Auto Evolution (Hybrid Mode)

v2.0.0

Multi-agent auto-evolution system with hybrid mode — orchestrate review-execute-audit loops with 4 roles (Coordinator, Reviewer, Executor, Auditor). Supports...

⭐ 0· 144·3 current·3 all-time

byJaden's built a claw@cjboy007

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for cjboy007/auto-evolution.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Auto Evolution (Hybrid Mode)" (cjboy007/auto-evolution) from ClawHub.
Skill page: https://clawhub.ai/cjboy007/auto-evolution
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install auto-evolution

ClawHub CLI

Package manager switcher

npx clawhub@latest install auto-evolution

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill's name/description (multi-agent orchestration with Coordinator/Reviewer/Executor/Auditor) aligns with the included scripts which implement heartbeat, monitor, reviewer starter, packer, and task creation. However there are manifest/version mismatches (SKILL.md v0.7.0 vs registry 2.0.0 vs package.json 0.5.7) and README install instructions that reference an external GitHub repo; these inconsistencies reduce confidence in provenance but do not by themselves contradict the claimed purpose.

Instruction Scope

Scripts read and write many workspace files and can delete/move task files (pack-skill deletes tasks after archiving) and remove lock files (monitor). create-task.js writes tasks relative to the skill directory (path.join(__dirname,'../tasks')), while heartbeat/monitor/pack-skill resolve TASKS_DIR from OPENCLAW_WORKSPACE or defaults under ~/.openclaw/... — this inconsistent TASKS_DIR handling can cause tasks to be created in one location and processed (or not) in another. start-reviewer.js includes a child_process execSync import and pseudocode describing sessions_spawn but does not implement secure spawning; reviewers are expected to run as sub-agents but the integration is manual/underspecified. Overall the runtime instructions and scripts have broad discretion to modify the user's workspace and perform destructive actions (unlink), which is proportional to packaging tasks but should be explicit to users.

✓

Install Mechanism

No install spec and no external downloads; all behavior is from included scripts (Node.js). That lowers supply-chain concern — nothing is fetched from unknown URLs during install. However, running the scripts will perform filesystem changes.

ℹ

Credentials

The registry metadata declares no required environment variables or credentials, and SKILL.md documents optional env vars (OPENCLAW_WORKSPACE, EVOLUTION_TASKS_DIR, EVOLUTION_SKILLS_DIR, EVOLUTION_ARCHIVE_DIR). This is reasonable, but the scripts rely on these vars (or defaults) to determine filesystem targets — the absence of explicit required env vars in metadata is acceptable but users should be aware the scripts will operate on paths derived from these variables (and defaults under ~/.openclaw). No network credentials are requested by the skill files.

Persistence & Privilege

always is false and model invocation is allowed (normal). However pack-skill.js will move completed tasks into an archive and will reference and potentially write into the user's SKILLS_DIR (e.g., update skill directories). Monitor scripts will remove lock files and reset task states. These behaviors modify the user's workspace and can delete/move files; combined with autonomous use (agent can spawn scripts via heartbeat/cron), this elevates the practical privilege and warrants running in an isolated/test workspace first.

Scan Findings in Context

[child_process_execSync] expected: start-reviewer.js requires child_process.execSync (imported at top). Using child_process is plausible for orchestration, but the script does not actually show safe use of execSync — it prints a pseudocode sessions_spawn flow instead. Presence of execSync is expected but should be reviewed; unused or poorly handled execution could be dangerous if later modified to run arbitrary commands.

[fs_read_write_unlink] expected: Multiple scripts perform extensive filesystem operations (read/write JSON task files, unlink task files and lock files, create archive entries, move files). This is expected for a task orchestration/packaging tool, but the destructive operations (fs.unlinkSync) mean you should not run these scripts against a production workspace without backups or isolation.

What to consider before installing

This skill implements a multi-agent orchestration system and will read, write, move, and delete files in your OpenClaw workspace (tasks, locks, archive, skills). Before installing or running: 1) Run it in an isolated test workspace (set OPENCLAW_WORKSPACE to a disposable directory) to observe behavior. 2) Inspect and test create-task, heartbeat-coordinator, monitor, pack-skill, and start-reviewer in isolation — note pack-skill deletes task files after archiving. 3) Fix or align TASKS_DIR resolution if you expect tasks in a single location (create-task uses __dirname relative path while other scripts use WORKSPACE-derived paths). 4) Remove or review any use of child_process.execSync and ensure sessions_spawn integration is implemented safely (avoid executing untrusted strings). 5) Backup any existing tasks/skills before first run, and prefer running with least privilege and in an isolated agent/session. If you need higher assurance, ask the author for provenance (homepage/repo) and a unified versioned release.

Like a lobster shell, security has layers — review code before you run it.

latestvk9723kvggb2j0fr5eyyv22m48983td8t

144downloads

0stars

4versions

Updated 1mo ago

v2.0.0

MIT-0

auto-evolution

Category: Agent Orchestration / Meta-Skill Version: 0.7.0

Description

Multi-agent auto-evolution system — a coordinator agent drives an autonomous review → execute → audit loop by spawning specialized sub-agents for each role.

This is a meta-skill: it doesn't handle business logic. It orchestrates the loop so complex tasks get completed autonomously with dual quality gates (pre-execution review + post-execution audit).

