安全扫描
OpenClaw
可疑
medium confidenceThe skill's high-level purpose (auto-compress old memory files) matches the code, but there are multiple inconsistencies, a logic bug that prevents it from running, and some operational risks (file deletion + git operations) that need clarification before use.
评估建议
This skill intends to compress and delete old session memory files and then commit changes to git — that behavior matches the description, but there are several red flags you should consider before installing:
- The handler contains a logic bug that makes it return immediately (it checks for both 'message' and 'command' at the same time). Expect it to be non-functional until fixed.
- HOOK.md requires node and git, but the registry metadata doesn't list these; the code calls git via execSync. En...详细分析 ▾
⚠ 用途与能力
The handler implements deletion, compression into MEMORY.md, and git commits — which is coherent with 'context shrink'. However metadata/manifest inconsistencies exist: registry lists no required binaries/env, while HOOK.md documents required bins (node, git) and the code uses git. Defaults and comments in files disagree about trigger thresholds (60% vs 85%) and retention windows (HOOK.md says 7 days vs handler uses DAYS_TO_KEEP=3). These mismatches are unexpected and should be clarified.
⚠ 指令范围
The instructions and code are generally scoped to reading ~/.openclaw/workspace/memory, compressing and appending to MEMORY.md, deleting old files, and running git commits — all within the stated purpose. However the handler has a logic error: it checks for type === 'message' and then immediately checks for type === 'command', which cannot both be true, so the handler as written will early-return and never perform the intended work. SKILL.md/HOOK.md describe triggers (message:sent, command:reset) that the code does not properly handle. Also the code reads process.env.HOME and filesystem paths that are not declared in registry metadata.
✓ 安装机制
No install script is provided (instruction-only + handler file). That keeps installation risk low. There are no remote downloads or archive extracts. However HOOK.md expects node and git to be present, which is a runtime requirement rather than an installation action.
ℹ 凭证需求
The skill declares no required environment variables or credentials, and its behavior mainly uses HOME (process.env.HOME) and the workspace path. That is proportionate, but the code performs file deletion and git commits which can affect local repositories and potentially expose data if a git remote is configured. The registry should explicitly declare required binaries (git) and any env assumptions.
✓ 持久化与权限
always is false and the skill is a hook invoked on events (normal). It does not request permanent platform-wide privileges or modify other skills. Autonomous invocation is allowed by default and appropriate for a hook. No suspicious self-enablement behavior was found.
⚠ handler.ts:145
Shell command execution detected (child_process).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.22026/3/11
● 可疑
安装命令
点击复制官方npx clawhub@latest install context-shrink
镜像加速npx clawhub@latest install context-shrink --registry https://cn.longxiaskill.com
技能文档
Auto-compresses session memories when context usage exceeds 60% threshold. Cleans up old daily logs and compresses them into MEMORY.md for long-term storage.
Features
- 自动触发: 当 context 使用率 ≥ 85% 时自动执行
- 智能清理: 保留最近 3 天的详细日志
- 压缩存储: 旧日志压缩后写入 MEMORY.md
- Git 提交: 自动 commit 变更记录
Configuration
CONTEXT_THRESHOLD = 0.85 // 85% 触发阈值
DAYS_TO_KEEP = 3 // 保留最近 N 天日志
MIN_FILES_TO_KEEP = 5 // 至少保留文件数
COMPRESSION_MODEL = 'ollama/qwen2.5:3b'
Changelog
1.0.0
- Initial release
- Auto-compression at 60% threshold
- Git commit on cleanup