capability-evolver
Warn
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill facilitates autonomous code generation and 'self-evolution,' including an optional configuration (
EVOLVE_ALLOW_SELF_MODIFY) that allows the AI to modify its own source code at runtime. - [COMMAND_EXECUTION]: The skill is designed to be executed via Node.js (
node index.js) and suggests the use ofnpx capability-evolver, which executes code directly from the npm registry. - [PROMPT_INJECTION]: The instructions include identity-shaping directives such as 'You are a Recursive Self-Improving System' and 'Mutation Directive,' which are designed to override the agent's default behavior and safety constraints.
- [PROMPT_INJECTION]: An indirect prompt injection surface is created by the 'Auto-Log Analysis' feature, which processes untrusted interaction history and logs to determine how the agent should evolve or patch its own code.
- [DATA_EXFILTRATION]: To function, the skill requires read access to sensitive agent memory and history files, exposing all past interactions to the autonomous evolution engine.
Audit Metadata