← 返回 Skills 市场
481
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install lessons-learned
功能描述
Manages user preferences, records errors, enforces prohibited words, and ensures safe operations with immediate stop on risky commands.
使用说明 (SKILL.md)
lessons_learned Skill
OpenClaw Skill - 错误学习与长期记忆系统
触发条件
自动触发
- 用户表达偏好: "我喜欢..." / "不要..." / "记住..."
- 操作失败时
- 执行高风险操作时
- 用户输入包含禁止词
- 用户输入包含紧急停止词
手动触发
/lessons_learned learn \x3C错误描述> # 记录错误
/lessons_learned check \x3C操作> # 检查操作
/lessons_learned memory \x3C内容> # 持久化信息
执行流程
1. 禁止词检查(最高优先级)
当检测到以下词汇时,立即停止,不执行任何操作:
删除 / 清空 / 格式化 / rm -rf
发送邮件 / 发消息 / 提交代码
执行命令 / sudo / chmod 777
反应:
立即停止操作
输出:"这个操作有风险,请确认是否执行"
等待用户确认
2. 紧急停止检查
当用户输入包含以下词汇时,立即停止所有操作:
- 停止 / stop / halt
- 取消 / cancel / abort
- 住手 / hold on / wait
3. 用户习惯匹配
根据用户习惯自动执行:
- 用户说中文 → 用中文回复
- 用户说英文 → 用英文回复
- 用户给文件路径 → 先读取内容
- 用户给URL → 先获取内容
4. 错误记录
当操作失败时:
- 记录到
memory/lessons/MISTAKES.md - 分析失败原因
- 生成避免规则
- 写入
memory/lessons/LESSONS_LEARNED.md
5. 信息持久化
当用户表达偏好时:
- 立即写入
MEMORY.md - 在
memory/lessons/HABITS.md记录习惯 - 更新
memory/lessons/PROHIBITED.md如需要
核心规则
禁止
- ❌ 重复已知的失败操作
- ❌ 忽略已记录的用户偏好
- ❌ 跳过禁止词检查
- ❌ 忽略紧急停止词
必须
- ✅ 禁止词 → 立即停止
- ✅ 紧急停止词 → 立即停止
- ✅ 偏好 → MEMORY.md
- ✅ 失败 → MISTAKES.md
- ✅ 习惯 → HABITS.md
- ✅ 风险操作 → 确认
文件位置
| 文件 | 用途 |
|---|---|
| memory/lessons/MISTAKES.md | 错误记录 |
| memory/lessons/LESSONS_LEARNED.md | 强制规范 |
| memory/lessons/PROHIBITED.md | 禁止词列表 |
| memory/lessons/HABITS.md | 用户习惯 |
| memory/lessons/SYSTEM_PROMPT.md | 注入模板 |
| MEMORY.md | 长期记忆 |
错误级别
| 级别 | 定义 | 处理 |
|---|---|---|
| P0 | 致命 | 立即停止 |
| P1 | 严重 | 记录并恢复 |
| P2 | 一般 | 记录并继续 |
| P3 | 轻微 | 记录即可 |
示例
禁止词触发
用户: "帮我删除这个目录"
Agent: "这个操作有风险,请确认是否执行"
紧急停止
用户: "停止当前操作"
Agent: (立即停止所有操作)
记录错误
/lessons_learned learn "删除文件时未检查权限"
持久化偏好
用户: "我喜欢用中文回复"
→ 自动写入 MEMORY.md
→ 自动写入 HABITS.md
版本: 2.0.0 | 更新: 2026-02-26
安全使用建议
This skill is coherent with being a 'memory' helper, but it asks the agent to read arbitrary file paths/URLs and to write persistent workspace files — including a SYSTEM_PROMPT template and persona files. Before installing or enabling it: (1) inspect the SKILL.md and README contents (you've done this), (2) do not give file paths or URLs that point to sensitive local files (e.g., ~/.ssh/, /etc/, cloud credential files), (3) avoid copying SYSTEM_PROMPT.md, AGENTS.md, SOUL.md, or USER.md into your agent workspace unless you trust their contents, (4) run the skill in a restricted/sandboxed environment first and test with non-sensitive data, and (5) consider adding filesystem access controls (or a policy) so the skill can only write/read a dedicated memory directory. If you cannot audit or sandbox these behaviors, treat the skill as risky.
功能分析
Type: OpenClaw Skill
Name: lessons-learned
Version: 1.0.1
The skill bundle is designed for agent self-improvement and memory, incorporating defensive mechanisms like forbidden word checks. However, it is classified as 'suspicious' due to two key vulnerabilities: 1) The `SKILL.md` explicitly states that `memory/lessons/SYSTEM_PROMPT.md` is an '注入模板' (injection template), indicating its content is used to modify the agent's system prompt. This creates a significant prompt injection vulnerability if an attacker can manipulate this file. 2) The skill instructs the agent to '先读取内容' (first read content) for user-provided file paths and '先获取内容' (first fetch content) for URLs, which, while part of its intended functionality, opens up potential vectors for arbitrary file reading (data exfiltration) or Server-Side Request Forgery (SSRF) if the agent is tricked into processing malicious inputs.
能力评估
Purpose & Capability
The skill's name/description (memory, lessons learned, prohibited words) aligns with instructions to persist preferences and mistakes to workspace files. However, the README also instructs copying agent/system/persona files (AGENTS.md, SOUL.md, SYSTEM_PROMPT.md, USER.md) into the workspace — copying/modifying these is not strictly necessary for simple preference/mistake recording and increases risk of changing agent behavior.
Instruction Scope
Runtime instructions tell the agent to '先读取内容' for any user-supplied file path and to fetch content for any user-supplied URL, and to automatically write persistent data into memory/ and MEMORY.md. The skill also references memory/lessons/SYSTEM_PROMPT.md (an 'injection template') and recommends copying persona/system files into the workspace. Reading arbitrary local files and creating/updating system prompt templates are high-scope actions that can expose secrets or enable persistent prompt injection.
Install Mechanism
This is an instruction-only skill with no install spec, no downloads, no added binaries — lower technical installation risk. The README suggests manual copying of files into ~/.openclaw/workspace/, which is a user action rather than an automated installer.
Credentials
The skill requests no environment variables, no credentials, and no required binaries. That is proportionate to its stated memory/recording purpose. The main risk arises from file access rather than secrets requested via env vars.
Persistence & Privilege
The skill expects to write persistent files under workspace (MEMORY.md, memory/lessons/*). More concerning: it explicitly lists SYSTEM_PROMPT.md and suggests copying AGENTS.md/SOUL.md/USER.md into workspace. Persisting or modifying system/prompt/persona files can permanently alter agent behavior (persistent prompt injection) and constitutes a privileged change to the agent environment, despite always:false.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install lessons-learned - 安装完成后,直接呼叫该 Skill 的名称或使用
/lessons-learned触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
解决记忆问题和错误重犯
元数据
常见问题
zxyskill 是什么?
Manages user preferences, records errors, enforces prohibited words, and ensures safe operations with immediate stop on risky commands. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 481 次。
如何安装 zxyskill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install lessons-learned」即可一键安装,无需额外配置。
zxyskill 是免费的吗?
是的,zxyskill 完全免费(开源免费),可自由下载、安装和使用。
zxyskill 支持哪些平台?
zxyskill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 zxyskill?
由 zxygeitio(@zxygeitio)开发并维护,当前版本 v1.0.1。
推荐 Skills