Agent Evolver
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is not clearly malicious, but it stores and reuses agent task history and can automatically apply learned solutions without clear user approval or retention limits.
Install only if you are comfortable with a self-learning component that keeps agent task history under ~/.evolver, may send error/context text to an OpenAI-compatible provider, and may influence future agent behavior. Before use, disable or gate automatic triggers, review learned solutions before applying them, set retention/deletion rules, and use a restricted API key.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Task inputs, errors, and context may be retained and reused later, and may be sent to an external model provider if an API key is configured.
The vectorizer builds embedding text from error details, LLM analysis, and stored context, then sends that text to an OpenAI-compatible embeddings endpoint. This may expose sensitive task context and makes prior context reusable across future searches.
错误信息: {capsule.error_message} ... LLM分析: {capsule.llm_analysis} ... 上下文: {json.dumps(capsule.context, ensure_ascii=False)} ... requests.post(f"{self.api_base}/embeddings" ... json={"model": self.model, "input": text})Require explicit user opt-in for storing or embedding task context, redact secrets before storage or API calls, and provide retention/deletion controls.
A bad learned solution could be treated as authoritative and change how the agent handles later tasks.
The automatic-trigger example tells the agent to apply a retrieved historical solution directly. If stored experience content is wrong, stale, or influenced by prior untrusted inputs, it can redirect future agent behavior without user review.
if similar:
apply_solution(similar[0].solution)Treat retrieved solutions as suggestions only, require confirmation before applying them, and record what changed so it can be reviewed and rolled back.
Using the skill with an API key may charge or access the configured provider account.
The skill uses an OpenAI API key for analysis and vectorization. This is expected for the stated LLM/embedding functionality, but users should notice that the registry metadata does not declare a primary credential.
`OPENAI_API_KEY` - OpenAI API 密钥(用于 LLM 分析和向量化)
Use a dedicated, restricted API key and confirm the intended OPENAI_API_BASE before enabling external LLM or embedding features.
Running the deploy script may fetch and install third-party Python packages on the local machine.
The deploy script installs dependencies from requirements.txt. This is normal setup behavior, but the packages are not pinned by exact version and the registry source is unknown.
pip3 install -q -r requirements.txt 2>/dev/null || echo -e "${YELLOW}⚠ 部分依赖安装失败,将使用后备方案${NC}"Review and pin dependencies with hashes or a lockfile before deployment, and avoid running the deploy script in a privileged environment.