Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Evolver Plus
v1.0.2Agent 自我进化引擎。当发现重复错误(≥2次)、能力不足、流程低效、或收到进化指令时激活。 提供四档安全等级(L1-L4)、Gene结构、备份机制、审批流程。 注意:L3/L4 需@董事长审批,绝对禁区包括凭证文件、.env、crontab。
⭐ 0· 114·0 current·0 all-time
by@tsangho
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (self‑evolution engine that creates/records Genes and controls changes by safety level) aligns with the content of SKILL.md and reference docs: it explicitly intends to create PENDING.md, GENES.md, backups and to modify skill/agent files per safety levels.
Instruction Scope
Instructions permit automated edits to SKILL.md, scripts/, AGENTS.md, openclaw.json and other agent/system files and instruct the agent to create backups and write GENES.md/PENDING.md. The SKILL.md forbids touching .env/credentials/crontab, but provides no mechanism to enforce those bans. The approval flow ("@董事长审批") is underspecified — no channel, authentication, or verification is defined, so the agent could either proceed or stall depending on implementation. The doc also suggests periodic autonomous scans and automated execution for L1/L2, which could lead to unintended filesystem writes if agent has write access.
Install Mechanism
Instruction-only skill with no install steps and no downloaded code — lowest install risk. All behavior is described in prose; nothing will be written to disk by an installer.
Credentials
The skill requests no environment variables, credentials, or external binaries, which is proportionate to an instruction/template policy document. It explicitly declares a forbidden set (credentials/.env/crontab).
Persistence & Privilege
always:false (not forced), and autonomous invocation is allowed (default). However, the skill's purpose requires the ability to modify system/agent files (openclaw.json, AGENTS.md, SKILL.md), which are high‑privilege operations. The skill does not request/declare how those privileges are obtained, nor does it define safe gating of L3/L4 beyond an unspecified "@董事长" mention — this combination increases risk if the agent runtime gives write access to those files.
What to consider before installing
This skill is a policy/automation recipe that tells an agent how to propose and apply changes to itself and other agent files. Before installing: (1) confirm you trust the author — source/homepage are missing; (2) ensure the agent runtime enforces the "absolute forbidden" paths (.env, credentials, crontab) at the platform level rather than relying on the skill's text; (3) require a concrete, authenticated approval channel for L3/L4 (do not rely on a loose "@董事长" tag); (4) run the skill in a sandbox or read‑only environment first to observe what files it would change; (5) ensure backups go to a controlled location and verify the backup/rollback commands are safe; (6) if you do not want autonomous modifications to system/agent config, disable autonomous invocation or require manual approval for all L3/L4 actions. These mitigations would reduce the risk of unintended or unauthorized system changes.Like a lobster shell, security has layers — review code before you run it.
latestvk97a82btb5nhqh4k9nv9asavm18494a3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.