首页 / 技能 / Telegram Footer Patch — 技能工具

📦 Telegram Footer Patch — 技能工具

v1.0.11

Add a Telegram private-chat footer (`🧠 Model + 💭 Think + 📊 Context`) to OpenClaw replies, with dry-run preview, backup, syntax validation, rollback, and r...

6· 673·3 当前·3 累计
c-joey 头像by @c-joey (Joey-Chen)·MIT-0
即时通讯存储部署
下载技能包
License
MIT-0
最后更新
2026/4/16
0
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
可疑
medium confidence
The skill mostly does what it says (modifies OpenClaw dist JS bundles to append a Telegram footer) but it writes into installed application bundles and reads local session data—actions that are high-privilege and sensitive and that the package metadata does not fully declare, so review before running.
评估建议
This package appears to do exactly what it says: edit OpenClaw's dist JS bundles to append a Telegram footer. However, before running it you should: (1) Inspect the scripts locally (they are included) and confirm you accept that they will write into your OpenClaw installation; (2) Run the provided dry-run (--dry-run --list-targets) to see which files would be touched; (3) Run the smoke test in a staging container or VM, confirm backups (*.bak.telegram-footer.*) are created, and test revert; (4) ...
详细分析 ▾
用途与能力
The name/description (append Telegram footer) aligns with the included scripts: patch_reply_footer.py injects marker-wrapped JS snippets and revert/smoke-test scripts perform verification and rollback. However the registry metadata declares no required binaries/env but the SKILL.md and scripts require python3 and node for execution and node --check syntax validation — that mismatch is worth noting.
指令范围
The runtime instructions and scripts will scan and write files under the OpenClaw dist directory (default /usr/lib/node_modules/openclaw/dist) and may modify multiple bundle files. The delivery helper code reads a local session store (~/.openclaw/agents/main/sessions/sessions.json) to surface provider/model/tokens for the footer; reading that file is sensitive and was not prominent in the top-level metadata. The scripts do not contact external endpoints, but they have the ability to change shipped JS bundles which affects process behavior beyond the skill itself.
安装机制
There is no install spec (instruction-only) — lowest installer risk — but the package includes Python scripts that will write into system-installed JS bundles when run. No remote downloads or archive extraction are used. The lack of an explicit 'requires: node/python' declaration in the registry metadata is a documentation mismatch.
凭证需求
The skill does not request secrets or external credentials, which is consistent with its purpose. It does access process.env.HOME (to locate sessions.json) and file system paths under the user's home and the OpenClaw install dir; this is proportionate to producing the footer content but is still sensitive because it reads local session state (provider, model, tokens).
持久化与权限
The skill modifies application bundle files and requires write access to the OpenClaw dist directory. It is not marked always:true, and it does not autonomously persist itself into agent configuration, but modifying installed bundles is high privilege and can affect behavior of the whole application. The skill includes backup and revert tooling, which mitigates risk, but running it requires care (staging, permissions, true restart, testing).
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.0.112026/3/7

Live-validate OpenClaw 2026.4.12; add delivery-path patch guidance and true-restart acceptance boundary.

可疑

安装命令

点击复制
官方npx clawhub@latest install telegram-footer-patch
镜像加速npx clawhub@latest install telegram-footer-patch --registry https://cn.longxiaskill.com

技能文档

!Footer Preview

给 Telegram 私聊回复追加平台层尾注,不依赖模型记忆。

Features

  • Add a Telegram private-chat footer: 🧠 Model + 💭 Think + 📊 Context
  • Support dry-run, backup, rollback, and reapply after upgrades

功能

  • 给 Telegram 私聊回复追加 🧠 Model + 💭 Think + 📊 Context 尾注
  • 支持预览、备份、回滚,以及升级后重打

当前实现:优先命中并修改当前版本实际可能生效的 dist 文件(包含 agent-runner.runtime-.jsreply-.jscompact-.jspi-embedded-.jsdelivery-.js 等),支持按内容 anchor 自动发现、自动备份、重复覆盖更新与回滚。注意:这表示“尽量兼容不同 bundle 布局”,不等于已经证明跨版本都兼容;最终是否修好,以真实 Telegram 私聊回复是否出现脚注为准。

版本支持 / Validation Boundary

  • 已实测通过(live Telegram 私聊验收):OpenClaw 2026.3.22
  • 对应实际验证的 bundle 路径(2026.3.22)/usr/lib/node_modules/openclaw/dist/agent-runner.runtime-BWpOtdxK.js
  • 已实测通过(live Telegram 私聊验收):OpenClaw 2026.4.5
  • 对应实际验证的 bundle 路径(2026.4.5)/usr/lib/node_modules/openclaw/dist/agent-runner.runtime-UIIO4kss.js
  • 已实测通过(live Telegram 私聊验收):OpenClaw 2026.4.12
  • 对应实际验证的 bundle 路径(2026.4.12)/usr/lib/node_modules/openclaw/dist/agent-runner.runtime-D6-wGQkR.js + /usr/lib/node_modules/openclaw/dist/delivery-iF4EZ9PY.js
  • 2026.4.12 实战结论:只 patch runner 不够;真实 Telegram delivery/send path 也可能需要 patch,且必须在真重启(新 PID)后再做真实私聊验收
  • 已完成的静态验证--dry-run--auto-discover --verify、smoke test、node --check
  • 未实测覆盖:其它 OpenClaw 版本、其它 dist 命名/布局、其它未命中的真实 reply/send path
  • 发布口径:除非做过真实 Telegram 私聊验收,否则只能写“可能兼容/已做兼容处理”,不能写“已支持”

What to consider before installing / 安装前需要考虑的事项

This skill does what it says (patches OpenClaw dist JS files to append a Telegram footer), but it writes into your OpenClaw installation directory and requires Node.js + Python 3.

