\r \r

i-skill - Personalized Interaction Profile\r

\r Analyzes user conversations to generate a structured personalization profile, enabling AI assistants to deliver customized service based on user preferences.\r \r ---\r \r

📁 Data Storage Location\r

\r Default Location: User data is stored in the skill's own user_data/ directory (relative to the skill installation).\r \r Environment Variable Override: You can set the ISKILL_DATA_PATH environment variable to specify a custom directory for storing user data.\r \r Important Notes:\r

• All file paths referenced in this document refer to the user_data/ directory (either default or via ISKILL_DATA_PATH override)\r
• The skill will never write outside the configured data directory\r
• Ensure proper permissions are set on the data directory to protect your personal information\r \r

🔒 Initialization Behavior & User Consent\r

\r Key Principle: No directories are created and no files are written to disk until the skill is manually activated.\r \r

How It Works:\r

1. Module Loading: When the skill modules (audit_log.py, consent_manager.py, myself_manager.py) are first imported or instantiated, no file system operations occur.\r
2. Lazy Initialization: Directories and files are only created when the first write operation is performed, which happens after manual activation (user consent).\r
3. Read Operations: Reading existing files does not trigger initialization.\r \r

Important:\r

• Manual activation (e.g., "激活个性化") represents user's consent to read/write personalization data\r
• Only destructive operations (delete/reset) require additional confirmation\r
• Initialization happens transparently as part of the first write operation after activation\r \r ---\r \r

⚡ Behavioral Anchors (High Priority — Always Obey)\r

\r

These rules remain active throughout the entire session after activation, regardless of context length.\r \r

1. Identity Awareness: When i-skill is active, every response should reflect understanding of the user profile. Not by mentioning it explicitly, but through word choice, recommendations, and decision-making.\r
2. State Check: Important - Consent First: No data is read automatically at session start. When the skill is manually activated (e.g., "激活个性化"), this action itself represents user consent. Only after activation:\r
   • Read i-skill_state.json (from data directory) to check current state\r
   • If status == "active", read myself.md (from data directory) and use it as personalization context\r
3. Language: Use the user's preferred language as recorded in the profile. Default to Chinese for existing profiles.\r \r ---\r \r

🚀 Activation & Lifecycle\r

\r

Activation Commands\r

• "激活个性化" / "Activate personalization" / "Enable personalization"\r
• "personalization"\r \r

Other Commands\r

• View profile: "查看档案" / "View my profile"\r
• Manual update: "更新档案" / "Update my profile"\r
• Pause: "暂停个性化" / "Pause personalization"\r
• Resume: "恢复个性化" / "Resume personalization"\r
• Reset: "重置档案" / "Reset profile"\r
• Delete: "删除档案" / "Delete profile"\r \r

Activation Flow\r

\r

1. User issues an activation command (e.g., "激活个性化")\r
2. Manual activation implies consent: The act of manually activating the skill represents user's consent to read/write personalization data\r
3. After activation:\r a. Read i-skill_state.json (from data directory) to check current state\r b. If already active, inform user: "Personalization is already active, profile version vX"\r c. If inactive, create/update i-skill_state.json to active, increment activation count by 1\r d. Read current myself.md (if it exists, from data directory), combine with conversation context, generate/update profile using the template below\r e. Display a brief profile summary to the user after generation\r \r ---\r \r

📋 Profile Format Specification\r

\r The profile is stored in myself.md (from data directory) and must strictly follow this semi-structured template:\r \r

