Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
学习型Agent
v1.0.0Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 77·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's files (hooks, activator and error-detector, extractor) are consistent with a 'self-improvement / learning' agent: they inject reminders and help log errors to local .learnings files. However, metadata inconsistencies exist (registry-level name/owner/slug/version differ from the included _meta.json and repository names referenced in SKILL.md), which suggests repackaging or mismatched sources rather than a single coherent release.
Instruction Scope
SKILL.md instructs only local actions: create .learnings/, copy a hook into ~/.openclaw/hooks, enable it, and optionally run local scripts. The included scripts read a platform-specific env var (CLAUDE_TOOL_OUTPUT) and output reminder text; they do not contain obvious network calls or exfiltration steps. Still, enabling hooks causes these scripts/handlers to run automatically in agent sessions, so review them before enabling.
Install Mechanism
There is no automatic install spec (instruction-only), so nothing is auto-downloaded by the platform. SKILL.md suggests a git clone from GitHub or using a ClawdHub command. The recommendation to clone a GitHub repo is normal, but because the packaging metadata doesn't match the included _meta.json, confirm the repo URL and origin before cloning.
Credentials
The skill declares no required environment variables, credentials, or config paths. The scripts reference CLAUDE_TOOL_OUTPUT (platform-specific) to detect errors; this is proportional to the stated purpose and is read-only. No secrets or unrelated credentials are requested.
Persistence & Privilege
always is false and the skill is user-invocable. Hooks, if installed/enabled, will run with the same privileges as the host agent (normal for OpenClaw/Claude hooks). There is no evidence the skill modifies other skills or system-wide settings beyond injecting reminder files and creating local skill scaffolds when running the extract script.
What to consider before installing
This skill appears to do what it says (log learnings, inject bootstrap reminders, detect command errors) and its scripts are local-only, but there are red flags you should check before installing:
- Verify source integrity: SKILL.md references repositories and names that don't match the registry metadata and the included _meta.json. Confirm the canonical repository/owner and why metadata differs.
- Inspect files locally before enabling hooks: open hooks/openclaw/handler.{js,ts} and scripts/*.sh and confirm you are comfortable with them running in your sessions. They appear benign (inject reminders, read CLAUDE_TOOL_OUTPUT, write local files) but running any hook gives code execution in session context.
- Prefer cloning from an authoritative repository and review commit history and owner. If unsure, run in an isolated environment or a throwaway user account first.
- When enabling hooks, avoid enabling globally (user-level) until you trust the package; enable only for a specific project or use a dry-run. Keep file permissions tight and do not run scripts as root.
If you want, I can list the exact lines to inspect or produce a short checklist of specific files/strings to verify before enabling the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97eay45yw22p9w4b66f797b3n83b95r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.