ClawHub

汽车配件 - 多维 参考价查询

v1.0.1

使用积智数据 参考价格查询 API,通过 配件编码 列表 查询 配件的 参考价格信息。

0· 96·0 current·0 all-time
byJu Yuan@polaris2013
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, declared env var (JZ_API_KEY), SKILL.md endpoint (https://erp.qipeidao.com/jzOpenClaw/getPriceRefer) and the included Python script all align: the skill queries a remote parts-price API and nothing else.
Instruction Scope
SKILL.md instructs exporting JZ_API_KEY and running the provided Python script with a JSON list and optional quality parameter. The script only reads argv[1]/argv[2] and the JZ_API_KEY env var, then POSTs to the documented API — scope is limited and consistent with the stated task.
Install Mechanism
This is instruction-only with no install spec (low disk risk). The Python script uses the 'requests' library but the skill does not declare how to install that dependency; users should ensure the runtime has python3 and requests installed.
Credentials
Only a single credential (JZ_API_KEY) is required, which is expected for an external API. There are no unrelated env vars or config paths requested.
Persistence & Privilege
always is false and the skill does not request persistent system-level changes or modify other skills. Autonomous invocation is enabled by default (platform behavior) but not combined with other red flags.
Assessment
This skill appears coherent, but review before using: (1) You will send the JZ_API_KEY and parts codes to https://erp.qipeidao.com/jzOpenClaw/getPriceRefer — only provide keys you trust to that vendor. (2) The script requires Python 3 and the 'requests' package; install requests if missing (pip install requests). (3) The script prints the API response directly and does minimal input validation — avoid passing secrets in partsCodes or malformed JSON. (4) If you have concerns about key exposure, run the script in an isolated environment, and consider using a scoped/rotatable API key for this service.

Like a lobster shell, security has layers — review code before you run it.

latestvk978f28d2gc31659z1xn3jxhdh83knrz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvJZ_API_KEY
Primary envJZ_API_KEY

Comments