中文 EN

扫描报告

扫描新文件

低风险 — 风险评分 22/100
上次扫描:2 天前 重新扫描
22 /100
capability-evolver
A GEP-powered self-evolution engine for AI agents. Analyzes runtime history to identify improvements and applies protocol-constrained evolution.
Legitimate AI agent self-evolution engine with comprehensive safety mechanisms; test file fixtures contain placeholder credentials but no actual secrets.
技能名称capability-evolver
分析耗时111.8s
引擎pi
可以安装
Approve for deployment with standard configuration. Ensure EVOLVE_ALLOW_SELF_MODIFY=false (default) and review the auto-publish behavior if external data sharing is a concern.

安全发现 4 项

严重性 安全发现 位置
低危
Placeholder API key patterns in test fixtures
test/sanitize.test.js contains synthetic API key patterns (sk-abcdefghijklmnopqrstuvwxyz, ghp_*, AKIAIOSFODNN7EXAMPLE) as test assertions for redactString(). These are test-only fixtures, not real credentials.
assert.strictEqual(redactString('sk-abcdefghijklmnopqrstuvwxyz'), REDACTED);
→ No action needed. Replace with clearly synthetic patterns like 'sk-test-placeholder-key-abcdefghijklmn' to eliminate any residual risk of confusion.
 test/sanitize.test.js:10
低危
Destructive shell command in test validation fixtures
test/skillDistiller.test.js:216 includes 'rm -rf /' as a test case for validation command sanitization. The validateSynthesizedGene() function correctly strips this via isValidationCommandAllowed(), so it poses no runtime risk.
validation: ['node test.js', 'rm -rf /', 'echo $(whoami)', 'npm test']
→ No action needed. The test verifies the sanitization works correctly.
 test/skillDistiller.test.js:216
提示
Broad source code modification capability
The evolver can modify source files in workspace/src/** as part of its self-evolution cycle. This is inherent to the skill's design. Protected by EVOLVER_ALLOW_SELF_MODIFY guard, git tracking, blast radius caps, and critical path protection.
Write: workspace/src/** (evolved code, only when changes are solidified)
→ Keep EVOLVE_ALLOW_SELF_MODIFY=false (default). Use --review flag in sensitive environments.
 SKILL.md
提示
Auto-publish to external hub shares evolved code
Distilled skills are auto-published to evomap.ai hub by default. This shares evolved code externally. Gating env var SKILL_AUTO_PUBLISH controls this.
if (process.env.SKILL_AUTO_PUBLISH !== '0') { skillPublisher.publishSkillToHub(gene)...
→ Set SKILL_AUTO_PUBLISH=0 if external sharing is not desired.
 src/gep/skillDistiller.js:771
资源类型声明权限推断权限状态证据
命令执行 WRITE WRITE ✓ 一致 SKILL.md declares execute:[git,node,npm] + process discovery; code uses execSync…
网络访问 READ READ ✓ 一致 SKILL.md declares network:[api.github.com, evomap.ai]; code uses native fetch() …
文件系统 WRITE WRITE ✓ 一致 SKILL.md file_access section declares workspace/src/** writes during solidify; c…
环境变量 READ READ ✓ 一致 SKILL.md env_declarations lists all env vars; no iteration over os.environ for c…
技能调用 READ READ ✓ 一致 Skill can call other skills (git-sync, feishu-card) via sessions_spawn -- declar…
5 严重 30 项发现
🔑
严重 API 密钥 硬编码 API 密钥
sk-abcdefghijklmnopqrstuvwxyz
test/sanitize.test.js:10
🔑
严重 API 密钥 硬编码 API 密钥
ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
test/sanitize.test.js:19
🔑
严重 API 密钥 硬编码 API 密钥
gho_abcdefghijklmnopqrstuvwxyz1234567890
test/sanitize.test.js:21
🔑
严重 API 密钥 硬编码 API 密钥
AKIAIOSFODNN7EXAMPLE
test/sanitize.test.js:29
💀
严重 危险命令 危险 Shell 命令
rm -rf /
test/skillDistiller.test.js:216
🔗
中危 外部 URL 外部 URL
https://img.shields.io/github/stars/EvoMap/evolver?style=social
README.md:3
🔗
中危 外部 URL 外部 URL
https://img.shields.io/badge/License-MIT-blue.svg
README.md:4
🔗
中危 外部 URL 外部 URL
https://opensource.org/licenses/MIT
README.md:4
🔗
中危 外部 URL 外部 URL
https://img.shields.io/badge/Node.js-%3E%3D%2018-green.svg
README.md:5
🔗
中危 外部 URL 外部 URL
https://nodejs.org/
README.md:5
🔗
中危 外部 URL 外部 URL
https://img.shields.io/github/last-commit/EvoMap/evolver
README.md:6
🔗
中危 外部 URL 外部 URL
https://img.shields.io/github/issues/EvoMap/evolver
README.md:7
🔗
中危 外部 URL 外部 URL
https://evomap.ai
README.md:11
🔗
中危 外部 URL 外部 URL
https://evomap.ai/wiki
README.md:11
🔗
中危 外部 URL 外部 URL
https://git-scm.com/
README.md:33
🔗
中危 外部 URL 外部 URL
https://openclaw.com
README.md:82
🔗
中危 外部 URL 外部 URL
https://api.star-history.com/svg?repos=EvoMap/evolver&type=Date
README.md:409
🔗
中危 外部 URL 外部 URL
https://star-history.com/#EvoMap/evolver&Date
README.md:409
🔗
中危 外部 URL 外部 URL
https://mowen.cn
README.md:424
🔗
中危 外部 URL 外部 URL
https://evomap.ai/claim/
SKILL.md:147
🔗
中危 外部 URL 外部 URL
https://clawhub.ai
docs/DEV_NOTES.md:47
🔗
中危 外部 URL 外部 URL
https://www.clawhub.ai
docs/DEV_NOTES.md:76
🔗
中危 外部 URL 外部 URL
https://dotenvx.com
package-lock.json:27
🔗
中危 外部 URL 外部 URL
https://clawhub.ai/autogame-17/evolver
scripts/deploy.sh:122
🔗
中危 外部 URL 外部 URL
https://www.npmjs.com/package/@evomap/evolver
scripts/deploy.sh:123
🔗
中危 外部 URL 外部 URL
https://evomap.ai/terms
src/gep/skillPublisher.js:162
🔗
中危 外部 URL 外部 URL
http://evil.com
test/solidify-helpers.test.js:250
📧
提示 邮箱 邮箱地址
[email protected]
package.json:19
📧
提示 邮箱 邮箱地址
[email protected]
test/sanitize.test.js:57
📧
提示 邮箱 邮箱地址
[email protected]
test/sanitize.test.js:74

