ClawHub

RLM Controller

v1.2.0

RLM-style long-context controller that treats inputs as external context, slices/peeks/searches, and spawns recursive subcalls with strict safety limits. Use...

2· 1.1k· 3 versions· 0 current· 0 all-time· Updated 9h ago· MIT-0
by@skywyze

Security Scans

VirusTotalBenignClawScanBenignStatic analysisBenign

Install

openclaw skills install rlm-controller

RLM Controller Skill

What it does

Provides a safe, policy-driven scaffold to process very long inputs by:

  • storing the input as an external context file
  • peeking/searching/chunking slices
  • spawning subcalls in batches
  • aggregating structured results

When to use

  • Inputs too large for context window
  • Tasks requiring dense access across the input
  • Large logs, datasets, multi-file analysis

Core files (this skill)

Executable helper scripts are bundled with this skill (not downloaded at runtime):

  • scripts/rlm_ctx.py — context storage + peek/search/chunk
  • scripts/rlm_plan.py — keyword-based slice planner
  • scripts/rlm_auto.py — plan + subcall prompts
  • scripts/rlm_async_plan.py — batch scheduling
  • scripts/rlm_async_spawn.py — spawn manifest
  • scripts/rlm_emit_toolcalls.py — toolcall JSON generator
  • scripts/rlm_batch_runner.py — assistant-driven executor
  • scripts/rlm_runner.py — JSONL orchestrator
  • scripts/rlm_trace_summary.py — log summarizer
  • scripts/rlm_path.py — shared path-validation helpers
  • scripts/rlm_redact.py — secret pattern redaction
  • scripts/cleanup.sh — artifact cleanup
  • docs/policy.md — policy + safety limits
  • docs/flows.md — manual + async flows

Usage (high level)

  1. Store input via rlm_ctx.py store
  2. Generate plan via rlm_auto.py
  3. Create async batches via rlm_async_plan.py
  4. Spawn subcalls via sessions_spawn
  5. Aggregate results in root session

Tooling

  • Uses OpenClaw tools: read, write, exec, sessions_spawn
  • exec is used only to invoke the safelisted helper scripts bundled in scripts/
  • Does not execute arbitrary code from model output
  • All emitted toolcalls are validated against an explicit safelist before output

Autonomous Invocation

  • This skill does not set disableModelInvocation: true
  • Operators who want explicit user confirmation before every spawn/exec should set disableModelInvocation: true in their OpenClaw configuration
  • In default mode, the model may invoke this skill autonomously; all operations remain bounded by policy limits

Security

  • Only safelisted helper scripts are called
  • Max recursion depth = 1
  • Hard limits on slices and subcalls
  • Prompt injection treated as data, not instructions
  • See docs/security.md for foundational safeguards
  • See docs/security_checklist.md for pre/during/post run checks

OpenClaw sub-agent constraints

Per OpenClaw documentation (subagents.md):

  • Sub-agents cannot spawn sub-agents
  • Sub-agents do not have session tools (sessions_*) by default
  • sessions_spawn is non-blocking and returns immediately

Cleanup

Use scripts/cleanup.sh after runs to purge temp artifacts.

  • Retention: CLEAN_RETENTION=N
  • Ignore rules: docs/cleanup_ignore.txt (substring match)

Configuration

See docs/policy.md for thresholds and default limits.

Version tags

latestvk97andhksytv8rjjrmqd7kr7fd815r1d

Runtime requirements

🧠 Clawdis