Agent Retro
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is clear about doing an agent retrospective, but it reads a full day of private session history and changes persistent agent memory/configuration files before the user reviews the changes.
Use this skill only if you are comfortable letting it read a day of OpenClaw session history and modify persistent memory and agent-instruction files. Prefer running it with a narrow date/agent scope, inspect backups and diffs, and require approval before changes are written to USER.md, SOUL.md, AGENTS.md, or MEMORY.md.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may change important memory and behavior files before you can inspect or approve what will be changed.
The skill mandates file-read and file-write/edit operations and explicitly requires writing changes before the user receives the report, leaving no required approval or diff-review step.
必须先完成物理落盘操作,再向用户汇报结果 ... 必须使用 `read` 读取原内容,并使用 `edit` 或 `write` 进行真实的物理修改
Add a required preview/diff and explicit user confirmation before modifying MEMORY.md, USER.md, SOUL.md, or AGENTS.md.
Private details, secrets present in tool outputs, or incorrect lessons from prior sessions could be written into memory and reused later.
The skill reads a full day of conversation history and tool results, then turns conclusions into persistent memory/profile files, without documented redaction, exclusions, or safeguards against storing sensitive or poisoned content.
读取该目录下所有带有目标日期时间戳的 `.jsonl` 或会话记录 ... 提取当天的所有 `user` 指令、`assistant` 回复、工具调用(Tool Calls)及工具结果
Limit which sessions are read, redact sensitive data, avoid storing raw private details, and require user approval before committing extracted user or agent profile updates.
A mistaken retrospective could permanently bias the agent’s future behavior or user profile until the files are manually corrected.
The retrospective output is used to modify core files that shape future user context, agent persona, and tool-use rules, so a bad summary or injected prior content can affect later sessions.
更新 `USER.md` ... 更新 `SOUL.md` ... 更新 `AGENTS.md` 中的工具约束或战术准则,确保教训被固化
Keep daily retrospective notes separate from core instruction files by default, and only promote specific changes to USER.md, SOUL.md, AGENTS.md, or MEMORY.md after explicit review.