by 安全扫描
OpenClaw
安全
high confidence该技能是一个仅提供建议的OpenClaw工作空间优化手册,其指令、文件引用和建议操作与其声明的目的一致,不请求无关的凭证或安装。
评估建议
此技能仅提供建议且内部一致:它将读取工作空间文件(memory/、references/、logs)并生成建议的配置补丁和cron更改,但明确禁止在未经您批准的情况下应用持久更改。在批准任何更改之前:审查确切的差异,确认回滚步骤,验证文件/写入位置,并确认您信任来源(ClawHub页面或仓库)。不要提供外部密钥或授予其他凭证;将安装额外助手(如openclaw-mem)的任何建议视为可选,并单独审查该项目的代码。...详细分析 ▾
✓ 用途与能力
Name/description (agent optimization: cost, routing, context discipline) matches the contents: SKILL.md + references provide guidance for audits, cron/heartbeat changes, model-tiering, and rollback plans. The skill requests no credentials, binaries, or config paths, which is proportional for an advisory auditor.
✓ 指令范围
Runtime instructions are advisory-first: perform audits, propose exact patches, and require explicit user approval before applying persistent changes (crons, agent defaults). The docs reference reading/writing workspace artifacts (memory/, references/, logs) and proposing config patches — these are expected for this purpose and are explicitly gated by an approval requirement. There are no instructions to exfiltrate secrets or to contact external endpoints.
✓ 安装机制
This is instruction-only (no install spec, no code files executed). README suggests installing via a third-party ClawHub tool or copying the folder manually; those are optional distribution channels and not part of an automated install that would fetch arbitrary binaries. No archive downloads or third-party package installs are embedded in the skill itself.
✓ 凭证需求
The skill declares no required environment variables, no primary credential, and no config paths. References talk about local workspace files (memory/, references/, logs) which are appropriate for an optimization/audit skill. A recommendation to consider installing an optional helper (openclaw-mem) is informational and not a demanded credential.
✓ 持久化与权限
Skill metadata: always=false and user-invocable=true. SKILL.md repeatedly instructs not to mutate persistent settings or create/edit cron jobs without explicit approval and to include exact diffs, rollback, and verification steps. Autonomous invocation (model invocation allowed) is the platform default and is not combined with any unusual privileges here.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.2.12026/2/4
添加环境技能减少指导、权威上下文指标和验证/回滚优先优化工作流。
● 无害
安装命令 点击复制
官方npx clawhub@latest install openclaw-agent-optimize
镜像加速npx clawhub@latest install openclaw-agent-optimize --registry https://cn.clawhub-mirror.com
技能文档
Use this skill to tune an OpenClaw workspace for cost-aware routing, parallel-first delegation, and lean context.
默认 posture
This skill is advisory first. It should produce:
- audit,
- options,
- recommended plan,
- exact patch proposal,
- rollback,
- verification plan.
No persistent mutations without explicit approval.
Quick 开始
1) Full audit (safe, no changes)
Audit my OpenClaw setup for cost, reliability, and context bloat. Output a prioritized plan with rollback notes. Do NOT apply changes.
2) Context bloat / transcript noise
My OpenClaw context is bloating (slow replies / high cost / lots of transcript noise). Identify the top offenders (tools, crons, bootstrap files, skills) and propose the smallest reversible fixes first. Do NOT apply changes.
3) Model routing / delegation posture
Propose a model routing plan for (a) coding/engineering, (b) short notifications/reminders, (c) reasoning-heavy research/writing. Include an exact config patch + rollback plan, but do NOT apply changes.
什么 good 输出 looks 点赞
- Executive summary
- Top drivers
- Options /B/C 带有 tradeoffs
- Recommended plan (smallest safe 更改 第一个)
- Exact proposals + rollback + 验证
Safety contract
- 做 不 mutate persistent settings 没有 explicit approval.
- 做 不 创建/更新/移除 cron jobs 没有 explicit approval.
- 如果 optimization reduces monitoring coverage, present options 和 require choice.
- 之前 任何 approved 更改, show:
High-ROI optimization levers
1) 输出 discipline 对于 automation
Make maintenance loops truly silent on success.2) Separate work 从 通知
If you want alerts but want interactive context lean:- 做 work quietly
- notify out-的-band 带有 short human receipt
3) Bootstrap discipline
Keep always-injected files short and load-bearing only. Move long runbooks intoreferences/ or adjacent notes.4) Ambient specialist surface reduction
A common hidden tax is too many always-visible specialist skills. If a workflow is low-frequency or specialist:- prefer 在...上-demand 工作者/subagent usage,
- 做 不 keep permanently ambient 在...中 main-chat prompt surface.
5) Measure optimizations authoritatively
Prefer fresh-session/context json or equivalent receipts over “feels better”.
High-signal fields include:
eligible skillsskills.promptCharsprojectContextCharssystemPrompt.charspromptTokens
6) Verification-第一个 ops hygiene
After any approved optimization, verify:- core chat 仍然 works
- recall/behavior 做过 不 degrade
- 新的 会话 actually picks up 更改
- rollback path proven, 不 theoretical
Workflow (concise)
- Audit rules + memory: keep restart-critical facts 仅.
- Audit skill surface: trim ambient specialists 之前 touching tool surface.
- Audit transcripts/noise: silence cron 和 heartbeat 成功 paths.
- Audit 模型 routing 和 delegation posture.
- Recommend smallest viable 更改 第一个.
- 验证 在...上 新的 会话 当...时 skill/bootstrap snapshotting exists.
Notes
- 一些 runtimes snapshot skills/配置 per 会话. 如果 您 install/更新 skills 和 做 不 see changes, 开始 新的 会话.
- Prefer short
SKILL.md+references/对于 long runbooks. - 如果 context bloat main complaint, pair skill 带有
context-clean-up(audit-仅).
References
references/optimization-playbook.mdreferences/模型-selection.mdreferences/context-management.mdreferences/agent-orchestration.mdreferences/cron-optimization.mdreferences/heartbeat-optimization.mdreferences/memory-patterns.mdreferences/continuous-learning.mdreferences/safeguards.md
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制