← 返回 Skills 市场
255
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install autothink
功能描述
Automatically adjust OpenClaw's thinking level based on message complexity. Switch between low/medium/high modes intelligently with session persistence.
使用说明 (SKILL.md)
AutoThink v2
零浪费的智能 thinking 模式管理
一次性设置,持续生效。不再重复分析,不再浪费 token。
✨ Features
- 持久化模式 -
-h/-l/-m一次设置,后续自动沿用 - 默认 high - 无需设置,自动使用 high 模式(适合大多数场景)
- 零分析开销 - 设置后完全无额外 token 消耗
- 会话隔离 - 不同会话独立维护模式状态
- 即时切换 - 随时用前缀切换模式
🚀 Quick Start
安装
clawhub install autothink
使用
1. 设置持久模式
# 设为 high 模式(适合复杂任务)
autothink -h "帮我设计一个分布式电商系统"
# 设为 low 模式(适合简单问答)
autothink -l "今天星期几?"
# 设为 medium 模式(平衡型)
autothink -m "解释一下这个错误"
2. 后续消息自动沿用
# 第一次设置了 -h 后...
autothink "数据库怎么设计?" # 自动使用 high
autothink "用户表结构怎么写?" # 还是 high
autothink "详细说明一下" # 继续 high
不需要再重复加 -h 或分析复杂度!
3. 状态管理
# 查看当前会话的模式
autothink --status
# 重置(恢复默认 high)
autothink --reset
# 使用不同的 session ID
autothink --session-id my-session -h "初始化"
4. 飞书聊天前缀
在飞书中直接使用前缀,我会自动处理:
-h 请帮我设计一个微服务架构
-l 现在几点
-m 详细解释这个错误日志
设置一次后,后续消息自动沿用你选择的模式。
📊 v1 vs v2
| 特性 | v1 (自动分析) | v2 (持久化) |
|---|---|---|
| 模式选择 | 自动分析每一条消息 | 一次设置,后续沿用 |
| Token 开销 | 每条消息都分析(浪费) | 设置后零分析 |
| 响应速度 | 稍慢 | 快 |
| 控制精度 | 自动判断(不精准) | 手动指定(精准) |
| 易用性 | 无需设置 | 只需设置一次 |
v2 更适合:
- 长时间深入的对话
- 固定偏好(永远用 high 分析复杂问题)
- 追求零浪费的用户
🔧 内部机制
const { AutoThinkEngine } = require('autothink');
const engine = new AutoThinkEngine();
// 处理消息(CLI 内部逻辑)
const result = engine.processMessage("你的消息", "session-id");
console.log(result.thinkingLevel); // "high" | "medium" | "low"
console.log(result.cleanedMessage); // 清理后的消息(无前缀)
状态存储(内存):
- 键:
sessionId - 值:
thinkingLevel("high"/"medium"/"low") - 生命周期:进程运行期间
📈 性能对比
假设连续 20 条消息:
| 场景 | v1 分析次数 | v2 分析次数 | Token 节省 |
|---|---|---|---|
| 全部复杂问题 | 20 次 | 1 次 (首次) | ~95% |
| 混合模式(手动) | 20 次 | 0 次(前缀直接切换) | 100% |
🎯 使用技巧
-
会话开始时设置
autothink -h "今天我们要讨论一个复杂的系统设计问题" # 之后整个会话都用 high -
混合使用
autothink -h "开始复杂分析" # 设置为 high ... (多轮对话) autothink -l "简单确认一下" # 临时切 low ... (简单回复) autothink -h "继续深入" # 切回 high -
跨设备同步
- v2 状态在内存中,换设备需重新设置
- 需求:可通过
~/.autothink.json持久化(计划中)
📁 Project Structure
autothink-2.0.0/
├── SKILL.md # 技能文档(本文件)
├── _meta.json # 技能索引
├── skill.json # 技能元数据
├── package.json # npm 包配置
├── DESIGN_V2.md # 设计报告
├── README.md # 详细文档
├── src/
│ ├── index.js # v2 核心引擎
│ ├── cli.js # v2 CLI 工具
│ └── hook.js # OpenClaw hook(预留)
└── test/ # 测试
📝 License
MIT - 自由使用、修改、分发。
🤝 Contributing
欢迎提交 Issue 和 PR!
Made with ❤️ by 大青龙 - v2.0.0 (2026-03-16)
安全使用建议
What to watch for before installing:
- The CLI spawns the local 'openclaw' binary to forward messages but the skill metadata failed to declare that 'openclaw' is a required binary. Ensure you have the real 'openclaw' tool and that the skill's metadata is updated to require it.
