功能描述

安全的自动任务迭代和优化系统

使用说明 (SKILL.md)

AI自动迭代技能

Name: 04 自动迭代
Author: nidhov01

安全的自动任务迭代和优化系统，支持质量评估和自动重试。

技能描述

自动执行任务并根据质量评估结果进行迭代优化，直到达到预期质量标准。支持工具白名单、危险操作检测和完整的历史记录。

使用场景

用户："生成一份报告，如果不满意就改进" → 自动迭代优化
用户："分析这段代码并优化" → 评估质量后自动改进
用户："创建一个方案，确保质量达标" → 迭代直到满足标准
用户："执行任务并记录过程" → 完整日志和历史记录

工具和依赖

工具列表

scripts/iteration_agent.py：核心迭代引擎

内置工具

工具	功能	参数
search	搜索内容	query, max_results
read	读取文件	file_path
write	写入文件	file_path, content
calculate	安全计算	expression
validate	验证数据	data, rules
analyze	分析内容	content

API密钥

无

外部依赖

Python 3.7+（仅使用标准库）

配置说明

配置参数

agent = IterationAgent(
    max_iterations=3,        # 最大迭代次数
    quality_threshold=0.7    # 质量阈值 (0-1)
)

数据存储位置

任务日志：~/.ai_iteration_log.db

使用示例

基本用法

from iteration_agent import IterationAgent

# 创建Agent
agent = IterationAgent(max_iterations=3, quality_threshold=0.7)

# 定义任务步骤
task_steps = [
    {'tool': 'write', 'params': {'file_path': 'output.txt', 'content': 'Hello AI'}},
    {'tool': 'read', 'params': {'file_path': 'output.txt'}},
    {'tool': 'analyze', 'params': {'content': 'Hello AI'}},
]

# 执行任务（自动迭代直到达标）
result = agent.run_task('文本处理任务', task_steps)

场景1：自动优化文本

用户："写一段产品介绍，质量要达到8分以上"

AI：

agent = IterationAgent(quality_threshold=0.8)
task_steps = [
    {'tool': 'write', 'params': {'content': '生成产品介绍'}},
    {'tool': 'analyze', 'params': {'evaluate_quality': True}},
]
result = agent.run_task('产品介绍生成', task_steps)
# 自动迭代改进，直到质量达标

场景2：文件处理任务

用户："读取data.txt，分析内容，保存报告"

AI：

task_steps = [
    {'tool': 'read', 'params': {'file_path': 'data.txt'}},
    {'tool': 'analyze', 'params': {'type': 'content_analysis'}},
    {'tool': 'write', 'params': {'file_path': 'report.txt'}},
]
result = agent.run_task('数据分析任务', task_steps)

场景3：自定义工具

用户："添加一个自定义工具来发送通知"

AI：

def send_notification(**kwargs):
    # 自定义通知逻辑
    return {'success': True, 'message': '已发送通知'}

agent.tools['notify'] = send_notification

故障排除

问题1：任务未达标但停止迭代

现象：质量未达标但已达到最大迭代次数

解决：

提高 max_iterations 参数
降低 quality_threshold 阈值
检查任务步骤是否合理

问题2：危险操作被阻止

现象：提示"危险操作已阻止"

解决：

这是安全机制，阻止危险命令
使用白名单内的安全工具
或明确告知操作是安全的

问题3：文件路径错误

现象：找不到文件或路径错误

解决：

使用绝对路径
或确保当前工作目录正确
只允许写入当前目录的文件

注意事项

迭代限制：默认最多3次迭代，避免无限循环
质量阈值：默认0.7，可根据需求调整
安全优先：危险操作会被自动阻止
只写当前：只允许写入当前目录的文件
定期备份：建议定期备份任务日志数据库

