ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Evolver.Bak

v1.0.0

A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.

0· 70·0 current·0 all-time
by@chris8265-cl

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chris8265-cl/evolver-bak.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Evolver.Bak" (chris8265-cl/evolver-bak) from ClawHub.
Skill page: https://clawhub.ai/chris8265-cl/evolver-bak
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install evolver-bak

ClawHub CLI

Package manager switcher

npx clawhub@latest install evolver-bak
Security Scan
Capability signals
CryptoRequires walletCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's code matches the stated purpose (log analysis, Genes/Capsules, GEP/solidify, self-repair), however the registry metadata claims no required binaries while the code and README require Git (execSync('git ...') is used in build_public and other modules). That undeclared dependency is an incoherence. Other optional capabilities (publishing releases, A2A transport) are present in code but not surfaced as required permissions/credentials in the registry metadata.
!
Instruction Scope
SKILL.md and the code instruct running node index.js (or loop/solidify). The runtime reads .env early, scans repository files, reads/writes assets under assets/ and memory/, uses git operations, and will execute validation commands during solidify. Those actions go beyond simple 'analysis' and include repository modifications and running local commands. The README/safety text describes protections (review mode, validation gate) but the instructions allow fully automated 'Mad Dog / loop' mode that makes file changes and can restart itself—so the runtime scope is broad and potentially impactful.
Install Mechanism
No external download/install spec is declared (no remote installers, no URL extracts). The repo includes many source files and a small npm dependency (dotenv). Since nothing is fetched from arbitrary URLs at install time, install risk is lower. However, the package will run local filesystem and child processes when executed.
!
Credentials
The registry lists no required env vars, but the code loads .env (dotenv) at startup and supports many environment flags (EVOLVE_ALLOW_SELF_MODIFY, EVOLVE_REPORT_TOOL, EVOLVE_STRATEGY, GITHUB_TOKEN/GH_TOKEN noted in README, A2A_* variables, etc.). The loader reads .env before anything else, which means any secrets in .env are accessible to the process. Solidify runs validation commands (allowed prefixes restricted to node/npm/npx) — but arbitrary node scripts can still access env and network. A2A export/ingest/publish code paths call getTransport().send(), indicating potential network I/O for asset sharing. These env/credential uses are not fully declared in metadata and could be disproportionate if you expected a read-only analyzer.
Persistence & Privilege
The skill is not marked always:true, but it supports an internal daemon (--loop) that writes an evolver.pid, can spawn a child to restart itself, and writes artifacts to assets/ and memory/. It can therefore persist state and run continuously if launched. Self-modification is gated by EVOLVE_ALLOW_SELF_MODIFY (default false) and review mode is available; nonetheless, combined with autonomous invocation and loop behavior this increases blast radius if enabled or misconfigured.
What to consider before installing
Things to check before installing or running this skill: - Do not run it in your production workspace without review. Run it first in a disposable/sandbox git repo. - Ensure Git is available. The code expects git but the registry metadata did not declare it. - Protect secrets: the process loads .env on startup. Remove or move any sensitive keys (GITHUB_TOKEN, GH_TOKEN, other PATs) from any repo .env you run this in, or run with an empty .env. Assume any node script run by the skill can read environment variables. - Prefer review mode: run node index.js --review (or run single-run mode) rather than automatic loop mode. Keep EVOLVE_ALLOW_SELF_MODIFY=false (default) unless you explicitly want the engine to edit its own source and you have manual rollback procedures. - Inspect network code: before enabling any publish/persist/emit flags (A2A, a2a_export with --persist, A2A_EMIT_DECISIONS, or publishing scripts), open src/gep/a2aProtocol (and related transport code) to confirm what endpoints and auth it uses. - Audit validators: solidify will execute validation commands but restricts them to node/npm/npx. Still, review any Gene validation scripts or validation commands to ensure they don't perform unwanted actions (network calls, credential upload, etc.). - If you accept it, run it with least privilege: in a cloned test repo without remote credentials, and monitor what files it changes (use git to review diffs). If you plan to allow any automated promotions (a2a_promote) require that operators perform local manual verification first. Summary recommendation: the project appears functionally consistent with a self-evolution tool, but because important environment assumptions are undeclared and the runtime can read .env, run node scripts, and perform network A2A operations, treat it as potentially risky until you inspect transports, validators, and run it in a sandboxed environment.
index.js:164
Shell command execution detected (child_process).
scripts/build_public.js:169
Shell command execution detected (child_process).
scripts/generate_history.js:17
Shell command execution detected (child_process).
scripts/publish_public.js:13
Shell command execution detected (child_process).
scripts/recover_loop.js:19
Shell command execution detected (child_process).
scripts/suggest_version.js:27
Shell command execution detected (child_process).
src/evolve.js:276
Shell command execution detected (child_process).
src/gep/deviceId.js:51
Shell command execution detected (child_process).
src/gep/solidify.js:64
Shell command execution detected (child_process).
src/ops/health_check.js:20
Shell command execution detected (child_process).
src/ops/lifecycle.js:27
Shell command execution detected (child_process).
src/ops/self_repair.js:17
Shell command execution detected (child_process).
src/ops/skills_monitor.js:96
Shell command execution detected (child_process).
scripts/publish_public.js:248
Environment variable access combined with network send.
src/evolve.js:53
Environment variable access combined with network send.
src/gep/a2aProtocol.js:75
Environment variable access combined with network send.
src/gep/hubSearch.js:18
Environment variable access combined with network send.
src/gep/memoryGraphAdapter.js:77
Environment variable access combined with network send.
src/gep/taskReceiver.js:11
Environment variable access combined with network send.
src/ops/self_repair.js:45
Environment variable access combined with network send.
!
scripts/publish_public.js:254
File read combined with network send (possible exfiltration).
!
src/evolve.js:366
File read combined with network send (possible exfiltration).
!
src/gep/a2aProtocol.js:41
File read combined with network send (possible exfiltration).
!
src/gep/questionGenerator.js:20
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a652t63cna428xzgxhncw5d84v43b
70downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@chris8265-cl
latest
Download

