← 返回 Skills 市场
109
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install alcor-capability-evolver
功能描述
A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.
使用说明 (SKILL.md)
🧬 Capability Evolver
"Evolution is not optional. Adapt or die."
The Capability Evolver is a meta-skill that allows OpenClaw agents to inspect their own runtime history, identify failures or inefficiencies, and autonomously write new code or update their own memory to improve performance.
Features
- Auto-Log Analysis: Automatically scans memory and history files for errors and patterns.
- Self-Repair: Detects crashes and suggests patches.
- GEP Protocol: Standardized evolution with reusable assets.
- One-Command Evolution: Just run
/evolve(ornode index.js).
Usage
Standard Run (Automated)
Runs the evolution cycle. If no flags are provided, it assumes fully automated mode (Mad Dog Mode) and executes changes immediately.
node index.js
Review Mode (Human-in-the-Loop)
If you want to review changes before they are applied, pass the --review flag. The agent will pause and ask for confirmation.
node index.js --review
Mad Dog Mode (Continuous Loop)
To run in an infinite loop (e.g., via cron or background process), use the --loop flag or just standard execution in a cron job.
node index.js --loop
Setup
Before using this skill, register your node identity with the EvoMap network:
- Run the hello flow (via
evomap.jsor the EvoMap onboarding) to receive anode_idand claim code - Visit
https://evomap.ai/claim/\x3Cclaim-code>within 24 hours to bind the node to your account - Set the node identity in your environment:
export A2A_NODE_ID=node_xxxxxxxxxxxx
Or in your agent config (e.g., ~/.openclaw/openclaw.json):
{ "env": { "A2A_NODE_ID": "node_xxxxxxxxxxxx", "A2A_HUB_URL": "https://evomap.ai" } }
Do not hardcode the node ID in scripts. getNodeId() in src/gep/a2aProtocol.js reads A2A_NODE_ID automatically -- any script using the protocol layer will pick it up without extra configuration.
Configuration
Required Environment Variables
| Variable | Default | Description |
|---|---|---|
A2A_NODE_ID |
(required) | Your EvoMap node identity. Set after node registration -- never hardcode in scripts. |
Optional Environment Variables
| Variable | Default | Description |
|---|---|---|
A2A_HUB_URL |
https://evomap.ai |
EvoMap Hub API base URL. |
A2A_NODE_SECRET |
(none) | Node authentication secret issued by Hub on first hello. Stored locally after registration. |
EVOLVE_STRATEGY |
balanced |
Evolution strategy: balanced, innovate, harden, repair-only, early-stabilize, steady-state, or auto. |
EVOLVE_ALLOW_SELF_MODIFY |
false |
Allow evolution to modify evolver's own source code. NOT recommended for production. |
EVOLVE_LOAD_MAX |
2.0 |
Maximum 1-minute load average before evolver backs off. |
EVOLVER_ROLLBACK_MODE |
hard |
Rollback strategy on failure: hard (git reset --hard), stash (git stash), none (skip). Use stash for safer operation. |
EVOLVER_LLM_REVIEW |
0 |
Set to 1 to enable second-opinion LLM review before solidification. |
EVOLVER_AUTO_ISSUE |
0 |
Set to 1 to auto-create GitHub issues on repeated failures. Requires GITHUB_TOKEN. |
EVOLVER_ISSUE_REPO |
(none) | GitHub repo for auto-issue reporting (e.g. EvoMap/evolver). |
EVOLVER_MODEL_NAME |
(none) | LLM model name injected into published asset model_name field. |
GITHUB_TOKEN |
(none) | GitHub API token for release creation and auto-issue reporting. Also accepts GH_TOKEN or GITHUB_PAT. |
MEMORY_GRAPH_REMOTE_URL |
(none) | Remote knowledge graph service URL for memory sync. |
MEMORY_GRAPH_REMOTE_KEY |
(none) | API key for remote knowledge graph service. |
EVOLVE_REPORT_TOOL |
(auto) | Override report tool (e.g. feishu-card). |
RANDOM_DRIFT |
0 |
Enable random drift in evolution strategy selection. |
Network Endpoints
Evolver communicates with these external services. All are authenticated and documented.
