ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

RSI Loop v2 — AVO-Inspired Agent Self-Improvement

v2.0.0

Recursive Self-Improvement (RSI) loop for EvoClaw agents. Provides a structured observe→analyze→synthesize→deploy pipeline that enables agents to detect thei...

0· 114·0 current·0 all-time
by@bowen31337

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for bowen31337/rsi-loop.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "RSI Loop v2 — AVO-Inspired Agent Self-Improvement" (bowen31337/rsi-loop) from ClawHub.
Skill page: https://clawhub.ai/bowen31337/rsi-loop
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install rsi-loop

ClawHub CLI

Package manager switcher

npx clawhub@latest install rsi-loop
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (an RSI loop for EvoClaw agents) matches the included code and instructions: observer→analyzer→synthesizer→deployer. The ability to scaffold skills, update SOUL.md/AGENTS.md, and run discovery on routing components is consistent with a self-improvement tool. However the skill includes actions that reach beyond its own directory (templates/implementation that run other skills' scripts and target files across the workspace), which is powerful but also wider than a small, focused helper. That breadth is plausible for an RSI tool but worth conscious acceptance.
!
Instruction Scope
SKILL.md instructs running multiple scripts that read/write data/JSONL in skills/rsi-loop/data and that call or instruct running other skills (e.g., skills/intelligent-router scripts, spawn_helper, tiered-memory scripts). The codebase includes a Lineage store that creates/writes memory/rsi-lineage.jsonl and methods that rewrite lineage files (update_outcome). Several 'implementation' templates explicitly tell the agent to run commands that will modify files across the repo. SKILL.md does not declare or warn about needing repository-level write access, nor does it enumerate external endpoints/credentials required by those downstream scripts. This gives the agent broad discretion to inspect and change files outside its own directory during auto-deploy cycles.
Install Mechanism
No install spec is present (instruction-only install), which reduces risk of arbitrary remote code downloads. However, the skill ships many Python scripts (21 code files) that will be executed locally; because there is no explicit install step, those files will simply run from the agent runtime when invoked. That is expected for an instruction+script skill, but users should treat the included code as executable payload that will run on the host.
!
Credentials
The registry metadata declares no required env vars or credentials, but internal policies and code reference environment-driven behavior (e.g., mutation-selection mentions EVOLVE_STRATEGY, cron examples reference models and MQTT integration) and implementation templates will likely rely on existing platform credentials (model provider keys, MQTT or ClawChain access). The skill requests no secrets up front yet contains functionality that may trigger use of other credentials present on the agent. Also, several data/proposals include absolute filesystem paths observed from prior runs — suggesting the code performs workspace scanning. This mismatch (no declared env/config needs vs. code that depends on broader environment/context) is a red flag for misplaced assumptions.
Persistence & Privilege
always:false (not force-included) and model invocation is allowed (normal). The skill persists append-only and derived files under skills/rsi-loop/memory and data; LineageStore makes directories and writes JSONL. The skill is allowed to auto-deploy proposals (CLI flags for auto-approve thresholds), which means it can autonomously make code/config changes within blast-radius rules. That autonomous modify capability combined with repository-level file access increases blast radius, but the skill includes an IMMUTABLE_CORE list intended to require human approval for certain files. Importantly, there's an inconsistency: IMMUTABLE_CORE lists AGENTS.md and SOUL.md (protected), while some Genes' allowed_paths (and proposals) explicitly target AGENTS.md for auto-application — this contradiction needs manual verification (either Genes would be blocked by the immutable policy or the policy is not enforced).
What to consider before installing
What to check before installing/using this skill: - Review deployer.py, synthesizer.py, and any 'apply_gene' logic. Confirm how the code enforces blast_radius and IMMUTABLE_CORE (is AGENTS.md / SOUL.md actually blocked at runtime?). - Expect the skill to write files under skills/rsi-loop/data/ and skills/rsi-loop/memory/ (append-only lineage & events). If you need to keep an audit trail, review those artifacts; if not, run in a disposable environment first. - The skill can execute scripts in other skill directories (e.g., skills/intelligent-router/*). Decide whether you want an automated process that can run those commands or change those files — if not, restrict filesystem permissions or run the skill in a sandbox/container. - The code refers to an EVOLVE_STRATEGY env var and other platform integrations (MQTT, model provider names) but declares none; if you plan to enable auto-deploy, make explicit policies and environment variables you trust. Consider setting auto-approve thresholds to 0 (no auto-approve) until you’ve audited behavior. - Because this skill can autonomously modify repo files and run cross-skill commands, treat it like a privileged operator: test in a safe sandbox, inspect tests and the deploy path, and require human-in-the-loop approval for any change touching production files. If you want, I can scan specific files (deployer.py, synthesizer.py, openclaw_shim.py) for the exact enforcement logic and list the places where it reads/writes files or invokes external commands.

