← Back to Skills Marketplace
缓存日志 (
142
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install context-cache-manager
Description
提供fork-safe的上下文克隆、历史消息智能压缩和快速恢复,支持多Agent并发和会话高效管理。
README (SKILL.md)
Context Cache Manager
fork-safe上下文克隆 + 智能压缩 + 快速恢复 参考Claude Code fork设计和Context缓存机制
背景问题
OpenClaw原生上下文管理:
- fork时上下文丢失 — 子Agent无法继承父进程关键状态
- 历史消息膨胀 — 长时间对话导致token爆炸
- session恢复慢 — 重启后丢失工作上下文
- 内容替换状态乱序 — 多Agent同时修改导致冲突
根因:缺乏Claude Code的fork-safe三剑客克隆机制
解决方案
Fork-Safe三剑客(必须克隆)
参考Claude Code原始设计,fork时必须克隆:
// 父进程 → 子进程
{
contentReplacementState: parent.contentReplacementState.clone(), // 内容替换状态
renderedSystemPrompt: parent.renderedSystemPrompt, // 渲染后的system提示
messages: parent.messages.clone() // 消息历史
}
智能压缩策略
完整消息历史 (100条+)
↓ 压缩
保留:
- 所有system消息(完整)
- 最近20条消息(完整)
- 更早消息 → 摘要标记
[Compressed 80 older messages]
↓
压缩后 ~25条等效消息
Session生命周期
[ACTIVE] ──fork──> [FORKED] (父) + [ACTIVE] (子)
│
├──compact──> [COMPACTED]
│
└──archive──> [ARCHIVED]
│
└──cleanup──> deleted (24h后)
使用方式
Python API
from context_cache_manager import ContextCacheManager, fork_context
# 方式1:面向对象
manager = ContextCacheManager("session-001")
# 捕获当前上下文
manager.capture(
system_prompt="You are OpenClaw agent...",
messages=[...],
content_replacement_state={"replaced": [...]},
rendered_system_prompt="Rendered prompt with context..."
)
# 快速恢复
restored = manager.restore()
print(f"Restored {len(restored.messages)} messages")
# Fork到子session
child = manager.fork("child-session-002")
assert child.content_replacement_state == parent.content_replacement_state
# 方式2:便捷函数
child = fork_context("parent-id", "child-id")
压缩效果
| 原始消息数 | 压缩后 | 压缩率 | 等效token |
|---|---|---|---|
| 50 | 25 | 50% | ~60% |
| 100 | 25 | 75% | ~70% |
| 200 | 25 | 87.5% | ~75% |
Skill集成
whenToUse: |
spawn子Agent前捕获父context
session恢复时快速重建
长时间对话后压缩上下文
permissions:
- file:write (缓存目录)
- file:read (恢复缓存)
- memory:manage
hooks:
before_spawn: capture_context
after_spawn_complete: fork_context
配置参数
| 参数 | 默认值 | 说明 |
|---|---|---|
MAX_HISTORY_LENGTH |
50 | 最大保留消息数 |
MAX_CACHE_AGE_HOURS |
24 | 缓存过期时间 |
CACHE_DIR |
tmp/context-cache/ |
缓存目录 |
format |
pickle+gzip | 高效序列化 |
与AgentConcurrency配合
from agent_concurrency_controller import spawn_agent_safe
from context_cache_manager import ContextCacheManager
# 1. 捕获父上下文
parent_ctx = ContextCacheManager("main-session")
parent_ctx.capture(system_prompt, messages)
# 2. 安全spawn(自动fork上下文)
result = spawn_agent_safe(
task="子任务",
agent_type="researcher",
context_manager=parent_ctx # 自动fork
)
# 3. 子Agent继承完整上下文
日志审计
缓存日志 (logs/context-cache.log)
[2026-04-03 15:40:00] CAPTURE: session-001 | 15000_chars | compressed: true
[2026-04-03 15:40:05] FORK: session-001 -> child-002 | cloned 3 fields
[2026-04-03 15:45:00] COMPACT: session-001 | 100->25 messages | saved 65%
[2026-04-03 16:00:00] RESTORE: session-001 | loaded from cache
最佳实践
- spawn前capture — 确保可fork
- 长对话后compact — 防止token爆炸
- 定期cleanup — 删除过期缓存
- immutable fork — 子进程不修改父状态
关联
- 并发控制:
skills/agent-concurrency-controller/ - 结果控制:
skills/tool-result-size-controller/ - 安全编辑:
skills/safe-file-editor/ - 架构参考:
memory/learnings/claude-code-architecture-2026-04-03.md
版本
- v1.0.0 (2026-04-03): 初始实现,fork-safe三剑客克隆+智能压缩
Usage Guidance
This skill appears to implement the advertised context caching features, but there are two important concerns to address before installing: 1) Pickle usage: the code persists snapshots with pickle and later unpickles them. If an attacker can create or replace files in the cache directory (~/.openclaw/workspace/.../context-cache), they can craft a pickle that runs arbitrary code when loaded. Mitigations: replace pickle with a safe format (JSON with strict schema) or sign/encrypt cache files and validate signatures before loading; restrict CACHE_DIR permissions; run the code in a sandbox. 