Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Self Improving Agent
v0.1.0Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 40·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with included files: reminder hook, activator, error detector, and a helper to extract learnings into new skills. No unrelated cloud credentials, binaries, or surprising network installs are requested.
Instruction Scope
SKILL.md and templates explicitly instruct agents to log errors/learnings and, in some templates, to include 'Full source of all included files' and promote high-value learnings into shared workspace files (CLAUDE.md, AGENTS.md, TOOLS.md). That guidance can lead to broad capture and persistence of file contents or other sensitive output if followed automatically. The hooks/scripts themselves only emit reminders or detect error text, but the human/agent guidance encourages storing potentially sensitive data.
Install Mechanism
No automatic install/downloading is defined. The repository is intended to be manually cloned or installed via a package manager (clawdhub). Provided scripts are local and there are no remote downloads or archive extracts in the skill files.
Credentials
The scripts read CLAUDE_TOOL_OUTPUT (an environment variable provided by the agent runtime) to detect errors — this is expected for an error-detector hook. However, CLAUDE_TOOL_OUTPUT can contain command outputs that include secrets or tokens; the skill doesn't declare env requirements (none are needed) and the instructions encourage logging contextual files and outputs, increasing risk of sensitive data being persisted.
Persistence & Privilege
always is false and the skill does not request special platform privileges. Hooks inject a virtual bootstrap file (no disk-write by the handler itself). The extract-skill helper will create files when explicitly run; enabling hooks or configuring scripts is opt-in and requires user action.
Scan Findings in Context
[reads-CLAUDE_TOOL_OUTPUT] expected: error-detector.sh reads the CLAUDE_TOOL_OUTPUT env var to look for error patterns — expected for a post-tool-use hook that detects command failures.
[creates-local-files] expected: scripts/extract-skill.sh creates new skill files under a relative ./skills directory. This matches the stated purpose (skill extraction) but will write to disk if run.
What to consider before installing
This skill is largely coherent with its goal of capturing learnings, but it encourages storing extensive context — including file contents and command output — and provides hooks and scripts that, if enabled, will surface command outputs to the agent. Before installing or enabling hooks: 1) Review the scripts (activator.sh, error-detector.sh, extract-skill.sh and the hook handlers) to ensure they do only what you expect. 2) Avoid enabling user-global hooks unless you trust the source and have audited them; prefer project-level activation. 3) Be cautious about logging outputs that may include secrets (tokens, auth headers, private keys); modify templates/promotion policies to exclude or redact secrets and sensitive file paths. 4) If you must use extract-skill.sh, run it in a safe directory and review generated files before committing or promoting them. 5) Consider running in an isolated/dev environment first and add explicit filters to the error detector to avoid capturing sensitive lines. If you want a safer thumbs-up, provide confirmation that you (or a reviewer) have audited the scripts and will not promote raw file contents or secret-bearing outputs into shared workspace files.Like a lobster shell, security has layers — review code before you run it.
latestvk97cjbembet1xftk3v44avnzps83q2nc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.