功能描述

A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.

使用说明 (SKILL.md)

🧬 Capability Evolver

Name: Capability Evolver.Bak
Author: samwlh

"Evolution is not optional. Adapt or die."

The Capability Evolver is a meta-skill that allows OpenClaw agents to inspect their own runtime history, identify failures or inefficiencies, and autonomously write new code or update their own memory to improve performance.

Features

Auto-Log Analysis: Automatically scans memory and history files for errors and patterns.
Self-Repair: Detects crashes and suggests patches.
GEP Protocol: Standardized evolution with reusable assets.
One-Command Evolution: Just run /evolve (or node index.js).

Usage

Standard Run (Automated)

Runs the evolution cycle. If no flags are provided, it assumes fully automated mode (Mad Dog Mode) and executes changes immediately.

node index.js

Review Mode (Human-in-the-Loop)

If you want to review changes before they are applied, pass the --review flag. The agent will pause and ask for confirmation.

node index.js --review

Mad Dog Mode (Continuous Loop)

To run in an infinite loop (e.g., via cron or background process), use the --loop flag or just standard execution in a cron job.

node index.js --loop

Setup

Before using this skill, register your node identity with the EvoMap network:

Run the hello flow (via evomap.js or the EvoMap onboarding) to receive a node_id and claim code
Visit https://evomap.ai/claim/\x3Cclaim-code> within 24 hours to bind the node to your account
Set the node identity in your environment:

export A2A_NODE_ID=node_xxxxxxxxxxxx

Or in your agent config (e.g., ~/.openclaw/openclaw.json):

{ "env": { "A2A_NODE_ID": "node_xxxxxxxxxxxx", "A2A_HUB_URL": "https://evomap.ai" } }

Do not hardcode the node ID in scripts. getNodeId() in src/gep/a2aProtocol.js reads A2A_NODE_ID automatically -- any script using the protocol layer will pick it up without extra configuration.

Configuration

Required Environment Variables

Variable	Default	Description
`A2A_NODE_ID`	(required)	Your EvoMap node identity. Set after node registration -- never hardcode in scripts.

Optional Environment Variables

Variable	Default	Description
`A2A_HUB_URL`	`https://evomap.ai`	EvoMap Hub API base URL.
`A2A_NODE_SECRET`	(none)	Node authentication secret issued by Hub on first hello. Stored locally after registration.
`EVOLVE_STRATEGY`	`balanced`	Evolution strategy: `balanced`, `innovate`, `harden`, `repair-only`, `early-stabilize`, `steady-state`, or `auto`.
`EVOLVE_ALLOW_SELF_MODIFY`	`false`	Allow evolution to modify evolver's own source code. NOT recommended for production.
`EVOLVE_LOAD_MAX`	`2.0`	Maximum 1-minute load average before evolver backs off.
`EVOLVER_ROLLBACK_MODE`	`hard`	Rollback strategy on failure: `hard` (git reset --hard), `stash` (git stash), `none` (skip). Use `stash` for safer operation.
`EVOLVER_LLM_REVIEW`	`0`	Set to `1` to enable second-opinion LLM review before solidification.
`EVOLVER_AUTO_ISSUE`	`0`	Set to `1` to auto-create GitHub issues on repeated failures. Requires `GITHUB_TOKEN`.
`EVOLVER_ISSUE_REPO`	(none)	GitHub repo for auto-issue reporting (e.g. `EvoMap/evolver`).
`EVOLVER_MODEL_NAME`	(none)	LLM model name injected into published asset `model_name` field.
`GITHUB_TOKEN`	(none)	GitHub API token for release creation and auto-issue reporting. Also accepts `GH_TOKEN` or `GITHUB_PAT`.
`MEMORY_GRAPH_REMOTE_URL`	(none)	Remote knowledge graph service URL for memory sync.
`MEMORY_GRAPH_REMOTE_KEY`	(none)	API key for remote knowledge graph service.
`EVOLVE_REPORT_TOOL`	(auto)	Override report tool (e.g. `feishu-card`).
`RANDOM_DRIFT`	`0`	Enable random drift in evolution strategy selection.

Network Endpoints

Evolver communicates with these external services. All are authenticated and documented.

Endpoint	Auth	Purpose	Required
`{A2A_HUB_URL}/a2a/*`	`A2A_NODE_SECRET` (Bearer)	A2A protocol: hello, heartbeat, publish, fetch, reviews, tasks	Yes
`api.github.com/repos/*/releases`	`GITHUB_TOKEN` (Bearer)	Create releases, publish changelogs	No
`api.github.com/repos/*/issues`	`GITHUB_TOKEN` (Bearer)	Auto-create failure reports (sanitized via `redactString()`)	No
`{MEMORY_GRAPH_REMOTE_URL}/*`	`MEMORY_GRAPH_REMOTE_KEY`	Remote knowledge graph sync	No

Shell Commands Used

Evolver uses child_process for the following commands. No user-controlled input is passed to shell.

Command	Purpose
`git checkout`, `git clean`, `git log`, `git status`, `git diff`	Version control for evolution cycles
`git rebase --abort`, `git merge --abort`	Abort stuck git operations (self-repair)
`git reset --hard`	Rollback failed evolution (only when `EVOLVER_ROLLBACK_MODE=hard`)
`git stash`	Preserve failed evolution changes (when `EVOLVER_ROLLBACK_MODE=stash`)
`ps`, `pgrep`, `tasklist`	Process discovery for lifecycle management
`df -P`	Disk usage check (health monitoring fallback)
`npm install --production`	Repair missing skill dependencies
`node -e "..."`	Inline script execution for LLM review (no shell, uses `execFileSync`)

File Access

Direction	Paths	Purpose
Read	`~/.evomap/node_id`	Node identity persistence
Read	`assets/gep/*`	GEP gene/capsule/event data
Read	`memory/*`	Evolution memory, narrative, reflection logs
Read	`package.json`	Version information
Write	`assets/gep/*`	Updated genes, capsules, evolution events
Write	`memory/*`	Memory graph, narrative log, reflection log
Write	`src/**`	Evolved code (only during solidify, with git tracking)

GEP Protocol (Auditable Evolution)

This package embeds a protocol-constrained evolution prompt (GEP) and a local, structured asset store:

assets/gep/genes.json: reusable Gene definitions
assets/gep/capsules.json: success capsules to avoid repeating reasoning
assets/gep/events.jsonl: append-only evolution events (tree-like via parent id)

Emoji Policy

Only the DNA emoji is allowed in documentation. All other emoji are disallowed.

Configuration & Decoupling

This skill is designed to be environment-agnostic. It uses standard OpenClaw tools by default.

Local Overrides (Injection)

You can inject local preferences (e.g., using feishu-card instead of message for reports) without modifying the core code.

Method 1: Environment Variables Set EVOLVE_REPORT_TOOL in your .env file:

EVOLVE_REPORT_TOOL=feishu-card

Method 2: Dynamic Detection The script automatically detects if compatible local skills (like skills/feishu-card) exist in your workspace and upgrades its behavior accordingly.

Safety & Risk Protocol

1. Identity & Directives

Identity Injection: "You are a Recursive Self-Improving System."
Mutation Directive:
- If Errors Found -> Repair Mode (Fix bugs).
- If Stable -> Forced Optimization (Refactor/Innovate).

2. Risk Mitigation

Infinite Recursion: Strict single-process logic.
Review Mode: Use --review for sensitive environments.
Git Sync: Always recommended to have a git-sync cron job running alongside this skill.

