Self-Improving Analytics
v1.0.0Captures data quality issues, metric drift, pipeline failures, misleading visualizations, metric definition mismatches, and data freshness problems to enable...
⭐ 0· 20·0 current·0 all-time
byJosé I. O.@jose-compu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description match what the files implement: logging analytics learnings, scaffolding new skills, and optional OpenClaw hook integration. Required env vars/binaries/config paths are none, which is consistent with a workspace-file-based logging helper.
Instruction Scope
Runtime instructions create and populate a local .learnings/ directory, scaffold skills, and recommend not logging credentials/PII. Hook scripts inject reminders and detect error patterns from CLAUDE_TOOL_OUTPUT. These actions stay within the analytics-logging scope, but the error-detector reads a tool-output environment variable that can contain sensitive query output — the skill itself does not transmit that data externally, so treat hooks as local helpers and avoid logging or persisting raw sensitive results.
Install Mechanism
There is no install spec; the package is instruction-plus-local-scripts. All code is included in the bundle (no remote downloads during install). The SKILL.md includes a suggested git clone URL for manual install (standard). No obscure or remote install URLs or archive extraction were found.
Credentials
The skill declares no required credentials or env vars. The scripts rely on CLAUDE_TOOL_OUTPUT (a platform-provided env var) to detect errors — this is proportional to its detection feature. There are no requests for unrelated cloud credentials or secrets.
Persistence & Privilege
always is false and hooks are opt-in. Enabling the provided hooks grants the skill scripts the ability to run at agent lifecycle events (bootstrap, post-tool-use). That is expected for a hook-based reminder/detector, but you should only enable hooks you trust and avoid enabling global/user-level hooks unless desired.
Scan Findings in Context
[no-pre-scan-injection-signals] expected: Static pre-scan found no injection signals. The skill includes hook handlers and shell scripts (expected for a hook-based reminder/detector).
Assessment
This skill is internally consistent with its stated purpose, but review before enabling: 1) Inspect scripts/hooks (scripts/ and hooks/openclaw/) — they run locally and may create files (extract-skill) or read CLAUDE_TOOL_OUTPUT. 2) Do not enable the hooks globally (~/.claude or ~/.openclaw hooks) unless you want the reminders/error detector in every session; prefer project-level opt-in. 3) Avoid copying raw query results, connection strings, credentials, or PII into .learnings/ — the skill advises redaction but cannot enforce it. 4) If you will run the PostToolUse error detector, consider restricting it to analytics-related sessions (use matcher filters) so it doesn't process unrelated tool output. 5) If you plan to use the git clone install, verify the remote repository source first.Like a lobster shell, security has layers — review code before you run it.
latestvk970q98k1epnay3kagbjvj339184rjqv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.