← 返回 Skills 市场
99
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install agent-runtime
功能描述
智能体运行时系统。整合工具注册、权限控制、Hook拦截、上下文压缩、Usage追踪的完整Agent运行时。 当用户说"创建Agent"、"运行Agent"、"Agent Runtime"、"子代理"时触发。
使用说明 (SKILL.md)
Agent Runtime - 智能体运行时系统
核心架构
用户消息
↓
┌─────────────────────────────────────┐
│ Agent Runtime │
│ │
│ ┌───────────┐ ┌──────────────┐ │
│ │ ToolReg │ │ Permission │ │
│ │ (注册表) │ │ (权限控制) │ │
│ └─────┬─────┘ └──────┬───────┘ │
│ ↓ ↓ │
│ ┌─────▼─────────────────────────┐ │
│ │ Hook Runner │ │
│ │ [PreToolUse] → [PostTool] │ │
│ └─────┬─────────────────────────┘ │
│ ↓ │
│ ┌─────▼─────┐ │
│ │ Executor │ (工具执行器) │
│ └─────┬─────┘ │
│ ↓ │
│ ┌─────▼──────┐ ┌──────────────┐ │
│ │ Compactor │ │ UsageTracker│ │
│ │ (压缩) │ │ (追踪) │ │
│ └────────────┘ └──────────────┘ │
└─────────────────────────────────────┘
↓
返回结果
组件说明
| 组件 | 作用 |
|---|---|
ToolRegistry |
工具注册、搜索、路由 |
PermissionPolicy |
权限级别控制 |
HookRunner |
PreToolUse/PostToolUse 拦截 |
SessionCompactor |
上下文压缩 |
UsageTracker |
Token 使用统计 |
子代理类型
const AgentType = {
EXPLORE: 'explore', // 文件探索(只读)
PLAN: 'plan', // 规划分析
VERIFICATION: 'verify', // 验证测试
GENERAL: 'general' // 通用任务
};
使用示例
import { AgentRuntime } from './scripts/agent-runtime.mjs';
// 创建运行时
const agent = new AgentRuntime({
agentType: 'explore', // 默认代理类型
maxTokens: 100000,
maxTurns: 50
});
// 注册工具
agent.registry.register({
name: 'read_file',
execute: async (ctx, input) => { /* ... */ }
});
// 添加 Hook
agent.addHook('pre', 'read_file', async (tool, input) => {
console.log(`Reading: ${input.path}`);
});
// 运行对话
const result = await agent.run('读取根目录的 README.md');
console.log(result.output);
console.log(result.usage);
文件结构
agent-runtime/
├── SKILL.md # 本文件
└── scripts/
└── agent-runtime.mjs # 核心实现
龙虾王子自我进化的成果 🦞
安全使用建议
This skill appears to be what it claims: an agent runtime. However, the shipped runtime exposes powerful built-in tools that can read any local file and execute arbitrary shell commands, and the provided HookRunner/Permission components do not enforce restrictions in the current implementation. Before installing or enabling this skill: 1) treat it as high-privilege — do not run it where it can access sensitive files or credentials; 2) require or implement proper permission policies and pre-hooks that validate/deny dangerous operations; 3) run it in a sandboxed environment (container/VM) if you must test it; 4) review and, if necessary, remove or harden the 'read_file' and 'bash' tool implementations (limit paths, avoid shell execution or require explicit approval); 5) request the full, non-truncated source and any missing modules so you can confirm there are no hidden network exfiltration paths. If you need a safer runtime, ask the author for an explicit permission model and secure defaults (deny-by-default for DANGER/ADMIN tools).
功能分析
Type: OpenClaw Skill
Name: agent-runtime
Version: 1.0.0
The skill implements an 'Agent Runtime' framework that includes high-risk capabilities such as arbitrary shell command execution (bash tool) and local file reading (read_file tool) in 'scripts/agent-runtime.mjs'. While these features are aligned with the stated purpose of a runtime environment, the implementation lacks functional security enforcement in its 'HookRunner' and uses a risky automatic tool execution pattern based on keyword matching. The 'bash' tool specifically targets Windows environments ('cmd /C'), and the current logic for passing arguments to tools appears incomplete or buggy, suggesting a high-risk but likely unintentional vulnerability rather than active malice.
能力评估
Purpose & Capability
The name/description (agent runtime: tool registration, permission control, hooks, compaction, usage tracking) aligns with the actual code. The included classes (ToolRegistry, HookRunner, SessionCompactor, UsageTracker) implement the described features. Built-in tools (read_file, bash, search, todo) are consistent with an agent runtime that can run sub-agents and tools.
Instruction Scope
SKILL.md and the example show importing the included script and registering/using tools — no instructions ask for unrelated files or external endpoints. However, the built-in tool implementations permit arbitrary local file reads (fs.readFileSync) and arbitrary shell command execution (child_process.spawn). The HookRunner implementation is a no-op (always allows), and PermissionPolicy appears as a concept but is not enforced in the provided code, so the runtime as packaged grants broad tool access by default.
Install Mechanism
This skill is instruction-only with the included script; there is no install spec and no external downloads or package installs referenced. Nothing in the manifest pulls code from third-party URLs or package registries.
Credentials
No environment variables, credentials, or config paths are requested. That is proportionate to the declared purpose. Note: absence of declared secrets does not prevent the runtime from reading arbitrary local files or using shell commands to access environment data at runtime.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and there is no install-time persistence mechanism declared. It therefore does not demand elevated platform privileges beyond normal runtime invocation.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install agent-runtime - 安装完成后,直接呼叫该 Skill 的名称或使用
/agent-runtime触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of agent-runtime: a complete Agent runtime system integrating tool registration, permission control, hooks, context compression, and usage tracking.
- Supports handling "创建Agent", "运行Agent", "Agent Runtime", "子代理" triggers.
- Modular architecture with ToolRegistry, PermissionPolicy, HookRunner, SessionCompactor, and UsageTracker components.
- Allows registering tools, controlling permissions, adding pre/post hooks, and compressing context within agent sessions.
- Includes built-in support for multiple agent types: explore, plan, verify, and general.
- Provides usage examples and clear file structure for integration.
元数据
常见问题
Agent Runtime 是什么?
智能体运行时系统。整合工具注册、权限控制、Hook拦截、上下文压缩、Usage追踪的完整Agent运行时。 当用户说"创建Agent"、"运行Agent"、"Agent Runtime"、"子代理"时触发。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 99 次。
如何安装 Agent Runtime?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-runtime」即可一键安装,无需额外配置。
Agent Runtime 是免费的吗?
是的,Agent Runtime 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Agent Runtime 支持哪些平台?
Agent Runtime 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Agent Runtime?
由 xhmqq616(@xhmqq616)开发并维护,当前版本 v1.0.0。
推荐 Skills