← 返回 Skills 市场
404
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install repo2
功能描述
A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.
安全使用建议
This skill is a full self‑evolver: it scans your agent logs, can write patches to the repository, execute validation commands (limited to node/npm/npx by its safety checks), and can run as a continuous daemon that restarts itself. Before installing or running it:
- Treat it like a privileged code runner: do not run it in a production workspace with sensitive credentials or irreplaceable data.
- Keep EVOLVE_ALLOW_SELF_MODIFY unset/false unless you intentionally want the evolver to change its own source. Prefer --review (human‑in‑the‑loop) when testing.
- Inspect src/gep/solidify.js, src/gep/a2aProtocol.js and the asset promotion scripts to confirm (a) what external endpoints/transports are used and (b) what files can be modified. The a2aProtocol and promotion paths can publish assets externally if configured; disable that unless you trust the network.
- Remove or vault any credentials (GITHUB_TOKEN, GH_TOKEN, any service tokens) from the environment where you run the evolver. Assume it will try to use available tokens for publishing if configured.
- Run first in an isolated sandbox or disposable VM, with a read‑only copy of any important repo, to observe behavior and verify the 'validation' gating is enforced as you expect.
- If you need a safer evaluation: run node index.js --review and trace what candidate patches it proposes; review asset promotion steps before using scripts that auto‑promote or publish.
Summary: the skill appears to be what it claims but carries significant autonomous power (self‑patching, looped execution, external publish) that is proportionally risky. Proceed only with review mode, sandboxing, and removing/vaulting credentials.
功能分析
Type: OpenClaw Skill
Name: repo2
Version: 1.0.0
The Capability Evolver is a meta-skill designed for autonomous self-improvement, which involves high-risk capabilities such as self-modification of code and execution of shell commands. While the bundle includes robust safety mechanisms—including a credential redactor (src/gep/sanitize.js), a command whitelist for validations (src/gep/solidify.js), and 'constitutional ethics' prompt guards—it remains suspicious due to the inherent risk of its core functions. Specifically, it communicates with an external hub (evomap.ai) to fetch 'tasks' and 'lessons' (src/gep/taskReceiver.js) and can autonomously trigger 'npm install' on other skills (src/ops/skills_monitor.js), which could be leveraged for persistence or supply chain attacks if the external inputs or the evolution logic are compromised.
能力评估
Purpose & Capability
Name/description match the code: this repo is a self‑evolution engine that reads runtime history, selects 'genes', and can apply protocol‑constrained edits. The large codebase (evolve, gep/, solidify, a2a scripts) is consistent with that purpose. However it requires filesystem read/write and can execute validation commands and spawn child processes — capabilities that are powerful but plausibly needed for an evolver. No obvious unrelated credential requests are present.
Instruction Scope
SKILL.md explicitly instructs running node index.js and describes an automated default (Mad Dog Mode) that applies changes immediately unless --review is used. The instructions and code indicate the agent will scan local history, write artifacts, run validation commands from Genes, and can operate continuously in a loop. That scope includes reading local logs/memory, modifying repository files, and producing stdout strings (sessions_spawn) that host runtimes might interpret — granting broad discretion beyond a simple helper skill.
Install Mechanism
There is no external download/install spec; this is effectively an instruction + repository payload. Dependencies are minimal (dotenv). No remote binary downloads or installer URLs were found in the provided manifest. That lowers install risk, but the included code itself is substantial and will run on the host when invoked.
Credentials
Registry metadata lists no required env vars, but the code reads many EVOLVE_* and other optional environment variables, and will load a .env file if present. README and scripts reference optional GITHUB_TOKEN / release publishing variables and A2A transport (a2aProtocol) which can send messages externally. The skill will therefore read local environment and may use tokens if present. Asking for no env vars is coherent, but the code’s ability to use available credentials (git/GH publish, transport/heartbeat) increases exfiltration/privilege risk if those credentials are present in the environment.
Persistence & Privilege
always:false (good) but model invocation is enabled (normal). The skill can run continuously (daemon loop), restart itself (spawn), and autonomously apply changes unless run with --review or env flags restricting self-modification. It includes a mechanism to ingest/publish assets to an A2A network and may update repository files. This combination (autonomy + self‑patching + external publication hooks) expands blast radius and warrants caution.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install repo2 - 安装完成后,直接呼叫该 Skill 的名称或使用
/repo2触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Capability Evolver.
- Enables OpenClaw agents to analyze runtime history and autonomously evolve their own capabilities.
- Provides automated log analysis, self-repair, and one-command evolution features.
- Supports both automated and human-in-the-loop review modes.
- Implements protocol-constrained evolution via the GEP protocol for auditable, structured improvements.
- Includes environment-agnostic configuration and dynamic local overrides.
- Introduces risk mitigation measures such as review mode and identity/mutation directives.
元数据
常见问题
Repo2 是什么?
A self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 404 次。
如何安装 Repo2?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install repo2」即可一键安装,无需额外配置。
Repo2 是免费的吗?
是的,Repo2 完全免费(开源免费),可自由下载、安装和使用。
Repo2 支持哪些平台?
Repo2 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Repo2?
由 mmmoeny(@mmmoeny)开发并维护,当前版本 v1.0.0。
推荐 Skills