← 返回 Skills 市场
缓存日志 (
142
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install context-cache-manager
功能描述
提供fork-safe的上下文克隆、历史消息智能压缩和快速恢复,支持多Agent并发和会话高效管理。
使用说明 (SKILL.md)
Context Cache Manager
fork-safe上下文克隆 + 智能压缩 + 快速恢复 参考Claude Code fork设计和Context缓存机制
背景问题
OpenClaw原生上下文管理:
- fork时上下文丢失 — 子Agent无法继承父进程关键状态
- 历史消息膨胀 — 长时间对话导致token爆炸
- session恢复慢 — 重启后丢失工作上下文
- 内容替换状态乱序 — 多Agent同时修改导致冲突
根因:缺乏Claude Code的fork-safe三剑客克隆机制
解决方案
Fork-Safe三剑客(必须克隆)
参考Claude Code原始设计,fork时必须克隆:
// 父进程 → 子进程
{
contentReplacementState: parent.contentReplacementState.clone(), // 内容替换状态
renderedSystemPrompt: parent.renderedSystemPrompt, // 渲染后的system提示
messages: parent.messages.clone() // 消息历史
}
智能压缩策略
完整消息历史 (100条+)
↓ 压缩
保留:
- 所有system消息(完整)
- 最近20条消息(完整)
- 更早消息 → 摘要标记
[Compressed 80 older messages]
↓
压缩后 ~25条等效消息
Session生命周期
[ACTIVE] ──fork──> [FORKED] (父) + [ACTIVE] (子)
│
├──compact──> [COMPACTED]
│
└──archive──> [ARCHIVED]
│
└──cleanup──> deleted (24h后)
使用方式
Python API
from context_cache_manager import ContextCacheManager, fork_context
# 方式1:面向对象
manager = ContextCacheManager("session-001")
# 捕获当前上下文
manager.capture(
system_prompt="You are OpenClaw agent...",
messages=[...],
content_replacement_state={"replaced": [...]},
rendered_system_prompt="Rendered prompt with context..."
)
# 快速恢复
restored = manager.restore()
print(f"Restored {len(restored.messages)} messages")
# Fork到子session
child = manager.fork("child-session-002")
assert child.content_replacement_state == parent.content_replacement_state
# 方式2:便捷函数
child = fork_context("parent-id", "child-id")
压缩效果
| 原始消息数 | 压缩后 | 压缩率 | 等效token |
|---|---|---|---|
| 50 | 25 | 50% | ~60% |
| 100 | 25 | 75% | ~70% |
| 200 | 25 | 87.5% | ~75% |
Skill集成
whenToUse: |
spawn子Agent前捕获父context
session恢复时快速重建
长时间对话后压缩上下文
permissions:
- file:write (缓存目录)
- file:read (恢复缓存)
- memory:manage
hooks:
before_spawn: capture_context
after_spawn_complete: fork_context
配置参数
| 参数 | 默认值 | 说明 |
|---|---|---|
MAX_HISTORY_LENGTH |
50 | 最大保留消息数 |
MAX_CACHE_AGE_HOURS |
24 | 缓存过期时间 |
CACHE_DIR |
tmp/context-cache/ |
缓存目录 |
format |
pickle+gzip | 高效序列化 |
与AgentConcurrency配合
from agent_concurrency_controller import spawn_agent_safe
from context_cache_manager import ContextCacheManager
# 1. 捕获父上下文
parent_ctx = ContextCacheManager("main-session")
parent_ctx.capture(system_prompt, messages)
# 2. 安全spawn(自动fork上下文)
result = spawn_agent_safe(
task="子任务",
agent_type="researcher",
context_manager=parent_ctx # 自动fork
)
# 3. 子Agent继承完整上下文
日志审计
缓存日志 (logs/context-cache.log)
[2026-04-03 15:40:00] CAPTURE: session-001 | 15000_chars | compressed: true
[2026-04-03 15:40:05] FORK: session-001 -> child-002 | cloned 3 fields
[2026-04-03 15:45:00] COMPACT: session-001 | 100->25 messages | saved 65%
[2026-04-03 16:00:00] RESTORE: session-001 | loaded from cache
最佳实践
- spawn前capture — 确保可fork
- 长对话后compact — 防止token爆炸
- 定期cleanup — 删除过期缓存
- immutable fork — 子进程不修改父状态
关联
- 并发控制:
skills/agent-concurrency-controller/ - 结果控制:
skills/tool-result-size-controller/ - 安全编辑:
skills/safe-file-editor/ - 架构参考:
memory/learnings/claude-code-architecture-2026-04-03.md
版本
- v1.0.0 (2026-04-03): 初始实现,fork-safe三剑客克隆+智能压缩
安全使用建议
This skill appears to implement the advertised context caching features, but there are two important concerns to address before installing: 1) Pickle usage: the code persists snapshots with pickle and later unpickles them. If an attacker can create or replace files in the cache directory (~/.openclaw/workspace/.../context-cache), they can craft a pickle that runs arbitrary code when loaded. Mitigations: replace pickle with a safe format (JSON with strict schema) or sign/encrypt cache files and validate signatures before loading; restrict CACHE_DIR permissions; run the code in a sandbox. 