运营平台知识检索
v1.0.0在快手企业知识库中精准搜索内部政策、流程、SOP、FAQ等信息,返回相关文档片段和链接。
⭐ 0· 280·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description (enterprise knowledge retrieval) align with the runtime instructions: the skill issues POST requests to internal knowledge/query endpoints and returns document snippets and links. This is coherent for an internal knowledge-search skill. However, the SKILL.md expects an 'operator' value (injected from a local credential such as ~/.openclaw/username) yet the skill metadata declares no required env vars or config paths — that's a mismatch between claimed requirements and actual runtime needs.
Instruction Scope
The instructions are explicit about HTTP calls to internal endpoints (baseUrl http://kwaishop-gateway-manage.internal) and the exact request/response fields to use, which is appropriate. But they also require reading/injecting an 'operator' value from a local credential (explicitly referencing ~/.openclaw/username) without declaring that file or any env var in the registry metadata. Reading a local credential file is a sensitive action and should be declared; the SKILL.md doesn't request any other unrelated files, but this specific file access is a scope creep / transparency issue.
Install Mechanism
No install spec and no code files (instruction-only) means the skill does not write files or install packages on disk, which is low-risk from an installation perspective. The runtime behavior depends on the agent's ability to make HTTP calls and access local credentials.
Credentials
The skill makes network calls to an internal service and needs an 'operator' credential, but the registry metadata lists no required environment variables, no primary credential, and no config paths. The implicit requirement to inject ~/.openclaw/username is not declared — that mismatch is disproportionate and should be clarified. Also, if the 'operator' value is sensitive (username, token, or identity), sending it to internal endpoints may have privacy/authorization implications.
Persistence & Privilege
The skill is not marked always:true and is user-invocable; it does not request to modify other skills or system configs. It caches last_space_code/last_repo_code in-memory per its own rules, which is benign. Autonomous invocation is allowed (platform default) but not exceptional here.
What to consider before installing
This skill appears to do what it says (search an internal knowledge base) but it expects an 'operator' credential to be injected from a local file (example: ~/.openclaw/username) while the registry metadata does not declare any required env vars or config paths. Before installing: (1) verify the skill's source and that it comes from a trusted internal author or registry; (2) ask the author to explicitly declare the credential requirement (file path or env var) and explain what 'operator' contains (is it just a username or a secret token?); (3) ensure ~/.openclaw/username (or whatever store is used) does not contain secrets (API keys/passwords); (4) restrict the agent's network access so it can only call the expected internal host(s) (kwaishop-gateway-manage.internal); (5) prefer a version that declares its required credentials in the registry metadata or that uses a least-privilege token for 'operator'. If you cannot validate the origin or contents of the operator credential, treat this skill as potentially unsafe and do not install it on systems holding sensitive credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk975gmwgf3z3h4abd79c4efqj1825q7h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.