← 返回 Skills 市场

Prism

Name: Prism
Author: jeremyknows

作者 Jeremy Knows · GitHub ↗ · v2.1.1 · MIT-0

cross-platform ⚠ suspicious

373

总下载

当前安装

版本数

在 OpenClaw 中安装

/install prism

功能描述

Use PRISM when: (1) reviewing an architecture decision, security-sensitive change, or major refactor (>500 lines), (2) making a decision you'll live with for...

安全使用建议

This skill is internally consistent for orchestrating multi-agent code reviews, but it will read your repository files and store review archives under analysis/prism/archive/. Before installing or running: (1) confirm you are comfortable with an automated process reading and quoting files from your workspace (sensitive secrets in repo files could end up in findings), (2) inspect or create the referenced completion script (~/.openclaw/scripts/sub-agent-complete.sh) so you know what 'completion' does and whether it triggers any network callbacks, (3) review the README/git-clone source (https://github.com/jeremyknows/PRISM.git) if you want the canonical implementation, and (4) consider retention: PRISM archives reviews by default—ensure that archive retention policies meet your data-sensitivity requirements. If any of the above is unacceptable (exposing secrets, automatic callbacks), restrict the skill's access or run it in a controlled sandbox.

功能分析

Type: OpenClaw Skill Name: prism Version: 2.1.1 The PRISM skill bundle implements a multi-agent review protocol that uses sub-agents to perform adversarial analysis on code and architecture. While the logic is aligned with its stated purpose, the skill contains a significant prompt-injection vulnerability explicitly acknowledged in the 'Known Limitations' section of SKILL.md: prior review findings are retrieved from a local archive and injected into reviewer prompts without sanitization. This allows a potentially compromised archive file to influence agent behavior. Furthermore, the orchestrator performs broad file system operations and executes shell commands, including a call to a local script (~/.openclaw/scripts/sub-agent-complete.sh), which increases the risk profile in the presence of the injection vulnerability.

能力评估

✓ Purpose & Capability

The skill is a review/orchestration protocol. It only asks to read the workspace, search/archive prior reviews, spawn reviewers, synthesize findings, and save an archive — all expected for a review orchestrator. No unrelated credentials, binaries, or external services are required.

ℹ Instruction Scope

The SKILL.md instructs reviewers to read files from the workspace, quote file/line citations, run common shell commands (find, grep, wc, mkdir), and write review archives under analysis/prism/archive/. These actions are consistent with the review purpose but do mean the agent will read and include snippets from repository files in findings (potentially including sensitive content).

✓ Install Mechanism

No install spec or packaged code is included; this is instruction-only. README suggests an optional git clone from a GitHub repo (public, documented). No downloads from untrusted URLs or archives are present.

✓ Credentials

The skill declares no required environment variables, credentials, or config paths. The runtime prompts reference standard workspace paths (e.g., analysis/prism/archive/) and an agent script (~/.openclaw/scripts/sub-agent-complete.sh) which are reasonable for archiving/completion signaling. No unrelated secrets are requested.

ℹ Persistence & Privilege

always:false (normal). The skill writes archives into the workspace and calls a local completion script; this is expected for archival/synthesis. Confirm that the completion script and archive path behave as you expect (they could cause network callbacks depending on your environment).

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install prism
安装完成后，直接呼叫该 Skill 的名称或使用 /prism 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v2.1.1

PRISM v2.1.1 introduces new reference documentation and minor protocol enhancements. - Added 3 new reference files: `archive-retention-policy.md`, `evidence-rules.md`, and `orchestration.md` - Improved guidance and metadata in the main skill documentation (SKILL.md) for clarity and maintainability - No breaking changes to review flows or user commands

v2.0.1

PRISM v2.0.1 is a reviewer/role expansion and documentation update. - Standard mode now uses 6 reviewers (adds Blast Radius Reviewer). - Extended mode now starts at 8+ agents (was 7+). - Mode tables and reviewer role documentation updated to reflect new reviewer counts. - SKILL-v1.md removed (v1 docs deprecated). - No protocol logic changes; only documentation and role updates.

v2.0.0

v2.0.0: Adds review memory (prior findings brief), DA structural independence, evidence citation requirements, command-level actionability, Orchestrator Checklist, archive protocol, and 13 bug fixes from 9-agent self-review. Validated across 19 PRISM runs on itself.

元数据

Slug prism

版本 2.1.1

许可证 MIT-0

累计安装 2

当前安装数 2

历史版本数 3

常见问题

Prism 是什么？

Use PRISM when: (1) reviewing an architecture decision, security-sensitive change, or major refactor (>500 lines), (2) making a decision you'll live with for... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 373 次。

如何安装 Prism？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install prism」即可一键安装，无需额外配置。

Prism 是免费的吗？

是的，Prism 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Prism 支持哪些平台？

Prism 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Prism？

由 Jeremy Knows（@jeremyknows）开发并维护，当前版本 v2.1.1。