ClawHub

coze-workflow-api

v1.0.0

在 OpenClaw 中调用 Coze Workflow API (stream_run)。 **使用场景:** 1. 用户需要调用 Coze workflow 执行特定任务 2. 需要提供 workflow_id、parameters、PAT Key 3. 处理流式响应结果 **触发关键词:** coze wo...

0· 216·0 current·0 all-time
by@chocolatemale
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the instructions: the SKILL.md shows how to call Coze Workflow API (stream_run) with workflow_id, parameters, and a PAT. There is one minor metadata mismatch: the SKILL.md asks users to set COZE_PAT_KEY, but the published registry metadata lists no required env vars or primary credential.
Instruction Scope
Instructions are narrowly scoped to calling https://api.coze.com/v1/workflow/stream_run via curl, handling streaming events, and optionally redirecting output to a local file (/tmp/coze_result.txt). The skill does not instruct reading other system files, fetching unrelated credentials, or sending data to unknown endpoints.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes on-disk footprint and makes the runtime surface limited to the curl invocations the agent performs.
Credentials
The SKILL.md requires a COZE_PAT_KEY (PAT token) which is appropriate for calling the Coze API. However, the registry metadata did not declare any required env vars or a primary credential, creating an inconsistency that should be corrected for transparency.
Persistence & Privilege
Skill is not always-enabled and does not request elevated or persistent system privileges. It does not modify other skill configurations or agent-wide settings.
Assessment
This skill is an instruction-only helper that runs curl against api.coze.com and expects you to provide a COZE_PAT_KEY (PAT token). Before installing or using it: 1) Confirm you trust the Coze service and that the token you supply has minimal, scoped permissions; do not paste high-privilege keys. 2) Be aware networked requests send workflow inputs and parameters to Coze (so avoid sending secrets in parameters). 3) Note the registry metadata omitted the COZE_PAT_KEY declaration — ask the publisher to update the metadata for transparency. 4) Because it writes output to a local file in examples (/tmp/coze_result.txt), avoid storing sensitive outputs in world-readable locations. Overall the skill appears coherent and limited in scope, but protect your PAT and validate Coze's privacy/security posture before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk974sr824v7ad1yz9vkkt7eb09835xd6
216downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@chocolatemale
latest
Download

Coze Workflow Skill

直接在 OpenClaw 中调用 Coze Workflow API。

前置配置

设置 PAT Key 环境变量:

export COZE_PAT_KEY="your_pat_token_here"

使用方法

直接使用 curl

curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \
  --header "Authorization: Bearer $COZE_PAT_KEY" \
  --header 'Content-Type: application/json' \
  --data-raw '{
    "workflow_id": "your_workflow_id",
    "parameters": {
      "key": "value"
    }
  }' \
  --max-time 120

保存结果到文件

curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \
  --header "Authorization: Bearer $COZE_PAT_KEY" \
  --header 'Content-Type: application/json' \
  --data-raw '{
    "workflow_id": "your_workflow_id",
    "parameters": {
      "key": "value"
    }
  }' \
  --max-time 120 > /tmp/coze_result.txt

参数说明

参数位置说明
workflow_iddata-rawCoze Workflow ID
parametersdata-rawWorkflow 输入参数 (JSON 对象)
COZE_PAT_KEYheaderPAT Token,通过环境变量传入

示例

示例: 分析创意素材风险

export COZE_PAT_KEY="your_pat_token_here"

curl -s --location --request POST 'https://api.coze.com/v1/workflow/stream_run' \
  --header "Authorization: Bearer $COZE_PAT_KEY" \
  --header 'Content-Type: application/json' \
  --data-raw '{
    "workflow_id": "7566546276516642834",
    "parameters": {
      "id": "1859150663345201",
      "id_type": "creative"
    }
  }' \
  --max-time 120

响应格式

流式响应,每行一个事件:

id: 0
event: PING
data: {...}

id: 1
event: Message
data: {"content":"...","node_type":"End",...}

id: 2
event: Done
data: {"debug_url":"..."}

关键字段:

  • event: Message - 包含 workflow 执行结果
  • event: Done - 执行完成
  • node_type: End - 结束节点

故障排查

超时 (28)

  • 原因: API 响应较慢(通常 30-60 秒)
  • 解决: 增加 --max-time 120

HTTP 401

  • 原因: PAT Key 无效
  • 解决: 检查 PAT Key 是否正确

HTTP 404

  • 原因: Workflow ID 不存在
  • 解决: 确认 workflow_id

连接失败

  • 国内网络可能不稳定,重试即可

Comments

Loading comments...