Like a lobster shell, security has layers — review code before you run it.

latestvk9778wc2z6wnsv0t8cny9baqm983nsby
114downloads
0stars
1versions
Updated 1mo ago
v2.0.0
MIT-0
@bowen31337
latest
Download

RSI Loop - Recursive Self-Improvement

Four-stage pipeline: Observe → Analyze → Synthesize → Deploy

Quick Start

# Log an outcome
uv run python skills/rsi-loop/scripts/rsi_cli.py log \
  --task code_generation --success true --quality 4 --model glm-4.7

# Full cycle (detect patterns + generate + deploy quick wins)
uv run python skills/rsi-loop/scripts/rsi_cli.py cycle

# Status dashboard
uv run python skills/rsi-loop/scripts/rsi_cli.py status

Data Layout

skills/rsi-loop/data/
├── outcomes.jsonl       # All logged turn outcomes
├── patterns.json        # Latest analysis output
└── proposals/           # Improvement proposals (one JSON per proposal)
    ├── abc12345.json    # draft/approved/rejected/deployed
    └── ...

Stage 1: Observer — Log Outcomes

Log every significant task at completion. Be honest about quality (1=terrible, 5=perfect).

# Successful task
uv run python skills/rsi-loop/scripts/rsi_cli.py log \
  --task code_generation --success true --quality 4

# Failed task with issues
uv run python skills/rsi-loop/scripts/rsi_cli.py log \
  --task code_debug --success false --quality 2 \
  --issues skill_gap rate_limit \
  --notes "No Rust-specific debug skill, kept hitting context limits"

Task types: code_generation, code_debug, code_review, architecture_design, file_ops, web_search, memory_retrieval, skill_creation, cron_management, api_integration, data_analysis, message_routing, infrastructure_ops, documentation, general_qa, trading, monitoring, blockchain, unknown

Issue types: rate_limit, model_fallback, tool_error, wrong_output, incomplete_task, context_loss, memory_miss, skill_gap, bad_routing, slow_response, over_confirmation, repeated_mistake, missing_tool, wrong_model_tier, compaction_lost_context, other

Stage 2: Analyzer — Detect Patterns

uv run python skills/rsi-loop/scripts/analyzer.py --days 7 --top 5

Outputs ranked patterns by impact score = (frequency/total) × quality_deficit. Saves to data/patterns.json.

Stage 3: Synthesizer — Generate Proposals

# Generate proposals from latest patterns
uv run python skills/rsi-loop/scripts/synthesizer.py generate --top 5

# Review proposals
uv run python skills/rsi-loop/scripts/synthesizer.py list

# Show full proposal detail
uv run python skills/rsi-loop/scripts/synthesizer.py show <proposal_id>

# Approve for deployment
uv run python skills/rsi-loop/scripts/synthesizer.py approve <proposal_id>

Stage 4: Deployer — Apply Improvements

# Dry run (see what would happen)
uv run python skills/rsi-loop/scripts/deployer.py deploy <id> --dry-run

# Deploy a specific proposal
uv run python skills/rsi-loop/scripts/deployer.py deploy <id>

# Deploy all approved proposals
uv run python skills/rsi-loop/scripts/deployer.py deploy-all

Action types and what they do:

  • create_skill → Scaffolds new skill directory via skill-creator
  • update_soul → Appends lesson to SOUL.md's "Lessons learned"
  • fix_routing → Prints instructions for updating intelligent-router config
  • update_memory → Prints HEARTBEAT.md / tiered-memory improvement instructions
  • add_cron → Prints cron configuration to add

Full Cycle (Automated)

# Run full cycle, auto-deploy anything estimated < 20 minutes effort
uv run python skills/rsi-loop/scripts/deployer.py full-cycle \
  --days 7 --auto-approve-below-mins 20

# Or use the CLI shortcut
uv run python skills/rsi-loop/scripts/rsi_cli.py cycle

Cron Job (Weekly RSI)

Set up automated weekly analysis:

# Every Sunday at 3 AM AEST
openclaw cron add --name "Weekly RSI Cycle" \
  --cron "0 3 * * 0" \
  --tz "Australia/Sydney" \
  --model "anthropic-proxy-4/glm-4.7" \
  --system-event "Run RSI cycle: uv run python skills/rsi-loop/scripts/rsi_cli.py cycle --days 7"

EvoClaw Integration

For fleet-wide RSI across all hub/edge agents, see:

  • references/evoclaw-integration.md — MQTT topics, Go integration, ClawChain pallet spec
  • Phase roadmap: heuristic (now) → LLM synthesis → MQTT aggregation → ClawChain governance

Proactive Logging Protocol

Log outcomes for every significant task. Rule of thumb:

  • Any task > 2 minutes → log it
  • Any task that used external tools → log it
  • Any task that failed → definitely log it
  • Batch similar quick tasks → log once with aggregate quality

This builds the dataset that makes RSI work.

Comments

Loading comments...