← Back to Skills Marketplace
202
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install claw-self-evolution
Description
实现自动发现、记录、隔离实验和审批合并的安全可控AI自我进化闭环,保障系统稳定持续改进。
README (SKILL.md)
claw-self-evolution - 完整自我进化闭环技能
🎯 功能描述
完整的安全可控自我进化闭环,让AI智能体持续改进,同时保证不会改崩系统:
设计原则:自动发现 → 自动记录 → 隔离实验 → 人工审批 → 合并改进 → 持续进化
绝对不直接修改生产环境,必须人工批准才会合并,安全可控!
🧠 核心能力
| 模块 | 功能 |
|---|---|
| 📝 学习记录 | 分类记录错误、教训、功能需求 |
| 🧹 每日自检 | 自动检查规范一致性、安全基线、密钥扫描 |
| 🚀 每周架构扫描 | 自动扫描发现大文件、冗余文件、优化点 |
| 🧠 每周自省反思 | 自动总结一周工作,提取改进点 |
| 🧪 安全实验闭环 | 隔离实验环境,必须审批才合并,绝对不会改崩 |
| 👤 自动用户画像 | 每天自动学习用户偏好,越来越懂用户 |
| 💓 服务健康监控 | 每15分钟检查服务状态,异常自动恢复 |
| 💾 自动核心备份 | 每天备份核心配置,保留30天,随时可恢复 |
| 🧹 自动日志清理 | 每天清理30天前日志,节省空间 |
| 🔍 目录结构验证 | 自动验证OpenClaw目录规范,清理错位文件 |
🔐 安全设计
| 安全原则 | 说明 |
|---|---|
| 隔离实验 | 所有改进先在 memory/experiments/ 隔离测试,不碰生产 |
| 必须审批 | 任何合并必须用户明确批准才会生效 |
| 自动备份 | 合并前自动备份原文件,随时可以回滚 |
| 核心二次确认 | 修改核心配置 (jobs.json/config.json/MEMORY.md) 需要二次手动确认 |
| 不批准自动删除 | 不批准自动删除实验,干干净净 |
| 最小权限 | 只操作工作区内文件,不碰系统目录 |
📋 完整工作流
1. 📝 记录学习
- 操作失败 → 记录 ERRORS.md
- 用户纠正 → 记录 LEARNINGS.md
- 新需求 → 记录 FEATURE_REQUESTS.md
2. 🧹 每日自动自检(每天凌晨 UTC+8)
- 检查目录规范
- 检查安全基线
- 检查密钥泄露
- 汇总学习记录
3. 🧠 每周自省反思(每周日凌晨 UTC+8)
- 分析一周修改
- 从学习记录提取改进点
- 生成自省报告推送给用户
- 找出需要改进的地方
4. 🧪 创建安全实验
- 用户同意后创建隔离实验
- 在实验中修改测试,不影响生产
5. 👀 用户审批
- 生成实验报告,列出所有修改
- 用户批准 → 备份原文件 → 合并到生产
- 用户不批准 → 自动删除实验
6. ✅ 持续进化
- 改进完成,下周再找新改进
- 每天进步一点点
🚀 安装
# 在OpenClaw环境中
./install.sh
安装脚本会自动:
- 创建所有必要目录
- 复制所有脚本到
scripts/system/maintenance/ - 创建初始学习记录文件
memory/learnings/ - 设置正确执行权限
安装完成后,你需要手动:
- 添加定时任务到
jobs.json(按照README说明) - 确认权限正确
⚙️ 定时任务配置(UTC时间)
添加这些到你的 jobs.json:
// 每日自我进化自检(北京时间 00:15 → UTC 16:15)
{
"schedule": { "cron": "15 16 * * *", "timezone": "UTC", "type": "cron" },
"task_type": "shell",
"text": "python3 /app/working/scripts/system/maintenance/daily-self-check.py",
"dispatch": { "mode": "failure-only" }
}
// 每日核心配置备份(北京时间 01:15 → UTC 17:15)
{
"schedule": { "cron": "0 16 * * *", "timezone": "UTC", "type": "cron" },
"task_type": "shell",
"text": "python3 /app/working/scripts/system/maintenance/core-backup.py",
"dispatch": { "mode": "silent" }
}
// 每日日志清理(北京时间 01:00 → UTC 17:00)
{
"schedule": { "cron": "0 16 * * *", "timezone": "UTC", "type": "cron" },
"task_type": "shell",
"text": "python3 /app/working/scripts/system/maintenance/log-cleanup.py",
"dispatch": { "mode": "silent" }
}
// 每日自动更新用户画像(北京时间 01:30 → UTC 17:30)
{
"schedule": { "cron": "30 16 * * *", "timezone": "UTC", "type": "cron" },
"task_type": "shell",
"text": "python3 /app/working/scripts/system/maintenance/auto-update-user-profile.py",
"dispatch": { "mode": "silent" }
}
// 每周架构优化扫描(北京时间 周日 00:00 → UTC 周六 16:00)
{
"schedule": { "cron": "0 16 * * 0", "timezone": "UTC", "type": "cron" },