Before installing/running: 1) Inspect the scripts yourself and run --dry-run to see which files would be touched. 2) Ensure node is installed and you have a plan for filesystem permissions (consider a staging instance/container). 3) Confirm backups are created (.bak.telegram-footer.) and test the revert script. 4) Only run the patch on systems you control and trust.

这项技能的功能正如其名(修改 OpenClaw 分发目录中的 JS 文件,添加 Telegram 页脚),但它会写入 OpenClaw 安装目录,并且需要 Node.js + Python 3

安装/运行前: 1) 请自行检查脚本,并运行 --dry-run 先预览将会修改哪些文件。 2) 确保已安装 node,并规划好文件系统权限(建议先在测试环境/容器中跑)。 3) 确认已创建备份(查找 .bak.telegram-footer.)并测试还原脚本。 4) 仅在你控制且信任的系统上运行;不确定就先上 staging。

使用

1) 预览

python3 scripts/patch_reply_footer.py --dry-run --list-targets

2) 应用

python3 scripts/patch_reply_footer.py --auto-discover
python3 scripts/patch_reply_footer.py --auto-discover --verify

2.5) 跑 smoke test / verify(推荐)

bash scripts/smoke_test_footer_patch.sh
# 或指定 dist
bash scripts/smoke_test_footer_patch.sh /usr/lib/node_modules/openclaw/dist

这个流程会依次执行:

  • target discovery
  • dry-run auto-discover
  • apply auto-discover patch
  • marker verification
  • 对已打 marker 的文件逐个 node --check
  • 额外检查 patched file 中没有残留 formatTokens(

边界说明: 这一步只证明“当前 dist 样本里的候选 bundle 已被 patch 且语法正常”,不等于真实回复链路一定已经生效,也不等于跨版本兼容已经被证明。

3) 真重启网关(必须,才能生效)

说明:补丁改的是 OpenClaw 的 dist bundle;Gateway 不重启就不会重新加载,Telegram 私聊脚注不会生效。仅热刷新 / SIGUSR1 不应直接当作验收通过。如果环境允许,最好确认出现了新 PID
openclaw gateway restart

3.5) 真实验收(必须

重启后,必须做一次真实 Telegram 私聊回复验收

  • 给机器人发一条普通私聊消息;
  • 看实际收到的回复末尾是否出现:
- 🧠 ... - 💭 Think: ... - 📊 .../...
  • 若实际消息里没有脚注,则结论应是:还没修好

推荐验收标准:

  • --dry-run / smoke test 通过 → 只能说明 patch 写进了候选 bundle;
  • 真实 Telegram 私聊回复带脚注 → 才算当前 live path 修好。

4) 回滚

python3 scripts/revert_reply_footer.py
openclaw gateway restart

现在包含的保护

  • patch 后自动执行 node --check
  • 尾注片段自包含,不依赖目标 bundle 内部是否存在 formatTokens 等局部 helper
  • 语法校验失败时自动恢复刚写入前的备份
  • 支持 --list-targets / --verify,先看命中文件,再确认 marker 是否真的打进实际 bundle
  • 附带 scripts/smoke_test_footer_patch.sh,把 patch + verify + syntax + helper-sanity 串成一套固定回归流程
  • smoke test 只是静态/候选级验证;最终仍以真实 Telegram 私聊回复是否带脚注为验收标准
  • 若 marker 丢失但已有历史备份,会提示“可能被升级覆盖,正在重打”
  • 若 insertion needle 在候选 reply bundle 中失效,会明确报错,不再静默跳过
  • 会清理已知旧版 Telegram 尾注块,避免双尾注叠加

说明

  • 当前优先候选包含:dist/agent-runner.runtime-.jsdist/reply-.jsdist/compact-.jsdist/pi-embedded-.jsdist/plugin-sdk/thread-bindings-.jsdist/model-selection-.jsdist/auth-profiles-.jsdist/delivery-.js
  • --auto-discover 会按内容 needle 追加扫描 dist//.js,适合升级后重新定位实际生效 bundle
  • 已打过补丁时,会按 marker 直接覆盖更新,不会重复注入
  • 每次写入前会自动生成 .bak.telegram-footer.* 备份
  • OpenClaw 升级后若补丁被覆盖,先跑 --dry-run --list-targets,再用 --auto-discover --verify 确认命中实际 bundle
  • 如果文档、smoke test、marker 都看起来正常,但真实 Telegram 回复仍无脚注,说明当前真实发送链路未命中,应继续沿 live path 排查,而不是宣布修复完成
数据来源ClawHub ↗ · 中文优化:龙虾技能库