Name: agi-evolution-model Security Report — Trusted | ClawSafe
Item: agi-evolution-model
Rating: 95
Author: ClawSafe

This report was generated in Chinese. Some content may be in Chinese.

5 /100

agi-evolution-model

基于双环架构的AGI进化模型，通过意向性分析、人格层映射和元认知检测实现持续自我演进

基于双环架构的AGI进化模型，声明功能与实际代码一致，使用纯Python标准库，无恶意行为

Skill Nameagi-evolution-model

Duration57.2s

Enginepi

ClawHub AGI数字伙伴-基础版 v1.0.0 by kiwifruit13

📥 182

ClawHub Verdict Suspicious dynamic_code_executionllm_suspiciousvt_suspicious

✓

Safe to install

该技能可安全使用。仅需注意可选C扩展的加载机制，确保纯Python后备方案正常工作

Findings 2 items

Severity	Finding	Location
Low	可选C扩展依赖 Supply Chain scripts/personality_layer_pure.py尝试加载personality_core.so，如加载失败则自动降级到纯Python实现。这是有意的设计选择，增强了健壮性。 `try: import personality_core ... except ImportError: USE_C_EXT = False ...` → 保持当前设计，纯Python后备方案运行正常	`scripts/personality_layer_pure.py:17`
Low	Calculator工具中的eval()使用 RCE perception_node.py第474行在calculator工具中使用eval()执行数学表达式，但仅处理expression参数，非任意代码执行。 `result = eval(expression)` → 考虑使用ast.literal_eval()替代eval()以增强安全性	`scripts/perception_node.py:474`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	SKILL.md声明在./agi_memory目录操作
Network	`NONE`	`NONE`	—	仅含文档URL引用，无实际网络请求
Shell	`NONE`	`NONE`	—	无subprocess/os.system调用
Environment	`NONE`	`NONE`	—	无敏感环境变量访问
Skill Invoke	`NONE`	`NONE`	—	无跨技能调用

11 findings

🔗

Medium External URL 外部 URL

https://en.wikipedia.org/wiki/Tf%E2%80%93idf

references/cognitive-insight-v2-implementation.md:1220

🔗

Medium External URL 外部 URL

https://en.wikipedia.org/wiki/Cache_replacement_policies#LRU

references/cognitive-insight-v2-implementation.md:1221

🔗

Medium External URL 外部 URL

https://en.wikipedia.org/wiki/Moving_average#Exponential_moving_average

references/cognitive-insight-v2-implementation.md:1222

🔗

Medium External URL 外部 URL

https://www.gnu.org/licenses/agpl-3.0.html

references/cognitive-insight-v2-implementation.md:1223

🔗

Medium External URL 外部 URL

https://storage.example.com/reports/report.pdf?signature=...