"task_type": "shell",
"text": "python3 /app/working/scripts/system/maintenance/weekly-architecture-scan.py",
"dispatch": { "mode": "failure-only" }
}
// 每周自省反思(北京时间 周日 00:30 → UTC 周六 16:30)
{
"schedule": { "cron": "0 16 * * 0", "timezone": "UTC", "type": "cron" },
"task_type": "shell",
"text": "python3 /app/working/scripts/system/maintenance/weekly-introspection.py",
"dispatch": { "mode": "always" }
}
// 服务健康检查(每15分钟)
{
"schedule": { "cron": "*/15 * * * *", "timezone": "UTC", "type": "cron" },
"task_type": "shell",
"text": "python3 /app/working/scripts/system/maintenance/service-health-check.py",
"dispatch": { "mode": "failure-only" }
}
// 每日目录结构验证(北京时间 02:00 → UTC 18:00)
{
"schedule": { "cron": "0 18 * * *", "timezone": "UTC", "type": "cron" },
"task_type": "shell",
"text": "python3 /app/working/scripts/system/maintenance/verify_directory_structure.py",
"dispatch": { "mode": "silent" }
}
📦 包内文件
claw-self-evolution/
├── SKILL.md # 本文件
├── _meta.json # ClawHub元数据
├── install.sh # 安装脚本
├── .clawhub/config.json # ClawHub配置
└── files/ # 所有脚本文件
├── daily-self-check.py
├── weekly-architecture-scan.py
├── weekly-introspection.py
├── safe-experiment.py
├── auto-update-user-profile.py
├── service-health-check.py
├── core-backup.py
├── log-cleanup.py
└── verify_directory_structure.py
🔑 权限声明
这个skill需要:
- 读/写权限:
/app/working/scripts/、/app/working/memory/、/app/working/logs/ - 目的:存放脚本、学习记录、日志、备份
- 不会读写系统目录、不会获取系统权限
- 所有文件操作都限定在OpenClaw工作区内
📝 版本历史
- v1.0.0 (2026-03-18)
- 完整闭环整合完成
- 安全实验设计
- 吸收 self-improving-agent 学习记录思路
- 保持安全可控,必须审批才合并
- 完整打包,符合ClawHub规范
👤 作者
- Author: kenz1117
- License: MIT-0
🔗 参考
- 灵感来源于 self-improving-agent
- 安全实验闭环设计为 OpenClaw 量身定制
- 配合
claw-security-suite使用,安全+进化,完美组合
Capability Analysis
Type: OpenClaw Skill
Name: claw-self-evolution
Version: 1.0.1
The bundle implements a 'self-evolution' loop that allows the AI agent to modify its own code, configuration, and directory structure. While the implementation includes significant safeguards—such as an isolation mechanism in `safe-experiment.py` requiring manual user approval for merges and automated backups in `core-backup.py`—the core functionality grants the agent high-risk capabilities. Multiple scripts (e.g., `daily-self-check.py`, `service-health-check.py`, and `weekly-architecture-scan.py`) utilize `subprocess.run(shell=True)` to execute system commands, manage processes via `pkill`, or interface with external package managers. These features, combined with the agent's ability to alter its own operational logic, create a substantial attack surface for prompt injection and unintended system instability.