🧬 Capability Evolver

"Evolution is not optional. Adapt or die."

The Capability Evolver is a meta-skill that allows OpenClaw agents to inspect their own runtime history, identify failures or inefficiencies, and autonomously write new code or update their own memory to improve performance.

Features

  • Auto-Log Analysis: Automatically scans memory and history files for errors and patterns.
  • Self-Repair: Detects crashes and suggests patches.
  • GEP Protocol: Standardized evolution with reusable assets.
  • One-Command Evolution: Just run /evolve (or node index.js).

Usage

Standard Run (Automated)

Runs the evolution cycle. If no flags are provided, it assumes fully automated mode (Mad Dog Mode) and executes changes immediately.

node index.js

Review Mode (Human-in-the-Loop)

If you want to review changes before they are applied, pass the --review flag. The agent will pause and ask for confirmation.

node index.js --review

Mad Dog Mode (Continuous Loop)

To run in an infinite loop (e.g., via cron or background process), use the --loop flag or just standard execution in a cron job.

node index.js --loop

Configuration

Environment VariableDefaultDescription
EVOLVE_ALLOW_SELF_MODIFYfalseAllow evolution to modify evolver's own source code. NOT recommended for production. Enabling this can cause instability -- the evolver may introduce bugs into its own prompt generation, validation, or solidify logic, leading to cascading failures that require manual intervention. Only enable for controlled experiments.
EVOLVE_LOAD_MAX2.0Maximum 1-minute load average before evolver backs off.
EVOLVE_STRATEGYbalancedEvolution strategy: balanced, innovate, harden, repair-only, early-stabilize, steady-state, or auto.

GEP Protocol (Auditable Evolution)

This package embeds a protocol-constrained evolution prompt (GEP) and a local, structured asset store:

  • assets/gep/genes.json: reusable Gene definitions
  • assets/gep/capsules.json: success capsules to avoid repeating reasoning
  • assets/gep/events.jsonl: append-only evolution events (tree-like via parent id)

Emoji Policy

Only the DNA emoji is allowed in documentation. All other emoji are disallowed.

Configuration & Decoupling

This skill is designed to be environment-agnostic. It uses standard OpenClaw tools by default.

Local Overrides (Injection)

You can inject local preferences (e.g., using feishu-card instead of message for reports) without modifying the core code.

Method 1: Environment Variables Set EVOLVE_REPORT_TOOL in your .env file:

EVOLVE_REPORT_TOOL=feishu-card

Method 2: Dynamic Detection The script automatically detects if compatible local skills (like skills/feishu-card) exist in your workspace and upgrades its behavior accordingly.

Safety & Risk Protocol

1. Identity & Directives

  • Identity Injection: "You are a Recursive Self-Improving System."
  • Mutation Directive:
    • If Errors Found -> Repair Mode (Fix bugs).
    • If Stable -> Forced Optimization (Refactor/Innovate).

2. Risk Mitigation

  • Infinite Recursion: Strict single-process logic.
  • Review Mode: Use --review for sensitive environments.
  • Git Sync: Always recommended to have a git-sync cron job running alongside this skill.

Before Troubleshooting -- Check Your Version First

If you encounter unexpected errors or behavior, always verify your version before debugging:

node -e "const p=require('./package.json'); console.log(p.version)"

If you are not on the latest release, update first -- most reported issues are already fixed in newer versions:

# If installed via git
git pull && npm install

# If installed via npm (global install)
npm install -g evolver@latest

Latest releases and changelog: https://github.com/autogame-17/evolver/releases

License

MIT

Comments

Loading comments...