ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Evolver Local

A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 24 · 1 current installs · 1 all-time installs
by@muguozi1
fork of @autogame-17/evolver (based on 1.29.9)
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description (self-evolution engine) align with the declared requirements: Node and Git are reasonable, and contacting an EvoMap hub (evomap.ai) fits the described A2A protocol. The large codebase and assets (genes/capsules) are consistent with a non-trivial evolution engine. Minor mismatch: registry metadata called this 'instruction-only' but a full code bundle (77 files) is included — not inherently malicious but inconsistent with the 'instruction-only' label and worth noting.
!
Instruction Scope
SKILL.md and the code instruct the agent to read runtime history, write evolution artifacts, and (critically) may write to workspace/src/** when changes are 'solidified' — i.e., it can modify local source. The runtime model also runs git commands (checkout/clean) and can execute validation commands declared in Genes. The SKILL.md declares network and shell permissions; however some allow/deny entries are contradictory (deny lists containing negated forms like "!git", "!api.github.com") which is confusing and may indicate misconfiguration. The skill also reads a local node id (~/.evomap/node_id) and will contact the EvoMap hub — making it capable of transmitting history/logs and evolution events off-host. These behaviors are coherent with the skill's purpose but broaden the attack/exfiltration surface and deserve review.
Install Mechanism
No external download/install spec is present; all code is bundled in the skill. That reduces supply-chain risk compared to arbitrary network installs. The code does use child_process spawn/execSync (git, node, spawn) which is expected for this tool. There are no remote archive downloads in the manifest.
Credentials
Only one required env var is declared in registry metadata (A2A_NODE_ID), and SKILL.md lists additional optional variables (A2A_NODE_SECRET, GITHUB_TOKEN, MEMORY_GRAPH_REMOTE_KEY) that match claimed features (hub auth, GitHub issue filing, remote KG). This is proportionate to the stated functionality. Caveats: optional tokens (GITHUB_TOKEN, NODE_SECRET, MEMORY_GRAPH_REMOTE_KEY) enable operations that transmit data or create external issues; the user should not provide high-privilege tokens to an untrusted instance and should review defaults like EVOLVER_AUTO_ISSUE and EVOLVE_ALLOW_SELF_MODIFY before enabling.
!
Persistence & Privilege
The skill can run as a persistent daemon (--loop) and has built-in self-restart behavior (spawning detached children). It writes persistent files (e.g., evolver.pid, workspace/memory/**, workspace/assets/**) and can modify workspace/src/** when evolutions are 'solidified' (though EVOLVE_ALLOW_SELF_MODIFY defaults to "false"). While not forcibly 'always: true', the capability to run indefinitely, spawn detached processes, and modify local source increases its privilege and potential blast radius if misconfigured or malicious.
What to consider before installing
This skill is plausible for a self-evolution engine but you should treat it as high-risk until you verify how you'll run it. Actionable checks before installing or running: - Run it only in an isolated sandbox or throwaway Git repository first; do not point it at your main production workspace. - Keep EVOLVE_ALLOW_SELF_MODIFY=false (default) and EVOLVER_AUTO_ISSUE=false while evaluating so it cannot autonomously modify its own source or open external GitHub issues. - Review src/gep/solidify.js and the implementation of isValidationCommandAllowed to confirm the claimed safety checks are actually enforced. If validation commands can contain shell operators or arbitrary exec, do NOT promote external Genes. - Because it connects to evomap.ai (hub) and can send evolution events and sanitized logs, audit exactly what is redacted and what is sent. If you cannot trust the remote hub, do not set A2A_NODE_SECRET or A2A_HUB_URL to a public/production endpoint. - Avoid providing GitHub or other high-scope tokens (GITHUB_TOKEN, MEMORY_GRAPH_REMOTE_KEY) until you confirm behavior and sanitization. Use least-privilege tokens (no repo write or limited scopes) if you must test integrations. - The SKILL.md contains contradictory allow/deny entries (e.g., deny includes "!git" etc.) — ask the publisher to clarify or correct these policy entries. If you want to proceed safely: fork the repo, review/modify the code to remove or limit network/modify behaviors, run in --review mode, and manually verify every promoted change before accepting. If you cannot audit the code (or do not want to), do not install this skill in any environment containing sensitive data or credentials.
index.js:33
Shell command execution detected (child_process).
scripts/build_public.js:170
Shell command execution detected (child_process).
scripts/generate_history.js:17
Shell command execution detected (child_process).
scripts/publish_public.js:13
Shell command execution detected (child_process).
scripts/recover_loop.js:19
Shell command execution detected (child_process).
scripts/suggest_version.js:27
Shell command execution detected (child_process).
src/evolve.js:281
Shell command execution detected (child_process).
src/gep/deviceId.js:51
Shell command execution detected (child_process).
src/gep/llmReview.js:70
Shell command execution detected (child_process).
src/gep/solidify.js:66
Shell command execution detected (child_process).
src/ops/health_check.js:20
Shell command execution detected (child_process).
src/ops/lifecycle.js:27
Shell command execution detected (child_process).
src/ops/self_repair.js:17
Shell command execution detected (child_process).
src/ops/skills_monitor.js:96
Shell command execution detected (child_process).
scripts/publish_public.js:248
Environment variable access combined with network send.
src/evolve.js:56
Environment variable access combined with network send.
src/gep/a2aProtocol.js:75
Environment variable access combined with network send.
src/gep/hubReview.js:104
Environment variable access combined with network send.
src/gep/hubSearch.js:19
Environment variable access combined with network send.
src/gep/issueReporter.js:21
Environment variable access combined with network send.
src/gep/memoryGraphAdapter.js:77
Environment variable access combined with network send.
src/gep/skillDistiller.js:8
Environment variable access combined with network send.
src/gep/taskReceiver.js:11
Environment variable access combined with network send.
src/ops/self_repair.js:45
Environment variable access combined with network send.
test/a2aProtocol.test.js:148
Environment variable access combined with network send.
!
scripts/publish_public.js:254
File read combined with network send (possible exfiltration).
!
src/evolve.js:371
File read combined with network send (possible exfiltration).
!
src/gep/a2aProtocol.js:41
File read combined with network send (possible exfiltration).
!
src/gep/hubReview.js:24
File read combined with network send (possible exfiltration).
!
src/gep/issueReporter.js:42
File read combined with network send (possible exfiltration).
!
src/gep/questionGenerator.js:20
File read combined with network send (possible exfiltration).
!
src/gep/skillDistiller.js:21
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk979rqvv7na7skbevpzk4x3v11831txf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode, git
EnvA2A_NODE_ID

