扫描报告
5 /100
self-improvement
Captures learnings, errors, and corrections to enable continuous improvement
A pure-documentation self-improvement skill that logs learnings to markdown files with explicit secret-avoidance policies and no code execution. No malicious behavior found.
可以安装
Approve for use. No action required.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | WRITE | WRITE | ✓ 一致 | SKILL.md:creates .learnings/ dir and markdown files in workspace root |
| 命令执行 | WRITE | WRITE | ✓ 一致 | SKILL.md: mkdir -p and file creation commands — scoped to project .learnings/ on… |
| 网络访问 | NONE | NONE | — | No network tool usage — external URLs are documentation links only |
| 环境变量 | NONE | NONE | — | SKILL.md explicitly instructs: 'Never log secrets, tokens, private keys, environ… |
| 剪贴板 | NONE | NONE | — | No clipboard access declared or observed |
| 浏览器 | NONE | NONE | — | No browser tool usage |
| 数据库 | NONE | NONE | — | No database access |
| 技能调用 | NONE | NONE | — | No skill self-invocation |
1 项发现
中危 外部 URL 外部 URL
https://agentskills.io/specification SKILL.md:581 目录结构
1 文件 · 19.0 KB · 603 行 Markdown 1f · 603L
└─
SKILL.md
Markdown
安全亮点
✓ Explicitly prohibits logging secrets, tokens, private keys, environment variables, and full source/config files
✓ Single markdown file with no executable code, scripts, or binaries
✓ File writes are scoped to project-local .learnings/ directory only
✓ External URLs are read-only documentation links, not fetches or downloads
✓ No obfuscation, base64, eval, or hidden functionality
✓ No credential harvesting, data exfiltration, or privilege escalation
✓ Hook integration is fully opt-in and requires explicit user configuration
✓ git clone targets a named directory (~/.openclaw/skills/) with no auto-execution