Architecture (4 Roles)

Role	Responsibility	When Spawned	Recommended Model
Coordinator	Drives the loop, updates task state, spawns sub-agents	Always (heartbeat/cron)	Any (cost-efficient)
Reviewer	Pre-execution review, generates detailed subtasks	Complex tasks only	Strong (Sonnet/GPT-5.4)
Executor	Implements one subtask, runs verification	After review approves	Cost-effective (Qwen3.5-Plus)
Auditor	Post-execution audit, decides pass/retry	After execution completes	Strong (Sonnet/GPT-5.4)

Why 4 roles?

Reviewer and Auditor are both quality gates but serve different purposes
Reviewer ensures the plan is sound before work starts
Auditor verifies the result matches the plan after work completes
Executor is pure labor — follows instructions, no judgment needed

Cost control: Only Reviewer and Auditor need strong models. Coordinator and Executor can use cheap models.

🔄 Hybrid Mode (v2.0)

Task Complexity Assessment (5 dimensions, 1-5 points each):

Dimension	1 point	3 points	5 points
Code Lines	<100	200-500	>1000
Files	1-2	5-10	>20
Risk	Docs/Test	Feature improvement	Architecture change
Dependencies	None	3-5	Cross-system
Innovation	Routine fix	Feature enhancement	New feature

Task Classification:

Total Score	Task Type	Subtask Mode	Flow
5-10	Simple	Manual	Executor only
11-17	Medium	Manual (recommended) or Auto	Optional Reviewer
18-25	Complex	Auto (required)	Reviewer → Executor → Auditor

Usage:

# Create task (interactive)
node scripts/create-task.js

# Start Reviewer (complex tasks only)
node scripts/start-reviewer.js <task-id>

Core Modules

File	Purpose
`scripts/heartbeat-coordinator.js`	Coordinator: scan tasks → spawn Reviewer/Executor/Auditor
`scripts/monitor.js`	Monitor: detect stuck tasks, clean orphaned locks
`scripts/pack-skill.js`	Package completed tasks → skill directories
`config/task-schema.json`	Task file JSON Schema

Setup

1. Initialize workspace

mkdir -p evolution/tasks evolution/archive evolution/test-results

2. Create a task

cp skills/auto-evolution/references/task-example.json evolution/tasks/task-001.json
# Edit with your goal and subtasks

3. Configure the coordinator

Option A: Heartbeat (recommended — in your agent's HEARTBEAT.md)

## Evolution Loop
1. Run `node skills/auto-evolution/scripts/heartbeat-coordinator.js`
2. Parse output: if phase=review → spawn Reviewer sub-agent
3. Apply review → if phase=execute → spawn Executor sub-agent
4. Apply execution → if phase=audit → spawn Auditor sub-agent
5. Apply audit → done for this tick

Option B: Cron

openclaw cron add --agent <your-agent> \
  --name "evolution-coordinator" \
  --every 5m \
  --session isolated \
  --timeout-seconds 300 \
  --message "Evolution heartbeat: scan and process tasks."

4. (Optional) Configure the monitor

openclaw cron add --agent <any-agent> \
  --name "evolution-monitor" \
  --every 10m \
  --session isolated \
  --timeout-seconds 120 \
  --message "Run: node skills/auto-evolution/scripts/monitor.js"

5. Configure models (optional)

Edit evolution/config/models.json to customize which models are used for each role:

{
  "roles": {
    "reviewer": "google/gemini-3.1-pro",
    "executor": "aiberm/gpt-5.4",
    "auditor": "google/gemini-3.1-pro",
    "coordinator": "bailian/qwen3.5-plus"
  }
}

Default: Scripts read from this config file. No environment variables needed.

6. Environment variables (optional)

export OPENCLAW_WORKSPACE=/path/to/workspace
export EVOLUTION_TASKS_DIR=/path/to/tasks

How It Works

Full Loop

Coordinator heartbeat
  → finds task (priority: reviewed > executing > pending)
  → if pending: spawn Reviewer → reviewed
  → if reviewed: spawn Executor → executing
  → if executing: spawn Auditor → pending (next) or completed ✅

State Machine

pending → reviewed → executing → pending (next subtask)
                         → completed (all done)
                         → packaged ✅

Key Rules

One subtask per iteration — keeps cycles fast and reviewable
Dual quality gates — Reviewer (before) + Auditor (after)
Only mark completed when all subtasks done
If Reviewer/Auditor API fails → wait and retry next heartbeat
Monitor auto-resets tasks stuck > 10 minutes

Task File Format

See references/task-example.json for a complete example.

Required fields:

{
  "task_id": "task-001",
  "status": "pending",
  "goal": "What to build",
  "current_iteration": 0,
  "max_iterations": 10,
  "context": {
    "subtasks": ["Step 1", "Step 2", "Step 3"]
  },
  "history": []
}

CLI Usage

# Scan and output next phase prompt
node scripts/heartbeat-coordinator.js

# Apply review result
node scripts/heartbeat-coordinator.js apply-review task-001.json review.txt

# Apply execution result
node scripts/heartbeat-coordinator.js apply-exec task-001.json exec.txt

# Apply audit result
node scripts/heartbeat-coordinator.js apply-audit task-001.json audit.txt

# Run monitor
node scripts/monitor.js

# Package completed tasks
node scripts/pack-skill.js

Design Philosophy

4-role architecture — Coordinator drives, Reviewer/Executor/Auditor specialize
Dual quality gates — Review before, audit after — never skip either
Model-agnostic — swap any model for any role
One subtask per tick — predictable, reviewable, won't timeout
Self-healing — monitor detects and fixes stuck states
Cost-efficient — strong models only where judgment matters (Reviewer, Auditor)

Comments

Loading comments...