feat(openclaw): OpenClaw skill injection pipeline — iAgent → bridge → SKILL.md

## Changes ### openclaw-bridge: POST /skill-inject - New endpoint writes SKILL.md to ~/.openclaw/skills/{name}/ inside the container volume - OpenClaw gateway file watcher picks it up within 250ms (no restart needed) - Optionally calls sessions.delete RPC after write so the next user message starts a fresh session that loads the new skill directory immediately (zero-downtime) - Path traversal guard on skill name (rejects names with / .. \) - OPENCLAW_HOME env var configurable (default: /home/node/.openclaw) ### agent-service: POST /api/v1/agent/instances/:id/skills - New endpoint in AgentInstanceController proxies skill injection requests to the instance's bridge (http://{serverHost}:{hostPort}/skill-inject) - Guards: instance must be 'running', serverHost/hostPort must be set, content ≤ 100KB - iAgent calls this internally (localhost:3002) via Python urllib — no Kong auth needed - sessionKey format for DingTalk users: "agent:main:dt-{dingTalkUserId}" ### agent-service: remove dead SkillManagerService - Deleted skill-manager.service.ts (file-system .md loader, never called by anything) - Removed from agent.module.ts provider list - The live skill path is ClaudeAgentSdkEngine.loadTenantSkills() which reads directly from the DB (it0_t_{tenantId}.skills) at task-execution time ### agent-service: clean up SystemPromptBuilder - Removed unused skills?: string[] from SystemPromptContext (was never populated) - Added clarifying comment: SDK engine handles skill injection, not this builder ## DB - Inserted iAgent meta-skill "为小龙虾安装技能" into it0_t_default.skills (id: 79ac23ed-78c2-4d5f-8652-a99cf5185b61) - Content instructs iAgent to: query user instances → generate SKILL.md → call POST /api/v1/agent/instances/:id/skills via Python urllib heredoc Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-09 02:16:47 -07:00 · 2026-03-09 02:16:47 -07:00 · 96e336dd18
parent fa2212c7bb
commit 96e336dd18
5 changed files with 136 additions and 111 deletions
--- a/packages/openclaw-bridge/src/index.ts
+++ b/packages/openclaw-bridge/src/index.ts
@ -4,12 +4,32 @@
 *  - Forwards task submissions to OpenClaw via WebSocket RPC
 *  - Returns status, session list, and metrics
 *  - Reports heartbeat to IT0 agent-service
+ *  - Injects SKILL.md files into the container volume (POST /skill-inject)
+ *
+ * Skill injection flow:
+ *   iAgent (agent-service) receives user request → calls POST /api/v1/agent/instances/:id/skills
+ *   → agent-service forwards to this bridge's POST /skill-inject
+ *   → bridge writes SKILL.md to ~/.openclaw/skills/{name}/
+ *   → OpenClaw gateway file watcher picks it up within 250ms
+ *   → bridge deletes the current OpenClaw session (sessions.delete RPC) so the
+ *     next user message opens a fresh session that loads the new skill directory
+ *
+ * Skill directory layout (inside the container volume):
+ *   $OPENCLAW_HOME/skills/
+ *     └── {skill-slug}/
+ *           └── SKILL.md   ← YAML frontmatter (name, description) + markdown body
 */
 import 'dotenv/config';
 import express from 'express';
 import * as crypto from 'crypto';
+import * as fs from 'fs/promises';
+import * as path from 'path';
 import { OpenClawClient } from './openclaw-client';

+// Skills live in the mounted OpenClaw home dir
+const OPENCLAW_HOME = process.env.OPENCLAW_HOME ?? '/home/node/.openclaw';
+const SKILLS_DIR = path.join(OPENCLAW_HOME, 'skills');
+
 const PORT = parseInt(process.env.BRIDGE_PORT ?? '3000', 10);
 const OPENCLAW_GATEWAY = process.env.OPENCLAW_GATEWAY_URL ?? 'ws://127.0.0.1:18789';
 const OPENCLAW_TOKEN = process.env.OPENCLAW_GATEWAY_TOKEN ?? '';
@ -150,6 +170,59 @@ app.post('/task-async', async (req, res) => {
  });
 });

+// Inject a skill into this OpenClaw instance.
