Self Improvement Local
v1.0.0Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 49·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name and description (capture learnings/errors and promote them) align with the files and runtime actions: creating .learnings files, small helper scripts, a skill-extraction helper, and an OpenClaw hook that injects a reminder. There are minor naming/metadata inconsistencies (frontmatter/name vs. published slug vs. repository names and _meta.json ownerId mismatch) that look like bookkeeping differences but do not change functionality.
Instruction Scope
SKILL.md instructs agents to create .learnings/ in project or OpenClaw workspace and to optionally install a hook that injects a reminder at bootstrap. The instructions explicitly warn not to log secrets and to sanitize CLAUDE_TOOL_OUTPUT; the scripts follow this approach (they detect errors but do not forward raw tool output). The skill also documents cross-session tools (sessions_history/sessions_send) and advises they be used only in trusted contexts. Overall scope stays within logging, reminders, and scaffolding; the only privileged action is injecting virtual bootstrap files (expected for a hook).
Install Mechanism
No remote downloads or package installs. This is instruction-first with local scripts and hook handlers included in the bundle. There is no URL-based extract/install step that would fetch arbitrary code. Scripts create files locally (extract-skill.sh) but validate paths to avoid absolute paths or '..' segments.
Credentials
The skill declares no required environment variables or credentials. The error-detector script reads CLAUDE_TOOL_OUTPUT (an environment variable provided by the host agent runtime) — this is expected for a PostToolUse hook. The SKILL.md warns about avoiding secrets and not logging full outputs. No unrelated secrets or cloud credentials are requested.
Persistence & Privilege
always:false (no force inclusion). The optional hook installs into the user's OpenClaw hooks directory and injects a virtual bootstrap file at agent:bootstrap; this grants the skill persistent presence only if the user enables the hook or copies files into ~/.openclaw. This is consistent with its goal (workspace-level reminders/persistence). Because hooks inject context into model sessions, enable them only where you trust the workspace; the skill itself does not autonomously request broad privileges.
Assessment
This skill appears to do what it says: log learnings, produce small reminders, and help scaffold extracted skills. Before enabling it:
- Review and run the scripts locally (activator.sh, error-detector.sh, extract-skill.sh) to confirm behavior and ensure you are comfortable with their outputs.
- Enable hooks only in the scope you control (prefer project-level settings over user-global ~/.claude or ~/.openclaw unless you trust all projects). The PostToolUse hook reads CLAUDE_TOOL_OUTPUT — avoid enabling it if you run commands that may output secrets or sensitive data.
- Follow the SKILL.md guidance: never log secrets or full configs unless you explicitly want that and understand the risk.
- Use the extract-skill.sh --dry-run first before creating new files, and check file permissions (chmod +x where needed).
- Note minor metadata/name inconsistencies (slug/ownerId and repo names) — these are bookkeeping issues but you may want to confirm the source repo if you prefer installing from a specific upstream.
If you want more assurance, run the scripts in a sandboxed project or review the small hook handlers (handler.js/handler.ts) — they only inject a virtual reminder file and do not perform network calls or exfiltration.Like a lobster shell, security has layers — review code before you run it.
latestvk97e42wweq7rqb2gkmb29cpppn84qtxb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.