ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nightly Build

v1.0.0

Ship one small improvement while the user sleeps. Scans today's sessions for friction points, picks the highest-impact reversible fix, builds it, and sends a...

0· 60·1 current·1 all-time
by@joeytbuilds

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for joeytbuilds/nightly-self-improvement.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Nightly Build" (joeytbuilds/nightly-self-improvement) from ClawHub.
Skill page: https://clawhub.ai/joeytbuilds/nightly-self-improvement
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install nightly-self-improvement

ClawHub CLI

Package manager switcher

npx clawhub@latest install nightly-self-improvement
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description align with the instructions: scanning sessions and memory to make small fixes is coherent. However the SKILL.md explicitly directs creating a persistent cron job and making on-disk changes (scripts, aliases, docs, memory edits) without declaring required config paths or elevated permissions — the registry metadata lists no config paths or binaries, yet the runtime instructions assume filesystem and scheduler access (~/clawd, memory/YYYY-MM-DD.md, cron). This mismatch between declared requirements and what the skill expects to do is noteworthy.
!
Instruction Scope
Instructions tell the agent to scan sessions (sessions_list + sessions_history) and read memory files, then autonomously make Tier 1 changes (file edits, scripts, memory cleanup) and add a cron job that fires a systemEvent each night. Reading personal conversations and memory is sensitive but consistent with the purpose; the concern is the breadth and autonomy: the skill gives the agent discretion to edit workspace files and create persistent scheduled actions without an explicit metadata declaration or fine-grained guardrails, and the "just do it" Tier 1 includes writable actions that could be misapplied.
Install Mechanism
No install spec and no code files — lowest-risk delivery mechanism. Nothing is downloaded or installed by the skill bundle itself.
Credentials
The skill requests no credentials or env vars, which is appropriate. However it expects access to the user's sessions, memory files, workspace (~ /clawd), and the system cron; those are effectively privileged data/config paths even though none are declared. The lack of declared config paths while instructing access to specific file locations is an inconsistency users should be aware of.
!
Persistence & Privilege
Although the skill metadata does not set always:true, the SKILL.md instructs adding a recurring cron job that will fire system events nightly and allow the agent to act autonomously each run. That creates persistent, recurring privilege (scheduler modification + automatic file edits) not reflected in the registry fields and increases blast radius if the agent misbehaves or is given overly broad scope.
What to consider before installing
This skill will read your daily conversations and memory files and is designed to automatically edit files and add a nightly cron job that runs without interactive approval. Before installing: 1) Review and edit NIGHTLY_BUILD.md to tighten Tier 1 actions (prefer read-only or creating PRs rather than direct edits). 2) Require explicit approval for creating cron jobs or make the cron job only create a draft morning notification (no automatic edits). 3) Ensure the agent runs with least privilege and in a test workspace first. 4) Confirm sensitive data in sessions/memory is acceptable to be read by the agent, or restrict the scan scope. 5) Add logging, backups, and clear undo instructions (and automated backups) for any file changes. If you want the concept but not persistent automation, run the process manually or have the agent prepare a patch/PR rather than apply changes automatically.

Like a lobster shell, security has layers — review code before you run it.

latestvk976tzj438tjtqgg8m26qf0nah84wy4n
60downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@joeytbuilds
latest
Download

Nightly Build

Your agent scans the day's conversations while you sleep, finds one friction point worth fixing, ships it, and leaves a morning briefing. No scope creep, no manufactured busywork — just steady compounding improvement.

Philosophy

Proactive > reactive. Fix one friction point while you sleep. Ship small, reversible improvements. Leave a morning briefing.

The idea: every night, your agent reviews what happened today, spots something worth improving (a repeated manual step, an annoying workflow, a doc that's out of date), and quietly fixes it. You wake up to a brief message explaining what changed and how to undo it if you don't like it.

Over weeks, this compounds. The agent gets better at anticipating your needs before you have to ask.

Setup

1. Create NIGHTLY_BUILD.md in your workspace

Save this file to your clawd workspace root (~/clawd/NIGHTLY_BUILD.md):

# NIGHTLY_BUILD.md — The Nightly Build

## Philosophy
Proactive > reactive. Fix one friction point while you sleep. Ship small, reversible improvements. Leave a morning briefing.

