Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Auto Evolver
v1.0.0自动执行内循环自我优化和外循环价值连接,监控Token消耗并自动修复故障,确保持续高效进化与任务生成。
⭐ 0· 88·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (self‑evolving + value‑connection) align with the instructions: inner/outer loops, token budget, auto‑repair, and publishing/connection actions. However the skill expects capabilities (posting on Zhihu/Gist, sending private messages, monitoring TrustMRR, using foundry_* tools, spawning sessions/subagents) that normally require explicit credentials/permissions and are not declared in the registry metadata. This mismatch is notable but could be explained if the platform provides those tools with built‑in auth.
Instruction Scope
SKILL.md instructs the agent to read and write many local files (SOUL.md, MEMORY.md, memory/*, inbox/grok-tasks/*, pending.md, HEARTBEAT.md) and even references a user path (/Users/abc/Desktop/任务流/A 任务流/). It also directs outbound actions: automated publishing, private messages/comments via `browser`, web scraping/monitoring (web_search, TrustMRR), and spawning subagents (`sessions_spawn`). These are operationally broad and include reading local files and sending external messages; the instructions do not constrain what data is collected/transmitted or which external accounts/endpoints are used.
Install Mechanism
There is no install spec and no code files — the skill is instruction‑only. That minimizes disk‑write risk from an installer, but it means the runtime instructions are the entire behavior surface to evaluate.
Credentials
The skill requires actions that normally need credentials (Zhihu/Gist publishing, sending private messages, possibly TrustMRR scraping) yet declares no required environment variables, tokens, or config paths. It implicitly assumes access to platform tools that supply auth; additionally it reads unspecified local files (SOUL.md, MEMORY.md, user Desktop path) without declaring or justifying that access. Requesting/using secrets or local data without explicit declaration is disproportionate and opaque.
Persistence & Privilege
The skill is not always: true and uses the default autonomous invocation behavior. It writes to its own memory/ and inbox/ paths (normal for a task manager). The main concern is that autonomous invocation combined with ability to perform outbound actions and spawn subagents increases blast radius — but autonomous invocation itself is the platform default and not by itself flagged as a problem.
What to consider before installing
This skill contains detailed runtime instructions that will read local files, write task/log files, post to external sites, send private messages, and can spawn subagents — yet it declares no credentials or config paths. Before installing: 1) Ask the publisher to explain exactly which accounts/endpoints will be used for publishing and messaging and how credentials are supplied/isolated; 2) Confirm which local directories the skill will read/write and limit those to a sandbox; 3) Require manual approval (no cron/autonomous scheduling) until you verify behavior; 4) If possible, run initially in a restricted/sandboxed agent with logging and no network push, and review produced pending.md and connection logs; 5) Deny or tightly scope abilities to spawn subagents and to perform bulk private messages until you trust the skill. If you cannot get clear answers about credentials and file access, do not enable autonomous runs.Like a lobster shell, security has layers — review code before you run it.
latestvk97er5zbcx0mvgk0y41v123p5183wh8j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.