+//
+// Writes SKILL.md to ~/.openclaw/skills/{name}/ so the gateway's file watcher
+// picks it up within 250ms.  Then optionally deletes the caller's current session
+// so the next message starts a fresh session — new sessions pick up newly added
+// skill directories immediately, giving the user a seamless experience.
+//
+// Request body:
+//   name        — skill directory name (slug, e.g. "it0-weather")
+//   content     — full SKILL.md content (markdown with YAML frontmatter)
+//   sessionKey  — (optional) current session key to delete after injection
+//
+// Response: { ok, injected, sessionCleared }
+app.post('/skill-inject', async (req, res) => {
+  const { name, content, sessionKey } = req.body ?? {};
+  if (!name || typeof name !== 'string' || !content || typeof content !== 'string') {
+    res.status(400).json({ error: 'name and content are required strings' });
+    return;
+  }
+  // Prevent path traversal
+  if (name.includes('/') || name.includes('..') || name.includes('\\')) {
+    res.status(400).json({ error: 'invalid skill name' });
+    return;
+  }
+
+  const skillDir = path.join(SKILLS_DIR, name);
+  try {
+    await fs.mkdir(skillDir, { recursive: true });
+    await fs.writeFile(path.join(skillDir, 'SKILL.md'), content, 'utf8');
+    console.log(`[bridge] Skill injected: ${name} → ${skillDir}`);
+  } catch (err: any) {
+    console.error(`[bridge] Failed to write skill ${name}:`, err.message);
+    res.status(500).json({ error: `Failed to write skill: ${err.message}` });
+    return;
+  }
+
+  // Delete the caller's current session so the next message opens a fresh session
+  // that picks up the newly added skill directory.
+  let sessionCleared = false;
+  if (sessionKey && typeof sessionKey === 'string' && ocClient.isConnected()) {
+    try {
+      await ocClient.rpc('sessions.delete', { sessionKey }, 5_000);
+      sessionCleared = true;
+      console.log(`[bridge] Session cleared after skill inject: ${sessionKey}`);
+    } catch (err: any) {
+      // Non-fatal — skill is injected, session will naturally expire or be replaced
+      console.warn(`[bridge] Could not delete session ${sessionKey}: ${err.message}`);
+    }
+  }
+
+  res.json({ ok: true, injected: true, sessionCleared });
+});
+
 // List sessions
 app.get('/sessions', async (_req, res) => {
  if (!ocClient.isConnected()) {
--- a/packages/services/agent-service/src/agent.module.ts
+++ b/packages/services/agent-service/src/agent.module.ts
@ -16,7 +16,6 @@ import { ClaudeApiEngine } from './infrastructure/engines/claude-api/claude-api-
 import { ClaudeAgentSdkEngine } from './infrastructure/engines/claude-agent-sdk';
 import { ToolExecutor } from './infrastructure/engines/claude-api/tool-executor';
 import { CommandGuardService } from './infrastructure/guards/command-guard.service';
-import { SkillManagerService } from './domain/services/skill-manager.service';
 import { StandingOrderExtractorService } from './domain/services/standing-order-extractor';
 import { AllowedToolsResolverService } from './domain/services/allowed-tools-resolver.service';
 import { SessionRepository } from './infrastructure/repositories/session.repository';
@ -80,7 +79,6 @@ import { SystemPromptBuilder } from './infrastructure/engines/claude-code-cli/sy
    ClaudeAgentSdkEngine,
    ToolExecutor,
    CommandGuardService,
-    SkillManagerService,
    StandingOrderExtractorService,
    AllowedToolsResolverService,
    ConversationContextService,
--- a/packages/services/agent-service/src/domain/services/skill-manager.service.ts
+++ b/packages/services/agent-service/src/domain/services/skill-manager.service.ts
@ -1,100 +0,0 @@
-import { Injectable, Logger } from '@nestjs/common';