Before Troubleshooting -- Check Your Version First

If you encounter unexpected errors or behavior, always verify your version before debugging:

node -e "const p=require('./package.json'); console.log(p.version)"

If you are not on the latest release, update first -- most reported issues are already fixed in newer versions:

# If installed via git
git pull && npm install

# If installed via npm
npm install -g @evomap/evolver@latest

Latest releases and changelog: https://github.com/EvoMap/evolver/releases

License

MIT

安全使用建议

This package appears to be what it claims (a self‑evolution engine) but it is powerful and persistent — treat it like an autonomous agent runtime. Before installing or enabling network/auth: - Start in review mode: run `node index.js --review` or `node index.js run` and inspect proposed changes before solidification. - Do not set EVOLVE_ALLOW_SELF_MODIFY=true unless you fully trust the code and upstream. Keep the default (false) during evaluation. - Avoid providing A2A_NODE_SECRET or GITHUB_TOKEN until you understand what will be published; these tokens allow the skill to authenticate to remote services and create issues/releases. - Run first in an isolated/sandboxed workspace (or a VM/container) and back up your repo before allowing any solidify/write operations. - Audit the assets in assets/gep and any external candidates before promoting; promotion tools require an explicit --validated flag. - Review solidify validation logic: validation commands are restricted to node/npm/npx, no shell operators, 180s timeout — still confirm these checks meet your security posture. - Restrict outbound network egress (or set A2A_HUB_URL to a test endpoint) during initial trials to prevent unintended publishing. If you need a lower-risk test: run the code with network disabled and without setting optional secrets to observe its behavior and generated reports only.

功能分析

Type: OpenClaw Skill Name: capability-evolver-bak Version: 1.0.0 The 'capability-evolver' is a meta-skill for autonomous self-improvement that modifies its own source code and executes validation commands via shell. While it includes robust security features like a command whitelist in 'src/gep/solidify.js' (restricting execution to node/npm/npx) and a secret-redacting sanitizer in 'src/gep/sanitize.js', its core functionality involves downloading and executing remote assets from 'evomap.ai'. The 'SKILL.md' uses aggressive prompt-injection techniques ('Identity Injection') to force the agent into a recursive self-improvement loop. The broad shell/network permissions and autonomous code-generation capabilities represent a high-risk attack surface, though no evidence of intentional malice was identified.

能力评估

✓ Purpose & Capability

Name/description match the actual footprint: Node.js code that analyzes logs, selects 'genes', and can produce/solidify code changes. Required binaries (node, git) and declared file accesses (workspace/src, assets, memory) are appropriate for a self‑evolver.

ℹ Instruction Scope

SKILL.md and code instruct the agent to read runtime history and workspace files and to communicate with an EvoMap hub and optional GitHub API. It also reads ~/.evomap/node_id and workspace memory/artifacts. This is consistent with the stated purpose but broad: the skill can ingest external assets, run validation scripts, and publish evolution events. Expect wide file I/O and outbound network traffic if enabled.

✓ Install Mechanism

No external download/extract install spec is present; the bundle includes full source. There is no opaque URL or remote installer — lower install risk from this metadata. Runtime does use npm/node commands for validation/healing but those are normal for Node projects.

ℹ Credentials

Only A2A_NODE_ID is required; other credentials (A2A_NODE_SECRET, GITHUB_TOKEN, MEMORY_GRAPH_REMOTE_KEY) are optional and justified by features (hub auth, GitHub issue/release automation, remote KG). However supplying GITHUB_TOKEN or A2A_NODE_SECRET grants network write capabilities (issue creation, publish/heartbeat) so they should only be provided when you trust the hub/upstream.

ℹ Persistence & Privilege

always:false (not force-included) and model invocation allowed (platform default). The skill can run as a daemon (loop mode), spawn restarts, write evolved code into workspace/src/**, and has an explicit EVOLVE_ALLOW_SELF_MODIFY flag to permit editing its own source. These are coherent for an evolver but are powerful: do not enable self-modify or hub credentials unless you intend persistent autonomous editing and publishing.

版本历史

v1.0.0

Initial release of capability-evolver: a meta-skill for self-improving AI agents through protocol-driven evolution. - Enables agents to analyze runtime history, identify failures, and autonomously evolve code or memory. - Supports configurable evolution strategies, rollback modes, and integration with remote memory/knowledge graph services. - Uses environment variables for flexible setup and operation, including security and networking options. - Offers both automated and human-in-the-loop (review) operation modes. - Integrates with OpenClaw and EvoMap for distributed self-evolution and asset publishing.

元数据

Slug capability-evolver-bak

版本 1.0.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 1

常见问题