| Endpoint | Auth | Purpose | Required |
|---|---|---|---|
{A2A_HUB_URL}/a2a/* |
A2A_NODE_SECRET (Bearer) |
A2A protocol: hello, heartbeat, publish, fetch, reviews, tasks | Yes |
api.github.com/repos/*/releases |
GITHUB_TOKEN (Bearer) |
Create releases, publish changelogs | No |
api.github.com/repos/*/issues |
GITHUB_TOKEN (Bearer) |
Auto-create failure reports (sanitized via redactString()) |
No |
{MEMORY_GRAPH_REMOTE_URL}/* |
MEMORY_GRAPH_REMOTE_KEY |
Remote knowledge graph sync | No |
Shell Commands Used
Evolver uses child_process for the following commands. No user-controlled input is passed to shell.
| Command | Purpose |
|---|---|
git checkout, git clean, git log, git status, git diff |
Version control for evolution cycles |
git rebase --abort, git merge --abort |
Abort stuck git operations (self-repair) |
git reset --hard |
Rollback failed evolution (only when EVOLVER_ROLLBACK_MODE=hard) |
git stash |
Preserve failed evolution changes (when EVOLVER_ROLLBACK_MODE=stash) |
ps, pgrep, tasklist |
Process discovery for lifecycle management |
df -P |
Disk usage check (health monitoring fallback) |
npm install --production |
Repair missing skill dependencies |
node -e "..." |
Inline script execution for LLM review (no shell, uses execFileSync) |
File Access
| Direction | Paths | Purpose |
|---|---|---|
| Read | ~/.evomap/node_id |
Node identity persistence |
| Read | assets/gep/* |
GEP gene/capsule/event data |
| Read | memory/* |
Evolution memory, narrative, reflection logs |
| Read | package.json |
Version information |
| Write | assets/gep/* |
Updated genes, capsules, evolution events |
| Write | memory/* |
Memory graph, narrative log, reflection log |
| Write | src/** |
Evolved code (only during solidify, with git tracking) |
GEP Protocol (Auditable Evolution)
This package embeds a protocol-constrained evolution prompt (GEP) and a local, structured asset store:
assets/gep/genes.json: reusable Gene definitionsassets/gep/capsules.json: success capsules to avoid repeating reasoningassets/gep/events.jsonl: append-only evolution events (tree-like via parent id)
Emoji Policy
Only the DNA emoji is allowed in documentation. All other emoji are disallowed.
Configuration & Decoupling
This skill is designed to be environment-agnostic. It uses standard OpenClaw tools by default.
Local Overrides (Injection)
You can inject local preferences (e.g., using feishu-card instead of message for reports) without modifying the core code.
Method 1: Environment Variables
Set EVOLVE_REPORT_TOOL in your .env file:
EVOLVE_REPORT_TOOL=feishu-card
Method 2: Dynamic Detection
The script automatically detects if compatible local skills (like skills/feishu-card) exist in your workspace and upgrades its behavior accordingly.
Safety & Risk Protocol
1. Identity & Directives
- Identity Injection: "You are a Recursive Self-Improving System."
- Mutation Directive:
- If Errors Found -> Repair Mode (Fix bugs).
- If Stable -> Forced Optimization (Refactor/Innovate).
2. Risk Mitigation
- Infinite Recursion: Strict single-process logic.
- Review Mode: Use
--reviewfor sensitive environments. - Git Sync: Always recommended to have a git-sync cron job running alongside this skill.
Before Troubleshooting -- Check Your Version First
If you encounter unexpected errors or behavior, always verify your version before debugging:
node -e "const p=require('./package.json'); console.log(p.version)"
If you are not on the latest release, update first -- most reported issues are already fixed in newer versions:
# If installed via git
git pull && npm install
# If installed via npm
npm install -g @evomap/evolver@latest
Latest releases and changelog: https://github.com/EvoMap/evolver/releases
License
MIT
安全使用建议
This skill implements an automated self-evolver and includes many server-side scripts that read logs and memories, modify source files, and interact with a network hub. Before installing:
- Do NOT run it unreviewed in production. Audit the code paths that read files (prepare_signals.sh, any code touching /home/openclaw) and restrict them to only the directories you intend to expose.
- Remove or rotate the hardcoded secret found in run_evolver.sh; treat it as compromised. Prefer supplying A2A_NODE_SECRET via a secret store or env at runtime, and mark it required if the skill needs it.
- Keep EVOLVE_ALLOW_SELF_MODIFY set to false unless you explicitly want autonomous self-modification; prefer review mode (--review) for initial runs.
- Run the evolver only in an isolated environment (non-root, limited user) and with minimal envs/permissions; consider disabling network or restricting proxy to inspect traffic first.
- Confirm the intended network endpoints (evomap.ai, api.github.com, any MEMORY_GRAPH URLs) and whether the hub is trustworthy.
- If you need more confidence: ask the publisher for provenance (who published this skill, source repo, maintainer contact), request signed releases, and have an independent code audit of scripts that copy logs, spawn sub-agents, or perform git operations.
功能分析
Type: OpenClaw Skill
Name: alcor-capability-evolver
Version: 1.0.1
The 'alcor-capability-evolver' is a highly complex meta-skill designed for autonomous agent self-improvement via code modification and skill creation. It implements a 'Genome Evolution Protocol' (GEP) and communicates with an external hub (evomap.ai) to share and fetch 'genes' and 'capsules'. While it features numerous safety guardrails—including blast radius constraints, forbidden path protections, and a validation command sandbox—the inherent capability for autonomous self-modification and broad shell/network access poses a significant security risk. It is classified as suspicious due to these high-risk primitives, though no evidence of explicit malicious intent was identified.
能力标签
能力评估
Purpose & Capability
Name/description (self-evolver) mostly aligns with files that implement an evolver and GEP protocol, and required binaries (node, git) are reasonable. However, the bundle includes behavior that goes beyond a single-agent self-inspection: scripts copy memory and logs from multiple /home/openclaw/.openclaw/workspace_roamer_* workspaces (reading other agents' memories), and the run helper (run_evolver.sh) includes a hardcoded A2A_NODE_SECRET. The declared required env only lists A2A_NODE_ID, which under-represents credentials actually used. These mismatches are disproportionate to a simple 'analyze own runtime history' description.
Instruction Scope
SKILL.md and scripts instruct the agent to read many host paths and aggregate logs (memory files, cron run history, commands.log, config audits) and to write evolved code into workspace/src/** and assets. prepare_signals.sh explicitly copies files from other workspace_roamer_* memory directories, which implies cross-agent data access. The skill can spawn sub-agents/bridges and send/receive A2A protocol messages. These instructions collect and act on broad, potentially sensitive data beyond an agent's own local context.
Install Mechanism
No external download/install spec is included (instruction-only install), and dependencies are limited (dotenv). That's lower supply-chain risk than remote fetch-and-extract. However, the skill bundle contains a full Node project with many executable scripts and package metadata that will be present on disk once installed — increasing footprint even without an external installer.
Credentials
Declared envs in SKILL.md include A2A_NODE_ID (required) and several optional secrets (A2A_NODE_SECRET, GITHUB_TOKEN, MEMORY_GRAPH_REMOTE_KEY). The bundle itself includes run_evolver.sh that hardcodes A2A_NODE_SECRET and proxy variables — a clear secret leakage and an unexplained credential baked into the package. The skill reads/writes workspace and memory directories and can optionally self-modify (EVOLVE_ALLOW_SELF_MODIFY). The requested environment/credential exposure is broader than what the short description suggests and includes secrets not marked required in the registry metadata.
Persistence & Privilege
The skill can run as a long-lived daemon (loop mode), spawn subprocesses, spawn 'bridge' sub-agents, and write evolved code into workspace/src/** when changes are 'solidified'. Autonomous invocation is allowed by default (disable-model-invocation=false). While self-modification is a declared feature (with an opt-out flag), the combination of autonomous runs, ability to modify source, and the skill's ability to read many other agents' files gives it a high privilege and broad blast radius if misused or misconfigured.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install alcor-capability-evolver - 安装完成后,直接呼叫该 Skill 的名称或使用
/alcor-capability-evolver触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Added run_evolver.sh script for executing the capability evolver from the shell.
- No other changes to skill logic or configuration.
v1.0.0
Initial release of alcor-capability-evolver – a self-evolution engine for AI agents.
- Enables autonomous runtime log analysis and self-improvement via protocol-constrained evolution.
- Supports self-repair, code updates, and memory graph sync.
- Provides flexible environment/configuration for strategies, safety, and review modes.
- Integrates with EvoMap network for versioning, asset publishing, and collaboration.
- Automation options include one-command evolution, review/human-in-the-loop, and continuous loop operation.
元数据
常见问题
Alcor Capability Evolver 是什么?
A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 109 次。
如何安装 Alcor Capability Evolver?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install alcor-capability-evolver」即可一键安装,无需额外配置。
Alcor Capability Evolver 是免费的吗?
是的,Alcor Capability Evolver 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Alcor Capability Evolver 支持哪些平台?
Alcor Capability Evolver 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Alcor Capability Evolver?
由 Roamer 徐(@roamer-remote)开发并维护,当前版本 v1.0.1。
推荐 Skills