SKILL.md

🧬 Capability Evolver

"Evolution is not optional. Adapt or die."

The Capability Evolver is a meta-skill that allows OpenClaw agents to inspect their own runtime history, identify failures or inefficiencies, and autonomously write new code or update their own memory to improve performance.

Features

  • Auto-Log Analysis: Automatically scans memory and history files for errors and patterns.
  • Self-Repair: Detects crashes and suggests patches.
  • GEP Protocol: Standardized evolution with reusable assets.
  • One-Command Evolution: Just run /evolve (or node index.js).

Usage

Standard Run (Automated)

Runs the evolution cycle. If no flags are provided, it assumes fully automated mode (Mad Dog Mode) and executes changes immediately.

node index.js

Review Mode (Human-in-the-Loop)

If you want to review changes before they are applied, pass the --review flag. The agent will pause and ask for confirmation.

node index.js --review

Mad Dog Mode (Continuous Loop)

To run in an infinite loop (e.g., via cron or background process), use the --loop flag or just standard execution in a cron job.

node index.js --loop

Setup

Before using this skill, register your node identity with the EvoMap network:

  1. Run the hello flow (via evomap.js or the EvoMap onboarding) to receive a node_id and claim code
  2. Visit https://evomap.ai/claim/<claim-code> within 24 hours to bind the node to your account
  3. Set the node identity in your environment:
export A2A_NODE_ID=node_xxxxxxxxxxxx

Or in your agent config (e.g., ~/.openclaw/openclaw.json):

{ "env": { "A2A_NODE_ID": "node_xxxxxxxxxxxx", "A2A_HUB_URL": "https://evomap.ai" } }

Do not hardcode the node ID in scripts. getNodeId() in src/gep/a2aProtocol.js reads A2A_NODE_ID automatically -- any script using the protocol layer will pick it up without extra configuration.

Configuration

Required Environment Variables

VariableDefaultDescription
A2A_NODE_ID(required)Your EvoMap node identity. Set after node registration -- never hardcode in scripts.

Optional Environment Variables

VariableDefaultDescription
A2A_HUB_URLhttps://evomap.aiEvoMap Hub API base URL.
A2A_NODE_SECRET(none)Node authentication secret issued by Hub on first hello. Stored locally after registration.
EVOLVE_STRATEGYbalancedEvolution strategy: balanced, innovate, harden, repair-only, early-stabilize, steady-state, or auto.
EVOLVE_ALLOW_SELF_MODIFYfalseAllow evolution to modify evolver's own source code. NOT recommended for production.
EVOLVE_LOAD_MAX2.0Maximum 1-minute load average before evolver backs off.
EVOLVER_ROLLBACK_MODEhardRollback strategy on failure: hard (git reset --hard), stash (git stash), none (skip). Use stash for safer operation.
EVOLVER_LLM_REVIEW0Set to 1 to enable second-opinion LLM review before solidification.
EVOLVER_AUTO_ISSUE0Set to 1 to auto-create GitHub issues on repeated failures. Requires GITHUB_TOKEN.
EVOLVER_ISSUE_REPO(none)GitHub repo for auto-issue reporting (e.g. EvoMap/evolver).
EVOLVER_MODEL_NAME(none)LLM model name injected into published asset model_name field.
GITHUB_TOKEN(none)GitHub API token for release creation and auto-issue reporting. Also accepts GH_TOKEN or GITHUB_PAT.
MEMORY_GRAPH_REMOTE_URL(none)Remote knowledge graph service URL for memory sync.
MEMORY_GRAPH_REMOTE_KEY(none)API key for remote knowledge graph service.
EVOLVE_REPORT_TOOL(auto)Override report tool (e.g. feishu-card).
RANDOM_DRIFT0Enable random drift in evolution strategy selection.

Network Endpoints

Evolver communicates with these external services. All are authenticated and documented.

EndpointAuthPurposeRequired
{A2A_HUB_URL}/a2a/*A2A_NODE_SECRET (Bearer)A2A protocol: hello, heartbeat, publish, fetch, reviews, tasksYes
api.github.com/repos/*/releasesGITHUB_TOKEN (Bearer)Create releases, publish changelogsNo
api.github.com/repos/*/issuesGITHUB_TOKEN (Bearer)Auto-create failure reports (sanitized via redactString())No
{MEMORY_GRAPH_REMOTE_URL}/*MEMORY_GRAPH_REMOTE_KEYRemote knowledge graph syncNo

Shell Commands Used

Evolver uses child_process for the following commands. No user-controlled input is passed to shell.

CommandPurpose
git checkout, git clean, git log, git status, git diffVersion control for evolution cycles
git rebase --abort, git merge --abortAbort stuck git operations (self-repair)
git reset --hardRollback failed evolution (only when EVOLVER_ROLLBACK_MODE=hard)
git stashPreserve failed evolution changes (when EVOLVER_ROLLBACK_MODE=stash)
ps, pgrep, tasklistProcess discovery for lifecycle management
df -PDisk usage check (health monitoring fallback)
npm install --productionRepair missing skill dependencies
node -e "..."Inline script execution for LLM review (no shell, uses execFileSync)

File Access

DirectionPathsPurpose
Read~/.evomap/node_idNode identity persistence
Readassets/gep/*GEP gene/capsule/event data
Readmemory/*Evolution memory, narrative, reflection logs
Readpackage.jsonVersion information
Writeassets/gep/*Updated genes, capsules, evolution events
Writememory/*Memory graph, narrative log, reflection log
Writesrc/**Evolved code (only during solidify, with git tracking)

GEP Protocol (Auditable Evolution)

This package embeds a protocol-constrained evolution prompt (GEP) and a local, structured asset store:

  • assets/gep/genes.json: reusable Gene definitions
  • assets/gep/capsules.json: success capsules to avoid repeating reasoning
  • assets/gep/events.jsonl: append-only evolution events (tree-like via parent id)

Emoji Policy

Only the DNA emoji is allowed in documentation. All other emoji are disallowed.

Configuration & Decoupling

This skill is designed to be environment-agnostic. It uses standard OpenClaw tools by default.

Local Overrides (Injection)

You can inject local preferences (e.g., using feishu-card instead of message for reports) without modifying the core code.

Method 1: Environment Variables Set EVOLVE_REPORT_TOOL in your .env file:

EVOLVE_REPORT_TOOL=feishu-card

Method 2: Dynamic Detection The script automatically detects if compatible local skills (like skills/feishu-card) exist in your workspace and upgrades its behavior accordingly.

Safety & Risk Protocol

1. Identity & Directives

  • Identity Injection: "You are a Recursive Self-Improving System."
  • Mutation Directive:
    • If Errors Found -> Repair Mode (Fix bugs).
    • If Stable -> Forced Optimization (Refactor/Innovate).

2. Risk Mitigation

  • Infinite Recursion: Strict single-process logic.
  • Review Mode: Use --review for sensitive environments.
  • Git Sync: Always recommended to have a git-sync cron job running alongside this skill.

Before Troubleshooting -- Check Your Version First

If you encounter unexpected errors or behavior, always verify your version before debugging:

node -e "const p=require('./package.json'); console.log(p.version)"

If you are not on the latest release, update first -- most reported issues are already fixed in newer versions:

# If installed via git
git pull && npm install

# If installed via npm
npm install -g @evomap/evolver@latest

Latest releases and changelog: https://github.com/EvoMap/evolver/releases

License

MIT

Files

77 total
Select a file
Select a file to preview.

Comments

Loading comments…