Self Improving Agent CN
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is mostly a local self-improvement memory helper, but it automatically persists and spreads agent guidance across projects and suggests privileged command changes without clear approval controls.
Install only if you want the agent to keep long-term local memory of mistakes and preferences. Before using it, require confirmation for memory writes, AGENTS.md/MEMORY.md updates, git backups, and any sudo or global install commands; also review and clean the memory files regularly to remove secrets or bad guidance.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive information accidentally included in commands or error output could be stored in plaintext and later shown back to the agent.
The logger persists raw command, error, and fix text into a long-lived local memory file. The artifacts do not show implemented redaction even though commands and error messages can contain secrets, private paths, or sensitive project details.
MEMORY_DIR = os.path.expanduser("~/.openclaw/memory/self-improving") ... "command": command, "error": error_msg, "fix": fix ... f.write(json.dumps(entry, ensure_ascii=False) + "\n")Require confirmation before logging, redact secrets before writing memory, and periodically review or delete the JSONL memory files.
A mistaken or poisoned memory entry could influence future sessions, affect multiple projects, or alter files that guide agent behavior.
The skill instructs automatic propagation of learned content into global memory, project memory, and agent instruction files. It does not describe approval, validation, scoping, or rollback for those updates.
重要记忆自动同步到: - `~/.openclaw/memory/self-improving/` (全局) - 当前项目 `.learnings/` (项目级) - `AGENTS.md` (用户偏好) - `MEMORY.md` (长期记忆)
Disable automatic cross-project sync by default, require user approval before editing AGENTS.md or MEMORY.md, and keep memory scoped per project unless explicitly promoted.
The agent could install packages globally or with elevated privileges, changing the user's system more broadly than intended.
The workflow suggests automatically changing a failed command to an elevated global install path. That is a high-impact local environment change without an explicit user approval step.
下次执行前检查记忆 3. 自动改用: `sudo npm install -g xxx` 或本地安装
Require explicit confirmation before any sudo or global install command, and prefer least-privilege local installs.
Users have less assurance about the origin and maintenance of the skill.
The artifact provides limited provenance and setup metadata. The included scripts are small and the static scan is clean, so this is a provenance note rather than a standalone concern.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Review the included scripts before use and install only if you trust the publisher/source.