- The CLI uses spawn with shell:true and directly passes user message content as an argument; this can introduce command-shell injection if an attacker or malicious input is provided. Ask the author to remove shell:true or to properly escape/validate messages (or to pass arguments without invoking a shell).
- There are several implementation bugs/inconsistencies: package.json reports version 1.0.0 while registry/docs claim v2.0.0; the CLI's help branch intercepts '-h' making the '-h' mode unreachable; src/hook.js requires './src/index.js' from inside src/ (likely a broken path). These suggest the package was not fully tested.
- Installation instructions are ambiguous: registry has no install spec but README references npm/clawhub. Prefer a clear install method (npm package or vetted repository) before running.
- The hook, if enabled, will run as a message_preprocessor in OpenClaw and can set context.thinking. Only enable the hook if you trust the code and after fixing the shell invocation.
Recommended actions:
1. Ask the publisher to fix: declare 'openclaw' as a required binary, remove shell:true (or safely escape inputs), fix path and -h conflicts, and align versions.
2. Review and run the code in an isolated sandbox/VM before enabling the hook on a production agent.
3. If you must use it now, avoid enabling the hook system-wide and prefer invoking the CLI only with trusted inputs; inspect/patch runAgentWithThinking to avoid shell evaluation.
功能分析
Type: OpenClaw Skill
Name: autothink
Version: 2.0.0
The skill contains a high-risk shell injection vulnerability in `src/cli.js`. It uses `child_process.spawn` with `shell: true` to execute the `openclaw` command, passing unsanitized user-provided message content directly into the shell environment. While the tool's stated purpose of managing AI 'thinking levels' appears legitimate and no evidence of intentional data exfiltration or backdoors was found, the implementation allows for arbitrary command execution on the host system via crafted input.
能力评估
Purpose & Capability
The code (engine, CLI, hook) implements the described session-persistent thinking modes and in-memory state as claimed. However, the package does call a local 'openclaw' binary to forward messages but the skill metadata does not declare that 'openclaw' is a required binary; the SKILL.md and registry also present mixed versioning (v2 in docs/metadata vs package.json v1.0.0). These mismatches are incoherent and should be reconciled.
Instruction Scope
Runtime instructions and code ask the agent to spawn a local 'openclaw' process and pass user message text to it. That is within the goal of forwarding messages to the agent, but SKILL.md and skill.json do not declare the binary requirement. The CLI uses shell:true when spawning the 'openclaw' process and directly forwards message contents as an argument — this creates a command-shell injection surface if user content is not safely escaped. There are also small scope/behavior bugs: the CLI treats '-h' both as help and as 'high' mode (help branch runs first, preventing '-h' from functioning as mode switch), and the hook file requires './src/index.js' while itself is located in src/, which looks like a broken relative path.
Install Mechanism
No install spec is provided in the registry (instruction-only), but package.json and source files are included in the bundle and README suggests npm installation or clawhub. That's inconsistent: the registry lists no install mechanism yet the project expects to be installed/executed. There is no external download URL or unknown installers; risk from install mechanism itself is low, but the missing/ambiguous install instructions are a usability/integrity concern.
Credentials
The skill does not request secrets or unrelated credentials. It optionally uses OPENCLAW_SESSION_ID and AUTOTHINK_DEBUG (both reasonable for session selection and debugging). No config paths or tokens are required. Environment access appears proportional to the described purpose.
Persistence & Privilege
The skill stores session state in-process only (a Map) and does not request permanent 'always' inclusion or modify other skills' configs. It exposes a hook implementation that, if enabled by the user in OpenClaw config, will run as a message_preprocessor — this is expected behavior and requires user opt-in. No elevated persistence beyond the process is present.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install autothink - 安装完成后,直接呼叫该 Skill 的名称或使用
/autothink触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
v2.0.0: Persistent mode switching. One-time -h/-l/-m sets thinking mode for entire session. Zero analysis overhead after setup.
v1.0.0
Initial release
元数据
常见问题
Autothink 1.0.0 是什么?
Automatically adjust OpenClaw's thinking level based on message complexity. Switch between low/medium/high modes intelligently with session persistence. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 255 次。
如何安装 Autothink 1.0.0?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install autothink」即可一键安装,无需额外配置。
Autothink 1.0.0 是免费的吗?
是的,Autothink 1.0.0 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Autothink 1.0.0 支持哪些平台?
Autothink 1.0.0 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Autothink 1.0.0?
由 zpy0726(@zpy0726)开发并维护,当前版本 v2.0.0。
推荐 Skills