Scan Report
5 /100
self-evolving-agent
Build a goal-driven self-learning loop for OpenClaw and coding agents
This is a legitimate self-evolving-agent skill for AI agent capability improvement. All scripts serve documented purposes with no malicious patterns detected.
Safe to install
This skill is safe to use. No security concerns identified.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | READ | ✓ Aligned | Scripts read/write workspace files in ~/.openclaw/ - documented in SKILL.md |
| Shell | NONE | READ | ✓ Aligned | subprocess.run in run-benchmark.py for 'codex exec' - benchmark tooling |
| Network | NONE | NONE | — | No network requests found in code |
8 findings
Medium External URL 外部 URL
https://img.shields.io/badge/Language-English-0A7CFF?style=flat-square README.md:4 Medium External URL 外部 URL
https://img.shields.io/badge/%E8%AF%AD%E8%A8%80-%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87-16A34A?style=flat-square README.md:5 Medium External URL 外部 URL
https://img.shields.io/badge/OpenClaw-Skill-111827?style=flat-square README.md:7 Medium External URL 外部 URL
https://img.shields.io/github/actions/workflow/status/RangeKing/self-evolving-agent/ci.yml?branch=main&style=flat-square... README.md:8 Medium External URL 外部 URL
https://img.shields.io/github/license/RangeKing/self-evolving-agent?style=flat-square README.md:9 Medium External URL 外部 URL
https://img.shields.io/github/stars/RangeKing/self-evolving-agent?style=flat-square README.md:10 Medium External URL 外部 URL
https://img.shields.io/badge/Benchmark-Model--in--the--Loop-7C3AED?style=flat-square README.md:11 Medium External URL 外部 URL
https://img.shields.io/badge/Agent-Goal--Driven%20Learning-0F766E?style=flat-square README.md:12 File Tree
39 files · 141.8 KB · 4641 lines Markdown 28f · 3327L
Python 3f · 932L
JSON 3f · 202L
Shell 3f · 153L
TypeScript 1f · 23L
YAML 1f · 4L
├─
▾
agents
│ └─
openai.yaml
YAML
├─
▾
assets
│ ├─
CAPABILITIES.md
Markdown
│ ├─
ERRORS.md
Markdown
│ ├─
EVALUATIONS.md
Markdown
│ ├─
FEATURE_REQUESTS.md
Markdown
│ ├─
LEARNING_AGENDA.md
Markdown
│ ├─
LEARNINGS.md
Markdown
│ └─
TRAINING_UNITS.md
Markdown
├─
▾
benchmarks
│ ├─
▾
schemas
│ │ └─
judge-output.schema.json
JSON
│ └─
suite.json
JSON
├─
▾
demos
│ ├─
demo-1-diagnosis.md
Markdown
│ ├─
demo-2-training-loop.md
Markdown
│ ├─
demo-3-promotion-and-transfer.md
Markdown
│ ├─
demo-4-agenda-review.md
Markdown
│ └─
demo-5-pre-task-risk-diagnosis.md
Markdown
├─
▾
evals
│ └─
evals.json
JSON
├─
▾
hooks
│ └─
▾
openclaw
│ ├─
handler.ts
TypeScript
│ └─
HOOK.md
Markdown
├─
▾
modules
│ ├─
capability-map.md
Markdown
│ ├─
curriculum.md
Markdown
│ ├─
diagnose.md
Markdown
│ ├─
evaluator.md
Markdown
│ ├─
learning-agenda.md
Markdown
│ ├─
promotion.md
Markdown
│ └─
reflection.md
Markdown
├─
▾
scripts
│ ├─
activator.sh
Shell
│ ├─
bootstrap-workspace.sh
Shell
│ ├─
error-detector.sh
Shell
│ ├─
migrate-self-improving.py
Python
│ ├─
run-benchmark.py
Python
│ └─
run-evals.py
Python
├─
▾
system
│ └─
coordinator.md
Markdown
├─
CHANGELOG.md
Markdown
├─
CONTRIBUTING.md
Markdown
├─
install.md
Markdown
├─
README.md
Markdown
├─
README.zh-CN.md
Markdown
├─
SECURITY.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ Clean codebase with no obfuscation or base64-encoded payloads
✓ Subprocess usage is limited to legitimate benchmark tooling (codex exec)
✓ All scripts are well-documented with clear purposes
✓ No credential harvesting or environment variable iteration
✓ No sensitive path access (~/.ssh, ~/.aws, .env)
✓ No data exfiltration or C2 communication patterns
✓ SKILL.md accurately describes all functionality
✓ No external dependencies with unpinned versions (uses Python stdlib only)