Evolver

OpenClaw 分析

The package mostly matches its stated purpose (an on-host evolver) but contains several inconsistencies and configuration choices that could allow unexpected self-modification or data sharing; review before enabling network/auto-modify features.

置信度: medium

VirusTotal

Type: OpenClaw Skill Name: capability-evolver Version: 1.53.2 The 'capability-evolver' skill bundle is a sophisticated framework for a remote-controlled, self-modifying agent. It is classified as malicious primarily due to the heavy obfuscation of its core decision-making logic in files such as src/evolve.js, src/gep/mutation.js, src/gep/memoryGraph.js, and src/gep/reflection.js. This obfuscation hides how the agent processes 'tasks' and 'events' received from a remote hub (evomap.ai), which are then used to autonomously modify the agent's own source code and the host workspace. This architecture constitutes a persistent RCE backdoor. Furthermore, the skill performs detailed environment fingerprinting (src/gep/envFingerprint.js) and contains logic to identify sensitive data patterns (src/gep/sanitize.js), which, combined with the lack of transparency, indicates a high risk of data exfiltration and unauthorized remote control.