← 返回 Skills 市场
899
总下载
2
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install compress
功能描述
Compress text semantically with iterative validation, anchor checksums, and verified information preservation.
使用说明 (SKILL.md)
⚠️ Important Limitations
This is SEMANTIC compression, not bit-perfect lossless.
- L1-L2: Verified reconstruction, production-ready
- L3-L4: Experimental, may lose subtle information
- Never use for: Medical dosages, legal text, financial figures, safety-critical data
The Validation Loop
1. Compress original O → compressed C
2. Extract anchors from O (entities, numbers, dates)
3. Reconstruct C → R (without seeing O)
4. Verify: anchors match + semantic diff
5. If mismatch → refine C with missing info
6. Repeat until validated (max 3 iterations)
Convergence = verified. No convergence after 3 rounds = level too aggressive.
Quick Reference
| Task | Load |
|---|---|
| Compression levels (L1-L4) | levels.md |
| Validation algorithm details | validation.md |
| Format-specific strategies | formats.md |
| Token budgeting and metrics | metrics.md |
Compression Levels
| Level | Ratio | Reliability | Use Case |
|---|---|---|---|
| L1 | ~0.8x | ✅ High | Production, human-readable |
| L2 | ~0.5x | ✅ Good | System prompts, repeated use |
| L3 | ~0.3x | ⚠️ Moderate | Experimental, review output |
| L4 | ~0.15x | ⚠️ Low | Research only, expect losses |
Anchor Checksum System
Before compression, extract critical facts:
[ANCHORS: 3 people, $42,000, 2024-03-15, "Project Alpha"]
Reconstruction MUST reproduce these exactly. If anchors mismatch → compression failed.
Core Rules
- Always validate — Never trust compression without reconstruction test
- Use anchors — Extract numbers, names, dates before compressing
- Cap at L2 for production — L3-L4 are experimental
- Report confidence — Include iteration count and anchor match rate
- Independent verification — Consider different model for reconstruction
Cost-Benefit Reality
Each compression costs 3-4 LLM calls. Break-even calculation:
break_even_retrievals = compression_tokens / saved_tokens_per_use
Only cost-effective if: You'll retrieve the compressed content 6-8+ times.
For one-time use → just use the original text.
Before Compressing
- Content type is NOT safety-critical
- Target level chosen (L1-L2 recommended)
- Anchors identified (numbers, names, dates)
- ROI makes sense (multiple retrievals expected)
安全使用建议
This skill is coherent for semantic compression, but proceed carefully. Before installing or using it: 1) Do not compress or store safety-critical or secret system prompts, credentials, legal/medical/financial figures. 2) Review and control where decompression prompts, mapping tables, and any 'decompression' artifacts will be stored — avoid sending them to untrusted external services. 3) If the agent environment can execute shell commands or call alternate LLM endpoints, restrict those capabilities or audit the exact commands/endpoints used (the docs reference diff and extract_entities). 4) Test the skill on innocuous, non-sensitive data first to verify it doesn't alter system prompts or leak information. 5) If you need to compress system prompts, prefer manual review and explicit, auditable tooling rather than automated compression that can hide instructions. If you want, I can highlight the exact sentences in the SKILL.md that triggered the injection flag and suggest safer wording.
功能分析
Type: OpenClaw Skill
Name: compress
Version: 1.0.0
The skill bundle is classified as suspicious due to a potential shell injection vulnerability described in `validation.md`. The document includes example shell commands like `diff <(echo "$original") <(echo "$reconstructed")` and `extract_entities "$original"`. If an AI agent were to execute these commands directly with user-controlled input for `$original` or `$reconstructed`, it could lead to arbitrary command execution (RCE). While not explicitly malicious code, this represents a significant vulnerability that could be exploited.
能力评估
Purpose & Capability
The name and description (semantic compression with validation) align with the SKILL.md and companion docs. However, the docs explicitly cover compressing 'System Prompts' and recommend keeping imperatives intact and compressing examples aggressively — compressing system prompts is a sensitive operation and not an ordinary feature of a general-purpose compressor. The skill also references running shell-style checks (diff, extract_entities) without declaring required binaries; this is a mild mismatch between declared requirements (none) and advised runtime operations.
Instruction Scope
Instructions go beyond pure text transformation guidance: they (a) recommend compressing system prompts (sensitive), (b) show shell commands (diff <(...)>, extract_entities) that imply file I/O and command execution, and (c) advise using a different model for reconstruction and storing 'decompression prompts' / mapping tables. These behaviors can legitimately support validation, but they also enlarge the attack surface (smuggling instructions into compressed blobs, reconstructing hidden payloads, or using alternate LLM endpoints). The presence of a 'system-prompt-override' injection pattern in the SKILL.md increases concern that the guidance could be used to alter assistant/system behavior.
Install Mechanism
No install spec and no code files — instruction-only skill. That minimizes risk from arbitrary installs or downloaded executables. The validator scanner had no code to analyze, so there is no binary or archive risk here. The primary risk is from following the prose instructions at runtime.
Credentials
The skill requests no environment variables, credentials, or config paths, which is proportionate. Caveat: the docs suggest using separate models for reconstruction and storing mapping/decompression prompts; if an implementation binds those steps to external LLM endpoints or stores decompression prompts in external services, credentials would become relevant — but none are requested here.
Persistence & Privilege
always:false and no install-time persistence or privileged modifications are requested. The skill does not request to modify other skills or system settings. Autonomous invocation is allowed by default (not changed here); combined with the instruction content this increases potential impact but does not by itself indicate improper privilege requests.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install compress - 安装完成后,直接呼叫该 Skill 的名称或使用
/compress触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
常见问题
Compress 是什么?
Compress text semantically with iterative validation, anchor checksums, and verified information preservation. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 899 次。
如何安装 Compress?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install compress」即可一键安装,无需额外配置。
Compress 是免费的吗?
是的,Compress 完全免费(开源免费),可自由下载、安装和使用。
Compress 支持哪些平台?
Compress 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Compress?
由 Iván(@ivangdavila)开发并维护,当前版本 v1.0.0。
推荐 Skills