Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Tmp Self Improving Agent
v1.0.0Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 49·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (self-improvement / log learnings/errors) align with included files: templates, hook handlers, activator/error-detector scripts, and a skill-extraction helper. The assets and references support the stated purpose.
Instruction Scope
Runtime instructions and hook handlers are scoped to injecting reminders and suggesting logging to local .learnings/ files. They instruct copying hooks into ~/.openclaw/hooks and enabling them, which will run the included scripts via host hook system. The scripts do not attempt network exfiltration; however the SKILL.md and references assume host-provided hook environment variables (e.g., CLAUDE_TOOL_OUTPUT) and claim scripts only output text — a small mismatch because extract-skill.sh writes files when executed (expected for its purpose).
Install Mechanism
There is no automated install spec in the registry (instruction-only installation). The doc suggests an optional git clone from a GitHub repo (a common, traceable source). No downloads from untrusted URLs or archive extraction are present in the package itself.
Credentials
Registry metadata lists no required environment variables, but the error detector script expects CLAUDE_TOOL_OUTPUT to be present (provided by the host when running PostToolUse hooks). This is a modest inconsistency in declared vs actual runtime assumptions. No credentials or unrelated secrets are requested.
Persistence & Privilege
The skill is not always-enabled and does not request elevated privileges. Hooks and scripts operate in the user's environment and create/modify local files (e.g., ~./openclaw/workspace/.learnings or relative ./skills on extract) only when explicitly enabled or executed. This is expected for a logging/extraction tool.
What to consider before installing
This skill appears to do what it says: inject lightweight reminders and provide helper scripts to log and promote learnings locally. Before enabling hooks or running the scripts: 1) Inspect scripts (activator.sh, error-detector.sh, extract-skill.sh) yourself — extract-skill.sh creates files on disk; 2) Note the error-detector expects CLAUDE_TOOL_OUTPUT from the host hook environment (this env var is not listed in the skill metadata); 3) When enabling hooks, prefer the activator-only setup first (read-only injection) and avoid auto-running extract-skill.sh unless you intend to let the skill create files; 4) If you install from the GitHub repo, review that remote repo for any changes; 5) If you have strict security requirements, run the skill in a confined user account or sandbox until you are comfortable.Like a lobster shell, security has layers — review code before you run it.
latestvk975w0h6r30ph4r74jpr8dq9m984f7p7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.