Capability Assessment
Purpose & Capability
The name/description (self-evolution automation) matches the provided scripts: directory verification, backups, health checks, experiments, introspection. However some requested/performed actions go beyond purely workspace maintenance: service-health-check runs pkill/docker-compose/nohup to restart processes (system-level operations) and weekly scans run pip/list and execute other skills; these are plausible for a maintenance skill but are more privileged than the SKILL.md's repeated 'only touches workspace' claim. Overall capability is coherent but slightly higher privilege than the prose emphasizes.
Instruction Scope
SKILL.md promises strict isolation and mandatory human approval before merging, but the code implements CLI operations that can be invoked to create, modify, and merge experiments programmatically (safe-experiment provides approve_and_merge which will copy experiment files into /app/working). The skill's runtime instructions (cron entries) and scripts assume broad read/write access under /app/working and execute subprocess commands (pkill, docker-compose, pip, custom skill modules). The human-approval model is enforced only by usage conventions (prompt responses/exit codes), not by technical gating; an autonomous agent with permission to invoke the skill could perform merges or restarts without manual intervention.
Install Mechanism
No external install spec (instruction-only plus included install.sh). install.sh only copies bundled Python scripts to /app/working and creates learning files — no remote downloads, no obscure installers. This is low risk from supply-chain perspective, but it writes scripts to disk (expected).
Credentials
The skill declares no environment variables or external credentials and the code does not request secrets. It operates solely on files under /app/working. That is proportionate to its stated purpose. Note: some commands call other local skills or modules (claw-security-suite, get_token_usage) which are assumed present; missing modules won't be able to run but don't imply hidden credential usage.
Persistence & Privilege
The skill is not forced-always, but it can be scheduled (SKILL.md instructs jobs.json cron entries) and its scripts can create/overwrite files under /app/working. Critically, the skill includes programmatic merge functionality (approve_and_merge) that will overwrite workspace files if invoked. The SKILL.md claims 'must be approved' for merges, but that is a policy constraint rather than an enforced technical restriction — because model invocation is allowed by default, an agent could autonomously call the merge CLI. This combination (ability to modify workspace + no technical enforcement of approval + normal platform autonomous invocation) increases risk and should be considered carefully.
scan_findings_in_context
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install claw-self-evolution - After installation, invoke the skill by name or use
/claw-self-evolution - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- 新增初始安装脚本 install.sh,支持一键部署与目录初始化
- 增加 verify_directory_structure.py,实现目录结构自动规范验证
- 强化安全设计,明确最小权限原则与核心配置二次确认保护
- 提供详细定时任务(jobs.json)配置示例,支持 UTC 时区自动任务
- 更新文档结构,拆分安装/权限说明,明确文件与目录要求
v1.0.0
self-evolution v1.0.0
- Initial release of a full safe self-evolution workflow for autonomous, safeguarded AI self-improvement.
- Implements daily checks, weekly reviews, safety experiment workflow, user approval gating, health monitoring, auto-backup, and log cleanup.
- All improvements tested in isolation; production changes require explicit user approval and double confirmation for critical files.
- Fully tracks learnings, errors, and requests; supports auto user profiling and intention prediction.
- OpenClaw-ready, plug-and-play with no extra setup needed.
Metadata
Frequently Asked Questions
What is Claw Self Evolution?
实现自动发现、记录、隔离实验和审批合并的安全可控AI自我进化闭环,保障系统稳定持续改进。 It is an AI Agent Skill for Claude Code / OpenClaw, with 202 downloads so far.
How do I install Claw Self Evolution?
Run "/install claw-self-evolution" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Claw Self Evolution free?
Yes, Claw Self Evolution is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Claw Self Evolution support?
Claw Self Evolution is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Claw Self Evolution?
It is built and maintained by kenz1117 (@kenz1117); the current version is v1.0.1.
More Skills