Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
learning-engine
v1.0.1Auto-analyze mistake and success patterns and reflect in skills
⭐ 0· 2.2k·30 current·30 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to learn from 'memory' and update other skills' SKILL.md files. That purpose can legitimately require reading/writing local memory and skill files, but the registry metadata declares no required config paths, binaries, or credentials while the instructions explicitly reference file-system locations (memory/, skills/{skill-name}/) and external commands (e.g., ImageMagick 'convert'). The absence of declared file/path access and binaries is an incoherence.
Instruction Scope
SKILL.md instructs the agent to: read error logs and performance data, create learned-rule files, auto-update other skills' SKILL.md, and publish event JSONs. Those are broad file read/write operations touching other skills. There are also references to running commands (convert, exec) and to hook-engine integrations/scheduled hooks. The instructions grant the agent broad discretion to modify other skills and publish events — scope creep away from a simple analysis helper.
Install Mechanism
This is instruction-only with no install spec (lower installation risk). However, the instructions implicitly require external binaries (e.g., 'convert') and a writable workspace; those requirements are not declared. Lack of an install step is not malicious by itself but hides the assumption that supporting tools and write access exist.
Credentials
No environment variables or credentials are requested, which aligns with a local learning engine. That said, the skill proposes publishing events and altering other skills without declaring any access controls; absence of declared credentials reduces risk of credential exfiltration but does not address privilege to modify skill files.
Persistence & Privilege
always is false (good), but the instructions explicitly propose automatically updating other skills' SKILL.md files and saving rules under memory/. That persistent capability to modify other skills' code/instructions is a high-impact privilege and should be explicitly declared and consented-to; the SKILL.md gives the agent authority to change other skills without describing safety/approval controls.
What to consider before installing
This skill describes an automated 'learning' system that will read logs and performance data and then create or modify rule files and other skills' SKILL.md. Before installing or enabling it:
- Confirm where memory/ and skills/ paths map to in your environment and whether the agent is allowed to overwrite other skills. Back up skill files.
- Ask the author which binaries (e.g., ImageMagick 'convert', shells for 'exec') and runtime permissions are required. Currently none are declared but SKILL.md references them.
- Require an explicit approval workflow for any automatic edits to other skills (review diffs, opt-in per-skill).
- Run the skill in a sandboxed agent/workspace first, with read-only access to production skills, to observe its behavior.
- Add audit/logging and limits (which skills may be modified, maximum changes per run, dry-run mode).
Because the skill can autonomously modify other skills and its declared requirements don't match its instructions, treat it with caution until the author documents runtime permissions, binaries, and safety controls.Like a lobster shell, security has layers — review code before you run it.
latestvk978d1prtbsvz6sdt0ny3yjvth8190b3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.