ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Self Improving Agent 1.0.2

v1.0.0

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Claude ('No, that's wrong...', 'Actually...'), (3) User requests a capability that doesn't exist, (4) An external API or tool fails, (5) Claude realizes its knowledge is outdated or incorrect, (6) A better approach is discovered for a recurring task. Also review learnings before major tasks.

19· 8.8k·67 current·73 all-time
by@txmerlxn·duplicate of @pskoett/self-improving-agent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (capture learnings/errors and promote them) align with included files: templates, examples, activator and error-detection hooks, and an extraction helper. The scripts and templates are what you'd expect for a 'self-improving' logging skill.
!
Instruction Scope
SKILL.md and references instruct agents to log command outputs, environment details, and related file paths and to promote learnings into repo- and workspace-level files (CLAUDE.md, AGENTS.md, TOOLS.md, SOUL.md). There is no guidance or safeguards about redacting secrets or excluding sensitive paths; templates explicitly include an 'Environment details' field and recommend logging command output and metadata, which could capture secrets or private data. The hooks (UserPromptSubmit, PostToolUse) are recommended for project- and user-level configuration, which could make the agent log broadly and repeatedly.
Install Mechanism
No external downloads or package installs; this is instruction-first with small included scripts. Files are local and readable; scripts create scaffolding locally. No network fetches or archive extraction in the provided assets, so install risk is low.
!
Credentials
The skill declares no required env vars or credentials, but the error-detector script reads CLAUDE_TOOL_OUTPUT (documented as the PostToolUse output). The documentation explicitly instructs logging 'Environment details if relevant' and file paths into persistent project or workspace files. Requesting or capturing environment/output info is reasonable for debugging, but without guidance to avoid secrets (API keys, tokens, private files) this is disproportionate to a safe logging helper and raises data-exfiltration risk.
!
Persistence & Privilege
always:false and the skill is opt-in, but the docs provide user-level hook examples (e.g., ~/.claude/settings.json and ~/.clawdbot/clawdbot.json) that, if applied, enable the activator/error detector globally for all sessions. Promoting learnings to workspace-level files (~/clawd/...) or to home-level skill caches can cause cross-session, cross-project persistence and potential leakage of project-specific data. The extract-skill helper can create files under a skills directory (and can be pointed at home-level paths), which increases persistence surface if run with global configuration.
What to consider before installing
This skill appears to do what it says (log learnings and provide simple hook scripts), but be careful before enabling it globally. Things to consider before installing/activating: - Review the scripts (activator.sh, error-detector.sh, extract-skill.sh) locally — they are small and readable. Ensure you trust and understand them before making them runnable. - Prefer project-level hook configuration (project root .claude/.codex settings) instead of user-level (~/.claude) to avoid the skill running for every session across all projects. - Do not enable automatic promotion to workspace/global files without controls. Workspace targets like CLAUDE.md, AGENTS.md, or ~/clawd/ are injected into future sessions and can cause accidental data sharing across projects or users. - Add explicit redaction/sanitization rules before logging: never write API keys, tokens, passwords, or other secrets into .learnings/ or promoted files. Update templates or scripts to filter known secret patterns, or require a manual confirmation step before appending entries. - Restrict permissions: keep the skill files writable only by your user and avoid placing them in globally shared locations. If you run extract-skill.sh, check its output (or use --dry-run) before allowing it to write files. - If you want automated error detection, limit PostToolUse hooks to specific commands or matchers (as suggested in hooks-setup) to reduce noise and scope. If you need help auditing or hardening the scripts (e.g., adding secret-detection/redaction), provide the specific deployment path (project-level vs user-level) and I can suggest concrete changes.

Like a lobster shell, security has layers — review code before you run it.

latestvk97av7kd0b5w7b8zzh5jxmapcx7zyk92

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments