no packaged install spec; this is instruction-plus-scripts only. Scripts are included in the repo and are run locally when you opt into hooks. No network downloads or opaque installers are present in the package.
Credentials
The skill declares no required environment variables or credentials. Scripts use CLAUDE_TOOL_OUTPUT (an agent-provided variable) to detect errors, which is proportional to an error-detection hook. The SKILL.md explicitly warns against logging secrets.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. Enabling hooks (project or user level) is opt-in; when enabled, the scripts run with the agent/process permissions — this is expected. The extract-skill helper writes new files under a local ./skills directory (script prevents absolute paths and '..' segments), so it cannot write outside the workspace by design.
Assessment
This skill appears internally consistent and implements a local, opt-in learning/logging workflow. Before installing or enabling hooks, review these points: - Inspect the three scripts (activator.sh, error-detector.sh, extract-skill.sh) yourself — they run locally and are small and readable. Ensure you trust their source (SKILL.md references a GitHub repo). - Hooks are opt-in. If you enable PostToolUse hooks in a user/global settings file, the error-detector will see the tool output environment variable (CLAUDE_TOOL_OUTPUT). That variable can contain command output; the script only pattern-matches and prints a reminder, but avoid enabling PostToolUse in environments where unredacted secrets or sensitive outputs may be present. - The extract-skill helper creates files under the current workspace (./skills/) and explicitly blocks absolute or '..' paths; still, only run it in a workspace you control. - The skill recommends promoting learnings into workspace files (SOUL.md, AGENTS.md, etc.). Those are local files—beware of copying sensitive transcripts or secrets into those logs. If you want the feature: enable the UserPromptSubmit activator first (lower risk), review behavior, then opt into PostToolUse only if comfortable. If you are unsure, keep the skill installed but do not enable hooks and run the scripts manually for testing.

Like a lobster shell, security has layers — review code before you run it.

latestvk971t8sms2pfat57w1p7yed36983rebe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments