← 返回 Skills 市场

Corvus

Name: Corvus
Author: indigokarasu

作者 Indigo Karasu · GitHub ↗ · v2.3.0 · MIT-0

cross-platform ⚠ suspicious

261

总下载

当前安装

版本数

在 OpenClaw 中安装

/install ocas-corvus

功能描述

Exploratory pattern analysis engine for the system knowledge graph and skill journals. Detects routines, emerging interests, anomalies, stalled threads, and...

安全使用建议

Corvus appears to do what it says (reading the knowledge graph and journals and writing structured proposals), but there are a few things to check before installing: - Source verification: SKILL.md references a GitHub repository and the README says it will self-update. Manually review the referenced GitHub repo (code, install scripts, and update mechanism) before running any 'openclaw skill install' or allowing updates. The registry entry has no homepage and an opaque owner ID — confirm repository ownership and review commits/tags. - Remote code fetch: The skill encourages pulling code from GitHub at 'corvus.update' and via the install line. That means new code can be introduced later. Only permit that if you trust the repository and have reviewed the install/update process. - Scheduled tasks & persistence: The README claims it will register cron jobs/heartbeat entries. Confirm which scheduler is modified and ensure you control/approve those changes. If you prefer, disable automatic scheduling and run analysis manually until you vet behavior. - Prompt-injection signal: The SKILL.md contained unicode-control characters flagged by the scanner. Treat that as suspicious — inspect the raw SKILL.md for hidden characters or instructions that could manipulate LLM prompts or the agent runtime. - Least privilege: If you proceed, restrict filesystem permissions to only the necessary directories (Chronicle and the specific intake/journal paths) and avoid granting broader system access. Monitor created files and scheduled jobs after first run. If you cannot inspect the GitHub source or confirm the update/install behavior, treat the skill as untrusted and do not install it. If you do inspect and approve the repo, prefer a one-time manual install and disable automatic self-updates until comfortable.

功能分析

Type: OpenClaw Skill Name: ocas-corvus Version: 2.3.0 The skill includes a self-update mechanism in `SKILL.md` that downloads and extracts a remote tarball from GitHub to overwrite local files, which is a high-risk pattern for remote code execution and supply chain attacks. It also requests broad read access to all skill journals (`~/openclaw/journals/*/`), providing a large data-access surface. Additionally, there is a functional discrepancy where the instructions command the agent to write to directories (Praxis and Vesper intake) not authorized in the `skill.json` filesystem manifest.

能力评估

✓ Purpose & Capability

Name/description, command list, and declared filesystem read/write (chronicle and journals) align with an exploratory analysis engine that needs graph and journal data and emits proposals to intake directories for Praxis/Vesper.

ℹ Instruction Scope

SKILL.md instructs the agent to read journals and Chronicle, persist JSONL journals, write BehavioralSignal and InsightProposal files to other skills' intake directories, and run periodic analysis cycles. Those actions are within the stated scope, but the doc also describes initialization that registers cron jobs and heartbeat entries and a self-update command — actions that alter scheduled behaviour and fetch remote updates, which broaden the runtime authority of the skill.

ℹ Install Mechanism

There is no formal install spec in the registry (the package is instruction-only), but SKILL.md contains an 'install' line and README/cmds reference 'corvus.update' and 'openclaw skill install https://github.com/indigokarasu/corvus'. That means the skill expects or encourages pulling code from GitHub at runtime; fetching and executing external code is higher risk and should be reviewed before allowing.

✓ Credentials

No environment variables or external credentials are requested. The declared filesystem reads (Chronicle DB and journals) and writes (its own data and journals, and other skills' intake dirs) are consistent with the stated functionality, though the read of '~/openclaw/journals/*/' is broad and will expose many journals to analysis.

⚠ Persistence & Privilege

The skill claims it will register cron jobs and heartbeat entries and perform self-updates from GitHub. While always:false, this persistent scheduled behavior and remote update capability increases its long-term privilege and blast radius — these operations modify runtime scheduling and can change code later, so they require explicit vetting and user consent.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install ocas-corvus
安装完成后，直接呼叫该 Skill 的名称或使用 /ocas-corvus 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v2.3.0

ocas-corvus 2.3.0 - Added a GitHub source and installation command for direct updates. - New `corvus.update` command to pull the latest code from GitHub while preserving journals and data. - Clarified command trigger phrases and expanded the description for better usability. - Documented explicit post-analysis steps for persistence, output, and processing of thread signals. - Added a README.md for improved documentation. - Updated config and metadata to reflect version 2.3.0.

v1.1.1

- Added `references/journal.md` to document the journal output specification for analysis cycles. - Expanded SKILL.md with detailed skill boundaries, responsibilities, and inter-skill interfaces. - Introduced new `corvus.journal` command to write run journals. - Updated and clarified supported proposal types, file storage layout, OKRs, and configuration defaults. - Improved documentation for storage, OKRs, and operation modes. - Added skill metadata and quick descriptions to support ecosystem compatibility.

v1.1.0

Corvus 1.1.0 introduces a formalized intelligence engine for exploratory pattern analysis over activity signals and the knowledge graph. - Detects behavioral routines, emerging interests, anomalies, and cross-domain opportunities. - Provides structured insight proposals with evidence and confidence score. - Supports both light (routine/thread/interest) and deep (hypothesis/opportunity/anomaly) analysis cycles. - Adds explicit command set for pattern analysis, proposal management, and status reporting. - Implements curiosity-driven prioritization focused on novelty, uncertainty, and prediction error. - Enforces strict pattern validation rules and confidence thresholds for proposal surfacing.

元数据

Slug ocas-corvus

版本 2.3.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 3

常见问题

Corvus 是什么？

Exploratory pattern analysis engine for the system knowledge graph and skill journals. Detects routines, emerging interests, anomalies, stalled threads, and... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 261 次。

如何安装 Corvus？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install ocas-corvus」即可一键安装，无需额外配置。

Corvus 是免费的吗？

是的，Corvus 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Corvus 支持哪些平台？

Corvus 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Corvus？

由 Indigo Karasu（@indigokarasu）开发并维护，当前版本 v2.3.0。