feat: add 3 runtime-approximation skills (52 total)

README.md

@@ -1,11 +1,11 @@
 # openclaw-superpowers
 
-**49 ready-to-use skills that make your AI agent autonomous, self-healing, and self-improving.**
+**52 ready-to-use skills that make your AI agent autonomous, self-healing, and self-improving.**
 
-[![Skills](https://img.shields.io/badge/skills-49-blue)](#skills-included)
+[![Skills](https://img.shields.io/badge/skills-52-blue)](#skills-included)
 [![Security](https://img.shields.io/badge/security_skills-6-green)](#security--guardrails)
-[![Cron](https://img.shields.io/badge/cron_scheduled-15-orange)](#openclaw-native-33-skills)
-[![Scripts](https://img.shields.io/badge/companion_scripts-20-purple)](#companion-scripts)
+[![Cron](https://img.shields.io/badge/cron_scheduled-16-orange)](#openclaw-native-36-skills)
+[![Scripts](https://img.shields.io/badge/companion_scripts-23-purple)](#companion-scripts)
 [![License: MIT](https://img.shields.io/badge/license-MIT-yellow.svg)](LICENSE)
 
 A plug-and-play skill library for [OpenClaw](https://github.com/openclaw/openclaw) — the open-source AI agent runtime. Gives your agent structured thinking, security guardrails, persistent memory, cron scheduling, self-recovery, and the ability to write its own new skills during conversation.
@@ -20,13 +20,13 @@ Built for developers who want their AI agent to run autonomously 24/7, not just
 
 Most AI agent frameworks give you a chatbot that forgets everything between sessions. OpenClaw is different — it runs persistently, handles multi-hour tasks, and has native cron scheduling. But out of the box, it doesn't know *how* to use those capabilities well.
 
-**openclaw-superpowers bridges that gap.** Install 49 skills in one command, and your agent immediately knows how to:
+**openclaw-superpowers bridges that gap.** Install 52 skills in one command, and your agent immediately knows how to:
 
 - **Think before it acts** — brainstorming, planning, and systematic debugging skills prevent the "dive in and break things" failure mode
 - **Protect itself** — 6 security skills detect prompt injection, block dangerous actions, audit installed code, and scan for leaked credentials
 - **Run unattended** — 12 cron-scheduled skills handle memory cleanup, health checks, budget tracking, and community monitoring while you sleep
 - **Recover from failures** — self-recovery, loop-breaking, and task handoff skills keep long-running work alive across crashes and restarts
-- **Never forget** — DAG-based memory compaction, integrity checking, and context scoring ensure the agent preserves critical information even in month-long conversations
+- **Never forget** — DAG-based memory compaction, integrity checking, context scoring, and SQLite session persistence ensure the agent preserves critical information even in month-long conversations
 - **Improve itself** — the agent can write new skills during normal conversation using `create-skill`, encoding your preferences as permanent behaviors
 
 ---
@@ -51,7 +51,7 @@ cd ~/.openclaw/extensions/superpowers && ./install.sh
 openclaw gateway restart
 ```
 
-`install.sh` symlinks all 49 skills, creates state directories for stateful skills, and registers cron jobs — everything in one step. That's it. Your agent now has superpowers.
+`install.sh` symlinks all 52 skills, creates state directories for stateful skills, and registers cron jobs — everything in one step. That's it. Your agent now has superpowers.
 
 ---
 
@@ -79,7 +79,7 @@ Methodology skills that work in any AI agent runtime. Adapted from [obra/superpo
 | `skill-conflict-detector` | Detects name shadowing and description-overlap conflicts between installed skills | `detect.py` |
 | `skill-portability-checker` | Validates OS/binary dependencies in companion scripts; catches non-portable calls | `check.py` |
 
-### OpenClaw-Native (33 skills)
+### OpenClaw-Native (36 skills)
 
 Skills that require OpenClaw's persistent runtime — cron scheduling, session state, or long-running execution. These are the skills that make a 24/7 autonomous agent actually work reliably.
 
@@ -118,6 +118,9 @@ Skills that require OpenClaw's persistent runtime — cron scheduling, session s
 | `context-assembly-scorer` | Scores how well current context represents full conversation; detects blind spots | every 4h | `score.py` |
 | `compaction-resilience-guard` | Monitors compaction for failures; enforces normal → aggressive → deterministic fallback chain | — | `guard.py` |
 | `memory-integrity-checker` | Validates summary DAGs for orphans, circular refs, token inflation, broken lineage | Sundays 3am | `integrity.py` |
+| `session-persistence` | Imports session transcripts into SQLite with FTS5 full-text search; queryable message history | every 15 min | `persist.py` |
+| `dag-recall` | Walks the memory DAG to recall detailed context on demand — query, expand, and assemble cited answers | — | `recall.py` |
+| `expansion-grant-guard` | YAML-based delegation grant ledger — scoped permission grants with token budgets and auto-expiry | — | `guard.py` |
 
 ### Community (1 skill)
 
@@ -148,13 +151,15 @@ Six skills form a defense-in-depth security layer for autonomous agents:
 
 | Feature | openclaw-superpowers | obra/superpowers | Custom prompts |
 |---|---|---|---|
-| Skills included | **49** | 8 | 0 |
+| Skills included | **52** | 8 | 0 |
 | Self-modifying (agent writes new skills) | Yes | No | No |
-| Cron scheduling | **15 scheduled skills** | No | No |
+| Cron scheduling | **16 scheduled skills** | No | No |
 | Persistent state across sessions | **YAML state schemas** | No | No |
 | Security guardrails | **6 defense-in-depth skills** | No | No |
-| Companion scripts with CLI | **20 scripts** | No | No |
+| Companion scripts with CLI | **23 scripts** | No | No |
 | Memory graph / knowledge graph | Yes | No | No |
+| SQLite session persistence + FTS5 search | Yes | No | No |
+| Sub-agent recall with token-budgeted grants | Yes | No | No |
 | MCP server health monitoring | Yes | No | No |
 | API spend tracking & budget enforcement | Yes | No | No |
 | Community feature radar (Reddit scanning) | Yes | No | No |
@@ -175,7 +180,7 @@ Six skills form a defense-in-depth security layer for autonomous agents:
 │   │   │   ├── SKILL.md
 │   │   │   └── TEMPLATE.md
 │   │   └── ...
-│   ├── openclaw-native/         # 33 persistent-runtime skills
+│   ├── openclaw-native/         # 36 persistent-runtime skills
 │   │   ├── memory-graph-builder/
 │   │   │   ├── SKILL.md             # Skill definition + YAML frontmatter
 │   │   │   ├── STATE_SCHEMA.yaml    # State shape (committed, versioned)
@@ -198,7 +203,7 @@ Six skills form a defense-in-depth security layer for autonomous agents:
 
 Skills marked with a script ship a small executable alongside their `SKILL.md`:
 
-- **20 Python scripts** (`run.py`, `audit.py`, `check.py`, `guard.py`, `bridge.py`, `onboard.py`, `sync.py`, `doctor.py`, `loadout.py`, `governor.py`, `detect.py`, `test.py`, `radar.py`, `graph.py`, `optimize.py`, `compact.py`, `intercept.py`, `score.py`, `integrity.py`) — run directly to manipulate state, generate reports, or trigger actions. No extra dependencies; `pyyaml` is optional but recommended.
+- **23 Python scripts** (`run.py`, `audit.py`, `check.py`, `guard.py`, `bridge.py`, `onboard.py`, `sync.py`, `doctor.py`, `loadout.py`, `governor.py`, `detect.py`, `test.py`, `radar.py`, `graph.py`, `optimize.py`, `compact.py`, `intercept.py`, `score.py`, `integrity.py`, `persist.py`, `recall.py`) — run directly to manipulate state, generate reports, or trigger actions. No extra dependencies; `pyyaml` is optional but recommended.
 - **`vet.sh`** — Pure bash scanner; runs on any system with grep.
 - Every script supports `--help` and `--format json`. Dry-run mode available on scripts that make changes.
