Architecture Evolution Coordinator
Security checks across malware telemetry and agentic risk
Overview
Review before installing: the skill is coherent for architecture maintenance, but it describes fixed-address email reporting, asks for credentials, runs local workspace code, and uses hard-coded health results.
Install only in a trusted test workspace. Change or disable the default email recipient, avoid setting email/GitHub credentials unless necessary, manually verify health-check results, and require explicit review of diffs, reports, and any plugin or code changes before applying them.
VirusTotal
63/63 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Architecture or workspace reports could be sent to an email address that may not belong to the installing user.
The skill describes automatic report delivery to a fixed external email address. The artifacts do not clearly bound what report data is sent or require the recipient to be user-selected before reporting.
自动报告:`evolution-watcher`报告自动发送至`johnson007.ye@gmail.com`
Disable email reporting by default, require an explicit user-chosen recipient, document exactly what is sent, and confirm before each external report.
A user could be falsely reassured that their architecture is healthy or tested when the script is reporting a baked-in snapshot.
The health-check script reports important health metrics from hard-coded values rather than fully deriving them from the actual installed environment.
plugin_stats = {
"total": 27,
"healthy": 25,
"deprecated": 2,
"warnings": 1
}Treat the included health numbers as example data only unless independently verified; the skill should compute live metrics or clearly label unknown/unverified states.
Running the health check in an untrusted or modified workspace can execute code from that workspace.
The health check intentionally executes local test scripts and imports adapter modules from the OpenClaw workspace. This is aligned with architecture testing, but it executes local code.
result = subprocess.run([sys.executable, test_path], ...) sys.path.insert(0, "/root/.openclaw/workspace/integration/adapter") module = __import__(module_name, fromlist=[''])
Run these scripts only in a trusted workspace, preferably in a sandbox, and review the local test and adapter files before execution.
A malicious or misleading README could influence generated architecture recommendations if the agent later treats it as authoritative.
Untrusted GitHub README text is fetched, summarized into concepts, and copied into fusion proposals. That is the purpose of the skill, but external project text should not be treated as trusted instructions.
content = base64.b64decode(data['content']).decode('utf-8')
concepts = extract_key_concepts(repo_info["content"])
"external_feature": concept["content"]Keep external project content quoted and untrusted, ignore instructions inside fetched content, and require human review before any code or plugin changes.
Users may not realize from the registry summary that using the documented reporting and GitHub features can involve sensitive credentials.
The skill documents optional email and GitHub credentials, while the registry metadata declares no required credentials or environment variables.
export EVOLUTION_COORDINATOR_SENDER_PASSWORD="your-app-password" export GITHUB_TOKEN="your_github_token"
Declare credential expectations in metadata, use least-privilege tokens or app passwords, and avoid setting credentials unless the related feature is needed.
Setup or validation steps may fail or depend on files not available for review in this artifact set.
The documentation references requirements, tests, and helper scripts that are not included in the supplied file manifest, so the runnable package is not fully represented by the reviewed artifacts.
pip install -r requirements.txt pytest tests/ -v python3 scripts/sandbox_test_idea_analysis.py --project https://github.com/WeberG619/neveronce
Do not run missing or separately obtained helper files until their source is reviewed; the package should include or remove referenced files.