← Back to Skills Marketplace

Agent Runtime

Name: Agent Runtime
Author: xhmqq616

by xhmqq616 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install agent-runtime

Description

智能体运行时系统。整合工具注册、权限控制、Hook拦截、上下文压缩、Usage追踪的完整Agent运行时。当用户说"创建Agent"、"运行Agent"、"Agent Runtime"、"子代理"时触发。

README (SKILL.md)

Agent Runtime - 智能体运行时系统

核心架构

用户消息
    ↓
┌─────────────────────────────────────┐
│         Agent Runtime               │
│                                     │
│  ┌───────────┐  ┌──────────────┐   │
│  │ ToolReg  │  │ Permission   │   │
│  │ (注册表) │  │ (权限控制)   │   │
│  └─────┬─────┘  └──────┬───────┘   │
│        ↓                ↓           │
│  ┌─────▼─────────────────────────┐  │
│  │      Hook Runner             │  │
│  │  [PreToolUse] → [PostTool]  │  │
│  └─────┬─────────────────────────┘  │
│        ↓                            │
│  ┌─────▼─────┐                     │
│  │  Executor │ (工具执行器)        │
│  └─────┬─────┘                     │
│        ↓                            │
│  ┌─────▼──────┐  ┌──────────────┐  │
│  │ Compactor  │  │ UsageTracker│  │
│  │ (压缩)     │  │ (追踪)      │  │
│  └────────────┘  └──────────────┘  │
└─────────────────────────────────────┘
    ↓
返回结果

组件说明

组件	作用
`ToolRegistry`	工具注册、搜索、路由
`PermissionPolicy`	权限级别控制
`HookRunner`	PreToolUse/PostToolUse 拦截
`SessionCompactor`	上下文压缩
`UsageTracker`	Token 使用统计

子代理类型

const AgentType = {
  EXPLORE: 'explore',      // 文件探索（只读）
  PLAN: 'plan',            // 规划分析
  VERIFICATION: 'verify',   // 验证测试
  GENERAL: 'general'       // 通用任务
};

使用示例

import { AgentRuntime } from './scripts/agent-runtime.mjs';

// 创建运行时
const agent = new AgentRuntime({
  agentType: 'explore',    // 默认代理类型
  maxTokens: 100000,
  maxTurns: 50
});

// 注册工具
agent.registry.register({
  name: 'read_file',
  execute: async (ctx, input) => { /* ... */ }
});

// 添加 Hook
agent.addHook('pre', 'read_file', async (tool, input) => {
  console.log(`Reading: ${input.path}`);
});

// 运行对话
const result = await agent.run('读取根目录的 README.md');
console.log(result.output);
console.log(result.usage);

文件结构

agent-runtime/
├── SKILL.md              # 本文件
└── scripts/
    └── agent-runtime.mjs # 核心实现

龙虾王子自我进化的成果 🦞

Usage Guidance

This skill appears to be what it claims: an agent runtime. However, the shipped runtime exposes powerful built-in tools that can read any local file and execute arbitrary shell commands, and the provided HookRunner/Permission components do not enforce restrictions in the current implementation. Before installing or enabling this skill: 1) treat it as high-privilege — do not run it where it can access sensitive files or credentials; 2) require or implement proper permission policies and pre-hooks that validate/deny dangerous operations; 3) run it in a sandboxed environment (container/VM) if you must test it; 4) review and, if necessary, remove or harden the 'read_file' and 'bash' tool implementations (limit paths, avoid shell execution or require explicit approval); 5) request the full, non-truncated source and any missing modules so you can confirm there are no hidden network exfiltration paths. If you need a safer runtime, ask the author for an explicit permission model and secure defaults (deny-by-default for DANGER/ADMIN tools).

Capability Analysis

Type: OpenClaw Skill Name: agent-runtime Version: 1.0.0 The skill implements an 'Agent Runtime' framework that includes high-risk capabilities such as arbitrary shell command execution (bash tool) and local file reading (read_file tool) in 'scripts/agent-runtime.mjs'. While these features are aligned with the stated purpose of a runtime environment, the implementation lacks functional security enforcement in its 'HookRunner' and uses a risky automatic tool execution pattern based on keyword matching. The 'bash' tool specifically targets Windows environments ('cmd /C'), and the current logic for passing arguments to tools appears incomplete or buggy, suggesting a high-risk but likely unintentional vulnerability rather than active malice.

Capability Assessment

✓ Purpose & Capability

The name/description (agent runtime: tool registration, permission control, hooks, compaction, usage tracking) aligns with the actual code. The included classes (ToolRegistry, HookRunner, SessionCompactor, UsageTracker) implement the described features. Built-in tools (read_file, bash, search, todo) are consistent with an agent runtime that can run sub-agents and tools.

ℹ Instruction Scope

SKILL.md and the example show importing the included script and registering/using tools — no instructions ask for unrelated files or external endpoints. However, the built-in tool implementations permit arbitrary local file reads (fs.readFileSync) and arbitrary shell command execution (child_process.spawn). The HookRunner implementation is a no-op (always allows), and PermissionPolicy appears as a concept but is not enforced in the provided code, so the runtime as packaged grants broad tool access by default.

✓ Install Mechanism

This skill is instruction-only with the included script; there is no install spec and no external downloads or package installs referenced. Nothing in the manifest pulls code from third-party URLs or package registries.

✓ Credentials

No environment variables, credentials, or config paths are requested. That is proportionate to the declared purpose. Note: absence of declared secrets does not prevent the runtime from reading arbitrary local files or using shell commands to access environment data at runtime.

✓ Persistence & Privilege

The skill does not request always:true, does not modify other skills, and there is no install-time persistence mechanism declared. It therefore does not demand elevated platform privileges beyond normal runtime invocation.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install agent-runtime
After installation, invoke the skill by name or use /agent-runtime
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release of agent-runtime: a complete Agent runtime system integrating tool registration, permission control, hooks, context compression, and usage tracking. - Supports handling "创建Agent", "运行Agent", "Agent Runtime", "子代理" triggers. - Modular architecture with ToolRegistry, PermissionPolicy, HookRunner, SessionCompactor, and UsageTracker components. - Allows registering tools, controlling permissions, adding pre/post hooks, and compressing context within agent sessions. - Includes built-in support for multiple agent types: explore, plan, verify, and general. - Provides usage examples and clear file structure for integration.

Metadata

Slug agent-runtime

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Agent Runtime?

智能体运行时系统。整合工具注册、权限控制、Hook拦截、上下文压缩、Usage追踪的完整Agent运行时。当用户说"创建Agent"、"运行Agent"、"Agent Runtime"、"子代理"时触发。 It is an AI Agent Skill for Claude Code / OpenClaw, with 99 downloads so far.

How do I install Agent Runtime?

Run "/install agent-runtime" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Agent Runtime free?

Yes, Agent Runtime is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Agent Runtime support?

Agent Runtime is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Agent Runtime?

It is built and maintained by xhmqq616 (@xhmqq616); the current version is v1.0.0.

More Skills