-import { ConfigService } from '@nestjs/config';
-import * as fs from 'fs';
-import * as path from 'path';
-
-export interface Skill {
-  name: string;
-  description: string;
-  promptTemplate: string;
-  allowedTools?: string[];
-  maxRiskLevel?: number;
-}
-
-@Injectable()
-export class SkillManagerService {
-  private readonly logger = new Logger(SkillManagerService.name);
-  private skills = new Map<string, Skill>();
-
-  constructor(private readonly configService: ConfigService) {
-    this.loadSkills();
-  }
-
-  private loadSkills(): void {
-    const skillsDir = this.configService.get<string>(
-      'SKILLS_DIR',
-      path.join(process.cwd(), 'skills'),
-    );
-
-    if (!fs.existsSync(skillsDir)) {
-      this.logger.warn(`Skills directory not found: ${skillsDir}`);
-      return;
-    }
-
-    const files = fs.readdirSync(skillsDir).filter((f) => f.endsWith('.md'));
-
-    for (const file of files) {
-      try {
-        const content = fs.readFileSync(path.join(skillsDir, file), 'utf-8');
-        const skill = this.parseSkillFile(content);
-        if (skill) {
-          this.skills.set(skill.name, skill);
-          this.logger.log(`Loaded skill: ${skill.name}`);
-        }
-      } catch (err: any) {
-        this.logger.error(`Failed to load skill from ${file}: ${err.message}`);
-      }
-    }
-
-    this.logger.log(`Loaded ${this.skills.size} skill(s)`);
-  }
-
-  private parseSkillFile(content: string): Skill | null {
-    const frontMatterMatch = content.match(/^---\n([\s\S]*?)\n---\n([\s\S]*)$/);
-    if (!frontMatterMatch) return null;
-
-    const frontMatter = frontMatterMatch[1];
-    const promptTemplate = frontMatterMatch[2].trim();
-
-    const name = this.extractField(frontMatter, 'name');
-    const description = this.extractField(frontMatter, 'description');
-
-    if (!name || !description) return null;
-
-    const allowedToolsRaw = this.extractField(frontMatter, 'allowedTools');
-    const allowedTools = allowedToolsRaw
-      ? allowedToolsRaw.split(',').map((t) => t.trim())
-      : undefined;
-
-    const maxRiskLevelRaw = this.extractField(frontMatter, 'maxRiskLevel');
-    const maxRiskLevel = maxRiskLevelRaw ? parseInt(maxRiskLevelRaw, 10) : undefined;
-
-    return { name, description, promptTemplate, allowedTools, maxRiskLevel };
-  }
-
-  private extractField(frontMatter: string, field: string): string | undefined {
-    const match = frontMatter.match(new RegExp(`^${field}:\\s*(.+)$`, 'm'));
-    return match ? match[1].trim() : undefined;
-  }
-
-  getSkill(name: string): Skill | undefined {
-    return this.skills.get(name);
-  }
-
-  listSkills(): Skill[] {
-    return Array.from(this.skills.values());
-  }
-
-  buildSkillPrompt(skillName: string, context: Record<string, string>): string {
-    const skill = this.skills.get(skillName);
-    if (!skill) {
-      throw new Error(`Skill not found: ${skillName}`);
-    }
-
-    let prompt = skill.promptTemplate;
-    for (const [key, value] of Object.entries(context)) {
-      prompt = prompt.replace(new RegExp(`\\{\\{${key}\\}\\}`, 'g'), value);
-    }
-    return prompt;
-  }
-}
--- a/packages/services/agent-service/src/infrastructure/engines/claude-code-cli/system-prompt-builder.ts
+++ b/packages/services/agent-service/src/infrastructure/engines/claude-code-cli/system-prompt-builder.ts
@ -8,7 +8,6 @@ export interface SystemPromptContext {
  userId?: string;
  userEmail?: string;
  serverContext?: string;
-  skills?: string[];
  riskBoundary?: string;
  additionalInstructions?: string;
  /** Voice session ID — when set, uses the internal wget-based OAuth trigger endpoint
@ -17,9 +16,16 @@ export interface SystemPromptContext {
 }

 /**
- * Builds system prompts for Claude CLI sessions.
