Ai Insights
v1.0.0搜索并分析过去N天内AI领域的重大事件,生成深度洞察报告。当用户需要了解最新AI动态、行业趋势、头部厂家新闻、政策变化时触发此技能。输出为标准Markdown格式的结构化报告文件。
⭐ 0· 39·0 current·0 all-time
byFrankMei@neverland83
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (AI news insights) match the instructions: it uses web_search and an LLM to find, filter, and summarize recent AI events. Declared dependencies (web_search, llm) are appropriate and proportional.
Instruction Scope
The SKILL.md stays on-topic (search, filter, write a Markdown report). It instructs saving the report to ./artifacts/ and optionally setting up a cron job that uses an example 'openclaw message send' to push reports. That optional push would require external messaging/channel credentials and configuration not declared in the skill; the core instructions themselves do not attempt to read unrelated system files or secrets.
Install Mechanism
No install spec and no code files — instruction-only skills have minimal installation risk. Nothing is downloaded or written by an installer.
Credentials
The skill declares no required env vars or credentials, which is proportional. Two caveats: (1) the declared dependency 'llm (any provider)' implies the runtime will need LLM provider credentials available to the agent (not listed in the skill) — this is typical but worth confirming; (2) the optional cron/push workflow references sending messages to channels (Feishu/Slack/etc.), which would require channel credentials/configuration that the skill does not declare.
Persistence & Privilege
always:false and no instructions that modify other skills or system-wide configs. The skill writes report files to a local ./artifacts directory (normal), and autonomous invocation is the platform default (not a special privilege here).
Assessment
This skill is internally consistent with its stated purpose and presents low security risk as-is. Before installing: (1) verify that your agent's web_search and LLM provider integrations are trusted (LLM provider credentials are needed at runtime even though the skill doesn't declare them); (2) if you enable the optional cron + automatic push, ensure any messaging channels (Feishu/Slack/Discord) are configured intentionally and that required channel credentials or tokens are stored and granted only as needed; (3) confirm you are comfortable with reports being saved to ./artifacts (check file permissions and retention); and (4) if you need stronger provenance, test the skill on a short time range and inspect the chosen source URLs to ensure the media weighting/blacklist behavior matches your expectations.Like a lobster shell, security has layers — review code before you run it.
latestvk97cex0az4562j0k42wgxw2st984v2v7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.