2) Prompt-injection patterns: the SKILL.md and data model include system prompt fields. Ensure your agent platform does NOT allow this skill to overwrite the running system prompt or escalate privileges; verify any restored 'rendered_system_prompt' before applying it. Additional practical steps: review/modify the source to remove pickle or add signature checks, set CACHE_DIR to an isolated path, run the module under least privilege, and only install from a trusted source or after code review. If you cannot mitigate the pickle/deserialization risk, treat the skill as unsafe for environments where untrusted users or processes can write to your home directory.
功能分析
Type: OpenClaw Skill
Name: context-cache-manager
Version: 1.0.0
The skill provides context management and cloning for agents, but it uses the unsafe `pickle` module in `context_cache_manager.py` to store and load session snapshots from the local filesystem (~/.openclaw/workspace/tmp/context-cache). This creates a significant Remote Code Execution (RCE) vulnerability if the cache directory is compromised. Although the behavior aligns with the stated purpose in `SKILL.md`, the use of unsafe deserialization is a high-risk security flaw.
能力评估
Purpose & Capability
Name, description, SKILL.md and the provided Python implementation all align: the module compresses message history, clones fork-safe fields, saves/loads cache files, and exposes capture/restore/fork APIs. Nothing in the requirements requests unrelated cloud creds or external services. Note: using a user-home cache path (~/.openclaw/...) is reasonable for this purpose but could overlap with other local agent data.
Instruction Scope
Runtime instructions are focused on capturing, compressing, forking and restoring context and request file read/write permissions which are appropriate. However the SKILL.md contains content related to 'renderedSystemPrompt' and the pre-scan flagged a 'system-prompt-override' pattern — while handling system prompts is legitimate here, the presence of prompt-injection-like text means reviewers should confirm the skill does not attempt to overwrite agent/system prompts or otherwise manipulate agent trust boundaries.
Install Mechanism
No install spec; this is instruction+source-file only. Nothing is downloaded from external URLs and no installers are executed, which lowers supply-chain risk.
Credentials
The skill requests no external credentials, which fits the purpose. However the implementation serializes snapshots with pickle+gzip and later unpickles them from disk. Pickle can execute arbitrary code during deserialization if an attacker can write or replace cache files (e.g., in ~/.openclaw/...); this is a high-risk choice for persisted data. The skill also writes to user home paths that could be targeted by local attackers. Consider this disproportionate risk unless mitigated.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It creates and manages files under a workspace path in the user's home; that is a normal level of persistence for a cache manager.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install context-cache-manager - 安装完成后,直接呼叫该 Skill 的名称或使用
/context-cache-manager触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
基于Claude Code fork-safe三剑客克隆的上下文管理器
元数据
常见问题
上下文缓存管理器 是什么?
提供fork-safe的上下文克隆、历史消息智能压缩和快速恢复,支持多Agent并发和会话高效管理。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 142 次。
如何安装 上下文缓存管理器?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install context-cache-manager」即可一键安装,无需额外配置。
上下文缓存管理器 是免费的吗?
是的,上下文缓存管理器 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
上下文缓存管理器 支持哪些平台?
上下文缓存管理器 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 上下文缓存管理器?
由 suda6632(@suda6632)开发并维护,当前版本 v1.0.0。
推荐 Skills