+ * Builds system prompts for Claude CLI and voice sessions.
 * Generates and optionally saves system prompt files that provide
 * context about the tenant, server environment, and operational boundaries.
+ *
+ * Note: tenant skill content (from the `skills` DB table) is NOT injected here.
+ * The ClaudeAgentSdkEngine handles skill injection directly by querying
+ * `it0_t_{tenantId}.skills` and appending them to the system prompt at
+ * task-execution time (see claude-agent-sdk-engine.ts → loadTenantSkills /
+ * buildSystemPromptWithSkills). This builder is only used for CLI and voice
+ * sessions where skills are not currently loaded.
 */
@Injectable()
 export class SystemPromptBuilder {
@ -95,13 +101,6 @@ export class SystemPromptBuilder {
      parts.push(`\nServer Environment:\n${context.serverContext}`);
    }

-    // Available skills
-    if (context.skills && context.skills.length > 0) {
-      parts.push(
-        `\nAvailable Skills: ${context.skills.join(', ')}`,
-      );
-    }
-
    // Risk boundary
    if (context.riskBoundary) {
      parts.push(`\nRisk Boundary:\n${context.riskBoundary}`);
--- a/packages/services/agent-service/src/interfaces/rest/controllers/agent-instance.controller.ts
+++ b/packages/services/agent-service/src/interfaces/rest/controllers/agent-instance.controller.ts
@ -140,6 +140,61 @@ export class AgentInstanceController {
    return { ok: true };
  }

+  /**
+   * Inject a skill into a running OpenClaw instance.
+   *
+   * iAgent calls this (via internal wget) when a user asks to add a capability
+   * to their 小龙虾.  The bridge writes SKILL.md to the container volume and
+   * resets the current OpenClaw session so the new skill takes effect immediately.
+   *
+   * Body:
+   *   name        — skill slug, e.g. "it0-weather" (no slashes)
+   *   content     — full SKILL.md content (markdown with YAML frontmatter)
+   *   sessionKey  — (optional) active OpenClaw session key to reset after injection
+   *                 format: "agent:main:dt-<dingTalkUserId>" for DingTalk users
+   */
+  @Post(':id/skills')
+  async injectSkill(
+    @Param('id') id: string,
+    @Body() body: { name: string; content: string; sessionKey?: string },
+  ) {
+    const inst = await this.instanceRepo.findById(id);
+    if (!inst) throw new NotFoundException(`Instance ${id} not found`);
+    if (inst.status !== 'running') {
+      throw new BadRequestException(`Instance ${id} is not running (status: ${inst.status})`);
+    }
+    if (!body.name || !body.content) {
+      throw new BadRequestException('name and content are required');
+    }
+    if (body.content.length > 100_000) {
+      throw new BadRequestException('content too large (max 100KB)');
+    }
+    if (!inst.serverHost || !inst.hostPort) {
+      throw new BadRequestException(`Instance ${id} has no bridge address (still deploying?)`);
+    }
+
+    const bridgeUrl = `http://${inst.serverHost}:${inst.hostPort}`;
+    const payload = JSON.stringify({
+      name: body.name,
+      content: body.content,
+      ...(body.sessionKey ? { sessionKey: body.sessionKey } : {}),
+    });
+
+    const resp = await fetch(`${bridgeUrl}/skill-inject`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: payload,
+      signal: AbortSignal.timeout(10_000),
+    });
+
+    if (!resp.ok) {
+      const err = await resp.text().catch(() => resp.statusText);
+      throw new BadRequestException(`Bridge rejected skill injection: ${err}`);
+    }
+
+    return resp.json();
+  }
+
  @Delete(':id')
  async remove(@Param('id') id: string) {
    const inst = await this.instanceRepo.findById(id);