Dan Koe Writer
v1.0.1Dan Koe 写作方法论工具箱。基于 OpenClaw Agent 模型,把爆款内容拆解成「创意积木」,再组装成新文章。触发场景:(1) 用户要拆解爆款文章并提取写作要素;(2) 用户需要写作方向或创意灵感;(3) 用户要生成完整的公众号/小红书/推特文章;(4) 用户想学习 Dan Koe 的 APAG 框架...
⭐ 0· 78·0 current·0 all-time
by@alleliu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Dan Koe writing toolbox) matches the included scripts and reference markdown: goldmine.py extracts building blocks from articles, spark.py composes ideas from the local knowledge base, and write.py assembles prompts for generating articles. The ability to fetch WeChat pages (playwright) and read local article files is coherent for a tool that 'tears down' viral posts and constructs new ones.
Instruction Scope
SKILL.md and the scripts instruct the agent to run the included scripts and then call the agent's own model on the generated prompts. This stays within writing/analysis scope. Two things to be aware of: (1) goldmine.py and the scripts can read a user-supplied file path (--file) anywhere the agent or user points to, so if an agent is allowed to pick arbitrary paths it could read arbitrary local files; (2) fetching remote pages (Playwright) causes network access to the given URL. Both behaviors are expected for this skill but users should avoid passing sensitive file paths or secrets as input.
Install Mechanism
No install spec is declared (instruction-only), which is low risk. The code depends on third-party tooling (playwright) that is not installed automatically; the SKILL.md and scripts print guidance about installing playwright but there's no automated installer. This is a usability/incoherence note (missing declared dependency), not an indication of malicious activity. Playwright will download browser binaries when installed, which is normal but worth noting.
Credentials
The skill requests no environment variables or credentials. The scripts operate on local files (references/knowledge and user-provided inputs) and do not attempt to read environment secrets or cloud credentials.
Persistence & Privilege
always:false and no special platform privileges. The skill will read and may append to its own knowledge files (references/knowledge) when the user runs the 'load' flow, which is expected. It does not modify other skills or system-wide agent settings. Allowing the agent to choose file paths when invoking the scripts would increase risk of unwanted file reads/writes; restrict inputs if that is a concern.
Assessment
This skill appears to do what it says: analyze articles, build a local 'creative blocks' library, and produce prompts/contexts for an LLM to generate posts. Before installing or invoking it: 1) Be aware the scripts can fetch web pages (network access) and read any file paths you pass in — do not supply sensitive files or credentials. 2) The code uses Playwright (not auto-installed) which will download browser binaries if you install it; install third-party libs from trusted sources and review them. 3) The skill writes to its own references/knowledge folder when you save extracted blocks — if you prefer no on-disk persistence, avoid running the save/load operations. 4) The skill relies on the agent’s model to perform LLM extraction/generation; ensure your agent policies and model access controls align with how you want the AI to run. If you want extra caution, run the scripts in an isolated environment or container and review any extracted prompts/outputs before sending them to an external model.Like a lobster shell, security has layers — review code before you run it.
latestvk97d9kavx1p7arc426vhq5g89983vtm0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.