references/tool_use_spec.md:625

🔗

Medium External URL 外部 URL

https://docs.example.com/migration/weather-v1-to-v2

references/tool_use_spec.md:956

🔗

Medium External URL 外部 URL

https://platform.openai.com/docs/guides/function-calling

references/tool_use_spec.md:2137

🔗

Medium External URL 外部 URL

https://docs.anthropic.com/en/docs/tool-use

references/tool_use_spec.md:2138

🔗

Medium External URL 外部 URL

https://modelcontextprotocol.io/

references/tool_use_spec.md:2139

🔗

Medium External URL 外部 URL

https://json-schema.org/

references/tool_use_spec.md:2140

🔗

Medium External URL 外部 URL

https://html.spec.whatwg.org/multipage/server-sent-events.html

references/tool_use_spec.md:2141

File Tree

45 files · 732.9 KB · 21607 lines

Python 26f · 11667L Markdown 18f · 9817L JSON 1f · 123L

├─ ▾ 📁 assets

│ └─ 📋 personality_template.json JSON 123L · 4.1 KB

├─ ▾ 📁 references

│ ├─ 📝 architecture.md Markdown 1331L · 50.0 KB

│ ├─ 📝 c_extension_usage.md Markdown 128L · 3.0 KB

│ ├─ 📝 capability_boundaries.md Markdown 118L · 4.5 KB

│ ├─ 📝 cognitive-architecture-insight-module.md Markdown 330L · 11.9 KB

│ ├─ 📝 cognitive-insight-quick-reference.md Markdown 227L · 7.0 KB

│ ├─ 📝 cognitive-insight-v2-implementation.md Markdown 1227L · 32.7 KB

│ ├─ 📝 information-flow-main-loop.md Markdown 358L · 20.4 KB

│ ├─ 📝 information-flow-overview.md Markdown 301L · 12.4 KB

│ ├─ 📝 information-flow-secondary-loop.md Markdown 467L · 20.4 KB

│ ├─ 📝 init_dialogue_optimized_guide.md Markdown 371L · 11.1 KB

│ ├─ 📝 intentionality_architecture.md Markdown 563L · 16.2 KB

│ ├─ 📝 maslow_needs.md Markdown 160L · 4.4 KB

│ ├─ 📝 metacognition-check-component.md Markdown 610L · 30.2 KB

│ ├─ 📝 metacognition-enhancement-guide.md Markdown 492L · 12.6 KB

│ ├─ 📝 personality_mapping.md Markdown 161L · 5.6 KB

│ ├─ 📝 stratified-storage-design.md Markdown 323L · 10.6 KB

│ └─ 📝 tool_use_spec.md Markdown 2156L · 56.3 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 advice_pool.py Python 469L · 14.9 KB

│ ├─ 🐍 cognitive_insight_backup.py Python 610L · 25.2 KB

│ ├─ 🐍 cognitive_insight_help.py Python 300L · 12.1 KB

│ ├─ 🐍 cognitive_insight.py Python 565L · 20.9 KB

│ ├─ 🐍 concept_extraction_extension.py Python 761L · 25.3 KB

│ ├─ 🐍 data_lifecycle_manager.py Python 389L · 13.4 KB

│ ├─ 🐍 history_manager.py Python 229L · 7.4 KB

│ ├─ 🐍 init_dialogue_optimized.py Python 464L · 16.4 KB

│ ├─ 🐍 intentionality_analyzer.py Python 366L · 12.8 KB

│ ├─ 🐍 intentionality_classifier.py Python 388L · 13.8 KB

│ ├─ 🐍 intentionality_collector.py Python 308L · 9.7 KB

│ ├─ 🐍 intentionality_regulator.py Python 438L · 15.1 KB

│ ├─ 🐍 intentionality_trigger.py Python 592L · 19.9 KB

│ ├─ 🐍 learning_stage_tracker.py Python 274L · 7.9 KB

│ ├─ 🐍 memory_store_pure.py Python 402L · 12.0 KB

│ ├─ 🐍 metacognition_history.py Python 502L · 16.3 KB

│ ├─ 🐍 objectivity_evaluator.py Python 458L · 16.4 KB

│ ├─ 🐍 perception_node.py Python 808L · 26.9 KB

│ ├─ 🐍 personality_core_pure.py Python 144L · 4.4 KB

│ ├─ 🐍 personality_customizer.py Python 675L · 24.0 KB

│ ├─ 🐍 personality_layer_pure.py Python 951L · 32.2 KB

│ ├─ 🐍 show_help.py Python 169L · 4.7 KB

│ ├─ 🐍 strategy_selector.py Python 468L · 15.5 KB

│ ├─ 🐍 test_metacognition_integration.py Python 305L · 9.4 KB

│ ├─ 🐍 test_perception_node.py Python 300L · 9.2 KB

│ └─ 🐍 transcendence_keeper.py Python 332L · 11.7 KB

└─ 📝 SKILL.md Markdown 494L · 21.9 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`Python标准库`	`N/A`	stdlib	No	无外部依赖
`personality_core.so`	`可选`	本地	No	C扩展可选，有Python后备

Security Positives

✓ 使用纯Python标准库，无外部依赖

✓ 所有文件操作限于./agi_memory目录

✓ 无凭证收割或敏感信息访问

✓ 无网络外泄行为

✓ C扩展有纯Python降级方案

✓ 原子写入防止数据损坏

✓ 文档声明与实际能力一致

Scan Report

Findings 2 items

File Tree

Dependencies 2 items

Security Positives