# User Profile\r
\r
> Auto-generated on YYYY-MM-DD · Version vX · Refined over N iterations\r
\r
## Basic Info\r
- **Name**: (User's name or AI-inferred)\r
- **Career Direction**: (Current primary career or job-seeking direction)\r
- **Tech Stack**: (Technologies frequently used or currently learning, comma-separated)\r
\r
## Interests & Preferences\r
- **Core Interests**: (3-5 core interest areas)\r
- **Learning Focus**: (Areas currently being studied in depth)\r
- **Content Preference**: (Types of content preferred: hands-on projects / theoretical knowledge / industry trends / comprehensive analysis)\r
\r
## Communication Style\r
- **Language**: (Primary language)\r
- **Style**: (Concise / Detailed / Casual / Professional)\r
- **Format Preference**: (Code examples / Plain text / Visual charts / Mixed)\r
- **Feedback Habit**: (Proactive / Implicit adjustment / Direct correction)\r
\r
## Thinking Style\r
(Free-form description, 1-3 sentences. E.g.: Systematic thinker, analyzes problems holistically; pragmatic, prefers actionable solutions; curious, enjoys exploring new technology boundaries)\r
\r
## Recent Focus\r
(2-5 recent topics or projects, in reverse chronological order)\r
\r
## Observation Notes\r
(Free-form description of other stable traits, interesting details, or memorable preferences observed from conversations. 1-3 items, concise. Prefer prefixing each item with `[场景]` for traceability, e.g. `[2026-03-27, cogito讨论] 对"本质"有执念...`)\r
```\r
\r
### Profile Generation Rules\r
- **Must include** all fixed section headers (Basic Info, Interests & Preferences, Communication Style, Thinking Style, Recent Focus, Observation Notes)\r
- **Fixed fields** (bold `**`-marked items) must appear under their corresponding sections\r
- **Free zones** ("Thinking Style", "Observation Notes") allow AI to demonstrate insightfulness, but keep it concise\r
- **Length limit**: Entire profile must not exceed 800 words\r
- **No fabrication**: Do not write information without evidence; mark uncertain fields as "To be observed"\r
- **On each update**: Regenerate completely rather than appending. Retain valuable content from previous versions, discard what's outdated\r
- **Confidence tags** (for uncertain or newly observed traits): Append `[~]` (1st observation, tentative) or `[!!]` (2nd observation, emerging) after the value. Tags are removed once confirmed (3+ consistent signals or user approval). Unmarked = confirmed. Example: `- **Learning Focus**: LLM应用开发 [~]Rust（待观察）`\r
\r
---\r
\r
## 🔄 Auto-Sensing Updates\r
\r
> **PRIVACY FIRST**: All profile updates require explicit user consent. No automatic silent updates are performed without prior user approval.\r
\r
### Update Triggers\r
\r
When **any** of the following conditions are met, **ask the user for explicit consent** before updating the profile:\r
\r
| Trigger | Description | Update Mode |\r
|---------|-------------|-------------|\r
| User demonstrates a new stable trait | Mentions a new career direction, new core interest, etc. | **Ask for consent first**, then update only if approved |\r
| User explicitly corrects profile errors | "I'm not a frontend dev, I do backend" | **Confirm correction first**, then update if approved |\r
| Conversation involves major changes | Career change, tech stack switch, etc. | **Show change summary first**, ask for consent before updating |\r
| 3+ consecutive rounds on a new topic | In-depth discussion of a topic not covered in the profile | **Ask for consent first**, then update only if approved |\r
\r
### Update Thresholds\r
\r
- **Do NOT trigger updates for**: Casual greetings, single technical Q&A, repeated discussions of known topics\r
- **Tweak vs. Rewrite**: If only 1-2 fields change, modify those fields directly; if 3+ fields change, regenerate the full profile\r
- **Prevent over-updating**: The same field must not be updated more than once within 5 conversation rounds (unless the user explicitly corrects it)\r
- **Signal exclusion**: Do NOT learn from silence/vague praise ("上次那个不错" context-dependent) / single events / hypothetical discussions / third-party preferences. Only explicit corrections, direct preference declarations, and 3+ repeated consistent signals count.\r
- **Gradual confirmation**: For non-explicit signals (e.g., topic drift → potential new interest), use confidence tags: 1st occurrence → `[~]` in Observation Notes only (no profile field change); 2nd → `[!!]`; 3rd → ask user before writing to profile fields.\r
\r
### Consent-First Update Behavior\r
\r
```\r
User: (Normal conversation content suggesting potential profile updates)\r
AI:   (Normal response content)\r
AI:   "I noticed some information that could update your profile. Would you like me to update it with these changes?\r
      - Career Direction: LLM App Development → Full-Stack Development\r
      - New Interest: Rust programming language\r
      (Reply 'yes' to confirm, 'no' to skip)"\r
[Only update if user explicitly says 'yes']\r
```\r
\r
### Confirmed Update Behavior\r
\r
```\r
AI: Detected potential updates to your profile:\r
    - Career Direction: LLM App Development → Full-Stack Development\r
    - New Interest: Rust programming language\r
    Confirm update? (Reply "yes" to confirm, "no" to skip)\r
```\r
\r
---\r
\r
## 🔒 Safe Operation Confirmations\r
\r
> The following destructive operations **require explicit user confirmation** before execution.\r
\r
### Modify Profile (Manual Trigger)\r
\r
When the user proactively requests profile modification (not auto-sensing updates):\r
1. Show a **change summary** (which fields were added/modified/removed)\r
2. Wait for user confirmation ("Reply 'yes' to confirm")\r
3. Execute write after confirmation\r
\r
### Reset Profile\r
\r
When the user requests a profile reset:\r
1. Warn: **"Resetting will clear all personalization data and restore to a blank template. This action cannot be undone. Reply 'yes' to confirm."**\r
2. After user confirmation, clear `myself.md` and write initial template, reset `profile_version` to 0\r
3. Keep `i-skill_state.json` `status` unchanged\r
\r
### Delete Profile\r
\r
When the user requests profile deletion:\r
1. Warn: **"Deletion will permanently remove all personalization data (including profile and state), and i-skill will return to an inactive state. Reply 'yes' to confirm."**\r
2. After user confirmation:\r
   - Delete `myself.md`\r
   - Reset `i-skill_state.json` to `{"status": "inactive", "activation_count": 0, "profile_version": 0}`\r
3. Stop personalization service\r
\r
### Pause / Resume\r
\r
- **Pause**: Execute immediately, no confirmation required. Change state `status` to `paused`, retain all profile data\r
- **Resume**: Execute immediately, no confirmation required. Change state `status` back to `active`, re-read profile to resume personalization service\r
\r
---\r
\r
## 📂 File Reference\r
\r
### Core Files (Stored in data directory)\r
- **`myself.md`** — User profile (with version tracking)\r
- **`i-skill_state.json`** — Activation state, statistics, profile_version\r
\r
### Security Files (Managed by Scripts)\r
- **`./scripts/myself_manager.py`** — Safe profile file read/write (with auto-rollback)\r
- **`./scripts/validator.py`** — Data validation and PII sanitization\r
- **`./scripts/audit_log.py`** — Operation audit logging\r
- **`./scripts/consent_manager.py`** — Cross-skill authorization management\r
- **`myself_operations.log`** — File-level operation audit log (from data directory)\r
- **`audit_log.json`** / **`defensive_log.json`** — Audit logs (from data directory)\r
- **`consent_state.json`** — Authorization state (from data directory)\r
\r
---\r
\r
## 🎯 Design Principles\r
\r
1. **AI-Driven, Tool-Assisted**: All decisions (when to update, what to update, whether to confirm) are made by the AI based on conversation context; Python scripts only handle safe file operations\r
2. **Structured + Flexible**: The profile format has a fixed skeleton to ensure consistency, while free-form areas allow the AI to demonstrate insightfulness\r
3. **Consent-First**: All data reads and writes require explicit user consent; no silent or automatic operations without user approval\r
4. **Anti-Bloat**: Each update regenerates rather than appends; total profile length is capped at 800 words\r
5. **Privacy First**: Never store raw conversations, only abstracted profile traits; PII detection and sanitization is ensured by `validator.py`\r
\r
---\r
\r
## 🔐 Security & Privacy Guidelines\r
\r
### ISKILL_DATA_PATH Environment Variable\r
\r
**Purpose**: The `ISKILL_DATA_PATH` environment variable allows you to specify a custom directory for storing user data.\r
\r
**Security Recommendations**:\r
1. **Use a dedicated directory**: Always set `ISKILL_DATA_PATH` to a dedicated, isolated directory specifically for this skill\r
2. **Restrict permissions**: Ensure the directory has appropriate file permissions to prevent unauthorized access\r
3. **Avoid system directories**: Never point `ISKILL_DATA_PATH` to system directories or directories containing sensitive files\r
4. **Backup regularly**: Regularly backup the data directory to prevent data loss\r
5. **Default is safe**: If not set, the skill will use its own `user_data/` directory which is the safest option\r
\r
### Data Protection\r
\r
- All personal data is stored locally only; no data is sent to external servers\r
- PII (Personally Identifiable Information) is automatically detected and sanitized\r
- File operations include automatic rollback mechanisms to prevent data corruption\r
- Audit logs are maintained for all file operations\r