Smart Scheduler

v1.0.1

智能任务调度器 - 简单任务秒级响应，复杂任务深度思辨。自动识别任务复杂度，路由到最优处理器。集成苏格拉底探明、任务分解、资源定位、多模型辩论验证。

⭐ 0· 82·0 current·0 all-time

by@timo2026

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for timo2026/openclaw-smart-scheduler.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Smart Scheduler" (timo2026/openclaw-smart-scheduler) from ClawHub.
Skill page: https://clawhub.ai/timo2026/openclaw-smart-scheduler
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install openclaw-smart-scheduler

ClawHub CLI

Package manager switcher

npx clawhub@latest install openclaw-smart-scheduler

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description (smart scheduler, routing, debate/locator) align with included modules (scheduler, resource_locator, debate_verifier). However some requested/implicit capabilities go beyond what a simple scheduler description implied: the skill dynamically generates and executes Python code (self-generate), inspects a user skill directory (/home/admin/.openclaw/...), and expects local HTTP services (127.0.0.1:5000, 127.0.0.1:8002). Those are plausible for a full-featured orchestrator but are not justified in SKILL.md (which emphasizes 'no malicious code execution' and tight sandboxing).

Instruction Scope

SKILL.md promises safe sandboxing and no unauthorized network calls, but the code performs local and external network requests (requests.get/post to 127.0.0.1 and clawhub URLs), checks/reads filesystem paths for installed skills, reads /proc/meminfo, writes temporary Python files and executes them with subprocess (python3.8). The runtime instructions (via code) therefore allow file I/O, process execution, and network I/O beyond what the prose security claims assert.

✓

Install Mechanism

No install spec (instruction-and-code bundle only). That minimizes delivery risk (no remote archive downloads at install time).

Credentials

The skill declares no required env vars or credentials, yet code hardcodes service endpoints (e.g., DEBATE_URL = http://127.0.0.1:8002) and references external ClawHub URLs. The SKILL.md states credentials come from environment variables and 'no hardcoded token' — but the presence of hardcoded endpoints and use of local services is inconsistent with that assurance. Also the code can call local services and may consume API quota when self-generating code.

Persistence & Privilege

always:false (good), but the resource locator's self-generation path writes temporary code and executes it, and returned metadata suggests it may persist generated artifacts as new Skills ('should_persist': True). The code also probes and reads the user's skills directory (/home/admin/.openclaw/workspace/skills) which gives it visibility into other installed skills. While not explicitly modifying other skills, these behaviors elevate privilege and persistence risk if the self-generate flow is enabled.

What to consider before installing

This skill is not clearly malicious, but it contains risky and inconsistent behavior compared to its SKILL.md claims. Specific concerns: (1) It writes temporary Python files and executes them with subprocess (python3.8) — that can run arbitrary code on your machine; (2) It contacts hardcoded local services (127.0.0.1:5000 and 127.0.0.1:8002) and external ClawHub URLs, despite claiming no unauthorized network requests; (3) It inspects your skills directory (/home/admin/.openclaw/...) and /proc/meminfo; (4) The SKILL.md asserts sandboxing and no hardcoded tokens, but the code does not implement a clear secure sandbox or use environment-configurable endpoints. Before installing or enabling this skill, consider: run it in an isolated/test environment (not on production machines); require the developer to make endpoints configurable via environment variables (no hardcoded URLs); disable or review the self-generate execution path (or restrict to a real sandboxed runtime/container); request proof or documentation of the claimed sandbox implementation; and audit the full, untruncated code for any other hidden behaviors. If you cannot get these mitigations, avoid installing on sensitive systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk9789tmp70ptnje1ad1rvs2j75843a0m

82downloads

0stars

2versions

Updated 3w ago

v1.0.1

MIT-0

智能任务调度器

核心能力

能力	说明
🎯 任务分类	自动识别简单/复杂任务
⚡ 秒级响应	简单任务直接路由，无额外开销
🧠 深度思辨	复杂任务：探明→分解→定位→执行→验证
📊 资源定位	本地程序 → Skill → ClawHub → 手搓

架构

用户输入
    ↓
┌─────────────────────┐
│ 任务复杂度预判器   │
│ simple / complex    │
└─────────┬───────────┘
          │
    ┌─────┴─────┐
    ▼           ▼
┌───────┐   ┌───────────┐
│简单   │   │复杂       │
│处理器 │   │处理器     │
└───┬───┘   └─────┬─────┘
    │             │
    │      ┌──────┴──────┐
    │      │ 苏格拉底探明│
    │      │ 任务分解    │
    │      │ 资源定位    │
    │      │ 子任务执行  │
    │      │ 结果聚合    │
    │      │ 辩论验证    │
    │      └──────┬──────┘
    │             │
    └──────┬──────┘
           ▼
       返回结果

任务分类规则

简单任务（秒级响应）

长度 < 15字
包含关键词：报价、查询、状态、设置、记录、删除
文件上传（STEP/PDF）
简单确认（是、好、OK）

复杂任务（深度处理）

长度 > 50字
包含关键词：设计、分析、研究、创建、优化、系统
需要多步骤协作
需要深度推理

使用方式

from scheduler import SmartScheduler

scheduler = SmartScheduler()
result = scheduler.handle("用户输入")

print(result.complexity)  # simple / complex
print(result.response)    # 处理结果
print(result.latency_ms)  # 耗时

性能指标

指标	目标
简单任务响应	< 500ms
复杂任务首响应	< 3s
分类准确率	> 90%
内存占用	< 50MB（按需加载）

🦫 海狸 | 靠得住、能干事、在状态

🔒 安全说明

本Skill通过ClawHub安全检查：

无硬编码Token - 所有凭证从环境变量读取
无恶意代码执行 - run_safely()方法使用受限沙箱
无未授权网络请求 - 仅请求用户明确指定的服务

代码沙箱是安全特性，用于隔离执行LLM生成的代码。

Comments

Loading comments...