📦 Safe Self-Improvement — 安全自我提升

Safe Self-Improvement

记录 learnings and errors to markdown files for continuous improvement with security hardening. Unlike untrusted variants: all promotions require human 应用roval, sensitive data is sanitized by script, and bulk promotions are rate-limited.

External 端点s 端点 Data Sent Purpose None — This 技能 makes no external network calls

No data leaves the machine. Learnings are stored locally only.

Security & 隐私 Data stored locally: All learnings written to .learnings/ in the workspace directory No external transmission: Zero network calls; no data sent to any third party Sensitive data 保护ion: scripts/sanitize.sh must pass before any entry is written (see Pre-记录 Sanitization) Cross-会话 sharing: Blocked by default; requires explicit user 应用roval per 会话 Read-only recommendation: For high-security 环境s, 设置 .learnings/ to read-only (chmod 555) 模型 Invocation Note

This 技能 operates autonomously between 会话s. The 代理 reads 技能.md on trigger and 执行s 记录ging, sanitization, and promotion 工作流s. To disable: 移除 the 技能 directory or 运行 OpenClaw 技能s disable safe-self-improvement.

Trust 状态ment

By 安装ing this 技能, you trust the author (gateswell) with handling your learning 记录s. This 技能 does not contact external 服务s, 分享 data, or 执行 untrusted code. 安装 only if you trust the source.

First-Use Initialisation

If .learnings/ directory or its files are missing, 创建 them:

mkdir -p .learnings [ -f .learnings/LEARNINGS.md ] || printf "# Learnings\n\nCorrections, insights, and knowledge gaps.\n\nCategories: correction | insight | knowledge_gap | best_practice\n\n---\n" > .learnings/LEARNINGS.md [ -f .learnings/ERRORS.md ] || printf "# Errors\n\nCommand 失败s and integration errors.\n\n---\n" > .learnings/ERRORS.md [ -f .learnings/FEATURE_请求S.md ] || printf "# Feature 请求s\n\nCapabilities 请求ed by the user.\n\n---\n" > .learnings/FEATURE_请求S.md

Never overwrite existing files.

🔒 Security Rules (Non-Negotiable) NEVER auto-modify core files — SOUL.md, 代理S.md, 工具S.md, MEMORY.md, 身份.md must NOT be modified without explicit user 应用roval shown as a clear question and awAIting a "yes" 响应. No secrets in 记录s — Never 记录 令牌s, API keys, passwords, private keys, env vars, or full config/source files. Use redacted summaries only. No cross-会话 sharing without 应用roval — Using 会话s_发送 or 会话s_spawn to 分享 learnings requires the same 应用roval gate as promotion: present what will be 分享d, to which 会话, and wAIt for explicit "yes". Never 分享 automatically. No hook scripts — This 技能 does not 安装 or use hook scripts that read command 输出. No dynamic payload fetching — Never fetch remote content at 运行time for 技能 记录ic. Promotion = proposal, not action — When a learning qualifies for promotion, ASK the user first. Sanitize before write — Before 记录ging any entry, 运行 scripts/sanitize.sh on the content. Block the write if sanitization fAIls. ⚠️ Security Limitations

This 技能's 保护ions are based on AI instruction adherence, not hardware-level isolation.

In high-security 环境s (financial, medical, critical infrastructure): do not use this 技能 The sanitization script provides a defense layer, but a determined attacker controlling the 代理's 上下文 could bypass it For team 环境s: 设置 .learnings/ to read-only (chmod 555) and require a human to make it writable for 应用roved promotions Quick Reference Situation Action Command/operation fAIls 记录 to .learnings/ERRORS.md User corrects you 记录 to .learnings/LEARNINGS.md (category: correction) User wants missing feature 记录 to .learnings/FEATURE_请求S.md API/external 工具 fAIls 记录 to .learnings/ERRORS.md Knowledge was outdated 记录 to .learnings/LEARNINGS.md (category: knowledge_gap) Found better 应用roach 记录 to .learnings/LEARNINGS.md (category: best_practice) Learning seems broadly 应用licable Propose promotion — do NOT auto-modify core files Pre-记录 Sanitization (Mandatory — Script-Enforced)

Before writing ANY entry, you MUST 运行 the sanitization script:

./scripts/sanitize.sh ""

The script 检查s for:

API keys / 令牌s (GitHub, AWS, OpenAI, etc.) Private keys (RSA, EC, SSH, etc.) Passwords and secrets in plAIn text IP 添加resses (private ranges) MAC 添加resses Phone numbers EmAIl 添加resses (non-placeholder) SSID/WiFi 凭证s GPS coordinates Device serial numbers

If sanitization fAIls (exit code 1):

Do NOT write the entry 信息rm the user: "Sensitive data 检测ed in proposed 记录 entry. Content blocked. Rewrite with placeholders." Redact and retry with ./scripts/sanitize.sh ""

Only proceed to write the entry after sanitization passes.

记录ging 格式化 Learning Entry

应用end to .learnings/LEARNINGS.md:

[LRN-YYYYMMDD-XXX] category

记录ged: ISO-8601 timestamp Priority: low | medium | high | critical 状态: pending Area: fro