Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
能够生成很多食谱的
v1.1.0Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⭐ 0· 133·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The runtime instructions and included code implement a 'self-improvement' skill (logging learnings, injecting reminders, OpenClaw hook handlers, and small helper scripts). However the registry-level fields you provided (display name in Chinese '能够生成很多食谱的', slug 'cook-every-thing') do not match the contained SKILL.md or hook names. _meta.json inside the package also shows a different ownerId and version history. This metadata/content mismatch is unexpected and unexplained; it could be a packaging mistake or an attempt to repurpose code under an unrelated name.
Instruction Scope
SKILL.md instructs creating .learnings/, copying hooks to ~/.openclaw/hooks, and enabling hooks via openclaw/open agent config. The hook handlers only inject virtual reminder files and the bash scripts output structured reminders or scaffold files. The error-detector reads the CLAUDE_TOOL_OUTPUT env var (expected for PostToolUse hooks). The skill does suggest writing files into user workspace (creating ~/.openclaw/workspace/.learnings and scaffolding new skills under a relative ./skills path) — this is within scope for a learning-capture skill but it does grant the skill the ability to create files in the user's workspace when enabled.
Install Mechanism
There is no automatic install spec in registry (instruction-only), and the SKILL.md recommends cloning a GitHub repo or copying hooks manually. The included scripts are small and shipped with the skill; there are no downloads from arbitrary URLs, no extracted archives, and no package manager installs. That's low risk, though cloning a third-party GitHub repo should be treated like any external code download.
Credentials
The skill declares no required environment variables or credentials. The scripts expect to run in hook contexts and read CLAUDE_TOOL_OUTPUT (an environment variable provided by the agent platform during PostToolUse) even though that env var isn't declared in registry metadata — this is reasonable for hook scripts but worth noting. The skill asks users to place scripts/config into user-level locations (e.g., ~/.claude/settings.json), which means those scripts will run with the same user permissions as the agent when hooks are enabled.
Persistence & Privilege
The skill is not marked always:true. Hooks and scripts are opt-in: the user must copy/enable them in their agent configuration to get automatic reminders. Enabling project- or user-level hooks will cause the scripts to execute automatically on the configured events (UserPromptSubmit, PostToolUse). That behavior is expected for this skill but is a privilege — only enable globally if you trust the code and source.
What to consider before installing
This package's code implements a reasonable 'self-improvement' helper (reminders, error-detection, and small scaffolding scripts), but the registry metadata (name/slug/owner) does not match the contained SKILL.md and _meta.json values. Before installing or enabling hooks: (1) verify the source repository and owner (inspect the GitHub repo referenced in SKILL.md), (2) review the provided scripts/handlers locally (they're small — read them line-by-line), (3) avoid enabling hooks globally until comfortable — prefer a project-local setup or a dry-run, (4) check file ownership/permissions and that scripts don't call external URLs you don't expect, and (5) if the metadata mismatch persists, prefer not to install or ask the publisher for clarification. If you want, I can highlight any specific lines in the scripts or handler files to review further.Like a lobster shell, security has layers — review code before you run it.
latestvk97debk1pm5t7b7y69qn0ry1zh835vg0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.