← 返回 Skills 市场
68
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install project-nirvana-skill
功能描述
Privacy-preserving context stripper for OpenClaw. Strip SOUL/USER/MEMORY before cloud API calls. Assumes you have your own local LLM. Saves 85%+ tokens, prot...
安全使用建议
This skill claims to improve privacy by stripping agent identity and user memory before cloud calls, which is a sensitive operation done by language instructions rather than verified code. Before installing or enabling it: 1) Ask for the source repository or signed package and review the implementation so you can confirm the stripping is performed locally and cannot be subverted. 2) Do not enable the plugin system-wide until you can inspect how it reads/writes SOUL.md, USER.md, MEMORY.md and where audit logs are stored (ensure logs do not re-include private data and are stored locally/encrypted). 3) Test with non-sensitive queries in an isolated environment to confirm cloud calls contain only sanitized queries. 4) Prefer a version with explicit code you can audit or an official release on a trusted registry; avoid relying solely on natural-language instructions to perform privileged operations. If the publisher cannot provide verifiable source or implementation details, treat the skill as high risk and do not enable it for sensitive data.
功能分析
Type: OpenClaw Skill
Name: project-nirvana-skill
Version: 1.0.0
The skill bundle 'project-nirvana-skill' is a privacy-focused utility designed to strip sensitive metadata (SOUL.md, USER.md, MEMORY.md) from agent queries before they are sent to cloud providers. The instructions in SKILL.md guide the agent to prioritize local LLM inference and sanitize fallback requests to protect user privacy and reduce token costs. No malicious code, data exfiltration, or harmful prompt injection attempts were identified in SKILL.md or _meta.json.
能力标签
能力评估
Purpose & Capability
The name and description (privacy-preserving context stripper using a local LLM) align with the SKILL.md content: it describes local-first routing, stripping SOUL/USER/MEMORY, and cloud fallback. However the skill is instruction-only (no code, no declared repo/homepage) yet the README shows CLI install/config commands referencing a repo ('shivaclaw/nirvana-local') and edits to user config — the lack of provenance (source unknown/homepage none) is notable though not impossible for this purpose.
Instruction Scope
The runtime instructions tell the agent/operator to strip system prompts and user/memory files and to edit ~/.openclaw/workspace/openclaw.json; they also promise logging/auditing and local caching. Because this is instruction-only, the skill relies on natural-language directions to modify system prompt handling and to read/write local files (SOUL.md, USER.md, MEMORY.md, chat history). That gives broad discretion to the agent and is a high-impact operation (manipulating what is or isn't sent to the cloud). The pre-scan flagged a 'system-prompt-override' pattern — changing or instructing changes to system prompts is exactly the sensitive behavior the scanner warned about.
Install Mechanism
There is no install spec and no code files; this is instruction-only, which minimizes direct install-time risk (nothing is downloaded or executed by the skill package itself). The SKILL.md includes example CLI commands for users, but the registry metadata shows no verified source or install artifact to fetch automatically.
Credentials
Declared requirements list no env vars or config paths, but the instructions explicitly reference and instruct modification of a user config file (~/.openclaw/workspace/openclaw.json) and local files (SOUL.md, USER.md, MEMORY.md, chat history). That discrepancy (no required config paths declared but SKILL.md expects access to them) and the implicit need to read/write sensitive local files is disproportionate to an unverified, instruction-only skill without provenance.
Persistence & Privilege
The skill does not request 'always: true' and uses default autonomous invocation settings, which is normal. It instructs enabling the plugin in the user's OpenClaw config and to cache/cloud-fallback behavior — those are reasonable for a plugin of this type but should be performed only after the user verifies the implementation. There is no evidence the skill attempts to modify other skills or global agent settings beyond its own plugin entry.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install project-nirvana-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/project-nirvana-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of project-nirvana-skill (v1.0.0) for OpenClaw 2026.3.24+.
- Strips SOUL, USER, MEMORY, and chat history before any cloud API call, protecting privacy.
- Supports routing: attempts local LLM inference first, only falls back to cloud with sanitized data.
- Audit trail logs every instance of private data being stripped or sent for transparency.
- Configurable support for various local LLM endpoints (Ollama, vLLM, LM Studio, etc.).
- Achieves significant token and cost savings (85%+), ensuring private data never leaves your system.
元数据
常见问题
Nirvana Skill 是什么?
Privacy-preserving context stripper for OpenClaw. Strip SOUL/USER/MEMORY before cloud API calls. Assumes you have your own local LLM. Saves 85%+ tokens, prot... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 68 次。
如何安装 Nirvana Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install project-nirvana-skill」即可一键安装,无需额外配置。
Nirvana Skill 是免费的吗?
是的,Nirvana Skill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Nirvana Skill 支持哪些平台?
Nirvana Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Nirvana Skill?
由 Shiva&G(@shivaclaw)开发并维护,当前版本 v1.0.0。
推荐 Skills