ClawHub

Warehouse Network Analysis

v1.0.0

基于客户门店数据,结合企业实际仓配网络,进行仓配网络规划分析。包括:门店分布统计、城市定位、配送距离测算、区域划分建议、报货周期规划、干线发运规划。为企业设仓方案、配送方案、调拨方案提供数据支撑。

0· 72·0 current·0 all-time
by@jinqianfei
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description align with its files and instructions: it reads an Excel of store locations, computes statistics and distances, and proposes RDC/FSL/TC mappings. Notes: SKILL.md contains inconsistent numeric counts for the number of bases (mentions 17, later examples reference 21, and table rows appear mismatched), and some logic statements (e.g., '每个FSL都是RDC') contradict the stated optimization goal — these are coherence/documentation issues but not security-critical.
Instruction Scope
SKILL.md instructs the agent to read an Excel and run Python code (pandas) to compute stats and distances; it does not instruct reading other system files, accessing environment secrets, or sending data externally. However, allowed-tools includes read/write and Bash(python3:*), which grants file system access at runtime — the instructions themselves stay within the stated purpose, but running the skill will give it the ability to read/write arbitrary files if misused.
Install Mechanism
No install spec (instruction-only plus a small analyze.py). Nothing is downloaded or installed by the skill itself. Low install risk.
Credentials
The skill declares no required environment variables, credentials, or config paths and the code does not access any. This matches the stated offline/analysis purpose.
Persistence & Privilege
always:false and no modifications to other skills or system settings. The skill can be invoked by the agent (normal), but it does not request persistent presence or elevated privileges.
Assessment
This skill is internally coherent and does what it says: it reads an Excel, runs a small pandas-based analysis, and prints results. Before installing/using it: 1) Review and run analyze.py in a safe/sandboxed environment because allowed-tools permits running arbitrary Python and file read/write; avoid giving it sensitive files. 2) Ensure pandas is available on the runtime (the code requires pandas but the skill declares no dependency/install instructions). 3) Expect the built-in city coordinate table to be incomplete (only a small set of cities included) and SKILL.md has inconsistent counts (17 vs 21 etc.) — verify the data/assumptions against your network. 4) If you need stricter safety, run the script on a copy of your data or inspect/modify the code to restrict file access or add logging to confirm no external connections. Overall: no signs of data exfiltration or hidden endpoints, but exercise normal caution when running code that can read/write files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dj5apsste0nbbhmn28t1fzs8403h0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments