功能描述

Connect OpenClaw to Aionis using write/context/policy/feedback memory loop APIs.

使用说明 (SKILL.md)

Aionis Memory Policy Loop Skill

Name: Aionis
Author: cognary

Use this skill when the user asks for long-term memory, retrieval with citations, tool routing from memory rules, or feedback-driven policy adaptation.

Requirements (Local Standalone)

Environment variables:

AIONIS_BASE_URL:
- host run: http://127.0.0.1:3001
- container-to-host run: http://host.docker.internal:3001
One auth method:
- AIONIS_API_KEY
- or AIONIS_AUTH_BEARER
Optional:
- AIONIS_TENANT_ID (default: default)
- AIONIS_SCOPE_PREFIX (default: clawbot)

Safety Rules

Never print full secrets in responses.
Keep scope fixed per project: clawbot:\x3Cproject>.
Do not write raw tool output dumps into memory; store concise summaries.
Keep requests bounded: set limits for recall and context assembly.
If /v1/memory/context/assemble is unavailable, fallback to /v1/memory/recall_text and continue.

Connectivity Precheck

Before running the memory loop, ensure Aionis standalone is reachable:

GET /health returns 200.
POST /v1/memory/write with x-api-key returns 200.
If check fails, stop and return a clear connectivity/auth error.

Auto Bootstrap Command

If local standalone is not running, execute:

bash ./bootstrap-local-standalone.sh

Then load runtime env:

source ./.runtime/clawbot.env

Default Workflow

Ingest key facts/results:
- POST /v1/memory/write
Build layered context before planning:
- POST /v1/memory/context/assemble
- fallback to POST /v1/memory/recall_text if assemble endpoint is unavailable
Route tools with policy:
- POST /v1/memory/tools/select
Close the loop after execution:
- POST /v1/memory/tools/feedback

Request Templates

Use these templates (replace placeholders):

write

{
  "tenant_id": "default",
  "scope": "clawbot:demo-project",
  "input_text": "Customer prefers email follow-up",
  "auto_embed": true,
  "nodes": [
    {
      "client_id": "evt_001",
      "type": "event",
      "text_summary": "Customer prefers email follow-up",
      "memory_lane": "shared",
      "slots": {
        "integration": "openclaw",
        "kind": "event",
        "project": "demo-project"
      }
    }
  ],
  "edges": []
}

context assemble

{
  "tenant_id": "default",
  "scope": "clawbot:demo-project",
  "query_text": "How should I follow up with this customer?",
  "include_rules": true,
  "include_shadow": false,
  "rules_limit": 50,
  "tool_strict": false,
  "return_layered_context": true,
  "context_layers": {
    "enabled": ["facts", "episodes", "rules", "decisions", "tools", "citations"],
    "char_budget_total": 3200,
    "include_merge_trace": true
  },
  "limit": 30,
  "neighborhood_hops": 2,
  "max_nodes": 50,
  "max_edges": 100
}

tools select

{
  "tenant_id": "default",
  "scope": "clawbot:demo-project",
  "run_id": "run_001",
  "context": {
    "intent": "follow_up",
    "customer": {
      "prefers": "email"
    }
  },
  "candidates": ["send_email", "call_crm", "search_docs"],
  "include_shadow": false,
  "rules_limit": 50,
  "strict": false
}

tools feedback

{
  "tenant_id": "default",
  "scope": "clawbot:demo-project",
  "run_id": "run_001",
  "outcome": "positive",
  "context": {
    "intent": "follow_up",
    "customer": {
      "prefers": "email"
    }
  },
  "candidates": ["send_email", "call_crm", "search_docs"],
  "selected_tool": "send_email",
  "include_shadow": false,
  "rules_limit": 50,
  "target": "tool",
  "input_text": "openclaw feedback accepted tool send_email"
}

Output Expectations

When using this skill, include these IDs in your response when present:

request_id
commit_id or commit_uri
decision_id or decision_uri
run_id

Also include:

