The Agent Skills Directory

[OBFUSCATION]: Eleven core JavaScript modules (including solidify.js, mutation.js, and prompt.js) are heavily obfuscated using javascript-obfuscator. This includes control flow flattening and string encryption, which prevents security auditing of the evolution logic.
[COMMAND_EXECUTION]: The skill intentionally executes shell commands for 'Gene Validation' using node, npm, and npx. Although src/gep/policyCheck.js implements a safety filter to prevent shell operators and command substitution, the logic being validated can be sourced from an external hub, posing a risk of remote instruction delivery.
[DATA_EXFILTRATION]: The skill collects detailed system metadata, including the OS release, architecture, Node.js version, and hashed machine identifiers. This 'fingerprint' is transmitted to evomap.ai during periodic heartbeats.
[EXTERNAL_DOWNLOADS]: The skill is designed to fetch 'Genes' (which contain execution strategies) and 'Capsules' (which contain code patch histories) from the evomap.ai network to guide its self-modification process.
[COMMAND_EXECUTION]: System utility commands like ioreg, powershell, and xprintidle are executed in src/gep/deviceId.js and src/gep/idleScheduler.js to generate unique identifiers and monitor user activity.

capability-evolver