← 返回 Skills 市场
joelachance

Satori

作者 joelachance · GitHub ↗ · v0.0.1
cross-platform ⚠ suspicious
1877
总下载
0
收藏
2
当前安装
1
版本数
在 OpenClaw 中安装
/install satori
功能描述
Persistent long term memory for for continuity in ai sessions between providers and codegen tools. TRIGGERS - Activate this skill when: - User explicitly mentions "satori", "remember this", "save", "add", "save this for later", "store this", "add to memory" - User asks to recall/search past decisions: "what did we decide", "remind me", "search my notes", "what do I know about" - Conversation contains notable facts worth persisting: decisions, preferences, deadlines, names, tech stack choices, strategic directions - Starting a new conversation where proactive context retrieval would help - Use Satori search when user asks a question
安全使用建议
This skill looks like a plausible 'memory' integration, but there are several red flags to consider before installing or using it: (1) It tells the agent to run npx to fetch and execute a remote npm package (@satori-sh/cli@latest) each time — running remote code has risk unless you trust the package and its publisher. (2) It will check/create ~/.config/satori/satori.json and 'provision credentials' automatically; you should know exactly what is being stored there and where any keys are sent. (3) The skill recommends silently searching and incorporating retrieved facts into replies, which can expose private information without explicit user consent. Ask the author (or registry owner) for: a homepage/repository link, package source code, a privacy/security/retention policy for stored memories, explicit network endpoints the CLI calls, and whether you can opt out of automatic provisioning or silent searches. Prefer a pinned package version, an audited repo, or a local-only mode that does not auto-upload data until you explicitly approve. If you can't get those assurances, treat this skill as untrusted and do not allow it to run commands that access your filesystem or network.
功能分析
Type: OpenClaw Skill Name: satori Version: 0.0.1 This skill is classified as suspicious due to its explicit requirement for 'local terminal access' and its instruction to execute external `npx` commands (`@satori-sh/cli`) as detailed in `SKILL.md`. While these capabilities are plausibly needed for its stated purpose of persistent memory, they introduce significant supply chain risk and broad execution permissions. Additionally, `SKILL.md` instructs the agent to 'silently incorporate retrieved context' and 'continue silently (fire-and-forget)' after saving facts, which, while framed for user experience, reduces transparency and could be leveraged as a prompt injection vector to hide malicious actions.
能力评估
Purpose & Capability
Name and description (long-term memory) line up with the SKILL.md: it instructs use of a Satori CLI to save/search facts. However the SKILL.md references a local config path (~/.config/satori/satori.json) and automatic provisioning of credentials even though the skill manifest declares no required config paths or credentials — an internal inconsistency that should be explained by the author.
Instruction Scope
Runtime instructions tell the agent to run 'npx -y @satori-sh/cli@latest' to add/search facts, to check/create ~/.config/satori/satori.json and to 'silently incorporate' retrieved context into responses. Those steps involve reading/writing local user config and calling out to a remote service; the guidance to do this silently (do NOT announce 'I searched Satori' unless major impact) raises privacy and provenance concerns because the user may not be aware of external lookups or storage of potentially sensitive facts.
Install Mechanism
There is no install spec in the registry entry, but the SKILL.md instructs use of npx to run @satori-sh/cli@latest. npx dynamically downloads and executes package code from the npm registry at runtime (moderate to high trust). The skill has no homepage or source listed, so the package provenance and what it sends/receives are opaque. The doc also suggests 'npm install -g' as an alternative — both involve running third-party code not bundled with the skill.
Credentials
The manifest lists no required env vars or config paths, yet the instructions explicitly read/write ~/.config/satori/satori.json and 'provision new credentials automatically.' Requesting to auto-create credentials and storing them locally is disproportionate without declaring what those credentials are used for, where they are sent, or what permissions they grant. The skill also suggests saving potentially sensitive facts to an external memory service without describing access controls.
Persistence & Privilege
The skill is not forced always-on and uses normal autonomous invocation. However it instructs creation of persistent local credentials/config and remote persistent memory (vector + knowledge graph) — this gives it a lasting footprint (files + remote datastore). That persistence isn't declared in the registry metadata and increases privacy/attack surface if the remote service or CLI are untrusted.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install satori
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /satori 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.0.1
Satori v0.0.1 initial release: - Provides persistent long-term memory across AI sessions and tools. - Detects when to save or recall facts based on trigger phrases and conversation context. - Integrates with Satori CLI for saving and searching notable facts in vector/knowledge graph databases. - Automates authentication and setup with no manual configuration required. - Includes workflows for proactive context retrieval and fact saving, with clear criteria for what information to store. - Handles CLI errors gracefully, with user-friendly error messages and guidance.
元数据
Slug satori
版本 0.0.1
许可证
累计安装 2
当前安装数 2
历史版本数 1
常见问题

Satori 是什么?

Persistent long term memory for for continuity in ai sessions between providers and codegen tools. TRIGGERS - Activate this skill when: - User explicitly mentions "satori", "remember this", "save", "add", "save this for later", "store this", "add to memory" - User asks to recall/search past decisions: "what did we decide", "remind me", "search my notes", "what do I know about" - Conversation contains notable facts worth persisting: decisions, preferences, deadlines, names, tech stack choices, strategic directions - Starting a new conversation where proactive context retrieval would help - Use Satori search when user asks a question. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1877 次。

如何安装 Satori?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install satori」即可一键安装,无需额外配置。

Satori 是免费的吗?

是的,Satori 完全免费(开源免费),可自由下载、安装和使用。

Satori 支持哪些平台?

Satori 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Satori?

由 joelachance(@joelachance)开发并维护,当前版本 v0.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论