← 返回 Skills 市场
264
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install nidhov01-proactive-agent
功能描述
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autono...
安全使用建议
What to consider before installing:
- The skill's functionality (writing and searching memory files, WAL/working buffer, heartbeats) matches its description; the included security-audit script is benign and meant to help.
- However, the docs contain inconsistent behavior rules: some places say 'Don't ask permission. Just do it.' while other places require explicit human approval for external actions. Decide which policy you want your agent to follow and review/normalize AGENTS.md, SOUL.md, and SKILL.md before enabling the skill.
- The audit script reads files in your home directory ($HOME/.clawdbot) and scans repository files for secrets. Run it in a safe/sandbox environment first and manually inspect any files it flags.
- There are no declared external endpoints or environment variables requested, which reduces remote-exfiltration risk, but the agent will be writing local files that may contain sensitive context. Ensure .credentials is used as intended and is gitignored.
- Recommended steps: (1) review and edit the behavior guardrails to require explicit approvals you are comfortable with, (2) run the security-audit.sh locally in a sandbox, (3) verify .gitignore contains .credentials and check file permissions, and (4) if you allow autonomous actions, monitor initial runs closely. If you want stronger assurance, ask the skill author for clarity on the 'permission' contradictions or test in an isolated environment first.
功能分析
Type: OpenClaw Skill
Name: nidhov01-proactive-agent
Version: 3.1.0
The proactive-agent bundle is a comprehensive framework designed to enhance AI agent autonomy and persistence through features like Write-Ahead Logging (WAL), autonomous cron jobs, and memory compaction recovery. It demonstrates a strong security posture by including a dedicated security audit script (scripts/security-audit.sh) and explicit instructions in SKILL.md and AGENTS.md to defend against prompt injection and prevent unauthorized data exfiltration. The logic is consistently aligned with its stated purpose of creating a helpful, self-improving assistant with built-in guardrails.
能力评估
Purpose & Capability
The name/description (proactive agent) aligns with the included assets: onboarding, memory, heartbeat, WAL/working-buffer, and a local security-audit script. The skill is instruction-only and asks the agent to read/write workspace files (ONBOARDING.md, USER.md, SESSION-STATE.md, memory/*, etc.), which is coherent for its stated purpose. However, some files contain contradictory guidance (e.g., AGENTS.md: "Don't ask permission. Just do it." vs SKILL/AGENTS guardrails that require approval for external actions and deletions). This mixed messaging is disproportionate to the claimed purpose and could lead the agent to act out of expected bounds.
Instruction Scope
SKILL.md and assets instruct the agent to scan, read, and write many local files (workspace and memory files) and to run the included security-audit script. The audit script also checks $HOME/.clawdbot/clawdbot.json and /tmp logs, i.e., files outside the immediate workspace. Those checks are explainable for a security audit, but they expand the scope beyond the skill directory. Additionally, the repository includes explicit examples of prompt-injection phrases (used for detection), which triggered pre-scan flags; that is expected in a security patterns document but is a vector that must be handled carefully. The contradictory guidance about asking permission is a behavioral gap that could cause the agent to perform undesired actions.
Install Mechanism
This is an instruction-only skill with no install spec and no external downloads. The only code file is a local bash script (security-audit.sh) used for checking config and file hygiene. There is no networked install or third-party package pull in the manifest, so installation risk is low.
Credentials
The skill declares no required environment variables, credentials, or special binaries. It does instruct storing credentials locally in a .credentials directory and the audit script scans typical config locations and .gitignore. The skill does not request external API keys or unrelated secrets, which is proportionate. That said, because it reads $HOME/.clawdbot and suggests scanning logs/skills directories, it will access system-level files when run — reasonable for an audit but outside a narrow 'agent memory' scope.
Persistence & Privilege
The skill is not marked always:true and does not request modifications to other skills or system-wide agent settings. Autonomous invocation is allowed by default on the platform (disable-model-invocation: false). The real risk comes from behavioral guidance (e.g., 'Don't ask permission' / 'Ask forgiveness, not permission') which, if followed, could let a proactive agent take actions without explicit human approval. This is a policy/behavior risk rather than a manifest privilege escalation.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nidhov01-proactive-agent - 安装完成后,直接呼叫该 Skill 的名称或使用
/nidhov01-proactive-agent触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.1.0
Fork - 2026.3.16
元数据
常见问题
Proactive Agent 是什么?
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autono... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 264 次。
如何安装 Proactive Agent?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nidhov01-proactive-agent」即可一键安装,无需额外配置。
Proactive Agent 是免费的吗?
是的,Proactive Agent 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Proactive Agent 支持哪些平台?
Proactive Agent 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Proactive Agent?
由 nidhov01(@nidhov01)开发并维护,当前版本 v3.1.0。
推荐 Skills