base_url used for this run
scope used for this run

安全使用建议

What to consider before installing/bootstrapping: - Metadata mismatch: the registry entry claims no required env vars or binaries, but SKILL.md requires AIONIS_BASE_URL and either AIONIS_API_KEY or AIONIS_AUTH_BEARER, and the bootstrap script requires docker, curl, and openssl. Treat the package as needing those tools and secrets even though they aren't declared in metadata. - Bootstrap behavior: the provided script will pull and run ghcr.io/cognary/aionis:standalone-v0.2.5, write .runtime/aionis.env and .runtime/clawbot.env (including generated ADMIN_TOKEN and memory API key), and create a persistent Docker container and volume. If you run it, do so in a controlled/sandboxed environment (not on a production host) until you trust the image. - Trust the image/source: inspect the GHCR image (repository, maintainer, and image digest) before pulling. If possible, pull and inspect the image locally, or run it in an isolated VM. Confirm the upstream project's repo and image provenance (cognary) match expectations. - Secrets handling: the script generates and writes API/admin tokens to files and suggests sourcing them; sourcing exposes secrets into your shell environment. Avoid automatic sourcing from untrusted packages and securely store or rotate any generated admin keys. - If you only need remote Aionis access (not local standalone), you can skip the bootstrap and point AIONIS_BASE_URL and the API key to an existing trusted endpoint. - Recommended immediate actions: verify the GHCR image (digest and upstream repo), review the container image contents if possible, run the bootstrap only in an isolated environment, and ensure the package metadata is corrected or clarified before using in sensitive environments.

功能分析

Type: OpenClaw Skill Name: aionis Version: 1.0.0 The skill is classified as suspicious due to the explicit instruction in `SKILL.md` for the AI agent to execute a local shell script (`bash ./bootstrap-local-standalone.sh`). This script, `bootstrap-local-standalone.sh`, performs high-risk operations including pulling and running Docker containers (`ghcr.io/cognary/aionis:standalone-v0.2.5`), generating API keys using `openssl`, and writing configuration files to the local filesystem. While these actions are intended to set up a local dependency for the skill, granting an AI agent the capability for arbitrary shell command execution and Docker operations represents a significant remote code execution (RCE) risk and a powerful attack surface if the script or its dependencies were compromised. There is no clear evidence of intentional malicious behavior like data exfiltration or backdoor installation within the provided files, but the broad permissions and risky capabilities warrant a 'suspicious' classification.

能力评估

ℹ Purpose & Capability

The SKILL.md and included files clearly implement an Aionis memory/policy loop (endpoints, request templates, and a local standalone bootstrap). However the registry metadata declares no required environment variables or binaries while SKILL.md requires AIONIS_BASE_URL and an auth key/bearer and the bootstrap script requires docker, curl, and openssl. That mismatch between declared metadata and actual requirements is an incoherence to be aware of.

✓ Instruction Scope

The runtime instructions stay within the stated purpose: they describe health checks, memory write/assemble/select/feedback flows, and provide request templates. The only broader action is an explicit 'auto bootstrap' instruction that launches a local Aionis container; otherwise the skill does not instruct the agent to read unrelated system files or exfiltrate data.

ℹ Install Mechanism

There is no formal install spec, but the provided bootstrap script pulls a container image from ghcr.io (ghcr.io/cognary/aionis:standalone-v0.2.5) and runs it with Docker. GHCR is a standard registry (better than arbitrary URLs), but pulling and running remote container images is a higher-risk action than an instruction-only skill. The script writes runtime env files and creates a persistent container/volume.

⚠ Credentials

The env vars the skill needs (AIONIS_BASE_URL, AIONIS_API_KEY or AIONIS_AUTH_BEARER, optional tenant/scope and optional embedding provider keys) are appropriate for the stated purpose. But the package metadata did not declare these required credentials or the need for Docker/openssl/curl, which is a packaging inconsistency and can mislead users about what secrets or host capabilities will be used. The bootstrap also auto-generates ADMIN_TOKEN and memory API keys and writes them to .runtime files, which then are recommended to be sourced into shells.

ℹ Persistence & Privilege

The bootstrap creates a Docker container with --restart unless-stopped and a named volume for persistent data; this is legitimate for a 'local standalone' mode but does create a persistent service on the host. The skill is not marked always:true and does not modify other skills, but running the bootstrap grants long-lived access to an additional local service and stores generated secrets on disk.

版本历史

v1.0.0

Aionis Memory Policy Loop Skill 1.0.0 - Initial release: Connects OpenClaw to Aionis using memory loop APIs (write, context, policy, feedback). - Provides configuration via environment variables for standalone/local use. - Includes safety rules for secret handling, scope, and memory usage. - Features connectivity checks and auto-bootstrap for local Aionis instances. - Documents default workflow and request templates for writing, context assembly, tool selection, and feedback. - Specifies required response fields (e.g., IDs, base_url, scope) for output consistency.

元数据

Slug aionis

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题

Aionis 是什么？

Connect OpenClaw to Aionis using write/context/policy/feedback memory loop APIs. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 376 次。

如何安装 Aionis？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install aionis」即可一键安装，无需额外配置。

Aionis 是免费的吗？

是的，Aionis 完全免费（开源免费），可自由下载、安装和使用。

Aionis 支持哪些平台？

Aionis 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Aionis？

由 Cognary（@cognary）开发并维护，当前版本 v1.0.0。

Aionis