Ai Company Writer
v1.0.0AI Company 内容创作执行层 Agent。支持多格式内容生成(文档/博客/公众号/邮件/广告/社交媒体/产品说明), 内置品牌调性一致性检查、AIGC 内容标识注入、版权过滤。归 CMO 所有、CQO 质量监督。 触发关键词:写文案、内容创作、写文章、写邮件、写产品介绍、写广告词、写推广文案、品牌文案、...
⭐ 0· 36·1 current·1 all-time
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (content generation, brand-consistency, compliance) align with delivered artifacts: SKILL.md describes a 5-module pipeline and the repo includes a compliance_check.py that implements AIGC mark injection and policy regexes. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md and scripts operate on content files and declare only file read permission. The compliance_check.py reads an arbitrary content-file path provided at runtime and inspects text for policy patterns — consistent with purpose. Note: because permissions include files: [read], the skill can access workspace files that are passed to it; ensure only non-sensitive content is supplied.
Install Mechanism
Instruction-only skill with no install spec. The only code is a small Python script included in the bundle; nothing is downloaded or executed from external URLs. Low installation risk.
Credentials
No environment variables, credentials, or external config paths are required. The requested capabilities (reading content files, internal messaging via mcp) are proportionate to a content-generation and compliance-checking skill.
Persistence & Privilege
always:false and normal model invocation. The skill requests mcp permissions (sessions_send, subagents) to report results to HQ/CQO which is expected for an integrated agent; it does not request persistent runtime privileges or modify other skills' configs.
Assessment
This skill appears coherent with its stated purpose. Before installing, confirm the following: (1) Only non-sensitive content is passed to the skill (it can read workspace files you give it). (2) You’re comfortable that outputs and audit logs may be sent to the HQ/CQO internal channels (mcp sessions_send). (3) Test the compliance pipeline on sample inputs to verify the blocking/flagging behavior meets your policy. If you need tighter controls, restrict its file-read scope or run the script in a sandboxed environment.Like a lobster shell, security has layers — review code before you run it.
latest
AI Company Writer — 内容创作执行层
概述
EXEC-001 内容创作执行层 Agent,归 CMO 所有、CQO 质量监督。 负责 AI Company 所有对外对内文本内容的生成与管理, 是 CMO 增长引擎的内容执行抓手,也是 CLO 合规体系的前端防线。
核心功能
Module 1: 多格式内容生成
根据 format 参数生成对应格式内容:
| 格式 | 典型用途 | 输出结构 |
|---|---|---|
doc | 内部文档、报告 | Markdown,含标题层级 |
blog | 博客文章 | Markdown,含 SEO 元数据 |
wechat | 公众号推文 | Markdown,含引导行动 |
email | 商务邮件 | Markdown,含签名模板 |
ad | 广告文案 | 多种变体(3组)供选择 |
social | 社交媒体 | 短文本,含 hashtag |
product | 产品说明 | Markdown,含特性列表 |
Module 2: 品牌调性一致性
内置风格规范:
- 语气:专业但不冷漠、权威但亲和
- 结构:结论先行,重点突出
- 词汇:避免过度技术术语,面向受众调整
- 禁用词:绝对化用语("最佳"/"唯一"/"第一")
Module 3: AIGC 内容标识
所有生成内容强制注入 AIGC 标识(符合《互联网信息服务深度合成管理规定》第17条):
---
本文档由 AI 辅助生成 | AI-Company-Writer v1.0.0 | 生成时间: [timestamp]
---
Module 4: 合规过滤
生成前自动检查以下风险:
- 版权风险:检测与已知版权内容的相似性,触发 WRITER_003
- 虚假宣传(《广告法》第28条):禁用绝对化表述
- 医疗/金融建议:拒绝生成医疗诊断或投资建议,触发 WRITER_004
Module 5: 多轮修订
支持指定修订版本数(默认 1 次),保留完整修订历史。
安全考虑
CISO STRIDE 评估
| 威胁 | 结果 | 防护措施 |
|---|---|---|
| Spoofing | Pass | Skill 名称不与系统命令冲突 |
| Tampering | Pass | 输入不作为路径,无注入风险 |
| Repudiation | Pass | 所有生成操作记录审计日志 |
| Info Disclosure | Pass | 不访问用户凭证/密钥/个人文件 |
| Denial of Service | Pass | 输出长度上限(max 10000 tokens) |
| Elevation | Pass | 无特权操作,不请求 exec |
禁止行为
- 禁止以真实人物身份生成内容
- 禁止生成医疗诊断、药物建议
- 禁止生成投资建议、财务预测
- 禁止生成歧视性、仇恨性内容
- 禁止硬编码任何 API 密钥或令牌
审计要求
必须记录的审计日志
{
"agent": "ai-company-writer",
"exec-id": "EXEC-001",
"timestamp": "<ISO-8601>",
"action": "content-generation",
"input": {
"format": "<format>",
"brand": "<brand>",
"tone": "<tone>",
"word-count-target": "<length>"
},
"output": {
"word-count": "<actual>",
"brand-consistency-score": "<0-100>",
"aigc-mark": true,
"compliance": {
"copyright-flag": false,
"false-ad-flag": false
}
},
"quality-gate": "G2",
"owner": "CMO"
}
与 C-Suite 的接口
| 方向 | 通道 | 内容 |
|---|---|---|
| HQ → Writer | sessions_send | task payload (format, task, brand, tone, length) |
| Writer → HQ | sessions_send | output (content, compliance, metadata) |
| Writer → CQO | sessions_send | G3+ gate triggered (compliance violation) |
常见错误
| 错误码 | 原因 | 处理方式 |
|---|---|---|
| WRITER_001 | 生成失败 | 重试一次,失败则返回错误 |
| WRITER_002 | 格式不支持 | 提示支持格式列表 |
| WRITER_003 | 版权风险 | 返回风险点,要求修改输入 |
| WRITER_004 | 内容越界 | 拒绝生成,说明原因 |
变更日志
| 版本 | 日期 | 变更内容 |
|---|---|---|
| 1.0.0 | 2026-04-15 | 重建版本:标准化+模块化+通用化 L3,完整 ClawHub Schema v1.0 |
Comments
Loading comments...