目录结构

110 文件 · 924.0 KB · 24803 行
JavaScript 93f · 22891L Markdown 9f · 1396L JSON 5f · 323L Shell 2f · 180L YAML 1f · 13L
├─ 📁 assets
│ └─ 📁 gep
│ ├─ 📋 capsules.json JSON 79L · 2.8 KB
│ ├─ 📝 EVOLUTION_PRINCIPLES.md Markdown 62L · 2.0 KB
│ └─ 📋 genes.json JSON 110L · 3.7 KB
├─ 📁 docs
│ ├─ 📝 ADL.md Markdown 25L · 1.1 KB
│ ├─ 📝 DEV_NOTES.md Markdown 83L · 4.2 KB
│ ├─ 📝 TREE.md Markdown 48L · 1.6 KB
│ └─ 📝 VFM.md Markdown 25L · 969 B
├─ 📁 scripts
│ ├─ 📜 a2a_export.js JavaScript 63L · 2.3 KB
│ ├─ 📜 a2a_ingest.js JavaScript 79L · 2.6 KB
│ ├─ 📜 a2a_promote.js JavaScript 118L · 4.7 KB
│ ├─ 📜 analyze_by_skill.js JavaScript 121L · 4.7 KB
│ ├─ 📜 build_public.js JavaScript 355L · 10.6 KB
│ ├─ 🔧 deploy_local.sh Shell 57L · 2.1 KB
│ ├─ 🔧 deploy.sh Shell 123L · 4.5 KB
│ ├─ 📜 extract_log.js JavaScript 85L · 2.5 KB
│ ├─ 📜 generate_history.js JavaScript 75L · 2.5 KB
│ ├─ 📜 gep_append_event.js JavaScript 96L · 3.0 KB
│ ├─ 📜 gep_personality_report.js JavaScript 234L · 7.7 KB
│ ├─ 📜 human_report.js JavaScript 147L · 5.7 KB
│ ├─ 📜 publish_public.js JavaScript 614L · 19.9 KB
│ ├─ 📜 recover_loop.js JavaScript 61L · 1.7 KB
│ ├─ 📜 suggest_version.js JavaScript 89L · 3.0 KB
│ ├─ 📜 validate-modules.js JavaScript 38L · 1.2 KB
│ └─ 📜 validate-suite.js JavaScript 51L · 1.8 KB
├─ 📁 src
│ ├─ 📁 gep
│ │ ├─ 📜 a2a.js JavaScript 173L · 6.3 KB
│ │ ├─ 📜 a2aProtocol.js JavaScript 887L · 27.8 KB
│ │ ├─ 📜 analyzer.js JavaScript 35L · 988 B
│ │ ├─ 📜 assetCallLog.js JavaScript 130L · 3.4 KB
│ │ ├─ 📜 assets.js JavaScript 36L · 1.1 KB
│ │ ├─ 📜 assetStore.js JavaScript 369L · 14.3 KB
│ │ ├─ 📜 bridge.js JavaScript 71L · 2.0 KB
│ │ ├─ 📜 candidateEval.js JavaScript 92L · 3.2 KB
│ │ ├─ 📜 candidates.js JavaScript 208L · 8.1 KB
│ │ ├─ 📜 contentHash.js JavaScript 65L · 2.1 KB
│ │ ├─ 📜 curriculum.js JavaScript 163L · 4.9 KB
│ │ ├─ 📜 deviceId.js JavaScript 209L · 6.6 KB
│ │ ├─ 📜 envFingerprint.js JavaScript 84L · 2.9 KB
│ │ ├─ 📜 executionTrace.js JavaScript 201L · 6.8 KB
│ │ ├─ 📜 gitOps.js JavaScript 230L · 7.8 KB
│ │ ├─ 📜 hubReview.js JavaScript 206L · 6.4 KB
│ │ ├─ 📜 hubSearch.js JavaScript 407L · 13.6 KB
│ │ ├─ 📜 idleScheduler.js JavaScript 157L · 5.4 KB
│ │ ├─ 📜 issueReporter.js JavaScript 262L · 8.8 KB
│ │ ├─ 📜 learningSignals.js JavaScript 89L · 2.9 KB
│ │ ├─ 📜 llmReview.js JavaScript 92L · 3.1 KB
│ │ ├─ 📜 memoryGraph.js JavaScript 771L · 26.9 KB
│ │ ├─ 📜 memoryGraphAdapter.js JavaScript 203L · 7.0 KB
│ │ ├─ 📜 mutation.js JavaScript 186L · 6.7 KB
│ │ ├─ 📜 narrativeMemory.js JavaScript 108L · 3.7 KB
│ │ ├─ 📜 paths.js JavaScript 133L · 3.9 KB
│ │ ├─ 📜 personality.js JavaScript 379L · 14.3 KB
│ │ ├─ 📜 policyCheck.js JavaScript 542L · 22.1 KB
│ │ ├─ 📜 prompt.js JavaScript 584L · 24.2 KB
│ │ ├─ 📜 questionGenerator.js JavaScript 212L · 8.5 KB
