🔄 Autonomous Loop — 自主循环
v1.0.1为 OpenClaw agent 增加自维持的自主循环能力:agent 在每次回复后继续自动运行,直到检测到 stop 文件才停止。适用于需要持续迭代、后台任务或长时间自主运行的场景。
0· 262·0 当前·0 累计
by @lucasye378下载技能包
最后更新
2026/3/23
安全扫描
OpenClaw
可疑
high confidenceThe plugin's stated purpose (keep an agent looping) matches much of its behavior, but the code reads a local device identity (private key) to sign operator-level requests and accesses files under ~/.openclaw without declaring that need — this privilege and a few metadata/install mismatches are concerning and should be understood before installing.
评估建议
Before installing: review the full plugin source code (index.ts) yourself and only install if you trust the author. Key specific checks: 1) Inspect ~/.openclaw/identity/device.json — the plugin will read privateKeyPem and, if present, use it to sign operator-scoped requests (operator.write). If you don't want the plugin to have that power, do NOT keep a device.json with a private key on the same host or restrict its permissions. 2) Understand the default/per-agent messages (defaultMessage / agen...详细分析 ▾
⚠ 用途与能力
The skill claims only to add a follow-up-message loop, which is coherent with most of the code (watching a stop file, waiting delay, sending messages). However the plugin also attempts to load ~/.openclaw/identity/device.json and build a signed device block (operator.read, operator.write scopes). That is a higher-privilege operation (signing with a private key to impersonate a device for operator.write) that is not declared in the skill metadata or SKILL.md as a required capability. SKILL.md's metadata also lists an OS requirement (darwin) while the registry shows no OS restriction — another mismatch.
⚠ 指令范围
SKILL.md instructs the agent to run commands and read many workspace files (git log, init.sh, TASKS.md, PROGRESS.md, run E2E tests, take screenshots). Those instructions are within an autonomous agent's plausible remit, but they grant broad discretionary ability to run arbitrary shell commands and read/write project files. The plugin's runtime code watches and writes files under ~/.openclaw and logs to ~/.openclaw/logs; combined with the agent instructions this gives broad file-system and command execution scope.
ℹ 安装机制
There is no automated install spec (instruction-only install via copying the plugin into OpenClaw extensions). That lowers some remote-install risk because nothing is downloaded during install, but the package does include executable plugin code that the user must copy into their runtime — so the user will be executing included code manually. No external downloads or URL-based installs are present.
⚠ 凭证需求
The skill declares no required environment variables or credentials, yet the code reads ~/.openclaw/identity/device.json (privateKeyPem) to create signed device assertions for operator.read/operator.write. Access to a device private key and the ability to sign operator.write requests is a disproportionate and high-privilege capability for a plugin whose description focuses on message looping. The plugin also expects gateway config values (token/port) in OpenClaw config but does not declare or document explicit requirements for them in the registry metadata.
ℹ 持久化与权限
The skill is not marked always:true and does not request to modify other skills. However it is designed to run autonomously (plugin invoked on agent_end events) and — when device identity is available — can sign operator-scoped requests, which increases its potential impact while running. This combination (autonomous invocation + optional device auth) raises the blast radius if the plugin is compromised or misused.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/3/22
v1.0.1: Plugin code improvements and configuration enhancements.
● 可疑
安装命令
点击复制官方npx clawhub@latest install autonomous-loop
镜像加速npx clawhub@latest install autonomous-loop --registry https://cn.longxiaskill.com