Bocha Search (Momo优化版)
v1.0.0博查 AI 搜索工具。调用 https://api.bocha.cn 进行网页搜索,返回带摘要的中文结果。不依赖 OpenClaw 内置 web_search。
⭐ 0· 383·1 current·2 all-time
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the code and docs: the scripts call https://api.bocha.cn/v1/web-search, format results, and the _meta.json declares curl and jq which the scripts require. No unrelated cloud credentials or services are requested.
Instruction Scope
SKILL.md and scripts stay within search functionality (configure API key, call API, format output). Minor documentation inconsistency: setup.sh prints a suggestion to 'source ~/.openclaw/skills/bocha-search/scripts/env.sh' and to run 'bocha-search', but there is no env.sh or bocha-search wrapper included in the package — the actual runnable is scripts/search.sh. Also SKILL.md mentions using the BOCHA_API_KEY environment variable (optional) though the registry metadata does not declare required env vars; this is harmless but worth noting.
Install Mechanism
No install spec (instruction-only) and bundled scripts are simple shell files. No downloads from external or untrusted URLs, no archive extraction, and required tools are standard (curl, jq) as declared.
Credentials
The only sensitive data needed is the Bocha API key, which the skill stores locally at ~/.openclaw/skills-config/bocha-search.json or accepts via BOCHA_API_KEY. This is proportionate to a search integration. The skill does not request unrelated secrets or system-level credentials.
Persistence & Privilege
Skill is not always-enabled and does not modify other skills or system-wide settings. It persistently stores the API key in a user-local config file (expected for convenience) and otherwise requires no elevated privileges.
Assessment
This skill appears to do exactly what it says: call Bocha's web-search API and format results. Before installing: 1) Confirm you trust the Bocha service and its API key handling (the key is stored in plaintext at ~/.openclaw/skills-config/bocha-search.json unless you use an env var). 2) Ensure curl and jq are available. 3) Note the minor doc mismatch: there is no env.sh or bocha-search wrapper in the package — use the provided scripts/search.sh path or adjust installation accordingly. 4) Don’t commit the saved JSON with your API key to any repository. If you need higher assurance, inspect the skill files locally and verify network calls go to api.bocha.cn as shown.Like a lobster shell, security has layers — review code before you run it.
latest
🔍 Bocha Search Skill
博查 AI 搜索工具 - 调用 api.bocha.cn 进行网页搜索。
⚡ 快速开始
1. 配置 API Key
# 替换 YOUR_API_KEY 为你的博查 API Key
~/.openclaw/skills/bocha-search/scripts/setup.sh YOUR_API_KEY
获取 API Key: https://open.bocha.cn
2. 执行搜索
# 搜索(默认 5 条结果)
~/.openclaw/skills/bocha-search/scripts/search.sh "搜索关键词"
# 指定结果数量
~/.openclaw/skills/bocha-search/scripts/search.sh "搜索关键词" 10
📋 使用方法
通过环境变量
export BOCHA_API_KEY="sk-你的APIKey"
~/.openclaw/skills/bocha-search/scripts/search.sh "关键词"
直接用 curl
curl -s "https://api.bocha.cn/v1/web-search" \
-H "Authorization: Bearer $BOCHA_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"query":"关键词",
"summary": true,
"freshness": "noLimit",
"count": 5
}'
📝 参数说明
| 参数 | 说明 | 默认值 |
|---|---|---|
query | 搜索关键词 | 必填 |
summary | true 返回 AI 摘要 | true |
freshness | 时间筛选: noLimit/pd/pw/pm/py | noLimit |
count | 结果数量 (1-10) | 5 |
📤 输出格式
每条结果包含:
- 📌 标题 - 页面标题
- 🔗 链接 - 页面 URL
- 📝 摘要 - AI 生成的摘要
⚙️ 配置说明
配置文件位置
首次配置后,API Key 保存在:
~/.openclaw/skills-config/bocha-search.json
更新 API Key
# 重新运行 setup 脚本
~/.openclaw/skills/bocha-search/scripts/setup.sh 新的APIKey
🔒 安全说明
- ✅ API Key 存储在本地配置文件中,不暴露在代码中
- ✅ 支持环境变量方式,避免配置文件泄露
- ❌ 不要将包含 API Key 的配置提交到代码仓库
📂 文件结构
bocha-search/
├── SKILL.md # 本文档
├── _meta.json # 元数据
└── scripts/
├── setup.sh # 配置 API Key
└── search.sh # 搜索脚本
❓ 常见问题
Q: 搜索返回错误怎么办? A: 检查 API Key 是否正确,可访问 https://open.bocha.cn 查看配额
Q: 结果数量可以更多吗? A: 当前支持 1-10 条,API 限制
Q: 如何切换搜索时间? A: 修改 freshness 参数: pd(天)、pw(周)、pm(月)、py(年)、noLimit(不限)
🔗 相关链接
Comments
Loading comments...