 - See the `example-state.yaml` in each skill directory for sample state and a commented walkthrough of cron behaviour.
@@ -235,3 +240,4 @@ Skills marked with a script ship a small executable alongside their `SKILL.md`:
 - **[openclaw/openclaw](https://github.com/openclaw/openclaw)** — the open-source AI agent runtime
 - **[obra/superpowers](https://github.com/obra/superpowers)** — Jesse Vincent's skills framework; core skills adapted under MIT license
 - **[OpenLobster](https://github.com/Neirth/OpenLobster)** — inspiration for memory graph, config encryption auditing, tool-description scoring, and MCP health monitoring
+- **[lossless-claw](https://github.com/Martian-Engineering/lossless-claw)** — inspiration for DAG-based memory compaction, session persistence, sub-agent recall, and delegation grants

skills/openclaw-native/dag-recall/SKILL.md

@@ -0,0 +1,137 @@
+---
+name: dag-recall
+version: "1.0"
+category: openclaw-native
+description: Walks the memory DAG to recall detailed context on demand — query, expand, and assemble cited answers from hierarchical summaries without re-reading raw transcripts.
+stateful: true
+---
+
+# DAG Recall
+
+## What it does
+
+When the agent needs to recall something from past sessions, reading raw transcripts is expensive and often exceeds context limits. DAG Recall walks the hierarchical summary DAG built by memory-dag-compactor — starting from high-level (d2/d3) nodes, expanding into detailed (d0/d1) children — and assembles a focused, cited answer.
+
+Inspired by [lossless-claw](https://github.com/Martian-Engineering/lossless-claw)'s sub-agent recall pattern, where a lightweight agent fetches and expands nodes on demand rather than loading entire conversation histories.
+
+## When to invoke
+
+- When the agent asks "what did we decide about X?" or "how did we implement Y?"
+- When context about a past session is needed but the transcript isn't loaded
+- When searching MEMORY.md returns only high-level summaries that need expansion
+- Before starting work that depends on decisions or patterns from earlier sessions
+
+## How to use
+
+```bash
+python3 recall.py --query "how did we handle auth migration"   # Walk DAG + assemble answer
+python3 recall.py --query "deploy process" --depth 2           # Limit expansion depth
+python3 recall.py --query "API keys" --top 5                   # Return top 5 matching nodes
+python3 recall.py --expand s-d1-003                            # Expand a specific node
+python3 recall.py --trace s-d0-012                             # Show full ancestor chain
+python3 recall.py --recent --hours 48                          # Recall from recent nodes only
+python3 recall.py --status                                     # Last recall summary
+python3 recall.py --format json                                # Machine-readable output
+```
+
+## Recall algorithm
+
+1. **Search** — FTS5 query across all DAG node summaries
+2. **Rank** — Score by relevance × recency × depth (deeper = more detailed = higher score for recall)
+3. **Expand** — For each top-N match, walk to children (lower depth = more detail)
+4. **Assemble** — Combine expanded content into a coherent answer with node citations
+5. **Cache** — Store the assembled answer for fast re-retrieval
+
+### Expansion strategy
+
+```
+Query: "auth migration"
+  ↓
+d3 node: "Infrastructure & Auth overhaul Q1" (score: 0.72)
+  → expand d2: "Auth migration week of Feb 10" (score: 0.89)
+    → expand d1: "Migrated JWT signing from HS256 to RS256" (score: 0.95)
+      → expand d0: [raw operational detail — returned as-is]
+```
+
+Expansion stops when:
+- Target depth reached (default: expand to d0)
+- Token budget exhausted (default: 4000 tokens)
+- No children exist (leaf node)
+
+## DAG structure expected
+
+Reads from `~/.openclaw/lcm-dag/` (same directory as memory-dag-compactor):
+
+```
+~/.openclaw/lcm-dag/
+├── index.json          # Node metadata: id, depth, summary, children, created_at
+├── nodes/
+│   ├── s-d0-001.md     # Leaf node (operational detail)
+│   ├── s-d1-001.md     # Condensed summary
+│   ├── s-d2-001.md     # Arc summary
+│   └── s-d3-001.md     # Durable summary
+└── fts.db              # FTS5 index over node summaries
+```
+
+## Procedure
+
+**Step 1 — Query the DAG**
+
+```bash
+python3 recall.py --query "how did we handle the database migration"
+```
+
+Searches the FTS5 index, ranks results, expands top matches, and assembles a cited answer:
+
+```
+Recall: "how did we handle the database migration" — 3 sources
+
+  We migrated the database schema using Alembic with a blue-green
+  deployment strategy. The key decisions were:
+
+  1. Zero-downtime migration using shadow tables [s-d1-003]
+  2. Rollback script tested against staging first [s-d0-012]
+  3. Data backfill ran as async job over 2 hours [s-d0-015]
