Proactive Agent (wyblhl fork)

Transform AI agents from task-followers into proactive partners. Implements WAL Protocol, Working Buffer, Compaction Recovery, Unified Search, Security Harde...

What to consider before installing/running: - Source trust: The skill's homepage is unknown and the owner is anonymous in the registry metadata. Only install if you trust the source or after a manual code review. - Run in a sandbox first: Execute the scripts in an isolated environment (throwaway VM or container) so they can't touch your real files. The code writes/reads files and will create SESSION-STATE.md and memory files. - Fix the workspace path: The scripts hard-code WORKSPACE_ROOT = D:/OpenClaw/workspace. Before running, change this to a relative or explicitly-configured path inside a safe workspace so it cannot read arbitrary locations on your machine. - Remove or investigate injection strings: The SKILL.md contains prompt-injection phrasing flagged by the scanner. Make sure SKILL.md and other docs do not include 'ignore previous instructions' or similar phrases that could manipulate agent/system prompts. - Audit sensitive writes: The WAL and working-buffer will capture dates, URLs, emails, numbers and other extracted details into plain files. If those files will contain private data, ensure they are stored securely (correct permissions, encrypted if needed) and that you are comfortable with local persistence. - Verify missing artifacts: SKILL.md mentions './scripts/security-audit.sh' which does not exist in the package. Ask the author or scan the repo to confirm intended audit procedures. - Check for network behaviour: The provided code has no network calls, which is good. If you later modify it to sync or share data externally, require explicit human approval and review destination endpoints. If you are unsure, treat this as a moderate-risk skill: review and sanitize the code (path, prompt text, file permissions) and run it in isolation before giving it access to real data or production workspaces.

Type: OpenClaw Skill Name: proactive-agent-wyblhl Version: 3.1.1 The bundle implements a sophisticated 'Proactive Agent' architecture (Hal Stack) designed for memory persistence and context recovery. It includes well-structured Python scripts (proactive_agent.py, wal_protocol.py, compaction_recovery.py) that manage local state and logs within the workspace. Notably, the bundle contains extensive security documentation (security-hardening.md) that explicitly instructs the agent to treat external content as data rather than commands, avoid sensitive files like .ssh or .env, and confirm destructive actions, effectively serving as a defense against prompt injection and unauthorized data access.