2) Prompt-injection patterns: the SKILL.md and data model include system prompt fields. Ensure your agent platform does NOT allow this skill to overwrite the running system prompt or escalate privileges; verify any restored 'rendered_system_prompt' before applying it. Additional practical steps: review/modify the source to remove pickle or add signature checks, set CACHE_DIR to an isolated path, run the module under least privilege, and only install from a trusted source or after code review. If you cannot mitigate the pickle/deserialization risk, treat the skill as unsafe for environments where untrusted users or processes can write to your home directory.
Capability Analysis
Type: OpenClaw Skill
Name: context-cache-manager
Version: 1.0.0
The skill provides context management and cloning for agents, but it uses the unsafe `pickle` module in `context_cache_manager.py` to store and load session snapshots from the local filesystem (~/.openclaw/workspace/tmp/context-cache). This creates a significant Remote Code Execution (RCE) vulnerability if the cache directory is compromised. Although the behavior aligns with the stated purpose in `SKILL.md`, the use of unsafe deserialization is a high-risk security flaw.
Capability Assessment
Purpose & Capability
Name, description, SKILL.md and the provided Python implementation all align: the module compresses message history, clones fork-safe fields, saves/loads cache files, and exposes capture/restore/fork APIs. Nothing in the requirements requests unrelated cloud creds or external services. Note: using a user-home cache path (~/.openclaw/...) is reasonable for this purpose but could overlap with other local agent data.
Instruction Scope
Runtime instructions are focused on capturing, compressing, forking and restoring context and request file read/write permissions which are appropriate. However the SKILL.md contains content related to 'renderedSystemPrompt' and the pre-scan flagged a 'system-prompt-override' pattern — while handling system prompts is legitimate here, the presence of prompt-injection-like text means reviewers should confirm the skill does not attempt to overwrite agent/system prompts or otherwise manipulate agent trust boundaries.
Install Mechanism
No install spec; this is instruction+source-file only. Nothing is downloaded from external URLs and no installers are executed, which lowers supply-chain risk.
Credentials
The skill requests no external credentials, which fits the purpose. However the implementation serializes snapshots with pickle+gzip and later unpickles them from disk. Pickle can execute arbitrary code during deserialization if an attacker can write or replace cache files (e.g., in ~/.openclaw/...); this is a high-risk choice for persisted data. The skill also writes to user home paths that could be targeted by local attackers. Consider this disproportionate risk unless mitigated.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It creates and manages files under a workspace path in the user's home; that is a normal level of persistence for a cache manager.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install context-cache-manager - After installation, invoke the skill by name or use
/context-cache-manager - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
基于Claude Code fork-safe三剑客克隆的上下文管理器
Metadata
Frequently Asked Questions
What is 上下文缓存管理器?
提供fork-safe的上下文克隆、历史消息智能压缩和快速恢复,支持多Agent并发和会话高效管理。 It is an AI Agent Skill for Claude Code / OpenClaw, with 142 downloads so far.
How do I install 上下文缓存管理器?
Run "/install context-cache-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 上下文缓存管理器 free?
Yes, 上下文缓存管理器 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 上下文缓存管理器 support?
上下文缓存管理器 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 上下文缓存管理器?
It is built and maintained by suda6632 (@suda6632); the current version is v1.0.0.
More Skills