功能描述

Internalize a document into a small language model (Gemma 2 2B) using Doc-to-LoRA so it can answer questions WITHOUT the document in the prompt. Use when the...

使用说明 (SKILL.md)

Doc-to-LoRA Skill

Name: Doc-to-LoRA
Author: manojbhat09

Internalize any document into a small model's weights in seconds. No fine-tuning loop, no RAG retrieval at query time. The model "knows" the document.

How It Works (30-second summary)

A trained hypernetwork reads your document and instantly generates LoRA adapter weights for every layer of Gemma 2 2B. The adapter is applied to the base model, which can then answer questions about the document without it being in the prompt.

Document --> Context Encoder --> Perceiver --> HyperLoRA --> LoRA weights
                                                                |
                                                    Apply to Gemma 2 2B
                                                                |
                                                    Answer questions (no doc in prompt)

For architecture details, read references/ARCHITECTURE.md in this skill directory.

Security Notes

Checkpoint loading: internalize.py uses torch.load(weights_only=False) because D2L checkpoints embed Python config dataclasses (AggregatorConfig, LoraConfig, HypernetConfig) alongside tensor weights. The upstream D2L project uses this format. Only load checkpoints you trust. The default checkpoint source is the official SakanaAI/doc-to-lora HuggingFace repository.
HF_TOKEN: Required for downloading gated Gemma weights. This is a sensitive secret. The scripts only pass it to huggingface-cli download and transformers model loading. It is not sent anywhere else.
No remote code execution: setup.sh does not download or execute remote scripts. It requires uv and python3 to be pre-installed by the user. All dependency installation is done via uv pip install with pinned versions.
Checkpoint integrity: After downloading, you can verify the checkpoint against the HuggingFace repo's commit hash. The download uses huggingface-cli which verifies checksums automatically.

Prerequisites

This skill runs inside a clone of the doc-to-lora repository. It is not a standalone tool.

Required before setup:

python3 (3.10+)
uv package manager: https://docs.astral.sh/uv/getting-started/installation/
HF_TOKEN env var: https://huggingface.co/settings/tokens (with Gemma access)
Clone of the D2L repo with install_mac.sh present

Run setup once. This installs Python dependencies and downloads model weights (~7GB total).

export HF_TOKEN=hf_your_token_here
bash ${CLAUDE_SKILL_DIR}/scripts/setup.sh

If setup was already completed, skip this step. Check with:

test -d trained_d2l/gemma_demo && echo "Weights present" || echo "Run setup first"

Workflow A: PyTorch Path (simpler, ~10GB RAM)

Use this when the user provides a document and wants answers. The internalize.py script handles both internalization and querying in one call.

Internalize a document and ask questions

python ${CLAUDE_SKILL_DIR}/scripts/internalize.py \
  --input "path/to/document.txt" \
  --question "What is the main finding?" \
  --checkpoint trained_d2l/gemma_demo/checkpoint-80000/pytorch_model.bin

Or pass text directly:

python ${CLAUDE_SKILL_DIR}/scripts/internalize.py \
  --text "Paste the document content here..." \
  --question "What is this about?"

For multiple questions, pass them comma-separated:

python ${CLAUDE_SKILL_DIR}/scripts/internalize.py \
  --input "path/to/document.txt" \
  --question "Question 1?,Question 2?,Question 3?"

For programmatic use, output results as JSON:

python ${CLAUDE_SKILL_DIR}/scripts/internalize.py \
  --input doc.txt --question "Q?" --output-json results.json

Workflow B: MLX Path (faster, ~6GB RAM, recommended for Mac)

Use this for best performance on Apple Silicon. Two-phase: export once, query fast.

Step 1: Export LoRA adapter from document

python scripts/export_d2l_to_mlx_adapter.py \
  --checkpoint trained_d2l/gemma_demo/checkpoint-80000/pytorch_model.bin \
  --context-file "path/to/document.txt" \
  --output-dir adapters_d2l

Step 2: Query with MLX (lightweight, Metal-accelerated)

python ${CLAUDE_SKILL_DIR}/scripts/query_mlx.py \
  --adapter-dir adapters_d2l \
  --question "What is the main finding?"

When to Use Which Path

Scenario	Path	Why
Quick one-off question about a doc	PyTorch	Simpler, no export step
Many questions about the same doc	MLX	Export once, query fast and cheap
RAM-constrained (16GB Mac)	MLX	~6GB vs ~10GB at query time
Multiple documents to compare	MLX	Export each, swap adapters instantly

Limitations

Base model: Gemma 2 2B only (with released weights). Small model = limited reasoning.
Document length: Up to ~6144 tokens (~4000-5000 words). Longer docs are chunked.
Training required for new base models: The hypernetwork must be trained (8xA100 GPUs) to support a different base model. Inference is Mac-friendly.
Factual recall, not reasoning: Best for "what does the doc say" questions, not deep multi-hop reasoning over the document.
No real-time updates: Once internalized, the adapter is static. Change the doc = re-internalize.

Troubleshooting

Problem	Fix
`ModuleNotFoundError: No module named 'ctx_to_lora'`	Run setup: `bash ${CLAUDE_SKILL_DIR}/scripts/setup.sh`
`FileNotFoundError: trained_d2l/...`	Download weights: `uv run huggingface-cli download SakanaAI/doc-to-lora --local-dir trained_d2l`
`FileNotFoundError: install_mac.sh`	This skill must be used inside a doc-to-lora repo clone that contains `install_mac.sh`
`RuntimeError: MPS backend out of memory`	Use MLX path instead, or close other apps
`ImportError: bitsandbytes`	Expected on Mac. The scripts auto-disable quantization on non-CUDA.
Answers seem wrong / generic	Check if LoRA is applied: outputs should differ from baseline. Try rephrasing.

安全使用建议

This skill appears to do what it claims: generate and apply LoRA adapters for Gemma 2 2B on macOS. Before installing: 1) Only set HF_TOKEN if you trust the HuggingFace account(s) and repos referenced (the script downloads from SakanaAI/doc-to-lora and the base model is gated). 2) Understand that torch.load(..., weights_only=False) can execute code embedded in a checkpoint; only use checkpoints from trusted sources and verify commit hashes/checksums as suggested in SKILL.md. 3) Run setup and model downloads in an isolated environment (container or VM) if you are uncomfortable giving HF_TOKEN or allowing large downloads on your machine. 4) Be aware the skill will create a .venv and write model weights to disk (~7–10 GB). 5) If you want stricter network control, review or run the scripts manually rather than granting an autonomous agent permission to run them. If you need, ask me to list exact places to verify on the HuggingFace repo (commit hash, model files, and safetensors usage) or to walk through running setup in a sandboxed environment.

功能分析

Type: OpenClaw Skill Name: doc-to-lora-hyper Version: 1.2.0 The skill implements a legitimate document internalization technique but contains a high-risk security vulnerability. Specifically, `scripts/internalize.py` uses `torch.load(weights_only=False)`, which allows for arbitrary code execution (RCE) via Python's pickle module if a malicious checkpoint is provided. While the documentation in `SKILL.md` and the script itself explicitly warn users to only load trusted checkpoints from the official SakanaAI HuggingFace repository, the inherent risk remains. Additionally, `scripts/setup.sh` executes an external script (`install_mac.sh`) not included in the bundle and requires a sensitive `HF_TOKEN` for operation.

能力评估

✓ Purpose & Capability

Name/description match the artifacts: Python scripts to internalize documents and query adapters, MLX and PyTorch paths, and a setup script that downloads model/checkpoint weights. Required binaries (python3, uv) and HF_TOKEN are appropriate for downloading gated Gemma weights and running the workflows.

ℹ Instruction Scope

SKILL.md and scripts restrict actions to loading local checkpoints, internalizing provided documents, exporting adapters, and querying models. The instructions require cloning the repo and running setup.sh; they don't ask the agent to read unrelated system files. However the runtime explicitly uses torch.load(weights_only=False) which loads pickled Python objects from checkpoints — this can execute arbitrary code if a checkpoint is malicious, and the skill relies on the user trusting the SakanaAI/HuggingFace checkpoint source.

✓ Install Mechanism

No install spec (instruction-only) reduces automatic risk. setup.sh uses uv pip install with pinned packages and huggingface-cli to download weights from a named HuggingFace repo (SakanaAI/doc-to-lora). Downloads come from a public registry (HuggingFace) rather than an arbitrary URL. This is reasonable for the purpose.

✓ Credentials

Only HF_TOKEN is required and is justified (gated Gemma model access). No unrelated credentials or broad system config paths are requested.

✓ Persistence & Privilege

always is false and the skill does not request permanent platform-wide privileges. setup.sh writes .venv and model files into the repo (expected). The skill does not modify other skills' configs or request system-level privileges.

版本历史

v1.2.0

Address all security scan flags: declare requires.env/bins in OpenClaw metadata, document torch.load safety, validate all prerequisites in setup.sh

v1.1.0

Fix security flags: remove curl|sh, declare HF_TOKEN requirement, document torch.load safety

v1.0.0

Initial release: internalize documents into Gemma 2B via HyperLoRA, Mac-friendly

元数据

Slug doc-to-lora-hyper

版本 1.2.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 3

常见问题

Doc-to-LoRA 是什么？

Internalize a document into a small language model (Gemma 2 2B) using Doc-to-LoRA so it can answer questions WITHOUT the document in the prompt. Use when the... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 342 次。

如何安装 Doc-to-LoRA？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install doc-to-lora-hyper」即可一键安装，无需额外配置。

Doc-to-LoRA 是免费的吗？

是的，Doc-to-LoRA 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Doc-to-LoRA 支持哪些平台？

Doc-to-LoRA 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（darwin）。

谁开发了 Doc-to-LoRA？

由 Manoj Bhat（@manojbhat09）开发并维护，当前版本 v1.2.0。

Doc-to-LoRA