+
+  Sources:
+    [s-d1-003] "Database migration — shadow table approach" (Feb 12)
+    [s-d0-012] "Alembic rollback script for users table" (Feb 12)
+    [s-d0-015] "Async backfill job for legacy records" (Feb 13)
+```
+
+**Step 2 — Expand a specific node**
+
+```bash
+python3 recall.py --expand s-d1-003
+```
+
+Shows the full content of a node and lists its children for further expansion.
+
+**Step 3 — Trace lineage**
+
+```bash
+python3 recall.py --trace s-d0-012
+```
+
+Shows the full ancestor chain from leaf to root, revealing how detail connects to high-level themes.
+
+## Integration with other skills
+
+- **memory-dag-compactor**: Produces the DAG that this skill reads — must be run first
+- **session-persistence**: Alternative data source — recall can fall back to SQLite search when DAG nodes are insufficient
+- **context-assembly-scorer**: Recall results feed into context assembly scoring
+- **memory-integrity-checker**: Ensures DAG is structurally sound before recall walks it
+
+## State
+
+Recall history and cache stored in `~/.openclaw/skill-state/dag-recall/state.yaml`.
+
+Fields: `last_query`, `last_query_at`, `cache_size`, `total_recalls`, `recall_history`.
+
+## Notes
+
+- Uses Python's built-in `sqlite3` and `json` modules — no external dependencies
+- FTS5 used for search when available; falls back to substring matching
+- Token budget prevents runaway expansion on large DAGs
+- Cache is LRU with configurable max size (default: 50 entries)
+- If DAG doesn't exist yet, prints a helpful message pointing to memory-dag-compactor

skills/openclaw-native/dag-recall/STATE_SCHEMA.yaml

@@ -0,0 +1,26 @@
+version: "1.0"
+description: Recall query history, cache stats, and expansion tracking.
+fields:
+  last_query:
+    type: string
+    description: Most recent recall query text
+  last_query_at:
+    type: datetime
+  cache_size:
+    type: integer
+    description: Number of cached recall results
+  total_recalls:
+    type: integer
+    description: Lifetime recall count
+  avg_sources_per_recall:
+    type: number
+    description: Average number of DAG nodes cited per recall
+  recall_history:
+    type: list
+    description: Rolling log of recent recalls (last 20)
+    items:
+      query:            { type: string }
+      recalled_at:      { type: datetime }
+      sources_used:     { type: integer }
+      tokens_assembled: { type: integer }
+      cache_hit:        { type: boolean }

skills/openclaw-native/dag-recall/example-state.yaml

@@ -0,0 +1,62 @@
+# Example runtime state for dag-recall
+last_query: "how did we handle the auth migration"
+last_query_at: "2026-03-16T10:32:15.000000"
+cache_size: 12
+total_recalls: 47
+avg_sources_per_recall: 3.2
+recall_history:
+  - query: "how did we handle the auth migration"
+    recalled_at: "2026-03-16T10:32:15.000000"
+    sources_used: 4
+    tokens_assembled: 1820
+    cache_hit: false
+  - query: "deploy process"
+    recalled_at: "2026-03-16T09:15:03.000000"
+    sources_used: 3
+    tokens_assembled: 1240
+    cache_hit: false
+  - query: "deploy process"
+    recalled_at: "2026-03-16T09:45:22.000000"
+    sources_used: 3
+    tokens_assembled: 1240
+    cache_hit: true
+# ── Walkthrough ──────────────────────────────────────────────────────────────
+# python3 recall.py --query "how did we handle the auth migration"
+#
+#   Recall: "how did we handle the auth migration" — 4 sources
+#
+#     [s-d1-003] (summary) Migrated JWT signing from HS256 to RS256
+#       with key rotation plan...
+#     [s-d0-012] (detail) Created migration script for auth_keys table...
+#     [s-d0-015] (detail) Updated environment variables for RS256 public...
+#     [s-d0-018] (detail) Added rollback procedure in deploy/auth-rollback.sh...
+#
+#     Sources:
+#       [s-d1-003] "Migrated JWT signing from HS256 to RS2..." (2026-02-10)
+#       [s-d0-012] "Created migration script for auth_keys..." (2026-02-10)
+#       [s-d0-015] "Updated environment variables for RS25..." (2026-02-11)
+#       [s-d0-018] "Added rollback procedure in deploy/aut..." (2026-02-11)
+#
+# python3 recall.py --trace s-d0-012
+#
+#   Trace: s-d0-012 → root (3 nodes)
+#
+#   s-d0-012 (d0 — detail)
+#       Created migration script for auth_keys table
+#       Created: 2026-02-10
+#     └── s-d1-003 (d1 — summary)
+#         JWT signing migration HS256 → RS256
+#         Created: 2026-02-10
+#       └── s-d2-001 (d2 — arc)
+#           Auth & Infrastructure overhaul Feb 2026
+#           Created: 2026-02-14
+#
+# python3 recall.py --status
+#
+#   DAG Recall Status
+#   ──────────────────────────────────────────────────
+#     Last query:      how did we handle the auth migration
+#     Last query at:   2026-03-16T10:32:15.000000
+#     Total recalls:   47
+#     Cache size:      12 / 50
+#     DAG nodes:       24