← 返回 Skills 市场
107
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install zouroboros-autoloop
功能描述
Autonomous optimization loop inspired by Andrej Karpathy's autoresearch: edit, experiment, measure, keep or revert. Best for any task with a numeric metric.
安全使用建议
This package is coherent with its stated purpose but is powerful: it will execute arbitrary commands specified in program.md, modify and commit files in the repository (including hard resets), spawn detached processes, and send the target file contents + experiment history to whatever executor CLI you choose (which may transmit them off-host). Before installing or running: 1) review program.md carefully and never point it at repositories with secrets or sensitive data; 2) prefer running autoloop in an isolated/test repository or container; 3) verify/choose an executor you trust (the executor controls where prompts go); 4) run --dry-run first and inspect results.tsv and created branches before letting the loop continue; 5) inspect package source and package-lock for any unexpected dependencies; 6) avoid running as root and back up your repo (or use a disposable clone) because autoloop can commit/revert and runs git reset operations.
功能分析
Type: OpenClaw Skill
Name: zouroboros-autoloop
Version: 1.0.0
The bundle implements an autonomous optimization loop that modifies local files and executes arbitrary shell commands (setup, run, and metric extraction) defined in a user-provided 'program.md' file. While this aligns with its stated purpose of 'autoresearch,' the core logic in 'src/autoloop.ts' and 'src/mcp-server.ts' relies on 'execSync' and 'spawn' to run potentially untrusted commands and uses an external LLM 'executor' to generate code changes. This architecture creates a significant risk of Remote Code Execution (RCE) if the configuration or the LLM output is compromised, though no explicit evidence of intentional malice (e.g., data exfiltration or backdoors) was found.
能力评估
Purpose & Capability
Name/description, required binaries (node, git), CLI binaries (autoloop, autoloop-mcp), and the code (parsing program.md, editing target file, committing with git, running experiments) are coherent. The requested capabilities are exactly what an autonomous edit/experiment loop needs.
Instruction Scope
SKILL.md and the code instruct the agent to: read a program.md, read and write the specified target file, run the configured runCommand and metric extraction shell commands, commit/revert via git, and call an external executor CLI (e.g., 'openclaw ask') to generate proposed changes. This is consistent with the purpose, but it inherently grants broad power: arbitrary shell commands from program.md will be executed in the working directory, and the target file contents (and recent experiment history) are sent to the chosen executor — which may transmit them to external services. Users should be aware of data-exfiltration and arbitrary-code-execution risks inherent to this workflow.
Install Mechanism
Install spec is an npm package (zouroboros-autoloop) that provides the two CLI scripts. The repository includes package.json and package-lock.json and no opaque remote download/extract steps — this is the expected install mechanism for a Node CLI.
Credentials
The skill does not declare or require environment credentials or config paths. The code reads process.env when spawning shell commands (normal), but there are no unexpected credential requests. The executor command (user-specified) could use external API keys that the user supplies separately — which is expected and under user control.
Persistence & Privilege
always is false and the skill does not demand permanent platform-wide privileges. It creates/writes files and commits in the project directory (expected behavior), spawns detached processes for long-running loops, and writes/reads a .autoloop.lock file. It does not attempt to modify other skills or global agent configuration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install zouroboros-autoloop - 安装完成后,直接呼叫该 Skill 的名称或使用
/zouroboros-autoloop触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial ClawHub release. Autonomous optimization loop inspired by Karpathy autoresearch: edit, experiment, measure, keep or revert.
元数据
常见问题
Zouroboros Autoloop 是什么?
Autonomous optimization loop inspired by Andrej Karpathy's autoresearch: edit, experiment, measure, keep or revert. Best for any task with a numeric metric. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 107 次。
如何安装 Zouroboros Autoloop?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install zouroboros-autoloop」即可一键安装,无需额外配置。
Zouroboros Autoloop 是免费的吗?
是的,Zouroboros Autoloop 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Zouroboros Autoloop 支持哪些平台?
Zouroboros Autoloop 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Zouroboros Autoloop?
由 marlandoj(@marlandoj)开发并维护,当前版本 v1.0.0。
推荐 Skills