← 返回 Skills 市场
Auto Research Pipeline
作者
lixiang1076
· GitHub ↗
· v1.0.0
· MIT-0
101
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-auto-research
功能描述
OpenClaw 原生的自动化研究 pipeline。从一个研究 topic 出发,经过 23 个 stage 产出完整论文。 每个 Phase 由独立 sub-agent 执行(context 隔离),Phase 间通过文件系统传递产出。 触发词:Research X、跑研究、文献调研、写论文、研究 pipel...
安全使用建议
This skill is coherent for automating a research workflow, but proceed cautiously. Key things to check before installing or running:
- Notifications: SKILL.md mentions pushing Feishu (飞书) messages but provides no Feishu token/config. Decide where notifications will go and supply credentials only if you trust that endpoint.
- Generated-code execution: The pipeline asks the LLM to generate experiment code and then executes it. Ensure your execution environment actually enforces the promised sandbox (no network, restricted file writes, timeouts). If the platform cannot guarantee sandboxing, do not run the experiment-execution stages.
- Network access: literature_search.py performs HTTP requests (arXiv, Semantic Scholar). Confirm you are comfortable with those outbound requests (rate limits, data leaving your environment). Semantic Scholar API keys are optional in code but not declared; if you supply a key, provide it securely and only if needed.
- Data residency & secrets: artifacts are stored under ~/.openclaw/workspace/auto-research/. If you have sensitive files or tokens on the same filesystem, verify file permissions and isolation.
- Unspecified tools: SKILL.md expects platform tools (memory_search, web_search/web_fetch, sessions_spawn). Understand what those tools send/receive and whether they transmit your prompts or files externally.
If you decide to use it: run initial tests in an isolated environment (throwaway account or VM), disable network at the runtime layer if possible, and inspect any generated experiment.py before allowing execution.
功能分析
Type: OpenClaw Skill
Name: openclaw-auto-research
Version: 1.0.0
The skill bundle implements a complex 23-stage research pipeline that inherently possesses a high risk of Remote Code Execution (RCE) by design. Specifically, Phase D (S10) and Phase E (S12) involve generating Python code via an LLM and then executing it using shell commands (`python3 experiment.py`) in a loosely defined sandbox (`/tmp/researchclaw_sandbox`). While the instructions in SKILL.md and the prompts in references/phase-d-design.md attempt to enforce 'real' computation and self-containment, the system is highly vulnerable to prompt injection; a malicious research topic could trick the agent into generating and executing code that exfiltrates data or performs other harmful actions. Additionally, the 'Evolution Overlay' feature in SKILL.md uses memory_search to load 'lessons' from previous runs, which could allow for persistent indirect prompt injection if the agent's memory is poisoned with malicious instructions.
能力评估
Purpose & Capability
Name/description align with included artifacts: prompt templates, domain definitions, and two helper scripts (literature_search.py and pipeline_state.py) are appropriate for an automated research pipeline.
Instruction Scope
Runtime instructions authorize spawning sub-agents, running the included Python scripts, performing web_search/web_fetch calls, and executing LLM-generated experiment code. These actions are consistent with the stated purpose, but the pipeline depends on external tools (memory_search, web_search, web_fetch, sessions_spawn) and on enforcing a no-network sandbox for experiment execution — the SKILL.md asserts these constraints but provides no mechanism to enforce them. It also repeatedly instructs pushing Feishu (飞书) notifications even though no Feishu config/credentials are declared.
Install Mechanism
No install spec; skill is instruction-plus-scripts only. No remote downloads or package installs are requested, which keeps disk/write footprint limited to the included files and produced artifacts under ~/.openclaw/workspace.
Credentials
The skill requests no environment variables or credentials, yet its instructions reference sending notifications to Feishu and optionally using Semantic Scholar API with an API key. Those notification and API behaviours require tokens/config which are not declared. Also the pipeline writes artifacts to the user's home (~/.openclaw), which is expected but notable. Overall, credentials and configuration needs are under-specified relative to the described runtime actions.
Persistence & Privilege
always:false (normal). The skill writes state and artifact files under ~/.openclaw/workspace/auto-research — confined to its own workspace. It spawns sub-agents (normal for this platform) but does not request system-wide modifications or other skills' credentials. The main concern is the ability to execute arbitrary LLM-generated code during experiment stages, which increases blast radius if sandboxing or network restrictions are not enforced by the runtime environment.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-auto-research - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-auto-research触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: 23-stage research pipeline with Phase-level sub-agent isolation, state machine (checkpoint/gate/rollback), dual-source literature search (arXiv + Semantic Scholar), domain detection, topic quality self-evaluation, and evolution overlay via OpenClaw memory.
元数据
常见问题
Auto Research Pipeline 是什么?
OpenClaw 原生的自动化研究 pipeline。从一个研究 topic 出发,经过 23 个 stage 产出完整论文。 每个 Phase 由独立 sub-agent 执行(context 隔离),Phase 间通过文件系统传递产出。 触发词:Research X、跑研究、文献调研、写论文、研究 pipel... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 101 次。
如何安装 Auto Research Pipeline?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-auto-research」即可一键安装,无需额外配置。
Auto Research Pipeline 是免费的吗?
是的,Auto Research Pipeline 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Auto Research Pipeline 支持哪些平台?
Auto Research Pipeline 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Auto Research Pipeline?
由 lixiang1076(@lixiang1076)开发并维护,当前版本 v1.0.0。
推荐 Skills