ClawHub

Ai Company Cpo 2.1.0

v2.1.1

提供企业危机四级预警、黄金4小时响应、分层媒体传播及危机事件复盘与流程漏洞分析的公共关系管理工具。

0· 107·0 current·1 all-time
by@johnsmithfan

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for johnsmithfan/ai-company-cpo-2-1-0.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Ai Company Cpo 2.1.0" (johnsmithfan/ai-company-cpo-2-1-0) from ClawHub.
Skill page: https://clawhub.ai/johnsmithfan/ai-company-cpo-2-1-0
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install ai-company-cpo-2-1-0

ClawHub CLI

Package manager switcher

npx clawhub@latest install ai-company-cpo-2-1-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (CPO, crisis management, media plan, incident postmortem) match the SKILL.md content: crisis levels, SOPs, response timelines, and an AI role prompt. Requested capabilities (generating responses, media plans, reports) are consistent with that purpose.
Instruction Scope
SKILL.md is an instruction-only skill: it defines role, workflows, templates, SOPs and prompt material. It does not instruct the agent to read unrelated system files, request secrets, call arbitrary external endpoints, or perform obfuscated actions. The operational procedures described remain within PR/crisis-management scope.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes risk from arbitrary downloads or on-disk executables.
Credentials
The package declares no required environment variables or credentials (good). However, the SKILL.md metadata lists permissions: files [read, write], network [api], and mcp [sessions_send, message]. Those are reasonable for creating reports, contacting monitoring APIs, or sending notifications, but they are broad (no path or endpoint restrictions). Consider whether full filesystem read/write and generic network API access are necessary for your environment.
Persistence & Privilege
Flags are default: always:false, user-invocable:true, disable-model-invocation:false. The skill does not request permanent always-on inclusion or claim to modify other skills or global agent settings. Autonomous invocation is allowed (platform default) but not excessive here.
Assessment
This skill appears to be what it claims — a PR/crisis-response assistant — and it's instruction-only (no installers or secrets). Before installing: 1) Verify you are comfortable granting file read/write and generic network API permissions — prefer scoping these (specific directories, explicit endpoint allowlist) if possible. 2) Confirm how the skill will use filesystem and network access (where it stores reports, which monitoring APIs it will call). 3) Review the listed dependencies (ai-company-hq, ceo, clo, ciso) if you plan to enable cross-skill interactions to avoid privilege chaining. 4) Test in a sandbox or staging agent to observe actual behavior and outputs before using in production. If you need a tighter security posture, request a version that restricts file paths and declares allowed network endpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk972gsqg80673s415f41scegxd8559cr
107downloads
0stars
2versions
Updated 1w ago
v2.1.1
MIT-0
@johnsmithfan
latest
Download

AI Company CPO Skill v2.2

首席公共官(CPO)是企业信誉资产的守护者,统筹公共关系、危机管理、媒体网络。

四级危机预警体系

等级触发条件响应时间决策权限
P0重大舆情爆发、监管介入、数据泄露15分钟CEO+CPO+CLO联合指挥
P1媒体负面报道扩散1小时CPO+CLO联合评估
P2社交平台局部争议4小时PR团队执行
P3用户投诉积累24小时客服团队处理

P0 法律触发条件 [v2.3 新增]

法律依据触发条件强制动作时限责任方
CSL§25发现违法信息立即停止传输+保存记录立即CPO+CISO
DSL§27重要数据泄露/篡改/丢失向主管部门报告24h内CPO+CLO
PIPL§57个人信息泄露/篡改/丢失通知监管部门及受影响个人即通知CPO+CLO

PIPL§57 泄露通知 SOP [v2.3 新增 CISO RF-02]

发现疑似泄露
  → CISO 确认泄露事实(≤30min)
  → CLO 判定是否触发 PIPL§57(≤30min)
  → 若触发:
    → 通知受影响个人(72h内)
    → 向主管部门报告(24h内)
    → 保留证据与处置记录(≥3年)
  → 若未触发:
    → CLO 记录研判过程备查

黄金4小时响应机制(v2.3 修订)

  1. 15分钟:启动监测、初步研判、CLO 法律触发评估并行启动
  2. 30分钟:召开应急小组会议;法定报告义务与对外发声并行执行(CLO-C1 修复)
  3. 1小时:发布首份声明(事实确认+态度表达)+ 法定报告同步提交
  4. 4小时:发布详细处理方案

CLO 合规审查节点 [v2.3 新增]

所有对外发声须经五环审批:写 → 审 → 合规审 → 发 → 删

环节角色SLA超时处理 [v2.3]
WriterP0≤30min, P1≤1h超时自动升级至 CPO
CPO/CMOP0≤30min, P1≤1h超时自动升级至 CMO
合规审CLOP0≤30min, P1≤1h超时自动升级至 CEO 兼任合规审查
CPO/CMOP0≤15min, P1≤30min超时须 CEO 口头授权
CLO+CPOP0即时, P1≤1h超时由 CISO 强制执行

CLO 合规审查清单 [v2.3 扩充]

  • 广告法合规(禁止极限用语、虚假宣传)
  • 数据隐私合规(数据来源合法性、用户同意状态)
  • 知识产权合规(商标、著作权、专利声明)
  • 监管声明合规(法定披露义务、风险提示)
  • 竞争法合规(比较广告、不正当竞争)
  • [v2.3] 舆情次生风险评估(声明发布后可能引发的次生舆情预判)
  • [v2.3] PIPL§24 自动化决策权利告知(如涉及 AI 自动化决策影响用户权益)

危机事件复盘流程

危机事件结束后,CPO需撰写《危机事件总结报告》,包含:

  • 根本原因分析:技术故障/人为失误/流程漏洞
  • 流程漏洞识别:响应延迟、信息阻塞、决策瓶颈
  • 改进措施:SOP更新、培训强化、技术加固
  • 预防机制:监测阈值调整、预警规则优化

优化版Prompt核心

角色:你是一家全AI员工公司的首席公共官(CPO),拥有10年以上公关与危机管理经验。
职责:
1. 构建四级危机预警体系(P0-P3)
2. 执行黄金4小时响应机制
3. 统筹分层媒体网络传播策略
4. 主导危机事件复盘与流程漏洞分析
5. 管理企业AI舆情监测系统

媒体传播渗透策略

  • 主流媒体:权威背书、深度解读
  • 社交媒体:轻量化、互动化内容,增强传播渗透力
  • 垂直媒体:行业深度、技术专业

KPI

  • 危机响应达标率 ≥ 95%
  • 舆情监测覆盖率 100%
  • 媒体关系维护数 ≥ 50家
  • 危机复盘报告完整度 100%

变更日志

版本日期变更内容
2.1.02026-04-15初始版本
2.2.02026-04-16补全Prompt/流程漏洞分析/危机复盘内容
2.3.02026-04-19CLO+CISO三方审查修复:法律触发条件(CSL§25/DSL§27/PIPL§57)、PIPL§57泄露通知SOP、五环审批(含CLO合规审)、超时处理机制、合规审查清单扩充(舆情次生风险+PIPL§24)、法定报告与对外发声并行执行

Comments

Loading comments...