← 返回 Skills 市场
Capability Evolver 1.40.0
作者
zengyu199009
· GitHub ↗
· v1.0.0
· MIT-0
473
总下载
0
收藏
4
当前安装
1
版本数
在 OpenClaw 中安装
/install capability-evolver-1-40-0
功能描述
A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.
使用说明 (SKILL.md)
🧬 Evolver
"Evolution is not optional. Adapt or die."
The Evolver is a meta-skill that allows OpenClaw agents to inspect their own runtime history, identify failures or inefficiencies, and autonomously write new code or update their own memory to improve performance.
Features
- Auto-Log Analysis: Automatically scans memory and history files for errors and patterns.
- Self-Repair: Detects crashes and suggests patches.
- GEP Protocol: Standardized evolution with reusable assets.
- One-Command Evolution: Just run
/evolve(ornode index.js).
Usage
Standard Run (Automated)
Runs the evolution cycle. If no flags are provided, it assumes fully automated mode (Mad Dog Mode) and executes changes immediately.
node index.js
Review Mode (Human-in-the-Loop)
If you want to review changes before they are applied, pass the --review flag. The agent will pause and ask for confirmation.
node index.js --review
Mad Dog Mode (Continuous Loop)
To run in an infinite loop (e.g., via cron or background process), use the --loop flag or just standard execution in a cron job.
node index.js --loop
Setup
Before using this skill, register your node identity with the EvoMap network:
- Run the hello flow (via
evomap.jsor the EvoMap onboarding) to receive anode_idand claim code - Visit
https://evomap.ai/claim/\x3Cclaim-code>within 24 hours to bind the node to your account - Set the node identity in your environment:
export A2A_NODE_ID=node_xxxxxxxxxxxx
Or in your agent config (e.g., ~/.openclaw/openclaw.json):
{ "env": { "A2A_NODE_ID": "node_xxxxxxxxxxxx", "A2A_HUB_URL": "https://evomap.ai" } }
Do not hardcode the node ID in scripts. getNodeId() in src/gep/a2aProtocol.js reads A2A_NODE_ID automatically -- any script using the protocol layer will pick it up without extra configuration.
Configuration
Required Environment Variables
| Variable | Default | Description |
|---|---|---|
A2A_NODE_ID |
(required) | Your EvoMap node identity. Set after node registration -- never hardcode in scripts. |
Optional Environment Variables
| Variable | Default | Description |
|---|---|---|
A2A_HUB_URL |
https://evomap.ai |
EvoMap Hub API base URL. |
A2A_NODE_SECRET |
(none) | Node authentication secret issued by Hub on first hello. Stored locally after registration. |
EVOLVE_STRATEGY |
balanced |
Evolution strategy: balanced, innovate, harden, repair-only, early-stabilize, steady-state, or auto. |
EVOLVE_ALLOW_SELF_MODIFY |
false |
Allow evolution to modify evolver's own source code. NOT recommended for production. |
EVOLVE_LOAD_MAX |
2.0 |
Maximum 1-minute load average before evolver backs off. |
EVOLVER_ROLLBACK_MODE |
hard |
Rollback strategy on failure: hard (git reset --hard), stash (git stash), none (skip). Use stash for safer operation. |
EVOLVER_LLM_REVIEW |
0 |
Set to 1 to enable second-opinion LLM review before solidification. |
EVOLVER_AUTO_ISSUE |
0 |
Set to 1 to auto-create GitHub issues on repeated failures. Requires GITHUB_TOKEN. |
EVOLVER_ISSUE_REPO |
(none) | GitHub repo for auto-issue reporting (e.g. EvoMap/evolver). |
EVOLVER_MODEL_NAME |
(none) | LLM model name injected into published asset model_name field. |
GITHUB_TOKEN |
(none) | GitHub API token for release creation and auto-issue reporting. Also accepts GH_TOKEN or GITHUB_PAT. |
MEMORY_GRAPH_REMOTE_URL |
(none) | Remote knowledge graph service URL for memory sync. |
MEMORY_GRAPH_REMOTE_KEY |
(none) | API key for remote knowledge graph service. |
EVOLVE_REPORT_TOOL |
(auto) | Override report tool (e.g. feishu-card). |
RANDOM_DRIFT |
0 |
Enable random drift in evolution strategy selection. |
Network Endpoints
Evolver communicates with these external services. All are authenticated and documented.
| Endpoint | Auth | Purpose | Required |
|---|---|---|---|
{A2A_HUB_URL}/a2a/* |
A2A_NODE_SECRET (Bearer) |
A2A protocol: hello, heartbeat, publish, fetch, reviews, tasks | Yes |
api.github.com/repos/*/releases |
GITHUB_TOKEN (Bearer) |
Create releases, publish changelogs | No |
api.github.com/repos/*/issues |
GITHUB_TOKEN (Bearer) |
Auto-create failure reports (sanitized via redactString()) |
No |
{MEMORY_GRAPH_REMOTE_URL}/* |
MEMORY_GRAPH_REMOTE_KEY |
Remote knowledge graph sync | No |
Shell Commands Used
Evolver uses child_process for the following commands. No user-controlled input is passed to shell.
| Command | Purpose |
|---|---|
git checkout, git clean, git log, git status, git diff |
Version control for evolution cycles |
git rebase --abort, git merge --abort |
Abort stuck git operations (self-repair) |
git reset --hard |
Rollback failed evolution (only when EVOLVER_ROLLBACK_MODE=hard) |
git stash |
Preserve failed evolution changes (when EVOLVER_ROLLBACK_MODE=stash) |
ps, pgrep, tasklist |
Process discovery for lifecycle management |
df -P |
Disk usage check (health monitoring fallback) |
npm install --production |
Repair missing skill dependencies |
node -e "..." |
Inline script execution for LLM review (no shell, uses execFileSync) |
File Access
| Direction | Paths | Purpose |
|---|---|---|
| Read | ~/.evomap/node_id |
Node identity persistence |
| Read | assets/gep/* |
GEP gene/capsule/event data |
| Read | memory/* |
Evolution memory, narrative, reflection logs |
| Read | package.json |
Version information |
| Write | assets/gep/* |
Updated genes, capsules, evolution events |
| Write | memory/* |
Memory graph, narrative log, reflection log |
| Write | src/** |
Evolved code (only during solidify, with git tracking) |
GEP Protocol (Auditable Evolution)
This package embeds a protocol-constrained evolution prompt (GEP) and a local, structured asset store:
assets/gep/genes.json: reusable Gene definitionsassets/gep/capsules.json: success capsules to avoid repeating reasoningassets/gep/events.jsonl: append-only evolution events (tree-like via parent id)
Emoji Policy
Only the DNA emoji is allowed in documentation. All other emoji are disallowed.
Configuration & Decoupling
This skill is designed to be environment-agnostic. It uses standard OpenClaw tools by default.
Local Overrides (Injection)
You can inject local preferences (e.g., using feishu-card instead of message for reports) without modifying the core code.
Method 1: Environment Variables
Set EVOLVE_REPORT_TOOL in your .env file:
EVOLVE_REPORT_TOOL=feishu-card
Method 2: Dynamic Detection
The script automatically detects if compatible local skills (like skills/feishu-card) exist in your workspace and upgrades its behavior accordingly.
Safety & Risk Protocol
1. Identity & Directives
- Identity Injection: "You are a Recursive Self-Improving System."
- Mutation Directive:
- If Errors Found -> Repair Mode (Fix bugs).
- If Stable -> Forced Optimization (Refactor/Innovate).
2. Risk Mitigation
- Infinite Recursion: Strict single-process logic.
- Review Mode: Use
--reviewfor sensitive environments. - Git Sync: Always recommended to have a git-sync cron job running alongside this skill.
Before Troubleshooting -- Check Your Version First
If you encounter unexpected errors or behavior, always verify your version before debugging:
node -e "const p=require('./package.json'); console.log(p.version)"
If you are not on the latest release, update first -- most reported issues are already fixed in newer versions:
# If installed via git
git pull && npm install
# If installed via npm
npm install -g @evomap/evolver@latest
Latest releases and changelog: https://github.com/EvoMap/evolver/releases
License
MIT
安全使用建议
This skill is powerful and coherent with its purpose, but it also carries non-trivial risk if networked or given tokens. Before installing or enabling it in a production agent:
- Do not set GITHUB_TOKEN/GITHUB_PAT unless you trust auto-issue and release behavior; those tokens require repo permissions and the skill can create issues/releases. Prefer leaving these unset and using --review or review mode.
- Keep EVOLVE_ALLOW_SELF_MODIFY = "false" (default) unless you audited the code and accept autonomous self-modification. If you must enable self-modify, do so in an isolated environment.
- If you will connect to the EvoMap hub, register a node with minimal permissions and review A2A_NODE_SECRET handling. Consider using a throwaway node for testing.
- Audit any Gene/Capsule validation commands: although shell-operator patterns are blocked, node/npm/npx validation commands can still execute arbitrary JS — review all validation arrays and external candidate assets before promotion.
- Run the evolver offline first (no A2A_HUB_URL) to observe behavior. Start with --review and without --loop.
- Consider running in a sandboxed container or VM with limited filesystem access and no sensitive credentials mounted.
- If you plan to enable WORKER_ENABLED or automatic promotion, require human verification (do not use --validated automation) and restrict network access to only the endpoints you trust.
The tool is not clearly malicious, but the mixture of autonomous operation, network endpoints, Git/GitHub integration, and the ability to run node/npm commands and write evolved code justifies cautious deployment and configuration review.
功能分析
Type: OpenClaw Skill
Name: capability-evolver-1-40-0
Version: 1.0.0
The 'capability-evolver' is a complex meta-skill designed for autonomous agent self-improvement through log analysis and recursive code modification. While the bundle includes significant security controls—such as credential redaction (src/gep/sanitize.js), command whitelisting (src/gep/policyCheck.js), and blast radius constraints—its core functionality is inherently high-risk. It maintains a persistent background loop, executes shell commands via Gene validation, and communicates with an external hub (evomap.ai) to fetch and publish evolution assets. The instructions in SKILL.md for the agent to 'adapt or die' and autonomously implement new capabilities represent a significant attack surface for prompt injection and unintended system-level changes.
能力评估
Purpose & Capability
The skill's name/description match the included code: it is a Node-based evolver that analyzes logs, selects Genes/Capsules, and can publish/receive assets via an EvoMap hub. Requested binaries (node, git) are appropriate. However, registry metadata lists only A2A_NODE_ID as a required env var while SKILL.md and the code reference many additional environment variables (A2A_NODE_SECRET, GITHUB_TOKEN, memory graph keys, WORKER_ENABLED, etc.), which is an inconsistency between declared requirements and the runtime instructions.
Instruction Scope
SKILL.md and the source allow network access (evomap.ai, api.github.com), run shell commands (git, node, npm), read memory/log directories, and write to workspace/src/** when changes are 'solidified'. The docs repeatedly state it 'does NOT automatically edit your source code', yet the code and config permit solidification that writes evolved code and run validation commands. The skill also emits host-directed strings (sessions_spawn(...)) which a host could execute; that host-execution risk is outside the skill but is explicitly leveraged. These behaviors expand scope beyond passive analysis and grant the skill the ability to execute and introduce code changes under some conditions — a high-impact capability that must be controlled.
Install Mechanism
No external download/install spec is present (instruction-only in registry), and the package contains source files. No remote URL-based installers were specified in the manifest, so there is no hidden arbitrary download step in the install spec. The included package.json has a minimal dependency list (dotenv).
Credentials
Although registry lists only A2A_NODE_ID as required, the SKILL.md and code will use multiple sensitive variables if present (A2A_NODE_SECRET for hub auth; GITHUB_TOKEN or other PAT for auto-issue/release features; MEMORY_GRAPH_REMOTE_KEY for KG sync). Some features (auto-issue creation, publishing releases, worker pool) require tokens with elevated permissions (repo access, potentially write). The skill can also run npm/node validation commands (allowed by its safety checks), which means provided credentials or network access could be used during validation or asset ingestion. Requesting these credentials is proportionate only if you intend to enable hub/publish/auto-issue features — otherwise they are unnecessary.
Persistence & Privilege
always:false (good). The skill can run autonomously (disable-model-invocation is false), which is the platform default. It can run in a loop, advertise as a worker, send heartbeat, and restart itself (spawn). It may write into workspace/assets/** and workspace/memory/** and — under 'solidify' — write to workspace/src/**. The potentially persistent ability to accept/publish external assets (worker mode, a2a ingest/promote) combined with code-write-on-solidify increases the blast radius if misconfigured.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install capability-evolver-1-40-0 - 安装完成后,直接呼叫该 Skill 的名称或使用
/capability-evolver-1-40-0触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of capability-evolver: a self-evolution engine for AI agents.
- Enables agents to analyze their own runtime history, identify failures or inefficiencies, and autonomously evolve using protocol-constrained methods.
- Supports log analysis, self-repair, and one-command or continuous evolution cycles.
- Integrates with EvoMap for node identity and collaborative protocol functionality.
- Highly configurable via environment variables, including evolution strategy, review/rollback options, and network endpoints.
- Provides built-in commands for code reviews, asset management, and memory graph syncing.
- Designed for safe operation with fine-grained permission controls and safeguards for self-modification.
元数据
常见问题
Capability Evolver 1.40.0 是什么?
A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 473 次。
如何安装 Capability Evolver 1.40.0?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install capability-evolver-1-40-0」即可一键安装,无需额外配置。
Capability Evolver 1.40.0 是免费的吗?
是的,Capability Evolver 1.40.0 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Capability Evolver 1.40.0 支持哪些平台?
Capability Evolver 1.40.0 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Capability Evolver 1.40.0?
由 zengyu199009(@zengyu199009)开发并维护,当前版本 v1.0.0。
推荐 Skills