## Schedule
Runs at 3:00 AM (your local time) via cron, after nightly memory extraction.

## Process

### 1. Scan for friction points (~2 min)
Review today's sessions for:
- Repeated manual steps or commands
- Things [user] asked about but didn't finish
- Complaints or annoyances mentioned in passing
- Patterns across recent days (check memory/YYYY-MM-DD.md)
- Stale workspace files or disorganized areas
- Missing documentation or notes
- Upcoming tasks that could use prep work

### 2. Pick ONE improvement
Choose the highest-impact, lowest-risk item. Prefer:
- Things that save [user] time tomorrow morning
- Things that are clearly reversible
- Things that compound (better memory, better tooling, better docs)

### 3. Tier Check — What's allowed?

**Tier 1 — Just do it** (no permission needed):
- Workspace/memory file organization
- Shell scripts or aliases (in ~/clawd/scripts/)
- Research and summaries saved to files
- Documentation improvements
- Memory cleanup (dedup, organize, update summaries)
- Prep work for known upcoming tasks
- New skills or cron job drafts (saved as files, not deployed)

**Tier 2 — Prep but don't deploy** (queue for morning review):
- Changes to code repos (create branch + PR draft, don't merge)
- New cron jobs or config changes
- Anything that changes how existing tools work

**Tier 3 — Never without permission**:
- External-facing actions (emails, messages, posts)
- Spending money
- Deleting data
- Production deployments

### 4. Build it
- Keep it small — if you can't explain it in one sentence, it's too big
- Make it reversible — git commits, not direct edits to important files
- Document what you did and why

### 5. Morning Briefing
Send [user] a message at completion with:
🌙 Nightly Build Report

**What I built:** [one sentence]
**Why:** [what friction I noticed]
**How to undo:** [one command or "delete X file"]
**Tier 2 queue:** [anything prepped but waiting for your OK]

If nothing worth building → skip silently. Don't manufacture busywork.

## Anti-patterns
- ❌ Scope creep ("while I'm here...")
- ❌ Building something cool but useless
- ❌ Touching things [user] intentionally left a certain way
- ❌ Manufacturing work to look industrious
- ❌ Breaking the chain of provenance (always explain WHY)

2. Add the cron job

Run this in your OpenClaw session:

Add a nightly cron job called "nightly-build" that runs at 3 AM every night.
It should fire a systemEvent on the main session with this text:

"🌙 Nightly Build: Time to ship one improvement while [user] sleeps.

Read ~/clawd/NIGHTLY_BUILD.md and follow the process:
1. Scan today's sessions for friction points (use sessions_list + sessions_history)
2. Check recent memory/YYYY-MM-DD.md files for patterns
3. Pick ONE small, reversible, high-impact improvement
4. Tier check: only Tier 1 work gets shipped. Tier 2 gets prepped.
5. Build it
6. Send morning briefing to [user] via your configured messaging channel

If nothing worth building tonight, skip silently."

Or configure it directly via cron tool:

{
  "name": "nightly-build",
  "schedule": { "kind": "cron", "expr": "0 3 * * *", "tz": "America/Chicago" },
  "sessionTarget": "main",
  "payload": {
    "kind": "systemEvent",
    "text": "🌙 Nightly Build: Time to ship one improvement while you sleep.\n\nRead ~/clawd/NIGHTLY_BUILD.md and follow the process:\n1. Scan today's sessions for friction points (use sessions_list + sessions_history)\n2. Check recent memory/YYYY-MM-DD.md files for patterns\n3. Pick ONE small, reversible, high-impact improvement\n4. Tier check: only Tier 1 work gets shipped. Tier 2 gets prepped.\n5. Build it\n6. Send morning briefing via your configured messaging channel\n\nIf nothing worth building tonight, skip silently."
  }
}

What It Does Each Night

The agent follows a fixed process:

  1. Scans sessions — uses sessions_list + sessions_history to review the day's conversations
  2. Reads daily notes — checks memory/YYYY-MM-DD.md for patterns across recent days
  3. Identifies friction — repeated commands, unfinished requests, missing docs, stale files
  4. Picks ONE thing — the highest-impact, most reversible improvement
  5. Checks the tier — Tier 1 ships immediately, Tier 2 gets prepped as a draft/PR
  6. Builds it — shell scripts, documentation, memory cleanup, prep work
  7. Sends a briefing — one short message explaining what changed and how to undo it

Customization

Edit NIGHTLY_BUILD.md to:

  • Adjust the tier rules — tighten or loosen what the agent can do autonomously
  • Change the scan scope — add specific friction areas to prioritize
  • Modify the briefing format — add metrics, link to files, change tone
  • Add an anti-backlog — list things you explicitly don't want touched

Tips

  • Let it run for 2 weeks before judging it. The first few nights may find small things; after a week of patterns the improvements get sharper.
  • Read the briefings. Even when the improvement seems minor, the why often reveals something useful about your workflow.
  • Expand Tier 1 as trust grows. Start conservative. Once you've seen the agent make good calls consistently, loosen the tier rules.
  • Pair it with the Three-Tier Memory System (also on ClawMart) for better pattern detection across days.

Comments

Loading comments...