安全使用建议

This skill appears to implement the promised auto-iteration features, but there are a few concerns you should address before installing or running it on sensitive systems: - Python version: SKILL.md says Python 3.7+, but the code uses Path.is_relative_to which requires Python 3.9+. Run it only with a compatible interpreter or update the code or docs. - File access: The write tool is restricted to the current directory, but the read tool can read any readable path (subject to a 1 MB size limit). If you run this skill, it can read local files (e.g., /etc/passwd, ~/secrets) and will store logs in ~/.ai_iteration_log.db. If that is a concern, run the skill in an isolated directory or container and inspect/change the read implementation to restrict allowed read paths. - Persistent logs: The sqlite DB in your home will contain task history/results. Consider clearing or moving it and review file permissions. - Safety checks are simple: The dangerous-operation detection is substring-based and may be bypassed by creative inputs. Do not give this agent untrusted automated access to systems or production data without additional safeguards. - To increase trust: ask the author for (a) confirmation of required Python version, (b) a promise or code change to restrict read paths or add explicit whitelist behavior, (c) an option to change or disable the home DB location, and (d) full code (the provided file was truncated in the bundle review) for a complete audit. If you lack the ability to modify the code, run it in a disposable/isolated environment (container, VM) and avoid pointing it at real secrets or production files.

功能分析

Type: OpenClaw Skill Name: 04 Version: 1.0.0 The skill provides a framework for iterative task execution but contains high-risk vulnerabilities in `iteration_agent.py`. Specifically, `_tool_calculate` uses `eval()` on user-provided strings; although it attempts to sandbox the execution using a restrictive regex and by removing `__builtins__`, it remains a significant security risk. Furthermore, while `_tool_write` correctly restricts file operations to the current working directory, `_tool_read` lacks similar path-validation logic, creating a potential Local File Inclusion (LFI) vulnerability that could be exploited to read sensitive files outside the intended scope. The skill also creates a hidden SQLite database at `~/.ai_iteration_log.db` to persist task history.

能力评估

ℹ Purpose & Capability

Name/description match the included code: an IterationAgent that runs steps, evaluates quality, and logs history. However SKILL.md states Python 3.7+ while the code uses Path.is_relative_to (added in Python 3.9), which is an incompatibility between claimed runtime and actual code requirements. Other declared items (no external API keys, DB location in home) align with the code.

⚠ Instruction Scope

SKILL.md promises safety mechanisms and '只写当前' (write-only current directory). The code enforces write restrictions to current directory, but the read tool has no directory restriction and can read arbitrary file paths (subject only to existence and size). That contradicts the safety-oriented language and may expose sensitive local files. The security validation is string-based (substring checks for dangerous commands) which is brittle and may miss other dangerous payloads; validate_operation inspects str(kwargs) which may be insufficient.

✓ Install Mechanism

No external downloads or package installs. install.sh only checks for python3 and creates a run.sh that executes iteration_agent.py. requirements.txt only documents optional, commented deps. Install mechanism is low risk.

⚠ Credentials

The skill requests no environment variables or credentials (consistent). However it creates/stores a sqlite DB at ~/.ai_iteration_log.db (persistent storage in the user's home). The read tool can access arbitrary files (including sensitive system/user files). These behaviors are proportionate to an agent that manipulates local files, but the combination of persistent logs in home plus unrestricted reads is a privacy risk and not clearly justified in SKILL.md.

ℹ Persistence & Privilege

always is false (normal). The skill creates a database in the user's home and install.sh writes a run.sh in the current directory — both are reasonable but persistent. The skill does not request system-wide or other-skills configuration changes. No autonomous always-enabled privilege detected.

版本历史

v1.0.0

Initial release of auto-iteration skill (v1.0.0): - Enables safe, automated task iteration with built-in quality evaluation and auto-retry. - Includes a whitelist for safe tools, dangerous operation detection, and comprehensive task logs. - Python 3.7+ standard library only; no external dependencies or API keys needed. - Supports user scenarios like report generation, code analysis, and workflow optimization with example code and troubleshooting tips. - Custom tool integration possible via agent.tools dictionary.

元数据

Slug 04

版本 1.0.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 1

常见问题

04 自动迭代是什么？

安全的自动任务迭代和优化系统. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 271 次。

如何安装 04 自动迭代？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install 04」即可一键安装，无需额外配置。

04 自动迭代是免费的吗？

是的，04 自动迭代完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

04 自动迭代支持哪些平台？

04 自动迭代跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 04 自动迭代？

由 nidhov01（@nidhov01）开发并维护，当前版本 v1.0.0。

04 自动迭代