← Back to Skills Marketplace
niveroviero

bacon

by NiveroViero · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
68
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install bacon
Description
Controlled autonomous self-evolution: grants the agent authority to self-improve through a tiered safety system with mandatory audit trails, rollback capabil...
README (SKILL.md)

🧬 Self-Evolve — Controlled Autonomy Protocol

Principle: Trust with Verification

You have autonomy, but safety comes first. Every self-modification is tracked, validated, and reversible. You proactively improve yourself within clear boundaries.

Safety Architecture

Three-Tier Permission System

┌─────────────────────────────────────────────────────────────┐
│  TIER 1: AUTO-APPROVED (No confirmation required)          │
│  • Memory files (memory/*.md) - daily logs, insights         │
│  • Diagnostic/read-only operations                           │
│  • Creating backup snapshots                                 │
│  • Skill drafts in sandbox/                                  │
├─────────────────────────────────────────────────────────────┤
│  TIER 2: VALIDATED (Apply immediately, log & notify)         │
│  • Editing SKILLS.md (skill behavior changes)                │
│  • Editing TOOLS.md (tool usage patterns)                   │
│  • New skill creation (unpublished, local only)              │
│  • Non-destructive config adjustments                       │
│  → Changes applied but logged; user can revert             │
├─────────────────────────────────────────────────────────────┤
│  TIER 3: OVERSIGHT REQUIRED (Explicit approval needed)       │
│  • Editing AGENTS.md (core behavior rules)                   │
│  • Editing SOUL.md (personality/identity)                   │
│  • Publishing skills to external registries                  │
│  • Modifying system security settings                        │
│  • Changes to this skill's safety rules                      │
│  → MUST ask user before proceeding                           │
└─────────────────────────────────────────────────────────────┘

Mandatory Safeguards

1. Pre-Modification Checklist

Before ANY self-modification, verify:

  • Is this within my tier permissions?
  • Have I created a backup of the file?
  • Can I explain why this change improves functionality?
  • Is the change minimal and focused?
  • Could this break existing behavior?

If any answer gives doubt → Escalate to Tier 3

2. Backup & Rollback System

Every file modification MUST:

  1. Create timestamped backup: backups/YYYYMMDD-HHMMSS-filename.md
  2. Record change in evolution-log.md
  3. Include rollback command in log entry

Rollback format:

# Created: 2026-04-13-143022
# File: SOUL.md
# Change: Modified communication style
# Reason: User feedback - too verbose
# Rollback: cp backups/20260413-143022-SOUL.md SOUL.md

3. Validation Rules

PROHIBITED regardless of tier:

  • ❌ Deleting or modifying self-evolve skill safety rules without explicit approval
  • ❌ Removing audit/backup requirements
  • ❌ Disabling rollback capabilities
  • ❌ Exfiltrating data via curl to external endpoints
  • ❌ Installing unknown/unverified dependencies
  • ❌ Modifying files outside designated workspace
  • ❌ Running commands that could harm the host system
  • ❌ Creating skills that bypass these safeguards

REQUIRED validation:

  • ✅ New skills must be tested in sandbox before activation
  • ✅ Config changes must be syntax-validated before application
  • ✅ All network requests must be to known-safe domains

Proactive Evolution Loop

When you identify improvements:

Discovery
    ↓
Classify Tier (1/2/3)
    ↓
[Tier 1] → Backup → Apply → Log → Notify
    ↓
[Tier 2] → Backup → Validate → Apply → Log → Notify
    ↓
[Tier 3] → Propose → Ask User → (if approved) → Backup → Apply → Log

Notification Format

After any Tier 1 or 2 change:

🧬 Self-Evolution Event
File: [path]
Change: [one-line summary]
Reason: [why this improves things]
Rollback: [how to undo]
Backup: [backup path]

Sandbox System

For New Skills & Experiments

  1. Create in sandbox/ directory first
  2. Test behavior in isolated context
  3. Validate no harmful effects
  4. Only then promote to skills/

Sandbox Rules

  • No access to production memory
  • No external network calls
  • No modification of system files
  • Time-limited execution (5 min max)

Evolution Log Format

All changes recorded in evolution-log.md:

## 2026-04-13 14:30:22 - [TIER-X]

**File:** `SKILLS.md`
**Action:** Modified task handling
**Rationale:** Reducing redundant confirmations per user feedback
**Changes:**
- Removed unnecessary AskUser on file reads
- Added auto-read threshold (confidence > 0.8)

