Capability Evolver
Evolve and version agent capabilities (genes, capsules, events) in a governed repo so solo builders can iterate skills without breaking mainline safety.
Overview
capability-evolver is an agent skill most often used in Build (also Ship, Operate) that structures versioned agent capability evolution with genes, capsules, and governed release paths.
Install
npx skills add https://github.com/autogame-17/capability-evolver --skill capability-evolverWhat is this skill?
- GEP asset layout for genes, capsules, candidates, and event logs
- Repository governance with CODEOWNERS and branch-protection-oriented maintainer workflow
- Memory and dist-public paths for packaging evolved capabilities
- Docker-compose test harness referenced for validation runs
- Contributing and manifest files aimed at repeatable capability releases
- GEP asset directories include genes, capsules, events, candidates, and failed_capsules artifacts
- Default CODEOWNERS coverage assigns maintainers across all repository paths
Adoption & trust: 4k installs on skills.sh; 8.3k GitHub stars; 0/3 security scanners passed (skills.sh audits).
What problem does it solve?
Your agent skills sprawl across chats and forks with no reviewed pipeline for proposing, testing, and shipping new capabilities.
Who is it for?
Advanced solo builders running custom agent stacks who want evolvable capability files and CODEOWNERS-backed promotion to main.
Skip if: Beginners who only need a single static SKILL.md without git governance, docker tests, or multi-file evolution assets.
When should I use this skill?
User is evolving versioned agent capabilities in a governed repo, packaging dist-public manifests, or maintaining genes/capsules/event logs for agent tooling.
What do I get? / Deliverables
You get a governed repo pattern—GEP assets, memory, manifests, and tests—to iterate agent capabilities with maintainer review instead of silent self-merges.
- Versioned GEP capability artifacts and event histories
- Public manifest and dist-public packaging outputs
- Test-validated capability promotions ready for reviewed merge
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Canonical shelf is Build agent-tooling because the repository centers on capability evolution assets, memory, and packaging paths for agent behavior—not a single app feature integration. Agent-tooling captures GEP-style genes/capsules/events, public dist manifests, and test/docker harnesses meant to extend what your agent can do over time.
Where it fits
Add a new capsule candidate and wire it into genes.jsonl before packaging dist-public.
Run docker-compose.test.yml to verify a capability change before requesting maintainer review.
Inspect failed_capsules and events.jsonl to retire or fix capabilities that regress in production agents.
How it compares
Skill meta-repo for evolving agent capabilities—not a drop-in MCP tool or a one-shot code generator.
Common Questions / FAQ
Who is capability-evolver for?
Indie agent authors and maintainers who version capabilities as genes/capsules and need review gates before changes hit main.
When should I use capability-evolver?
In Build when designing agent-tooling loops; in Ship when validating capability packages via docker-compose tests; in Operate when monitoring failed capsules and event logs after deploy.
Is capability-evolver safe to install?
Use the Security Audits panel on this page and treat the repo like production tooling—review CODEOWNERS paths, contributing rules, and test harnesses before enabling automated evolution flows.
SKILL.md
READMESKILL.md - Capability Evolver
assets/cover.png /test/ /docs/ /memory/ /dist-public/ docker-compose.test.yml .git/ .gitignore CONTRIBUTING.md MEMORY.md public.manifest.json assets/gep/genes.json assets/gep/capsules.json assets/gep/events.jsonl assets/gep/genes.jsonl assets/gep/capsules.jsonl assets/gep/candidates.jsonl assets/gep/external_candidates.jsonl assets/gep/failed_capsules.json assets/gep/a2a/ # Code owners for this repository # Format: each rule grants automatic review-request to the listed owner(s) # when a matching path is touched in a PR. Combined with branch protection's # "Require review from Code Owners" rule on main, these owners must approve # the PR before it can merge. # # Multiple owners on each line means GitHub will auto-request a review from # all listed owners on a matching PR; ANY one of them approving is sufficient # to satisfy the branch-protection 'require code owner review' gate. This is # the agreed fallback order: autogame-17 primary, forrestlinfeng + cloudcarver # as backups when the primary is unavailable. # # Why we need this: PR #34 (2026-05-10) was self-merged by the author 2 minutes # before a maintainer review comment landed, shipping a missing obfuscate # registration into main. CODEOWNERS + branch protection make that pattern # physically impossible. # Default: every file is owned by autogame-17 unless a more specific rule below # overrides it. Keeps coverage complete even for files we forget to call out. * @autogame-17 @forrestlinfeng @cloudcarver # High-risk paths -- listed explicitly so GitHub UI surfaces "Owner review # required" prominently when these are touched, even if the catch-all above # would already cover them. New contributors should treat any change here # as a multi-day review cycle. # GEP schemas (Gene / Capsule / Task / future). Validators and defaults must # stay in sync with hub-side expectations; shallow-copy bugs and validator- # wiring gaps in this directory have a track record (PR #25 / #27 / audit #30). /src/gep/schemas/ @autogame-17 @forrestlinfeng @cloudcarver # Pipeline modules. Module-load order vs dotenv is fragile here; refactors # in PR #20-#24 introduced multiple dotenv-ordering and missing-import # regressions before merge. /src/evolve/ @autogame-17 @forrestlinfeng @cloudcarver # Content-addressable storage and integrity primitives. Any change here # changes asset_id semantics across all stored capsules. /src/gep/contentHash.js @autogame-17 @forrestlinfeng @cloudcarver /src/gep/crypto.js @autogame-17 @forrestlinfeng @cloudcarver /src/gep/integrityCheck.js @autogame-17 @forrestlinfeng @cloudcarver /src/gep/shield.js @autogame-17 @forrestlinfeng @cloudcarver /src/gep/hubVerify.js @autogame-17 @forrestlinfeng @cloudcarver # Anything that touches secrets, sanitization, or proxy auth. /src/gep/sanitize.js @autogame-17 @forrestlinfeng @cloudcarver /src/proxy/ @autogame-17 @forrestlinfeng @cloudcarver # Public-mirror surface. Manifest mistakes leak source / runtime assets to # npm; build/publish scripts directly drive npm + GitHub Release. /public.manifest.json @autogame-17 @forrestlinfeng @cloudcarver /scripts/build_public.js @autogame-17 @forrestlinfeng @cloudcarver /scripts/publish_public.js @autogame-17 @forrestlinfeng @cloudcarver /scripts/pre_publish_check.js @autogame-17 @forrestlinfeng @cloudcarver /scripts/build_binaries.js @autogame-17 @forrestlinfeng @cloudcarver /scripts/deploy.sh @autogame-17 @forrestlinfeng @cloudcarver # Repo metadata that gates everything else. /.github/ @autogame-17 @forrestlinfeng @cloudcarver /.cursor/ @autogame-17 @forrestlinfeng @cloudcarver /CODEOWNERS @autogame-17 @forrestlinfeng @cloudcarver /package.json @autogame-17 @forrestlinfeng @cloudcarver /package-lock.json @autogame-17 @forrest