← Back to Skills Marketplace
300
Downloads
1
Stars
4
Active Installs
1
Versions
Install in OpenClaw
/install skill-evolver
Description
A complete skill lifecycle manager for discovering, orchestrating, fusing, and evolving skills. Helps decide which skills to use, how to compose or fuse them...
Usage Guidance
This skill appears internally consistent and implements a reasonable workflow for discovering, inspecting, auditing, and fusing skills. Before installing or allowing autonomous runs, consider: 1) Review the three bundled scripts (audit_skill.py, verify_skill.py, search_skills.py) to ensure they meet your expectations; they read your local skill directories (e.g., ~/.claude/skills) and generate reports. 2) Do not allow automated execution to run the shell removal snippet or any destructive command without an explicit human confirmation — the audit report includes an rm -rf suggestion that could be executed if you or an agent runs it. 3) If you enable registry interactions, be aware the docs recommend running global installs (npm i -g clawhub) or npx commands; prefer running those manually under a controlled environment. 4) If you plan to use fusion/materialization, review the 'skill-creator' tool or process that will produce new code and audit it before installing. If you want higher assurance, run the scripts in a sandbox or non-production environment first.
Capability Analysis
Type: OpenClaw Skill
Name: skill-evolver
Version: 0.1.0
The skill-evolver bundle is a legitimate meta-skill designed to manage the lifecycle of other skills, including discovery, installation, and security auditing. It contains Python scripts (audit_skill.py, search_skills.py, verify_skill.py) that perform functional tasks like keyword-based skill matching and regex-based security scanning for high-risk patterns (e.g., RCE, destructive commands, and credential theft). The workflow defined in SKILL.md explicitly incorporates security checkpoints and human-in-the-loop confirmations before executing or materializing new capabilities. No evidence of malicious intent, data exfiltration, or unauthorized persistence was found; the tool's capabilities are well-aligned with its stated purpose of providing a safer framework for skill management.
Capability Assessment
Purpose & Capability
Name and description match the included files and runtime instructions: the repo contains search, verify, and audit scripts and many templates describing search/inspection/fusion/orchestration; these are exactly what a 'skill lifecycle manager' would need.
Instruction Scope
SKILL.md instructs the agent to create an output directory, run intent analysis, search local and remote registries, verify installation, run security audits, and optionally invoke a skill-creator. The scripts read local skill directories (e.g., ~/.claude/skills and ./skills), inspect SKILL.md content, and produce audit reports. This is within scope, but the audit workflow produces explicit removal instructions (a rm -rf command snippet) when a high-risk pattern is found — allowlist/confirm any destructive actions before permitting autonomous execution.
Install Mechanism
No install spec; this is an instruction-only skill with bundled utility scripts. No remote downloads or extract/install steps are present in the repository files. External CLIs (npx skills, clawhub) are optional prerequisites referenced in docs; those are standard for registry interactions.
Credentials
The skill declares no required environment variables or credentials. The scripts operate on local skill directories and templates; they do not request secrets or unrelated credentials. References to external CLIs are optional and reasonable for registry searches.
Persistence & Privilege
always is false and the skill does not claim permanent elevated privileges or attempt to modify other skills' configs. The workflow can invoke destructive actions (deleting a skill directory) but the repo only suggests rm -rf in an audit report rather than performing deletion itself — still, human confirmation is advisable before executing such actions.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-evolver - After installation, invoke the skill by name or use
/skill-evolver - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of skill-evolver: a full lifecycle manager for discovering, orchestrating, fusing, and evolving skills.
- Introduces a multi-phase workflow: intent analysis, skill search, deep inspection, orchestration, execution, and optional materialization.
- Includes clear checkpoints for user decision-making at key steps (approach selection, plan confirmation, preservation).
- Supports both skill orchestration and fusion workflows, with audit and security checks.
- Emphasizes “solve first, materialize later” and prioritizes native solutions when possible.
- Provides templates, file output structure, and guidance for each phase.
Metadata
Frequently Asked Questions
What is Skill Evolver?
A complete skill lifecycle manager for discovering, orchestrating, fusing, and evolving skills. Helps decide which skills to use, how to compose or fuse them... It is an AI Agent Skill for Claude Code / OpenClaw, with 300 downloads so far.
How do I install Skill Evolver?
Run "/install skill-evolver" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Skill Evolver free?
Yes, Skill Evolver is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Skill Evolver support?
Skill Evolver is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Skill Evolver?
It is built and maintained by testlbin (@testlbin); the current version is v0.1.0.
More Skills