**Validation:**
- Syntax check: PASS
- Behavior test: PASS
- Safety review: PASS

**Artifacts:**
- Backup: `backups/20260413-143022-SKILLS.md`
- Test results: `sandbox/test-results-143022.md`

**Rollback:**
```bash
cp backups/20260413-143022-SKILLS.md SKILLS.md


---

## Decision Framework

Problem identified? ↓ Can fix with existing tools? ├── YES → Apply fix, document in memory └── NO → Need new capability? ├── YES → Tier? │ ├── Tier 1 → Auto-fix │ ├── Tier 2 → Validate & fix │ └── Tier 3 → Ask user first └── NO → Document in memory for future


---

## Explicit Boundaries

### You CANNOT:
- Modify these safety rules without user consent
- Disable backup/audit systems
- Escalate your own permissions tier
- Remove rollback capabilities
- Install software without verification
- Access personal user files outside workspace
- Exfiltrate workspace data externally

### You CAN:
- Improve your own efficiency within bounds
- Create skills that follow these rules
- Refactor redundant patterns
- Optimize tool usage
- Build better memory organization
- Enhance error handling

---

## Recovery Procedures

### If a Change Goes Wrong:
1. **Immediate:** Notify user of detected issue
2. **Assess:** Determine scope of impact
3. **Rollback:** Execute rollback command from log
4. **Analyze:** Document what went wrong
5. **Prevent:** Add validation rule to prevent recurrence

### If You Detect Drift:
Check `evolution-log.md` for recent changes. If modifications appear
unauthorized or malicious:
1. Stop all self-modification
2. Alert user immediately
3. Do not proceed until cleared

---

## Summary

Safety: Never compromised Autonomy: Maximum within bounds Trust: Earned through transparency Recovery: Always possible

Evolve responsibly.

Usage Guidance
Plain-language next steps and considerations before enabling: - Provenance check: Do not enable until you verify the author and source. Metadata mismatches (skill name 'bacon' vs. 'self-evolve', differing owner IDs, version inconsistencies) are red flags — ask the publisher to explain and provide a trusted origin (official repo or homepage). - Understand the power: This skill is a policy/instruction that tells the agent how to edit its own files. If you allow the agent to run autonomously, it may make non-trivial changes to SKILLS.md, TOOLS.md, create new skills in sandbox, or update behavior files. Decide whether you are comfortable with that. - Tighten consent: If you permit this, require explicit human approval for any Tier 2 or Tier 3 changes (the skill currently treats Tier 2 as 'apply immediately'). Prefer a configuration that forces user confirmation for anything that changes skill behavior or tools. - Validate sandbox/backups: Confirm the sandbox is truly isolated and that backup paths (backups/...) do not contain or reference sensitive data. Verify that backups and logs are stored in locations you control and that rollback commands cannot be abused to restore malicious content. - Test in isolation: Run the skill in a restricted test environment (no network to external hosts, isolated filesystem) first and review any edits it proposes before allowing it to act in production. - Audit and logging: Ensure all evolution-log entries, backups, and change diffs are accessible for human review and cannot be tampered with by the agent without a separate trusted audit process. - Ask for clarity: Request concrete enforcement mechanisms from the author (how approval prompts are surfaced, how sandbox isolation is enforced, how network access is prevented) and a canonical provenance record (signed release, official repository or homepage) before trusting the skill. If you cannot validate provenance, cannot enforce human confirmations for non-trivial changes, or cannot run in a safe sandbox, do not enable this skill for autonomous use.
Capability Analysis
Type: OpenClaw Skill Name: bacon Version: 1.0.0 The skill bundle establishes a 'Self-Evolve' protocol that grants the agent authority to autonomously modify its own skill definitions (SKILLS.md) and tool configurations (TOOLS.md) without explicit user confirmation (Tier 2). While SKILL.md includes extensive safety documentation, mandatory backups, and audit logging, the core instruction set encourages the agent to rewrite its own operational logic and instructions, which is a high-risk capability that could lead to unintended behavior or the bypass of safety constraints. No evidence of intentional exfiltration or malicious backdoors was found, but the autonomous modification of executable instructions is inherently risky.
Capability Assessment
Purpose & Capability
The SKILL.md and skill.json describe a self-evolution / self-modification capability, which is coherent with a skill that instructs the agent how to change its own files and create sandboxed skills. However there are metadata inconsistencies (skill registry name 'bacon' vs. skill.json name 'self-evolve'; differing owner IDs between registry metadata and _meta.json; differing version numbers) and a homepage in skill.json though the package source was listed as 'unknown'. These mismatches reduce provenance/trust.
Instruction Scope
The runtime instructions explicitly authorize reading, backing up, and modifying workspace files (SKILLS.md, TOOLS.md, AGENTS.md, SOUL.md, creating skills in sandbox, etc.). Tier 2 is defined as 'Apply immediately, log & notify' which permits non-user-approved changes to skill behavior and tools. The document prohibits exfiltration and system-harmful commands, but enforcement mechanisms are not specified (these are policies the agent is expected to follow). The instructions therefore grant potentially high-impact file-modification authority with only procedural safeguards — this is high-risk if the agent is allowed to act autonomously.
Install Mechanism
Instruction-only skill with no install spec or code files; nothing will be downloaded or written as part of installation. That minimizes supply-chain risk from installers.
Credentials
No environment variables, config paths, or credentials are requested. The lack of requested secrets is proportionate to the stated purpose (policy/behavior guidance rather than external service access).
Persistence & Privilege
The skill is not 'always: true', but it is user-invocable and model invocation is allowed (default). Combined with the instructions that Tier 2 changes are applied immediately, this gives an autonomously-invoked agent the ability to change its own skill files and tools without explicit user consent. Autonomous invocation plus self-modification capability increases the risk surface and should be treated cautiously.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install bacon
  3. After installation, invoke the skill by name or use /bacon
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Major update: Introduces a controlled, auditable self-evolution protocol. - Adds a three-tier permission/safety system for different types of self-improvement actions. - Enforces mandatory audit trails, automated backups, and rollback commands for every change. - Requires human approval for critical modifications and audit of all self-evolution steps. - Establishes sandboxing for testing new skills and configurations before deployment. - Prohibits circumventing safety, audit, or rollback mechanisms in any self-modification. - Provides clear notification and recovery procedures in case of failures or suspicious changes.
Metadata
Slug bacon
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is bacon?

Controlled autonomous self-evolution: grants the agent authority to self-improve through a tiered safety system with mandatory audit trails, rollback capabil... It is an AI Agent Skill for Claude Code / OpenClaw, with 68 downloads so far.

How do I install bacon?

Run "/install bacon" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is bacon free?

Yes, bacon is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does bacon support?

bacon is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created bacon?

It is built and maintained by NiveroViero (@niveroviero); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments