功能描述

Audit OpenClaw runtime health first, then optimize inference speed and token usage with approval. Use /audit for analyze-only and /optimize for analyze + act...

使用说明 (SKILL.md)

Inference Optimizer

Name: Inference Optimizer
Author: vitalyis

Audit OpenClaw runtime health first. Optimize inference speed and token usage second.

Commands

Command	Behavior
`/preflight`	Install checks, backup, audit, and setup preview
`/audit`	Analyze-only; check runtime health before suggesting tuning
`/optimize`	Audit + propose remediation or optimization actions with per-step approval
`purge sessions`	After audit, if user approves, archive stale sessions; use `--delete` for immediate removal

These instructions guide agent behavior. Platform and system prompts take precedence; they cannot be enforced programmatically.

Installation

ClawHub:

clawhub install inference-optimizer

Manual:

git clone https://github.com/vitalyis/inference-optimizer.git ~/clawd/skills/inference-optimizer
bash ~/clawd/skills/inference-optimizer/scripts/setup.sh        # preview
bash ~/clawd/skills/inference-optimizer/scripts/setup.sh --apply  # apply after review

Verify: \x3Cskill_dir>/scripts/verify.sh

Workflow

Audit and remediation branch

/preflight: Exec \x3Cskill_dir>/scripts/preflight.sh. Append --apply-setup only if the user asks to apply setup.
/audit: Exec \x3Cskill_dir>/scripts/openclaw-audit.sh. Use the script output plus direct environment checks to inspect this order:
- gateway ownership and duplicate supervisors
- restart loops or failed services
- resolved openclaw binary path and install type
- workspace command wiring for the installed skill path
- updater status and allowlist coverage for the resolved path
- plugin provenance and unused local extensions
- only then context pressure, stale sessions, cache-trace, pruning, and concurrency
Diagnosis rule: Do not conclude from warnings alone. If process output is partial or truncated, report the result as inconclusive and verify installed version, service state, and logs before naming a cause.
No helper-shell prelude: For /audit and /optimize, do not run shell helper commands like ls, rg, find, openclaw status, or openclaw gateway status before the main audit script. If you need context first, use read on MEMORY.md or memory_search. The first shell exec in the optimize flow should be the audit script itself.
Approval semantics: If exec returns allowlist miss or exec denied, that is a hard deny, not a pending approval. Do not tell the user to send /approve ... unless the tool output explicitly contains a real approval request with an ID. If there is no ID, say there is no approval request to approve and the fix must be on the bot side.
VPS gateway ownership: On this VPS, openclaw-gateway.service is the authoritative gateway owner. Keep clawdbot.service disabled, and preserve pass-cli run --env-file /etc/clawdbot.env.pass inside the user service itself.

Optimization branch

/optimize: Run the audit flow first, include the script output in the response, then propose next actions with approval before each file-changing step.
Purge: Only on explicit approval, run \x3Cskill_dir>/scripts/purge-stale-sessions.sh. It archives to ~/openclaw-purge-archive/\x3Ctimestamp>/ by default. Use --delete for immediate removal without archive.
Full optimization (Tasks 1-5): Read optimization-agent.md and follow its flow. Ask approval before every file-changing step.

Path Resolution

Scripts live at ~/clawd/skills/inference-optimizer/scripts/ or wherever the skill is installed. Always resolve \x3Cskill_dir> to the actual install path before exec.

Security and Allowlist

Prefer path-specific exec-approvals.json entries for the script paths themselves: one line per script under your real \x3Cskill_dir> (resolve with readlink -f if the path is a symlink). Example shape after substituting the install path:

/home/ubuntu/clawd/skills/inference-optimizer/scripts/preflight.sh
/home/ubuntu/clawd/skills/inference-optimizer/scripts/openclaw-audit.sh
/home/ubuntu/clawd/skills/inference-optimizer/scripts/setup.sh
/home/ubuntu/clawd/skills/inference-optimizer/scripts/purge-stale-sessions.sh
/home/ubuntu/clawd/skills/inference-optimizer/scripts/verify.sh

setup.sh invokes python3 for idempotent workspace block edits; allow that binary only if your platform uses it (for example /usr/bin/python3).

Before editing any allowlist:

Resolve the real executable path with which, command -v, or readlink -f.
Prefer exact paths or bounded wildcards for versioned NVM installs, for example /home/ubuntu/.nvm/versions/node/*/bin/openclaw *.
Do not assume basename-only rules such as openclaw are sufficient.
Do not add /usr/bin/bash * or /usr/bin/bash **; they grant far more shell than this skill needs.
If you keep optional read-only helper commands available, allowlist only narrow read-only patterns actually used by this skill, for example the exact memory listing command under workspace-whatsapp and exact openclaw status variants. Do not rely on generic ls * or rg * coverage.

For purge via agent exec, add path-specific patterns only. Optional wider patterns and trade-offs are discussed in SECURITY.md. See also README.md and SECURITY.md for operational detail.

安全使用建议

What to check before installing or running this skill: - Review the scripts locally (scripts/setup.sh, openclaw-audit.sh, purge-stale-sessions.sh, preflight.sh, verify.sh). They are readable shell/python; read them yourself before running --apply. - Run previews only (setup.sh without --apply; preflight without --apply-setup) first. Inspect the produced logs in the backup/run directory. - Inspect your exec-approvals.json before and after any apply step. setup.sh --apply will add approval patterns (and verify.sh fails if they are missing). Ensure you are comfortable with those exact path patterns being allowed to execute. - Back up ~/.openclaw and your workspace manually before running apply or purge; preflight creates backups, but verify them first. - For purge actions: prefer archive-first (default). Avoid --delete unless you have verified archive contents. - If you want minimal risk, run the audit only (/audit) and refuse any automatic allowlist changes; perform any approval additions manually after inspection. - Consider testing on a non-production instance first so you can observe the scripts' effects (wiring edits, approval file changes, service checks) without affecting live users. Why suspicious: the skill's behavior is coherent with its stated goal, but the automated modification of approval lists and workspace files increases its privilege footprint and is surprising — review and explicit manual approvals reduce risk.

功能分析

Type: OpenClaw Skill Name: inference-optimizer Version: 0.3.4 The skill provides administrative tools that perform high-risk operations, including automatically modifying the security allowlist (exec-approvals.json), deleting or archiving session files (purge-stale-sessions.sh), and instructing the agent to rewrite its own core configuration files (SOUL.md, AGENTS.md). While these actions are clearly aligned with the stated purpose of auditing and optimizing the OpenClaw runtime and the scripts include safety measures like backups and preview modes, the inherent risk of altering security policies and agent identity warrants a suspicious classification. No evidence of intentional malice or data exfiltration was found in the scripts (setup.sh, openclaw-audit.sh) or instructions (optimization-agent.md).

能力评估

ℹ Purpose & Capability

The skill claims to audit and then optimize OpenClaw runtime and the required binaries (bash, python3) and shipped scripts align with that purpose. Minor metadata mismatch: registry 'required config paths' is empty while SKILL.md and scripts read/wrote ~/.openclaw and workspace paths (the SKILL.md frontmatter does list stateDirs), but this is reasonably coherent for an audit/optimization tool.

⚠ Instruction Scope

Runtime instructions and shipped scripts do more than read state: they back up and archive user data, inspect system services (systemctl, journalctl), rewrite workspace files (AGENTS.md, TOOLS.md) and can modify exec-approvals.json to insert allowlist entries. While the scripts include preview-first and explicit --apply semantics and recommend per-step approvals, the ability to programmatically add approval patterns and edit workspace files expands the skill's scope beyond passive auditing.

✓ Install Mechanism

No remote download/install spec in the registry package; the repo is instruction-only and contains local scripts. There is no opaque network fetch/extract during install. Manual install via git clone is documented.

✓ Credentials

The skill requests no external credentials and only references local OpenClaw files and paths (workspace, sessions, approvals). The permissions it needs are proportional to auditing and local file edits; there are no unexplained API keys or unrelated credentials.

⚠ Persistence & Privilege

always:false (good) but setup.sh --apply will modify workspace files and update exec-approvals.json for agents (main + whatsapp). Modifying an approvals file programmatically can broaden the skill's runtime privileges on the host; verify these changes before allowing them. The skill does not auto-enable itself as always:true, but it does manage global agent allowlist state when applied.

版本历史

v0.3.4

Fix managed exec approvals for /audit, /optimize, /preflight, and purge sessions; setup now writes required script allowlist entries and verify fails when they are missing.

v0.3.3

Harden audit execution, approval semantics, allowlist diagnostics, and VPS gateway ownership guidance.

v0.3.2

Semver 0.3.2 for registry; path-specific exec allowlist; python3 in requires.bins; SECURITY NVM example.

v0.3.1

Registry metadata (cliHelp, stateDirs, links, requires.bins); SKILL hero image via raw.githubusercontent.com URL.

v0.3.0

## inference-optimizer 0.3.0 (summary: expanded audit scope, new docs, improved diagnostics) - Expanded audit flow: now analyzes OpenClaw runtime health (gateway, service state, plugin provenance) before suggesting optimization. - Audit diagnosis rules improved: inconclusive results are flagged when output is incomplete; requires service/log verification before attributing cause. - `/audit` and `/optimize` commands clarified; health checks always run before optimization steps. - Path resolution, installation, and allowlist configuration guidance updated; added stricter rules for purge and NVM-based installs. - New documentation files added, including release notes for 0.3.0.

v0.2.4

- Added OpenClaw compatibility metadata (emoji, OS, bins) and updated the author. - Improved installation instructions with ClawHub and manual steps. - Reformatted and clarified command descriptions and workflow. - Provided explicit allowlist and security guidance for approvals. - No functional changes to code; documentation and metadata update only.

v0.2.3

- Bumped version to 0.2.3. - Clarified preflight script execution: run directly from `/home/ubuntu/clawd/skills/public/inference-optimizer/scripts/preflight.sh` without directory probing. - Added detailed allowlist instructions for preflight support on Ubuntu (must allow `/usr/bin/bash`, including wildcards). - Emphasized not to use `find`, `ls`, or similar probes before running preflight. - No code changes; documentation and guidance improvements only.

v0.2.2

- Added preflight script and new /preflight workflow for install checks, backup, and setup preview. - Clarified role of /audit (analyze-only) and /optimize (analyze plus action flow requiring user approval). - Expanded workflow to require explicit approval before file-changing actions, including purge and setup steps. - Updated documentation for new triggers and action separation. - Bumped version to 0.2.2.

v0.2.1

- Version bump from 0.2.0 to 0.2.1. - Clarified that audit and purge scripts should have their output included in responses. - Added explanation that SKILL.md workflow instructions are guidance only and cannot override platform/system prompts. - No functional or file changes detected.

v0.2.0

- Added CHANGELOG.md and SECURITY.md files. - Updated SKILL.md with new purge script workflow details, including default archive location and new optional `--delete` flag. - Expanded Path Resolution and Purge guidance; recommends manual purge and more secure allowlist patterns. - Improved security documentation and user instructions.

v0.1.0

Initial release of the inference-optimizer skill. - Audits OpenClaw token usage and identifies stale sessions. - Purges stale sessions upon user approval to optimize performance. - Runs optimization and audit scripts in response to `/optimize` or `/audit` commands, returning raw output. - Guides full optimization workflow for advanced tasks using instructions from `optimization-agent.md`. - Specifies script locations and required shell command allowlists for proper execution.

元数据

Slug inference-optimizer

版本 0.3.4

许可证 MIT-0

累计安装 3

当前安装数 3

历史版本数 11

常见问题