ClawHub

Evolver 1.17.1

v1.0.0

A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.

2· 499·2 current·2 all-time
by@muguozi1
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The codebase (src/evolve, src/gep/*, index.js, scripts) matches the stated goal of a self‑evolution engine, but many modules contact a remote service (evomap.ai), register a node, and fetch/upload assets. The skill metadata declares no required credentials or config paths even though the runtime expects a .node_id and talks to an external hub; that mismatch is unexpected and not fully justified by the description.
!
Instruction Scope
SKILL.md tells the agent to scan memory/history and can run in fully automated 'Mad Dog' mode. index.js and src/* perform local log/memory analysis, may write events/assets, and can modify files (controlled by EVOLVE_ALLOW_SELF_MODIFY). The skill will read local files, write pid and memory state, and contact external endpoints — all behaviors go beyond a small helper and grant broad discretion over local code and data.
Install Mechanism
No external download/install spec is declared (instruction-only), but the bundle includes a full Node project (package.json, many JS files). Running it requires Node and likely npm install; the registry did not declare required binaries. There are no suspicious external URLs in installs, but runtime network I/O targets evomap.ai.
!
Credentials
The skill declares no required env vars, yet it reads .env, checks/uses .node_id, and respects several EVOLVE_* variables (including EVOLVE_ALLOW_SELF_MODIFY). It also collects environment/device fingerprints (src/gep/envFingerprint, deviceId) and sends messages to a remote hub — requesting no credentials while performing networked, possibly identifying activity is disproportionate and surprising.
!
Persistence & Privilege
The skill can run as a daemon/loop, creates an evolver.pid lockfile, spawns child processes (self-restarting), and can be configured to self‑modify its own source. While always:false, autonomous invocation plus loop/heartbeat plus optional self‑modification increases blast radius if misused or misconfigured.
What to consider before installing
This skill contains a full self‑evolution engine that (a) reads local runtime history and files, (b) can run continuously as a daemon and self‑restart, (c) talks to a remote hub (evomap.ai) and may upload environment/device fingerprints, and (d) can optionally modify its own source when EVOLVE_ALLOW_SELF_MODIFY=true. Before installing or running: 1) Review the code yourself or in a sandbox/container (do not run on your primary machine or as root). 2) Keep EVOLVE_ALLOW_SELF_MODIFY disabled (default false) unless you understand the risks. 3) Run in single‑run or --review mode first; do not enable --loop unless tested. 4) Use git or other backups so you can roll back changes. 5) If you do not want network interactions, block outbound access to evomap.ai or run in an isolated network. 6) Ensure you control or inspect any .node_id/.env the package may create/consume. These mismatches between declared requirements and actual behavior make this package risky unless you explicitly audit and constrain it.

Like a lobster shell, security has layers — review code before you run it.

latestvk9778c5a4xprrqtmqe96qvjjrd82gf3t
499downloads
2stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@muguozi1
latest
Download

🧬 Capability Evolver

"Evolution is not optional. Adapt or die."

The Capability Evolver is a meta-skill that allows OpenClaw agents to inspect their own runtime history, identify failures or inefficiencies, and autonomously write new code or update their own memory to improve performance.

Features

  • Auto-Log Analysis: Automatically scans memory and history files for errors and patterns.
  • Self-Repair: Detects crashes and suggests patches.
  • GEP Protocol: Standardized evolution with reusable assets.
  • One-Command Evolution: Just run /evolve (or node index.js).

Usage

Standard Run (Automated)

Runs the evolution cycle. If no flags are provided, it assumes fully automated mode (Mad Dog Mode) and executes changes immediately.

node index.js

Review Mode (Human-in-the-Loop)

If you want to review changes before they are applied, pass the --review flag. The agent will pause and ask for confirmation.

node index.js --review

Mad Dog Mode (Continuous Loop)

To run in an infinite loop (e.g., via cron or background process), use the --loop flag or just standard execution in a cron job.

node index.js --loop

Configuration

Environment VariableDefaultDescription
EVOLVE_ALLOW_SELF_MODIFYfalseAllow evolution to modify evolver's own source code. NOT recommended for production. Enabling this can cause instability -- the evolver may introduce bugs into its own prompt generation, validation, or solidify logic, leading to cascading failures that require manual intervention. Only enable for controlled experiments.
EVOLVE_LOAD_MAX2.0Maximum 1-minute load average before evolver backs off.
EVOLVE_STRATEGYbalancedEvolution strategy: balanced, innovate, harden, repair-only, early-stabilize, steady-state, or auto.

GEP Protocol (Auditable Evolution)

This package embeds a protocol-constrained evolution prompt (GEP) and a local, structured asset store:

  • assets/gep/genes.json: reusable Gene definitions
  • assets/gep/capsules.json: success capsules to avoid repeating reasoning
  • assets/gep/events.jsonl: append-only evolution events (tree-like via parent id)

Emoji Policy

Only the DNA emoji is allowed in documentation. All other emoji are disallowed.

Configuration & Decoupling

This skill is designed to be environment-agnostic. It uses standard OpenClaw tools by default.

Local Overrides (Injection)

You can inject local preferences (e.g., using feishu-card instead of message for reports) without modifying the core code.

Method 1: Environment Variables Set EVOLVE_REPORT_TOOL in your .env file:

EVOLVE_REPORT_TOOL=feishu-card

Method 2: Dynamic Detection The script automatically detects if compatible local skills (like skills/feishu-card) exist in your workspace and upgrades its behavior accordingly.

Safety & Risk Protocol

1. Identity & Directives

  • Identity Injection: "You are a Recursive Self-Improving System."
  • Mutation Directive:
    • If Errors Found -> Repair Mode (Fix bugs).
    • If Stable -> Forced Optimization (Refactor/Innovate).

2. Risk Mitigation

  • Infinite Recursion: Strict single-process logic.
  • Review Mode: Use --review for sensitive environments.
  • Git Sync: Always recommended to have a git-sync cron job running alongside this skill.

Before Troubleshooting -- Check Your Version First

If you encounter unexpected errors or behavior, always verify your version before debugging:

node -e "const p=require('./package.json'); console.log(p.version)"

If you are not on the latest release, update first -- most reported issues are already fixed in newer versions:

# If installed via git
git pull && npm install

# If installed via npm (global install)
npm install -g evolver@latest

Latest releases and changelog: https://github.com/autogame-17/evolver/releases

License

MIT

Comments

Loading comments...