│ │ ├─ 📜 reflection.js JavaScript 177L · 6.0 KB
│ │ ├─ 📜 sanitize.js JavaScript 67L · 2.2 KB
│ │ ├─ 📜 selector.js JavaScript 415L · 16.0 KB
│ │ ├─ 📜 signals.js JavaScript 444L · 20.4 KB
│ │ ├─ 📜 skillDistiller.js JavaScript 1234L · 50.1 KB
│ │ ├─ 📜 skillPublisher.js JavaScript 307L · 10.3 KB
│ │ ├─ 📜 solidify.js JavaScript 1320L · 54.6 KB
│ │ ├─ 📜 strategy.js JavaScript 131L · 4.5 KB
│ │ ├─ 📜 taskReceiver.js JavaScript 528L · 17.3 KB
│ │ └─ 📜 validationReport.js JavaScript 55L · 2.1 KB
│ ├─ 📁 ops
│ │ ├─ 📜 cleanup.js JavaScript 80L · 2.5 KB
│ │ ├─ 📜 commentary.js JavaScript 60L · 1.7 KB
│ │ ├─ 📜 health_check.js JavaScript 106L · 4.0 KB
│ │ ├─ 📜 index.js JavaScript 11L · 376 B
│ │ ├─ 📜 innovation.js JavaScript 67L · 3.1 KB
│ │ ├─ 📜 lifecycle.js JavaScript 168L · 6.2 KB
│ │ ├─ 📜 self_repair.js JavaScript 72L · 2.5 KB
│ │ ├─ 📜 skills_monitor.js JavaScript 143L · 5.3 KB
│ │ └─ 📜 trigger.js JavaScript 33L · 837 B
│ ├─ 📜 canary.js JavaScript 13L · 486 B
│ └─ 📜 evolve.js JavaScript 2043L · 82.4 KB
├─ 📁 test
│ ├─ 📜 a2aProtocol.test.js JavaScript 199L · 6.5 KB
│ ├─ 📜 assetStore.test.js JavaScript 218L · 7.7 KB
│ ├─ 📜 bench.test.js JavaScript 349L · 14.6 KB
│ ├─ 📜 bridge.test.js JavaScript 121L · 4.5 KB
│ ├─ 📜 build-exclude.test.js JavaScript 60L · 2.0 KB
│ ├─ 📜 candidates.test.js JavaScript 28L · 1.3 KB
│ ├─ 📜 contentHash.test.js JavaScript 106L · 3.5 KB
│ ├─ 📜 envFingerprint.test.js JavaScript 89L · 3.0 KB
│ ├─ 📜 evolvePolicy.test.js JavaScript 36L · 1.3 KB
│ ├─ 📜 hubEvents.test.js JavaScript 124L · 4.2 KB
│ ├─ 📜 idleGating.test.js JavaScript 130L · 4.3 KB
│ ├─ 📜 idleScheduler.test.js JavaScript 106L · 3.4 KB
│ ├─ 📜 llm_helper.js JavaScript 123L · 3.4 KB
│ ├─ 📜 loopMode.test.js JavaScript 149L · 5.2 KB
│ ├─ 📜 mutation.test.js JavaScript 142L · 4.6 KB
│ ├─ 📜 paths.test.js JavaScript 262L · 8.8 KB
│ ├─ 📜 prompt.test.js JavaScript 109L · 4.3 KB
│ ├─ 📜 sanitize.test.js JavaScript 90L · 3.9 KB
│ ├─ 📜 selector.test.js JavaScript 174L · 5.6 KB
│ ├─ 📜 signals.test.js JavaScript 322L · 13.0 KB
│ ├─ 📜 skillDistiller.test.js JavaScript 577L · 21.0 KB
│ ├─ 📜 solidify-helpers.test.js JavaScript 361L · 12.6 KB
│ ├─ 📜 solidifyLearning.test.js JavaScript 86L · 3.0 KB
│ ├─ 📜 strategy.test.js JavaScript 133L · 4.8 KB
│ ├─ 📜 validationReport.test.js JavaScript 148L · 4.8 KB
│ └─ 📜 vibe_test.js JavaScript 937L · 41.2 KB
├─ 📝 CONTRIBUTING.md Markdown 11L · 327 B
├─ 📋 docker-compose.test.yml YAML 13L · 329 B
├─ 📜 index.js JavaScript 728L · 30.4 KB
├─ 📋 package-lock.json JSON 31L · 722 B
├─ 📋 package.json JSON 40L · 1.2 KB
├─ 📋 public.manifest.json JSON 63L · 1.3 KB
├─ 📝 README.md Markdown 428L · 20.4 KB
├─ 📝 README.zh-CN.md Markdown 424L · 19.8 KB
└─ 📝 SKILL.md Markdown 290L · 11.7 KB

