OpenClaw Self-Improvement
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed local workflow-improvement skill, but it can write persistent agent guidance files and read local OpenClaw session metadata, so users should review those local effects before use.
This skill appears appropriate if you want a local OpenClaw improvement loop. Before installing or invoking it, confirm the workspace and Obsidian paths, keep generated scorecards private if they include session metadata, and require human review or --dry-run before promoting anything into AGENTS.md, TOOLS.md, or SOUL.md.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run with the wrong output or tickets directory, it could overwrite or create files in an unintended local location.
The scorecard script writes local reports and optional repair tickets to paths controlled by command-line options. This is expected for a reporting/repair workflow, but users should verify paths before running it.
const outputPath = argValue('--output', null); ... const ticketsDir = argValue('--tickets-dir', resolve(dataDir, 'recovery-tickets-v3')); ... writeFileSync(path, ...)Use the default workspace paths or explicitly review --output and --tickets-dir before running, especially when an agent is invoking the script.
Generated scorecards may reveal local session/profile metadata or operational details about OpenClaw agents.
The skill reads local OpenClaw agent session metadata, including session keys, timestamps, channels, session file paths, and possible auth profile override names.
const sessionsPath = resolve(openclawHome, 'agents', agent, 'sessions', 'sessions.json'); ... model: value?.model || value?.authProfileOverride || null
Run it only against the intended OpenClaw home directory, keep generated scorecards private, and avoid sharing outputs if session/profile names are sensitive.
A mistaken or overbroad promoted rule could influence future agent decisions across workflows.
The skill can persist promoted learnings into files that may guide future agent behavior. This is central to the self-improvement purpose and is disclosed, but persistent instructions can be harmful if promoted without review.
"writes": [".learnings/", ... "AGENTS.md", "TOOLS.md", "SOUL.md"] ... "Promotion can append to `AGENTS.md`, `TOOLS.md`, or `SOUL.md`"
Use --dry-run for promotions, review the exact text and target file, and keep promoted rules narrow and reversible.
Users have less external context for verifying the publisher or comparing the package to an upstream repository.
The registry metadata does not provide an upstream source or homepage, limiting independent provenance checks.
Source: unknown; Homepage: none
Inspect the included files before installing and prefer versions from publishers or repositories you trust.