ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Self Improvement For All

v1.0.0

Capture, store, and retrieve errors, corrections, and best practices locally to continuously improve AI agent workflows and knowledge.

0· 1k·3 current·5 all-time
byvs@vedantsingh60
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (adaptive learning from errors and corrections) aligns with the included Python implementation and SKILL.md. The manifest and SKILL.md both advertise zero dependencies, local-only storage, and no API keys; the code implements local JSON files under a .adaptive_learning directory. Minor note: registry metadata indicated 'Source: unknown' while manifest.yaml contains a GitHub homepage/repository — a documentation inconsistency but not functionally suspicious.
Instruction Scope
SKILL.md instructs the agent/user to copy/import the Python file and use the provided record/search/export methods. The code's methods correspond directly to the documented API (record_learning, record_error, search_learnings, export_learnings, etc.). There are no instructions to read unrelated system files or environment variables, and runtime behavior is limited to managing learnings/errors in local JSON files.
Install Mechanism
There is no install spec (instruction-only skill) and the package includes a single Python module with no external downloads or install steps. This is low-risk: nothing is fetched from arbitrary URLs and no archives are extracted.
Credentials
The skill declares no required environment variables or credentials and the code does not access environment variables or external services. It only writes to the local storage path (default: .adaptive_learning). Note: because data is stored locally, the agent may persist any text passed into record_* calls — users should avoid recording secrets or sensitive data they would not want saved in plaintext.
Persistence & Privilege
The skill does not request permanent inclusion (always: false) and does not modify other skills or system-wide configuration. It only creates and manages its own storage files in a local directory.
Assessment
This skill appears to do what it says: a small, local Python module that records and searches 'learnings' in JSON files. Before installing or using it, note that it will create a .adaptive_learning directory (learnings.json, errors.json) in the working directory and stores any text you pass to it in plaintext. Do not record passwords, API keys, or other secrets into this store unless you encrypt or otherwise protect those files. Also verify the repository/contact listed in manifest.yaml if you want to confirm provenance (the registry metadata showed 'Source: unknown' while the manifest references a GitHub project). If you plan to share exported JSON with teammates, review it first for sensitive contents.

Like a lobster shell, security has layers — review code before you run it.

latestvk970xh30031vdcvbq2sebjkzkx814jpe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments