← 返回 Skills 市场
skywyze

RLM Controller

作者 Skywyze · GitHub ↗ · v1.2.0
cross-platform ✓ 安全检测通过
1113
总下载
2
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install rlm-controller
功能描述
RLM-style long-context controller that treats inputs as external context, slices/peeks/searches, and spawns recursive subcalls with strict safety limits. Use...
安全使用建议
This skill appears internally consistent and implements the safeguards it documents (path containment, regex timeouts, secret redaction, hard caps on slices/subcalls). Before installing: 1) Review the few truncated/omitted files (particularly any toolcall emission or spawn code) to confirm tool names are hard-coded and no network calls or dynamic exec of model output are present. 2) If you operate in a high-security environment, set disableModelInvocation: true so the agent cannot autonomously spawn batches without your approval. 3) Run the bundled tests locally to validate behavior in your environment (note: SIGALRM-based regex timeouts are Unix-specific). 4) Confirm cleanup.sh points only at a workspace scratch path you control and adjust CLEAN_ROOT/ignore rules if needed. If you cannot review the omitted files, treat the skill as 'suspicious' until a full code review is completed.
功能分析
Type: OpenClaw Skill Name: rlm-controller Version: 1.2.0 The skill bundle demonstrates a strong security-first design with multiple layers of defense. Key indicators include robust path validation (`rlm_path.py`) to prevent directory traversal and ensure containment, comprehensive secret redaction (`rlm_redact.py`) for subcall prompts, and strict safelisting of allowed actions and tools (`rlm_async_spawn.py`, `rlm_emit_toolcalls.py`) to prevent arbitrary code execution or tool misuse. All scripts use explicit command arrays for `subprocess` calls, avoiding shell injection. Resource limits are enforced on slices, subcalls, and regex operations (ReDoS protection in `rlm_ctx.py`). The documentation, including a detailed `docs/security_audit_response.md`, transparently discusses design trade-offs like autonomous invocation and outlines specific code-level mitigations implemented. While the `cleanup.sh` script lacks the `rlm_path.py` validation for its environment variables, its scope is confined to designated scratch directories, and the overall design prevents it from being exploited for malicious purposes.
能力评估
Purpose & Capability
Name/description describe a long-context controller and the repository actually contains scripts and docs implementing that behavior (context store, peek/search/chunk, planning, spawn manifest, redaction, cleanup). No unexpected environment variables, binaries, or installers are requested. The presence of test files and policy/docs matches the claimed purpose.
Instruction Scope
SKILL.md instructs the agent to call only bundled helper scripts and OpenClaw tools (read, write, exec, sessions_spawn). Many scripts were provided and they contain explicit safeguards: shared path validation (rejects '..' and enforces realpath containment), regex search timeout to mitigate ReDoS, secret redaction prior to writing subcall prompts, and limits on slices/subcalls. However a subset of files were omitted from the pasted source (12 files truncated). The docs and an included audit response assert that rlm_emit_toolcalls and related emission code enforce safelists; those enforcement claims are plausible given the shown tests and modules, but full verification requires reviewing the omitted files (notably any file that emits tool names or invokes exec).
Install Mechanism
No install spec (instruction-only skill) and all helper scripts are bundled. This is the lowest-risk install model for skills because no external downloads or extract operations occur at install time.
Credentials
The skill declares no required environment variables, no primary credential, and no required config paths. The redaction logic explicitly targets common secret patterns (PEM blocks, bearer/basic tokens, AWS keys, passwords, long hex strings). Asking for no secrets is proportional to the stated functionality.
Persistence & Privilege
The skill does not set always:true and does not request persistent system privileges. It does allow autonomous model invocation by default (disableModelInvocation not set), which is a documented trade-off: useful for large batch runs but increases the range of autonomous operations. Hard limits (max recursion depth 1, max subcalls/slices/batches) and platform constraints (sub-agents cannot spawn sub-agents) reduce the blast radius. Operators with stricter threat models are advised to set disableModelInvocation: true.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install rlm-controller
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /rlm-controller 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.0
- Added new helper scripts: rlm_path.py (path validation) and rlm_redact.py (secret redaction). - Introduced a cleanup script: scripts/cleanup.sh and new testing files in the tests/ directory. - Expanded core controller scripts to include rlm_plan.py, rlm_batch_runner.py, and rlm_runner.py. - Removed duplicate LICENSE.md file, retaining LICENCE.md. - Updated documentation to reflect new scripts and capabilities.
v1.1.0
- Clarified that all helper scripts are bundled with the skill and not downloaded at runtime. - Expanded tooling notes to specify that `exec` only invokes bundled, safelisted scripts. - Added information about toolcall safelisting and validation. - Documented model invocation: how default/autonomous invocation works and how to enforce user confirmation via OpenClaw config. - Added a sample security audit response document.
v1.0.0
Initial release of rlm-controller: a secure, scalable scaffold for long-context input processing. - Handles very large inputs by slicing, searching, and batching subcalls with strict safety policies. - Core features: context storage, automated planning, async batch scheduling, and structured result aggregation. - Enforces hard security restrictions: safelisted helper scripts only, shallow recursion, and robust prompt-injection handling. - Integrates with OpenClaw tools for managing sessions and external context files. - Includes detailed documentation on flows, policies, and security practices.
元数据
Slug rlm-controller
版本 1.2.0
许可证
累计安装 0
当前安装数 0
历史版本数 3
常见问题

RLM Controller 是什么?

RLM-style long-context controller that treats inputs as external context, slices/peeks/searches, and spawns recursive subcalls with strict safety limits. Use... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1113 次。

如何安装 RLM Controller?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install rlm-controller」即可一键安装,无需额外配置。

RLM Controller 是免费的吗?

是的,RLM Controller 完全免费(开源免费),可自由下载、安装和使用。

RLM Controller 支持哪些平台?

RLM Controller 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 RLM Controller?

由 Skywyze(@skywyze)开发并维护,当前版本 v1.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论