Cca Domain4
v1.0.0CCA 领域4:提示工程与结构化输出(20%权重)。当用户说"学domain4"、"提示工程"、"structured output"、"cca-domain4"时使用。
⭐ 0· 98·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name and description describe prompt engineering and structured output; the SKILL.md content is a coherent lesson and hands-on exercise set for that topic. No unexpected binaries, credentials, or installs are requested.
Instruction Scope
The instructions go beyond purely theoretical material and include '实操' steps (define a tool_use extractor, submit 100 documents to a Batches API, route low-confidence items to human review, use multiple instances). As written they mostly describe how to implement workflows rather than commanding specific local file reads or system-wide access, but several steps imply network/API calls and multi-instance use that would require external credentials and runtime capabilities not declared in the skill metadata. If the agent were allowed to execute actions autonomously, these implementation steps could cause it to attempt network calls or use tooling; the SKILL.md itself does not request credentials or give concrete endpoints.
Install Mechanism
No install spec and no code files (instruction-only). This minimizes on-disk persistence and install-time risk.
Credentials
The skill declares no required environment variables or credentials, which is appropriate for a teaching/instruction skill. However, the exercises reference external APIs (Batches API, multiple Claude instances) that in practice would require API keys and network access; those are not declared. That is not necessarily malicious, but it is something to be aware of before enabling execution.
Persistence & Privilege
always is false and the skill does not request system-wide or cross-skill configuration changes. Allowed-tools include Read/Write/Edit/Bash/Agent which are reasonable for interactive exercises but should be considered when enabling execution privileges.
Assessment
This skill is a lesson and exercise set about prompt engineering and structured extraction; its content is coherent with that purpose and no installs or credentials are requested. Things to consider before enabling it: (1) It includes hands-on steps that imply calling external APIs and using multiple model instances — if you allow the agent to execute actions, it may attempt network calls; provide only minimal, limited-scope credentials if needed. (2) The listed allowed tools include Bash and Agent — if you are uncomfortable with autonomous execution of shell commands or network calls, keep this skill user-invocable only or disable autonomous invocation. (3) Test the skill in a safe environment first (no production secrets) to confirm whether the agent only returns guidance or actually performs API submissions. If you need the skill to perform real submissions, explicitly supply scoped API keys and audit logs for those calls.Like a lobster shell, security has layers — review code before you run it.
latestvk977xrg6s3461dc4vcgdtmr0jn83hfze
License
MIT-0
Free to use, modify, and redistribute. No attribution required.