← 返回 Skills 市场

cache-strategy-advisor

Name: cache-strategy-advisor
Author: charlie-morrison

作者 charlie-morrison · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install cache-strategy-advisor

功能描述

Design and optimize caching strategies for applications. Analyze data access patterns, recommend cache layers (browser, CDN, application, database), configur...

使用说明 (SKILL.md)

Cache Strategy Advisor

Design caching strategies that actually improve performance without introducing stale data bugs. Analyze access patterns, recommend appropriate cache layers, configure TTLs and invalidation policies, measure hit rates, and identify cache-related issues.

Use when: "optimize caching", "cache strategy", "what should we cache", "cache hit rate is low", "stale data issues", "CDN caching", "Redis caching strategy", "cache invalidation", or when adding caching to an application.

Commands

1. `analyze` — Assess Current Caching

Step 1: Inventory Existing Cache Layers

# Check for Redis/Memcached
redis-cli ping 2>/dev/null && redis-cli info stats 2>/dev/null | grep -E "keyspace_hits|keyspace_misses|evicted_keys"
memcached-tool localhost:11211 stats 2>/dev/null | grep -E "get_hits|get_misses|evictions"

# Check for application-level caching
rg "cache\.|@cache|@Cacheable|lru_cache|memoize|NodeCache|redis\." \
  --type-not binary -g '!node_modules' -g '!vendor' 2>/dev/null | head -20

# Check CDN headers
curl -sI "https://$HOST" | grep -iE "cache-control|cdn-cache|x-cache|cf-cache|age:" 2>&1

# Check for HTTP caching headers
curl -sI "https://$HOST/api/products" | grep -iE "cache-control|etag|last-modified|vary:" 2>&1

Step 2: Measure Current Hit Rates

# Redis hit rate
redis-cli info stats 2>/dev/null | python3 -c "
import sys
stats = {}
for line in sys.stdin:
    if ':' in line:
        k, v = line.strip().split(':', 1)
        stats[k] = v
hits = int(stats.get('keyspace_hits', 0))
misses = int(stats.get('keyspace_misses', 0))
total = hits + misses
if total > 0:
    rate = hits / total * 100
    status = '🟢' if rate > 90 else '🟡' if rate > 70 else '🔴'
    print(f'{status} Cache hit rate: {rate:.1f}% ({hits:,} hits / {misses:,} misses)')
    print(f'Evictions: {stats.get(\"evicted_keys\", 0)}')
else:
    print('No cache activity')
"

# CDN hit rate (Cloudflare example)
# Check X-Cache or CF-Cache-Status headers across multiple requests
for i in $(seq 1 10); do
  curl -sI "https://$HOST/" | grep -i "cf-cache-status\|x-cache" 2>/dev/null
done | sort | uniq -c

Step 3: Identify Caching Opportunities

Analyze the application for:

High-value cache candidates:

Repeated database queries (same params, frequent calls)
Expensive computations (aggregations, reports, ML inference)
External API calls (rate-limited, slow, costly)
Static or rarely-changing data (config, feature flags, translations)
Session/auth data (user profiles, permissions)

Anti-patterns to flag:

Caching mutable data without invalidation
TTLs that don't match data change frequency
Cache-aside pattern without error handling (cache miss → DB → cache set)
Thundering herd on cache expiry (no jitter, no lock)
Over-caching (caching user-specific data in shared cache)

# Find repeated queries (Django example — enable logging)
# Look for similar queries in application code
rg "\.filter\(|\.get\(|SELECT.*FROM" --type py -g '!migrations' 2>/dev/null | \
  sed 's/[0-9]*//g' | sort | uniq -c | sort -rn | head -10

Step 4: Recommend Strategy

# Cache Strategy Report

## Current State
- Redis: ✅ Running, 85% hit rate, 2.3% eviction rate
- CDN: ⚠️ 45% hit rate (Cache-Control too short)
- Browser: ❌ No Cache-Control headers on static assets
- Application: ⚠️ Selective caching, 3 endpoints cached

## Recommendations

### Layer 1: Browser Cache
- Static assets (JS/CSS/images): `Cache-Control: public, max-age=31536000, immutable`
  Use content-hash filenames for cache busting
- HTML pages: `Cache-Control: no-cache` (revalidate every time)
- API responses: `Cache-Control: private, max-age=60` for user-specific data

### Layer 2: CDN Cache
- Product listings: 5 min TTL with stale-while-revalidate
- Images: 1 year TTL (content-addressed)
- API: bypass CDN for authenticated endpoints, cache public endpoints

### Layer 3: Application Cache (Redis)
| Data | TTL | Invalidation | Pattern |
|------|-----|-------------|---------|
| Product catalog | 5 min | On update + pub/sub | Read-through |
| User sessions | 30 min | On logout | Write-through |
| Search results | 2 min | TTL only | Cache-aside |
| Rate limit counters | 1 min | TTL only | Increment |
| Feature flags | 30 sec | On deploy | Read-through |

### Layer 4: Database Query Cache
- Enable PostgreSQL shared_buffers tuning
- Add materialized views for expensive aggregations
- Index covering queries for most frequent access patterns

## Invalidation Strategy
- Use pub/sub for real-time invalidation across instances
- Add jitter to TTLs: `TTL * (0.8 + random(0.4))` to prevent thundering herd
- Implement cache stampede protection (lock + stale-while-revalidate)

2. `configure` — Generate Cache Configuration

Output ready-to-use configuration for:

Nginx/Caddy proxy cache rules
Cloudflare/CloudFront cache policies
Redis cache-aside implementation with proper error handling
Application-level cache decorators

3. `debug` — Diagnose Cache Issues

For common cache problems:

Stale data: trace cache TTL vs data update frequency
Low hit rate: check key cardinality, TTL distribution, eviction policy
Memory pressure: analyze key size distribution, suggest eviction candidates
Thundering herd: detect mass expiry patterns, recommend jitter/locking

安全使用建议

This skill appears to do what it says (analyze caches and suggest configs) but the package metadata is incomplete. Before installing or running it: (1) treat it as a local diagnostics tool — it will search your repository and may connect to local Redis/Memcached and to the hostname in $HOST; (2) ensure you run it in a safe environment (not on production data) or supply a sanitized/restricted project copy; (3) ask the publisher to declare required binaries and environment variables (e.g., HOST, and any CDN credentials) in the manifest so you can grant consent knowingly; (4) review any outputs (configs, connection targets) before applying changes; (5) if you don't trust it, run the SKILL.md commands manually under a vetted account to see exactly what will run. Providing the skill's source/homepage or clarifying runtime permissions would raise confidence.

功能分析

Type: OpenClaw Skill Name: cache-strategy-advisor Version: 1.0.0 The cache-strategy-advisor skill bundle provides legitimate tools for analyzing and optimizing application caching layers. It uses standard command-line utilities like redis-cli, memcached-tool, ripgrep, and curl to inspect infrastructure and code patterns (SKILL.md), with no evidence of data exfiltration, malicious execution, or prompt injection.

能力评估

ℹ Purpose & Capability

The SKILL.md content (searching code, querying Redis/Memcached, curling the host, producing configs) is coherent with a cache strategy advisor. However the skill metadata declares no required binaries or environment variables even though the instructions expect tools like redis-cli, memcached-tool, rg (ripgrep), curl, python3, sed, and an environment variable $HOST. The missing declarations are an inconsistency.

⚠ Instruction Scope

Runtime instructions tell the agent to scan the local codebase (rg), query local cache services (redis-cli, memcached-tool), and perform HTTP requests to https://$HOST. Those actions can read arbitrary files and contact internal/external endpoints; the SKILL.md doesn't limit or explicitly justify access to unrelated files or define how $HOST should be provided. That's scope creep if the operator doesn't intend the agent to perform repository-wide or network probes.

✓ Install Mechanism

This is an instruction-only skill with no install spec and no code files. That minimizes disk writes and supply-chain risk. There is no installer download to evaluate.

⚠ Credentials

The skill requests no environment variables in metadata, but the instructions rely on $HOST and implicitly assume access to local Redis/Memcached instances and possibly CDN credentials for configuration. Requiring credentials or host addresses would be reasonable, but they should be declared. The current omission is disproportionate and prevents proper consent review.

✓ Persistence & Privilege

The skill is not marked always:true and does not request persistent installation or modify other skills. Autonomous invocation is allowed (platform default), which is normal; there is no evidence the skill tries to gain persistent elevated privileges.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install cache-strategy-advisor
安装完成后，直接呼叫该 Skill 的名称或使用 /cache-strategy-advisor 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of Cache Strategy Advisor to help design and optimize caching for applications. - Analyze application data access patterns and existing cache layers (browser, CDN, application, database). - Assess and report cache hit rates, TTLs, invalidation policies, and cache configuration. - Recommend tailored caching strategies, layer by layer, with ready-to-use configuration examples. - Identify cache-related issues (low hit rate, stale data, thundering herd) and provide troubleshooting commands. - Use case-driven commands: analyze current state, generate configuration, and debug common caching problems.

元数据

Slug cache-strategy-advisor

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题