Scan Report
5 /100
andara-self-improvement
Captures learnings, errors, and corrections to enable continuous improvement for AI agents
This is a legitimate self-improvement logging skill that captures AI agent learnings, errors, and corrections. All functionality is fully documented, with appropriate safety checks in path validation.
Safe to install
This skill is safe to use. No security concerns identified.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | WRITE | WRITE | ✓ Aligned | Creates .learnings/ and ./skills/ directories, documented in SKILL.md lines 1-64… |
| Shell | READ | READ | ✓ Aligned | Reads CLAUDE_TOOL_OUTPUT env var in error-detector.sh, documented |
| Network | NONE | NONE | — | No network calls found |
| Environment | READ | READ | ✓ Aligned | Reads CLAUDE_TOOL_OUTPUT for error detection |
1 findings
Medium External URL 外部 URL
https://agentskills.io/specification SKILL.md:557 File Tree
12 files · 53.2 KB · 2151 lines Markdown 7f · 1737L
Shell 3f · 296L
TypeScript 1f · 62L
JavaScript 1f · 56L
├─
▾
assets
│ ├─
LEARNINGS.md
Markdown
│ └─
SKILL-TEMPLATE.md
Markdown
├─
▾
hooks
│ └─
▾
openclaw
│ ├─
handler.js
JavaScript
│ ├─
handler.ts
TypeScript
│ └─
HOOK.md
Markdown
├─
▾
references
│ ├─
examples.md
Markdown
│ ├─
hooks-setup.md
Markdown
│ └─
openclaw-integration.md
Markdown
├─
▾
scripts
│ ├─
activator.sh
Shell
│ ├─
error-detector.sh
Shell
│ └─
extract-skill.sh
Shell
└─
SKILL.md
Markdown
Security Positives
✓ All shell scripts are documented in SKILL.md
✓ extract-skill.sh has path traversal protection with .. validation
✓ Output paths are restricted to relative paths under current directory
✓ No credential harvesting or exfiltration
✓ No base64 encoding or obfuscation
✓ Hooks are opt-in and require explicit configuration
✓ External URLs are standard documentation links
✓ Safe error detection through pattern matching on tool output