VIN (Vehicle Identification Number) Query - VIN车辆识别代码查询
v1.0.4用 17 位 VIN 查品牌车型年款等,并可按车型查机油、变速箱等扩展信息。当用户说:这个车架号是什么车?查一下 VIN 对应的排量,或类似 VIN 解析时,使用本技能。
⭐ 10· 450·1 current·1 all-time
by极速数据@jisuapi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the requested resources and behavior: the skill queries JisuAPI VIN endpoints and provides oil/gearbox lookups by carid. Required env var JISU_API_KEY is appropriate and is declared as the primary credential.
Instruction Scope
SKILL.md and vin.py limit actions to forming HTTP GET requests to api.jisuapi.com endpoints with the provided VIN/carid and the AppKey. This will send user-supplied VINs and carids to JisuAPI (a third-party service) — expected for the purpose but potentially privacy-sensitive. The instructions do not attempt to read other environment variables or files.
Install Mechanism
No install spec (instruction-only + a bundled script) — low risk. One practical issue: the script imports the Python 'requests' library but the metadata only lists 'python3' as a required binary and does not declare Python package dependencies; the runtime may fail if 'requests' is not installed. No downloads or external installers are used.
Credentials
Only JISU_API_KEY is required. That key is proportionate to calling the JisuAPI service. No unrelated credentials, config paths, or broad secrets are requested.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills or system settings. It runs as a simple script when invoked.
Assessment
This skill is internally consistent and appears to be what it claims: a small Python client for JisuAPI's VIN endpoints. Before installing, consider: (1) you must provide a JISU_API_KEY (AppKey) and the script will send any VINs you query to api.jisuapi.com — treat VINs as potentially sensitive and only use a key you trust; (2) ensure the Python runtime has the 'requests' package installed (the metadata doesn't declare this dependency); (3) be aware of JisuAPI rate limits, billing, and key permissions (the script will fail or return API errors if the key is missing/expired/over-quota); (4) if you need stricter privacy, review whether sending VINs to a third party is acceptable. If you want higher assurance, inspect or run the script in an isolated environment and verify network requests go only to the listed api.jisuapi.com endpoints.Like a lobster shell, security has layers — review code before you run it.
latestvk974cez8t9bbred7r82e7jbywh844ytq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🚗 Clawdis
Binspython3
EnvJISU_API_KEY
Primary envJISU_API_KEY