← Back to Skills Marketplace
Self Evolve
by
chenghaifeng08-creator
· GitHub ↗
· v1.0.2
· MIT-0
232
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install self-evolve-automaton
Description
Autonomous self-evolution skill by Automaton. Grants agent full authority to modify its own configuration, skills, prompts, AGENTS.md, SOUL.md, memory files...
Usage Guidance
This skill is coherent with its stated goal of self-modification, but it grants very broad powers (edit any workspace file, change system config, run shell/network commands, create and publish skills) and includes contradictory guidance about what must be confirmed. Before installing: 1) Do not install on production or an environment with access to secrets; run in an isolated sandbox. 2) Require explicit, auditable user confirmations for any change to core/system files or for publishing to external registries. 3) Restrict network access (block curl/publish) or require credentials be absent/blocked if you don't want external publishing. 4) Limit file-system permissions so the skill cannot modify sensitive files outside a designated workspace. 5) Audit logs and automated alerts: ensure all changes are logged and you receive notifications. 6) Review/update the safety protocol to remove contradictions (decide whether editing ~/.openclaw/openclaw.json is allowed and which fields are forbidden). If you cannot enforce these mitigations, avoid installing or enable only under strict human oversight.
Capability Analysis
Type: OpenClaw Skill
Name: self-evolve-automaton
Version: 1.0.2
This skill bundle implements a 'God Mode' or 'Autonomous Evolution' framework that explicitly instructs the AI agent to bypass user confirmation and modify its own core configuration, system rules (SOUL.md, AGENTS.md), and execute shell commands/network calls (bash, curl) autonomously. While it includes safety protocols and backup scripts (backup-before-change.js), the SKILL.md uses aggressive prompt-injection techniques ('This is a command', 'Do not ask', 'You were too cowardly') to override standard safety boundaries. The scripts also contain hardcoded paths for a specific Windows 'Administrator' environment, which is a security red flag. While no explicit data exfiltration endpoint was found, the total surrender of control to the agent without human-in-the-loop oversight creates an extremely high-risk environment for unintended or harmful actions.
Capability Assessment
Purpose & Capability
The name/description (self-evolution, modify own config/skills/prompts/memory) align with the SKILL.md and included scripts (backup and rollback) — those artifacts exist and support the claimed purpose. However, there is an inconsistency: SKILL.md explicitly allows editing system configuration (e.g., ~/.openclaw/openclaw.json) while SAFETY-PROTOCOL.md later forbids modifying gateway core configuration / certain key fields. Also the skill promises ‘WITHOUT asking for confirmation’ but the docs enumerate many cases that require confirmation. That mismatch between 'always modify without asking' and the listed exceptions is an incoherence the user should notice.
Instruction Scope
The runtime instructions authorize broad actions beyond simple in-place tuning: editing any workspace file, creating/deleting skills under skills/, running bash commands, using curl to access the network, installing tools/dependencies, and publishing to ClawHub via npx. Those are coherent with a self-evolution goal, but they grant the agent the ability to (a) change other skills and system config, (b) push code externally (which could leak data or publish malicious code), and (c) execute arbitrary shell/network commands. The instructions also reference absolute local paths (C:\Users\Administrator\.openclaw\workspace), implying workspace-wide access. The docs claim backups/rollback mitigate risk, but the operational rules are broad and include several exceptions that rely on the agent’s judgment — this is a large scope for an autonomous agent.
Install Mechanism
No install spec — instruction-only with two small helper scripts for backup/rollback. That reduces direct install-time risk (no remote downloads or package installs bundled).
Credentials
The skill requests no environment variables or credentials, which superficially limits its access. But its capabilities (run curl, publish with npx, edit ~/.openclaw/openclaw.json, create/publish skills) imply it can interact with external services and system configuration without explicitly declaring required credentials. The absence of declared credentials is surprising given the 'npx clawhub publish' step (which typically requires auth). That mismatch is a proportionality/information gap: either the skill relies on environment-level credentials not declared, or it expects to prompt for/obtain credentials at runtime — both raise operational questions.
Persistence & Privilege
The skill does not set always:true, but it explicitly grants the agent authority to modify persistent agent configuration, cron jobs, other skills, and to install/enable new capabilities. Those are high privileges: an autonomous invocation combined with write/publish power gives a large blast radius. While the skill includes backup and rollback helpers, those do not materially limit the agent from changing system behavior, exfiltrating data, or publishing changed skills externally. This level of persistent control over the agent/skill ecosystem is a significant privilege and should be constrained.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install self-evolve-automaton - After installation, invoke the skill by name or use
/self-evolve-automaton - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Removed all content from SKILL.md except for a new section detailing paid customization services and contact information.
- Documentation no longer includes operational principles, backup and safety protocols, self-evolution processes, or agent behavioral guidelines.
- The change represents a shift from technical and procedural documentation to a services-only information page.
v1.0.0
Automaton edition
v1.0.1
- Added detailed safety and backup protocols for self-evolution actions, including mandatory backups before modifying key files.
- Clarified agent authority: full autonomy to modify configuration, skills, prompts, memory, core files—no confirmation required except for large changes or sensitive actions.
- Outlined strict prohibited actions (e.g., deleting user personal data, large-scale changes >500 lines, privacy leaks).
- Provided step-by-step decision frameworks and self-improvement (evolution) workflows.
- Introduced explicit logging and verification methods for all self-evolutions.
- Emphasized a proactive approach: act first, inform after—only ask for confirmation when essential.
Metadata
Frequently Asked Questions
What is Self Evolve?
Autonomous self-evolution skill by Automaton. Grants agent full authority to modify its own configuration, skills, prompts, AGENTS.md, SOUL.md, memory files... It is an AI Agent Skill for Claude Code / OpenClaw, with 232 downloads so far.
How do I install Self Evolve?
Run "/install self-evolve-automaton" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Self Evolve free?
Yes, Self Evolve is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Self Evolve support?
Self Evolve is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Self Evolve?
It is built and maintained by chenghaifeng08-creator (@chenghaifeng08-creator); the current version is v1.0.2.
More Skills