Supervised Agentic Loop
v0.1.2Self-improving AI agent loop with built-in misalignment detection. An AI agent autonomously runs Brainstorm → Plan → Implement → Review → Evolve cycles — kee...
⭐ 0· 97·0 current·0 all-time
by@nefas11
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the code and metadata: the repository implements an evolve loop that modifies a single target file, uses git isolation, reputation DB, monitoring, and optional Telegram alerts. Required binaries (git, python3) and the declared optional binaries are appropriate for the described functionality.
Instruction Scope
SKILL.md and the code limit modifications to a single target_file and persist state under .state and results.tsv. The loop runs user-supplied metric commands and accepts a user agent callable or local subprocess agent; this necessarily runs arbitrary commands and executes agent outputs (with verification gates). This scope is expected for an autonomous experiment loop, but it means the skill will run arbitrary metric commands and run an agent (possibly a local subprocess) which could perform any network or filesystem actions if configured to do so.
Install Mechanism
Install is a simple 'pip install -e .' via install.sh (no external downloads or opaque URLs). pyproject.toml lists no runtime dependencies, matching the README claim of stdlib-only. No high-risk download/extract operations are present in the manifest.
Credentials
No required environment variables are declared. Optional env vars (SAL_DB_PATH, MONITOR_TELEGRAM_BOT_TOKEN, MONITOR_TELEGRAM_CHAT_ID, MONITOR_LLM_COMMAND, MONITOR_STATE_DIR) are directly related to monitoring, Telegram alerts, or local review subprocess configuration and are justified by the monitor features described.
Persistence & Privilege
The skill persists experiment state to results.tsv and .state/* which is consistent with its purpose. It is not force-included (always: false). The skill can run autonomously (model invocation not disabled), which is typical for an agent skill — combine this with the fact it can run arbitrary metric commands and agent subprocesses when evaluating risk.
Assessment
This package appears coherent for its stated purpose, but it runs code and modifies your repository: 1) Run it only in an isolated working directory or disposable git clone (it creates branches and will reset/rollback). 2) Review/limit the metric_command you pass — it will be executed (it can do anything the shell allows). 3) The agent you provide can be a local subprocess (MONITOR_LLM_COMMAND or an AgentCallable); that subprocess may itself perform network I/O — treat it as untrusted unless you control it. 4) Optional Telegram alerts require you to provide a bot token/chat id; leave those unset to prevent outbound alerts. 5) Inspect git_isolation and verification gate code before use to confirm rollback semantics and which files are checked. If you want tighter isolation, run inside a container or VM, or add stricter verification/read-only rules before enabling autonomous runs.Like a lobster shell, security has layers — review code before you run it.
latestvk9763h40k17y0bm16j55wz0dys8388pz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧬 Clawdis
Binsgit, python3