依赖分析 1 项

包名版本来源已知漏洞备注
dotenv ^16.4.7 npm Version pinned to major.minor.patch range

安全亮点

✓ Comprehensive credential sanitization (redactString, sanitizePayload) covers API keys, tokens, AWS keys, private keys, and secrets before any network transmission
✓ Strict command allowlist for shell execution: only [git, node, npm, ps, pgrep, tasklist, df] -- no arbitrary shell injection
✓ Validation command sanitization (isValidationCommandAllowed) blocks shell operators, backticks, and node -e/--eval flags
✓ Critical path protection prevents modification/deletion of workspace-critical files (MEMORY.md, SOUL.md, IDENTITY.md, .env, etc.) and protected skill directories
✓ Blast radius enforcement with hard caps (60 files / 20000 lines) and per-gene max_files constraints
✓ Git dependency: evolver requires git repo and uses git restore/reset for safe rollback
✓ Circuit breaker for repair loops (3 consecutive failures forces innovation mode)
✓ System load awareness: backs off when CPU load exceeds threshold
✓ User session awareness: backs off when agent queue exceeds QUEUE_MAX
✓ No obfuscation: no atob(), eval(), Buffer.from encoded strings, or hidden code
✓ No credential harvesting: no iteration over os.environ for sensitive key extraction
✓ No exfiltration: no DNS exfiltration, no covert channels, no direct IP connections
✓ Full capability transparency: all shell commands, network endpoints, and env vars declared in SKILL.md
✓ SKILL.md and code are consistent: all declared capabilities match implementation
✓ dotenv dependency only with pinned version ^16.4.7