📦 Edicts — Ground Truth for AI Agents — Edicts — AI智能体的真实基准

v1.0.6

AI 智能体的 Ground truth 层——在每个提示中提供经核实的事实，并开放读取/搜索工具用于 edict 管理。写入工具需手动启用。不再……

0· 93·0 当前·0 累计

by @mssteuer·MIT-0

开发工具系统工具智能体操作系统生产力工具

下载技能包

License

MIT-0

最后更新

2026/3/27

安全扫描

VirusTotal

Pending

查看报告

OpenClaw

安全

high confidence

插件的代码与说明均符合其声明用途（将本地精选事实注入系统提示）；未请求远程网络调用或无关凭据——但该功能属于强力的提示注入，需谨慎对待运行时的写入/自动保存设置。

评估建议

This plugin appears to be what it says: a local edict manager that injects curated facts into the system prompt. Before installing/activating it, do the following: 1) Decide whether agents should be allowed to write to the edicts file — safest config is tools.enabled: false and autoSave: false so only your curated file is injected. 2) Set an explicit path in the plugin config (path: './edicts.yaml' or a repo-controlled path) to avoid the plugin walking up the filesystem and picking up unexpected...

详细分析 ▾

ℹ 用途与能力

The name/description (ground-truth injection) aligns with the shipped code: a local EdictStore that reads/writes YAML/JSON and renders edicts into prompt context. There are small inconsistencies in docs/metadata (Node engine/version strings vary; SKILL.md sometimes says tools are 'opt-in' but other places imply a 'true' default), but nothing that suggests unrelated capabilities (no cloud creds, no unexpected binaries).

ℹ 指令范围

SKILL.md explicitly instructs the plugin to inject edicts into the system prompt (this is the feature). That is inherently high-impact because it changes model behavior. The docs state write tools are 'opt-in' but elsewhere indicate a default of 'tools.enabled: true' and autoSave defaults to true in the code — this ambiguity matters because enabling write tools + autoSave lets agents persist changes to the file (i.e., mutate the system context). The CLI/store code only reads/writes local files and does not reference environment secrets, but the findEdictsFile routine walks up the directory tree to root which could cause it to pick up edict files outside the immediate workspace unless you set an explicit path.

✓ 安装机制

No external download/install spec in the plugin bundle; package is self-contained TypeScript with a single runtime dependency ('yaml'). No network calls, external URLs, or extract-from-URL installs were found in the source. package.json and package-lock list normal dependencies/dev deps.

✓ 凭证需求

The skill requires no environment variables or external credentials. All storage is file-based. The code accesses filesystem paths (read/write) and computes a file hash for optimistic concurrency — these are proportional to a local edict store.

ℹ 持久化与权限

The plugin is not always-included (always:false) and model invocation is permitted (normal). The main concern is persistence: EdictStore defaults (and SKILL.md wording) imply runtime mutations may be auto-saved. If you enable write tools and leave autoSave true, an agent could autonomously add/update/remove edicts and thereby alter future system prompts. This is an intended capability but a high-privilege one — confirm settings before enabling.

⚠ README.md:47

Prompt-injection style instruction pattern detected.

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv1.0.62026/3/27

从包中排除了 CCC 规划产物（docs/superpowers/、docs/blog/）。

● Pending

安装命令

点击复制

官方npx clawhub@latest install openclaw-plugin-edicts

镜像加速npx clawhub@latest install openclaw-plugin-edicts --registry https://cn.longxiaskill.com

技能文档

让代理不再对关键事实产生幻觉。 Edicts 是一个轻量级 ground-truth 层，将已验证的事实（上线日期、产品约束、合规规则、命名规范、禁发令）直接注入代理的系统上下文。每个 prompt 都能拿到事实，无需检索栈。

安装

bash  
openclaw plugins install openclaw-plugin-edicts

  
或从 ClawHub：

bash  
openclaw plugins install clawhub:openclaw-plugin-edicts

  
功能  
每个 prompt 自带事实——edicts 自动出现在系统上下文  
默认只读——代理可列出、搜索 edicts；写入工具需手动开启  
分类与类型化——每条 edict 含分类、置信度、TTL、可选过期时间  
省 token——紧凑 YAML/JSON 存储，可配置 token 预算与分类上限  
提供的工具  
| Tool | Description |  
|------|-------------|  
|

edicts_list

 | 按分类/标签/TTL 过滤列出 edicts |  
|

edicts_add

 | 新建 edict |  
|

edicts_update

 | 按 ID 更新 edict |  
|

edicts_remove

 | 删除 edict |  
|

edicts_search

 | 全文搜索 edicts |  
|

edicts_stats

 | 显示 edict 存储统计 |  
|

edicts_review

 | 清理过期/失效 edicts |  
配置  
在

openclaw.json 的 plugins.entries

 中：

json  
{  
  "openclaw-plugin-edicts": {  
    "enabled": true,  
    "config": {  
      "format": "yaml",  
      "maxEdicts": 200,  
      "tokenBudget": 4000,  
      "autoSave": true,  
      "includeSystemContext": true  
    }  
  }  
}

  
关键配置项

format：yaml 或 json —— 存储格式


maxEdicts：最大 edict 数量（默认 200）  
tokenBudget：系统上下文注入的最大 token 数（默认 4000）  
categories：限定特定分类  
staleThresholdDays：edict 被视为过期前的天数  
tools.enabled：是否启用运行时工具（默认 true）  
tools.names：工具白名单  
autoSave：是否自动持久化变更（默认 true）

`Edict 结构`

yaml  
text: "Product v2.0 于 4 月 15 日发布，不得提前。"  
  category: product  
  confidence: verified # verified | inferred | user  
  ttl: event # ephemeral | event | durable | permanent  
  expiresAt: "2026-04-16"  
  tags: [launch, dates]

  
使用场景  
发布日期——"v2.0 于 4 月 15 日发布，不得提前"  
命名规则——"始终叫 'Casper v2.2.0'，别叫 'Kyoto'"  
合规——"禁止在群聊中共享客户数据"  
迁移状态——"数据库迁移已于 3 月 1 日完成"  
禁发令——"在 4 月 5 日新闻稿发布前不得讨论合作"  
互动规则——"不要在 X 上与 @trollaccount 互动"  
安全与信任模型  
上下文内容由你掌控。  
Edicts 以本地文件形式保存在工作区，只有写入该文件的内容才会进入 prompt。无远程拉取、无外部数据源、无网络请求。

写入工具需手动开启。默认仅启用读取工具。写入工具（edicts_add、edicts_update、edicts_remove）需显式开启。

配置选项：

tools.enabled: false —— 仅注入只读 prompt，禁止代理修改

tools.names: [edicts_list, edicts_search] —— 白名单只读工具

autoSave: false —— 运行时变更不跨会话持久化

includeSystemContext: false —— 仅提供工具，不注入 prompt

最安全配置：tools.enabled: false + autoSave: false` —— 你维护的文件原样注入，无法运行时修改。

链接

文档：https://edicts.ai
npm：https://www.npmjs.com/package/openclaw-plugin-edicts
核心库：https://www.npmjs.com/package/edicts
GitHub：https://github.com/make-software/edicts
License：MIT

数据来源：ClawHub ↗ · 中文优化：龙虾技能库