Self-Improving Supply Chain
v1.2.0Captures forecast errors, supplier risks, logistics delays, inventory mismatches, quality deviations, and demand signal shifts to enable continuous supply ch...
⭐ 0· 52·0 current·0 all-time
byJosé I. O.@jose-compu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description align with its code and docs: reminders, local logs (.learnings/), a skill-extraction helper, and optional OpenClaw hooks. No unrelated credentials, external network calls, or unexpected binaries are requested. The extract script creates local skill scaffolds and includes safeguards (no absolute paths, no '..' segments).
Instruction Scope
SKILL.md and hook scripts limit behavior to generating reminders, creating/initializing .learnings/ files, and scaffolding local skill markdown. The error-detector reads the CLAUDE_TOOL_OUTPUT hook context (documented) to detect supply‑chain keywords and only prints a reminder; it does not transmit output externally. SKILL.md explicitly warns not to log proprietary pricing/PII and states the skill does not place orders.
Install Mechanism
No installer or external downloads are used. This is an instruction+script bundle intended to be copied into the user's OpenClaw workspace/hooks. All scripts are local shell/JS/TS files; no archives or network fetches are performed by the skill itself.
Credentials
The skill declares no required environment variables or credentials. The only environment usage is the error-detector reading CLAUDE_TOOL_OUTPUT (an expected hook-provided variable) and scripts operating on local workspace paths — proportional to the stated purpose.
Persistence & Privilege
always is false and hooks are opt-in. Hook files inject a virtual reminder into the agent bootstrap when enabled; enabling requires explicit user action (openclaw hooks enable or copying files). The skill does not request system-wide or permanent elevated privileges.
Assessment
This skill appears internally consistent, but review a few practical points before installing: (1) Confirm you are comfortable having a lightweight reminder and local log files (.learnings/) added to your workspace/home — the scripts will create files if missing. (2) The error-detector reads CLAUDE_TOOL_OUTPUT (hook context) which can contain command output; avoid enabling PostToolUse hooks in contexts where sensitive data might appear, or add matcher filters to limit triggers. (3) The extract script writes scaffolds into a relative ./skills directory — run it from a safe working directory and inspect what it would create (use --dry-run). (4) Hooks run with your agent's permissions; enable them only if you want reminders injected into sessions (you can enable at project-level with matcher filters to reduce scope). Finally, if you have any proprietary supplier/customer data, follow the skill guidance to redact or aggregate before logging to .learnings/.Like a lobster shell, security has layers — review code before you run it.
latestvk977v0pzkrf5snggm6ahj0ykf984t02q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.