ZeeLin Deep Research 深度研究
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: kelcey-zeelin-deep-research Version: 0.1.0 The skill is a legitimate integration for the ZeeLin Deep Research platform (desearch.zeelin.cn). It uses a shell script (scripts/research.sh) and detailed instructions in SKILL.md to manage a multi-step workflow involving API task creation, status polling, and report generation. The code uses Node.js for safe JSON handling and limits network activity to the specified service domain. No evidence of malicious intent, data exfiltration, or unauthorized persistence was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When used, the agent may run the included shell script to contact the ZeeLin service.
The skill tells the agent to run a local script via exec. This is disclosed and central to the API workflow, but users should notice that using the skill involves command execution.
优先用 `exec` 调用脚本 `scripts/research.sh` 一次性完成
Use the skill only if you are comfortable with the documented script execution and external API workflow.
You must provide a ZeeLin API key, and that key will be used to authenticate requests to the provider.
The script requires a ZeeLin API key from the environment. This is expected for the service integration, but the registry metadata lists no required env vars or primary credential.
API_KEY="${DESEARCH_API_KEY:-}"Use a dedicated, revocable API key and be aware that the registry metadata under-declares this credential requirement.
Research questions, which may contain business or personal information, are uploaded to desearch.zeelin.cn for processing.
The script sends the user's research content and API authentication to the external ZeeLin API. This is disclosed and purpose-aligned, but the artifacts do not describe provider retention or privacy boundaries.
RESP=$(curl -s -X POST "${BASE_URL}/api/conversation/anew" ... -H "x-api-key: ${API_KEY}" ... -d "$BODY")Avoid submitting sensitive or confidential information unless you trust ZeeLin’s service terms and data handling.