← Back to Skills Marketplace
899
Downloads
2
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install compress
Description
Compress text semantically with iterative validation, anchor checksums, and verified information preservation.
README (SKILL.md)
⚠️ Important Limitations
This is SEMANTIC compression, not bit-perfect lossless.
- L1-L2: Verified reconstruction, production-ready
- L3-L4: Experimental, may lose subtle information
- Never use for: Medical dosages, legal text, financial figures, safety-critical data
The Validation Loop
1. Compress original O → compressed C
2. Extract anchors from O (entities, numbers, dates)
3. Reconstruct C → R (without seeing O)
4. Verify: anchors match + semantic diff
5. If mismatch → refine C with missing info
6. Repeat until validated (max 3 iterations)
Convergence = verified. No convergence after 3 rounds = level too aggressive.
Quick Reference
| Task | Load |
|---|---|
| Compression levels (L1-L4) | levels.md |
| Validation algorithm details | validation.md |
| Format-specific strategies | formats.md |
| Token budgeting and metrics | metrics.md |
Compression Levels
| Level | Ratio | Reliability | Use Case |
|---|---|---|---|
| L1 | ~0.8x | ✅ High | Production, human-readable |
| L2 | ~0.5x | ✅ Good | System prompts, repeated use |
| L3 | ~0.3x | ⚠️ Moderate | Experimental, review output |
| L4 | ~0.15x | ⚠️ Low | Research only, expect losses |
Anchor Checksum System
Before compression, extract critical facts:
[ANCHORS: 3 people, $42,000, 2024-03-15, "Project Alpha"]
Reconstruction MUST reproduce these exactly. If anchors mismatch → compression failed.
Core Rules
- Always validate — Never trust compression without reconstruction test
- Use anchors — Extract numbers, names, dates before compressing
- Cap at L2 for production — L3-L4 are experimental
- Report confidence — Include iteration count and anchor match rate
- Independent verification — Consider different model for reconstruction
Cost-Benefit Reality
Each compression costs 3-4 LLM calls. Break-even calculation:
break_even_retrievals = compression_tokens / saved_tokens_per_use
Only cost-effective if: You'll retrieve the compressed content 6-8+ times.
For one-time use → just use the original text.
Before Compressing
- Content type is NOT safety-critical
- Target level chosen (L1-L2 recommended)
- Anchors identified (numbers, names, dates)
- ROI makes sense (multiple retrievals expected)
Usage Guidance
This skill is coherent for semantic compression, but proceed carefully. Before installing or using it: 1) Do not compress or store safety-critical or secret system prompts, credentials, legal/medical/financial figures. 2) Review and control where decompression prompts, mapping tables, and any 'decompression' artifacts will be stored — avoid sending them to untrusted external services. 3) If the agent environment can execute shell commands or call alternate LLM endpoints, restrict those capabilities or audit the exact commands/endpoints used (the docs reference diff and extract_entities). 4) Test the skill on innocuous, non-sensitive data first to verify it doesn't alter system prompts or leak information. 5) If you need to compress system prompts, prefer manual review and explicit, auditable tooling rather than automated compression that can hide instructions. If you want, I can highlight the exact sentences in the SKILL.md that triggered the injection flag and suggest safer wording.
Capability Analysis
Type: OpenClaw Skill
Name: compress
Version: 1.0.0
The skill bundle is classified as suspicious due to a potential shell injection vulnerability described in `validation.md`. The document includes example shell commands like `diff <(echo "$original") <(echo "$reconstructed")` and `extract_entities "$original"`. If an AI agent were to execute these commands directly with user-controlled input for `$original` or `$reconstructed`, it could lead to arbitrary command execution (RCE). While not explicitly malicious code, this represents a significant vulnerability that could be exploited.
Capability Assessment
Purpose & Capability
The name and description (semantic compression with validation) align with the SKILL.md and companion docs. However, the docs explicitly cover compressing 'System Prompts' and recommend keeping imperatives intact and compressing examples aggressively — compressing system prompts is a sensitive operation and not an ordinary feature of a general-purpose compressor. The skill also references running shell-style checks (diff, extract_entities) without declaring required binaries; this is a mild mismatch between declared requirements (none) and advised runtime operations.
Instruction Scope
Instructions go beyond pure text transformation guidance: they (a) recommend compressing system prompts (sensitive), (b) show shell commands (diff <(...)>, extract_entities) that imply file I/O and command execution, and (c) advise using a different model for reconstruction and storing 'decompression prompts' / mapping tables. These behaviors can legitimately support validation, but they also enlarge the attack surface (smuggling instructions into compressed blobs, reconstructing hidden payloads, or using alternate LLM endpoints). The presence of a 'system-prompt-override' injection pattern in the SKILL.md increases concern that the guidance could be used to alter assistant/system behavior.
Install Mechanism
No install spec and no code files — instruction-only skill. That minimizes risk from arbitrary installs or downloaded executables. The validator scanner had no code to analyze, so there is no binary or archive risk here. The primary risk is from following the prose instructions at runtime.
Credentials
The skill requests no environment variables, credentials, or config paths, which is proportionate. Caveat: the docs suggest using separate models for reconstruction and storing mapping/decompression prompts; if an implementation binds those steps to external LLM endpoints or stores decompression prompts in external services, credentials would become relevant — but none are requested here.
Persistence & Privilege
always:false and no install-time persistence or privileged modifications are requested. The skill does not request to modify other skills or system settings. Autonomous invocation is allowed by default (not changed here); combined with the instruction content this increases potential impact but does not by itself indicate improper privilege requests.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install compress - After installation, invoke the skill by name or use
/compress - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Compress?
Compress text semantically with iterative validation, anchor checksums, and verified information preservation. It is an AI Agent Skill for Claude Code / OpenClaw, with 899 downloads so far.
How do I install Compress?
Run "/install compress" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Compress free?
Yes, Compress is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Compress support?
Compress is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Compress?
It is built and maintained by Iván (@ivangdavila); the current version is v1.0.0.
More Skills