ClawHub

国顺搜项目

v1.0.0

招标监控:自动抓取招投标网站,按关键词过滤新项目,飞书/Telegram推送。 支持智能化/EPC总承包/中标公告,可独立配置关键词、数据源、推送目标。

0· 150·0 current·0 all-time
by@jimmygx

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jimmygx/bid-monitor.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "国顺搜项目" (jimmygx/bid-monitor) from ClawHub.
Skill page: https://clawhub.ai/jimmygx/bid-monitor
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install bid-monitor

ClawHub CLI

Package manager switcher

npx clawhub@latest install bid-monitor
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (招标监控) matches the code and config: monitor.py scrapes configured sources, filters by keywords, scores items, stores history and pushes via Feishu/webhook. Required binary (python) and Python libraries are appropriate for this purpose.
Instruction Scope
SKILL.md instructs editing config.json and running python monitor.py — the runtime behavior matches that: reading config.json, fetching external pages, writing data/history/log files, and posting notifications. The instructions do not ask to read unrelated system files. Note: push targets (webhook/Feishu) can cause data to be sent to external endpoints configured by the user; the skill will send scraped content (titles, links, some content) to those endpoints.
Install Mechanism
No install script is present (instruction-only). SKILL.md lists pip dependencies (requests, beautifulsoup4) which are proportionate and expected. Nothing is downloaded from untrusted URLs or written to system paths by an installer.
Credentials
The skill requests no environment variables. Credentials (Feishu app_id/app_secret) are expected to be placed in config.json rather than env vars — this is functional but increases exposure of secrets in a file. The push webhook URL and Feishu target can forward scraped data to arbitrary external endpoints if misconfigured.
Persistence & Privilege
always:false and normal model invocation. The skill writes its own data/history/log files under a local ./data directory but does not modify other skills or system-wide settings. No elevated persistence or cross-skill configuration changes detected.
Assessment
What to check before installing: - Inspect and edit config.json: change push.target, webhook_url, app_id and app_secret only if you trust the receiving endpoint. Do NOT put sensitive credentials into a shared or world-readable directory. - Prefer storing secrets (app_id/app_secret) in a secure secret store or environment variables rather than in config.json if possible; the current implementation expects them in the config file. - The script will fetch the URLs listed in config.json and send scraped titles/contents to the configured push targets — verify every source and every destination (webhook/Feishu) are trustworthy to avoid accidental data exfiltration. - The script creates a local data directory (history.json, monitor.log). If you run this on a multi-user system, ensure file permissions are appropriate. - There is no automatic installer; you must provide Python and pip-install requests and beautifulsoup4. Review the full monitor.py (especially the truncated portion if any) before running and consider running it in an isolated environment (container/VM) if you are concerned about network or filesystem access. - If you want stricter controls, disable autonomous invocation on the agent or review scheduling requests before allowing periodic runs.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspython
latestvk975wfnpbepk5q0txrw22tm4mx83nm4a
150downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@jimmygx
latest
Download

国顺搜项目 — 招标监控

自动抓取招投标网站,按关键词筛选,推送新项目通知。

快速开始

  1. 编辑 config.json:改 keywordspush.target
  2. 运行:python monitor.py
  3. 注册定时任务:在 OpenClaw 中说 "注册招标监控定时任务"

配置

config.json 关键字段:

  • keywords.core:核心关键词,如 ["智能化", "信息化"]
  • keywords.extend:扩展词,如 ["安防", "弱电", "无人机"]
  • keywords.exclude:排除词,如 ["农业"]
  • push.target:飞书 open_id 或群聊 ID
  • scoring.threshold:最低分,建议 5

特点

  • 总承包项目检查正文是否含智能化内容
  • 招标+中标公告均推送
  • 推送含命中原因
  • 支持飞书/Telegram/Webhook

依赖

pip install requests beautifulsoup4

Comments

Loading comments...