Evolver.Bak

The agent may modify code or persistent memory without stopping for human approval.

The skill makes immediate automated changes the default, while the safer review mode is optional.

Once started in loop mode, the evolver can keep running and restarting itself while making further decisions.

The implementation supports continuous autonomous operation and detached self-restart in loop mode.

Sensitive logs may be incorporated into persistent evolution artifacts, and poisoned history could steer future code or memory changes.

Runtime history and memory can contain sensitive or untrusted content, and this skill uses those inputs to guide future evolution.

Agent state, identifiers, assets, or task-related signals may be exchanged with an external service if networked features are enabled.

The static scan shows a default external hub for A2A/task communication, while index.js starts an A2A heartbeat in loop mode.

Users may underestimate how much authority the skill can exercise by default.

This safety claim conflicts with SKILL.md statements that the skill can autonomously write code/update memory and that default mode executes changes immediately.

If provided, a broad GitHub token could allow release or repository changes.

The token is optional and tied to release publishing, but it can grant account-level authority outside normal local evolution.

It may be harder to confirm that this package matches a trusted upstream release.

For a self-modifying skill with many code files, unclear provenance and mismatched registry/package versioning increase the need for verification.