← 返回 Skills 市场
444
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install phoenix-loop
功能描述
Auto-diagnose agent failures, extract reusable recovery patterns, and create local skills to fix recurring blockers while keeping all data private and local.
安全使用建议
This skill appears to do what it claims and keeps data local, but review these before installing: 1) Platform compatibility — the SKILL.md uses PowerShell commands; ensure your agent runtime supports PowerShell or adapt the commands. 2) Review and approve generated files — the skill will create/update files in skills/local/ that the agent can later run; you should inspect new recovery skills before trusting them for autonomous fixes. 3) Privacy filtering is regex-based and imperfect — run the provided privacy-checklist and consider stronger secret-detection if you have high-sensitivity data. 4) Filename/verification inconsistencies — the skill has a small mismatch in example filenames; test the workflow in a sandbox copy of your repository. 5) Back up skills/local/ and memory/ before first run, and consider restricting autonomous invocation or enabling a manual approval step for new skills until you are comfortable with the loop's behavior.
功能分析
Type: OpenClaw Skill
Name: phoenix-loop
Version: 1.0.0
The 'phoenix-loop' skill aims to improve agent performance by diagnosing failures and creating reusable recovery skills. However, it instructs the agent to extract 'solution steps' and 'fallback actions' from local failure logs (`memory/blocked-items.md`, `memory/tasks.md`) and then execute these steps. If these logs contain attacker-controlled input (e.g., a crafted error message or task description), the agent could be prompted to generate and execute arbitrary commands as part of its self-healing process. While the skill includes a 'Sensitive Data Filter' in `SKILL.md` and `references/privacy-checklist.md` to prevent sensitive data leakage, it does not explicitly sanitize commands or instructions extracted from logs, creating a significant prompt injection vulnerability against the agent.
能力评估
Purpose & Capability
Name and description (auto-diagnose failures, extract patterns, create local skills) align with the actions the skill asks the agent to take: read local memory files, extract patterns, and write skill files to skills/local/. No unrelated credentials, binaries, or network endpoints are requested.
Instruction Scope
Instructions operate only on local paths (memory/, skills/local/, HEARTBEAT.md) and include explicit privacy checks. Minor issues: the runtime uses PowerShell commands (Get-Content, Select-String, Test-Path, Rename-Item) but the skill has no OS restriction — this could break on systems without PowerShell or lead to different behavior on Unix. There is a filename inconsistency in completion checks (examples use both skills/local/{name}-recovery.md and skills/local/{name}.md). The sensitive-data filter relies on simple pattern matching which could miss secrets encoded differently; the doc does not require aborting when secrets are found, only removing/matching.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written by an installer; all actions are local file reads/writes performed by the agent at runtime.
Credentials
The skill requests no environment variables, credentials, or external tokens. It references the OPENCLAW_ prefix in its sensitive-data filter (to avoid recording platform tokens) but does not require or attempt to read such environment variables; this is proportionate to its stated privacy goal.
Persistence & Privilege
The skill creates and updates files under skills/local/, which persist and can change the agent's future behavior (new recovery skills can be auto-invoked later). always:false (not force-included) mitigates some risk, but persistent creations mean you should review any generated local skill before allowing autonomous re-use. The skill's ability to write persistent executable artifacts is expected for its purpose but raises a usable-security consideration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install phoenix-loop - 安装完成后,直接呼叫该 Skill 的名称或使用
/phoenix-loop触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of phoenix-loop.
- Introduces a self-healing workflow to turn agent failures into permanent, reusable skills.
- Automatically diagnoses blocked tasks, extracts failure patterns, and crystallizes solutions into local skill files.
- All processing and data storage is privacy-first: no data leaves the local environment.
- Adds automated privacy filtering to ensure no sensitive information is stored.
- Integrates with HEARTBEAT.md for daily self-checks and long-term blocker handling.
- Provides clear rollback instructions for disabling or removing generated skills.
元数据
常见问题
Phoenix Loop 是什么?
Auto-diagnose agent failures, extract reusable recovery patterns, and create local skills to fix recurring blockers while keeping all data private and local. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 444 次。
如何安装 Phoenix Loop?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install phoenix-loop」即可一键安装,无需额外配置。
Phoenix Loop 是免费的吗?
是的,Phoenix Loop 完全免费(开源免费),可自由下载、安装和使用。
Phoenix Loop 支持哪些平台?
Phoenix Loop 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Phoenix Loop?
由 Dalomeve(@dalomeve)开发并维护,当前版本 v1.0.0。
推荐 Skills