← 返回 Skills 市场
141
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install nirvana-plugin
功能描述
Local-first OpenClaw plugin providing privacy-focused AI inference with bundled qwen2.5:7b model, intelligent routing, audit logging, and optional cloud fall...
安全使用建议
This plugin appears to do what it claims: local-first routing via Ollama with context stripping and local audit logs. Before installing: 1) Verify the repository origin (the registry entry lists source as 'unknown' but docs reference a GitHub repo); confirm the GitHub repo and commit history are legitimate. 2) Inspect the ollama-manager.js and privacy-auditor.js files to ensure no undisclosed network endpoints or upload logic exist. 3) Run the plugin in an isolated environment (VM or disposable host) first because it requires access to Docker and local identity/memory files; granting Docker access can expose the host. 4) Keep cloud-fallback disabled until you review how cloud API keys are read/used and ensure the context-stripper is operating as expected. 5) Address the prompt-injection scanner flag by grepping the SKILL.md and source files for 'system', 'prompt', 'override', or any code that writes to agent/system prompts. If you need higher assurance, ask the author for a signed release or run a security review of the full source before deploying in production.
功能分析
Type: OpenClaw Skill
Name: nirvana-plugin
Version: 0.1.1
The Nirvana plugin is a legitimate local-first inference and privacy management tool for OpenClaw. It integrates with Ollama to provide local LLM capabilities and includes a sophisticated 'Context Stripper' (src/context-stripper.js) designed to redact PII and sensitive identity files (like SOUL.md and USER.md) before any data is sent to cloud providers. The architecture features comprehensive auditing (src/privacy-auditor.js) and metrics collection (src/metrics-collector.js) to ensure transparency and data sovereignty, with no evidence of malicious intent, hidden backdoors, or unauthorized data exfiltration.
能力标签
能力评估
Purpose & Capability
Name/description, manifest permissions, and code files (router, context-stripper, ollama-manager, privacy-auditor) align with a local-first inference plugin that manages Ollama, routes queries, strips context before cloud calls, and writes audit/metrics to local memory. No unrelated credentials or bizarre binaries are requested.
Instruction Scope
Runtime instructions focus on starting an Ollama container, installing the plugin, and verifying health; they explicitly reference local audit/metrics files and backing up local models. This is consistent with the stated purpose, but the plugin will read and write local identity/memory files and instructs publishing artifacts to external services (GitHub/ClawHub/Google Drive) in the docs — those publication steps are administrative, not runtime, but you should review them if you expect zero external interactions.
Install Mechanism
No install spec in the registry entry (instruction-only), but this is a code plugin with sources included; installation will place code on disk. It relies on standard public Docker images (ollama/ollama, qdrant, qdrant, falkordb) and Ollama auto-pulls models. There are no obscure or shortened URLs or private download hosts in the provided materials. Auto-pulling a multi-GB model from Ollama is expected but substantial (network + disk).
Credentials
The skill requests no external API keys by default, which fits the 'zero API keys' claim. The manifest explicitly grants read access to highly sensitive local files (SOUL.md, USER.md, MEMORY.md, session state) and write access to memory/* — this is proportionate for a privacy-enforcement plugin but is high-sensitivity access. Treat these local file reads as sensitive privileges and verify code paths that handle/export those contents (context-stripper and privacy-auditor are present and intended to constrain exports).
Persistence & Privilege
always:false and normal hooks (on-query/on-response) are expected. The plugin declares execute permissions for 'docker' / 'ollama-api' so it can manage local containers, which is coherent for lifecycle management but increases attack surface (access to Docker and the host environment). No 'always: true' or hidden persistent backdoors were found in the provided materials.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nirvana-plugin - 安装完成后,直接呼叫该 Skill 的名称或使用
/nirvana-plugin触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
- Updated plugin-manifest.json.
- No functional or documentation changes to SKILL.md.
- Maintenance release only.
v0.1.0
Initial release of Nirvana — a local-first AI inference plugin for OpenClaw.
- Handles 80%+ of queries on local hardware with no API keys required.
- Bundled qwen2.5:7b model auto-downloads and works out-of-the-box via Ollama (Docker).
- Preserves privacy by stripping and auditing sensitive context before any cloud fallback.
- Provides intelligent routing: local vs. cloud, with audit logging and observability.
- No telemetry; identity and memory files stay local.
- Production-ready: full test coverage, graceful degradation, metrics, and logs.
- Easily configurable: model selection, privacy, routing thresholds, metrics retention.
元数据
常见问题
Nirvana 是什么?
Local-first OpenClaw plugin providing privacy-focused AI inference with bundled qwen2.5:7b model, intelligent routing, audit logging, and optional cloud fall... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 141 次。
如何安装 Nirvana?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nirvana-plugin」即可一键安装,无需额外配置。
Nirvana 是免费的吗?
是的,Nirvana 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Nirvana 支持哪些平台?
Nirvana 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Nirvana?
由 Shiva&G(@shivaclaw)开发并维护,当前版本 v0.1.1。
推荐 Skills