ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bi2 Report Generator

v1.0.0

根据PPTX截图提取经营数据,自动生成并保存BI2事业部多维度HTML格式经营分析报告,并发送至飞书用户。

0· 60·1 current·1 all-time
by@richard052317

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for richard052317/bi2-report-generator.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Bi2 Report Generator" (richard052317/bi2-report-generator) from ClawHub.
Skill page: https://clawhub.ai/richard052317/bi2-report-generator
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install bi2-report-generator

ClawHub CLI

Package manager switcher

npx clawhub@latest install bi2-report-generator
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's stated purpose (extract data from PPTX screenshots and generate/send reports) is reasonable, but the code does not implement image extraction — it uses DEFAULT_DATA instead. The code also embeds a Feishu app_id/app_secret and writes to hard-coded user desktop paths (specific to one developer), which is disproportionate and unexpected for a generic report generator. Hard-coded tenant credentials and machine-specific paths are inconsistent with a portable, user-facing skill.
!
Instruction Scope
SKILL.md instructs the agent to use an image tool to read screenshots, validate extracted data, clean temporary scripts, and map Feishu users to save paths. The provided generator.py does not parse images, does not perform data extraction from screenshots, and does not delete temp files. It defines a send_to_feishu function that requires a user_open_id, but the SKILL.md's Feishu user mapping supplies local folder names, not open_ids — the runtime wiring is incomplete and unclear.
Install Mechanism
No install spec is provided and the skill is instruction-plus-source only, so nothing external is downloaded or automatically installed. This lowers install-time risk.
!
Credentials
No environment variables are declared, yet generator.py contains hard-coded Feishu app_id and app_secret (sensitive credentials) used to obtain tenant tokens. Embedding tenant-level credentials in code is inappropriate and increases the risk of unauthorized access or exfiltration; credential handling is not proportional or transparent.
Persistence & Privilege
The skill writes files to and creates folders under hard-coded local paths (e.g., /Users/zhangzhaoliangdemacmini/Desktop/Openclaw_Pool/...). It does not request always:true and does not modify other skills. Writing to user folders is expected for a report generator, but the fixed, user-specific paths reduce portability and may leak developer-specific environment assumptions.
What to consider before installing
Do not install or run this skill without changes and review. Specific issues to address before trusting it: 1) Remove hard-coded Feishu credentials from source and require the operator to supply app_id/app_secret (or a tenant token) via secure environment variables or a secrets manager; verify the credentials belong to an approved application. 2) Implement or verify the image-parsing step (SKILL.md promises screenshot extraction but generator.py uses static DEFAULT_DATA). 3) Make file save paths configurable instead of using hard-coded developer desktop paths. 4) Clarify how Feishu user open_ids are obtained and ensure the skill only sends files to intended recipients. 5) Audit network behavior (requests.post) and restrict the app's permissions to the minimum required. If you cannot verify the origin/ownership of the embedded Feishu app_secret or cannot run the code in a safe, isolated environment, avoid using this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk974tcnw1t2b5gc9zzhnckqrmh850wv2
60downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@richard052317
latest
Download

BI2 事业部经营分析报告生成器

用途

根据 PPTX 截图数据自动生成 BI2 事业部经营分析报告(HTML 格式)。

触发指令

  • "生成 BI2 经营分析报告"
  • "BI2 报告"
  • "事业部经营分析"
  • "BI2 经营分析"

输入

  • PPTX 截图(包含销售额、毛利额、毛利率、费用、客户、产品、库存、应收账款、未来预测等数据)
  • 用户标识(飞书用户,用于确定保存路径)

输出

  • HTML 格式经营分析报告
  • 保存路径:/Users/zhangzhaoliangdemacmini/Desktop/Openclaw_Pool/{USER}_Folder/BI2 事业部经营分析报告_{YYYYMMDD}.html

报告维度(10 个)

  1. 经营摘要:核心经营亮点、KPI 卡片、2026 年累计数据
  2. 收入分析:季度对比、月度销售额/毛利额/毛利率对比
  3. 盈利分析:毛利额趋势、净利润/净利率趋势、毛利差异因素分析
  4. 费用分析:季度费用对比、月度费用明细、费用洞察
  5. 客户分析:2025 年客户排名、2026 年累计客户排名
  6. 产品分析:HT 固态产品线、EVP 液态产品线、产品策略建议
  7. 库存分析:库存 KPI 卡片、库存改善说明
  8. 应收账款:应收账款概况、重要说明(逾期规则 + 呆滞库存)、客户欠款排序
  9. 未来预测:4-6 月预测数据、预算差距警示、预测洞察
  10. 洞察建议:核心经营建议、销售策略、产品路线图、费用管控

处理流程

  1. 读取截图:使用 image 工具读取所有截图,提取紫色底色实际数据
  2. 数据校验:检查数据完整性(销售额、毛利额、毛利率、净利润等)
  3. 生成报告:使用 HTML 模板填充数据
  4. 保存文件:根据飞书用户确定保存路径
  5. 发送飞书:上传 HTML 文件并发送消息
  6. 清理临时文件:删除临时脚本

数据规范

金额单位

  • 统一使用 万元
  • 2025 年全年销售额:115,496 万元(11.55 亿元)

数据格式

  • 销售额:整数(如 11,191)
  • 毛利额:整数(如 2,108)
  • 毛利率:百分比(如 18.84%)
  • 净利润:整数(如 873)
  • 净利率:百分比(如 7.80%)

关键数据(基于截图紫色底色)

月份销售额毛利额毛利率净利润净利率
2025-018,1991,61719.73%480.58%
2025-027,9221,54619.52%1211.52%
2025-039,8542,03520.66%1,37813.98%
2025-0411,0462,57223.29%1,29111.69%
2025-0510,0092,29422.92%1,88218.81%
2025-0610,4742,42723.17%9689.24%
2025-0713,1663,33325.32%1,66212.62%
2025-0811,3922,73424.00%9718.52%
2025-096,5761,71624.87%4536.88%
2025-105,7661,43424.60%360.63%
2025-117,4671,83721.92%-60-0.81%
2025-126,2341,13918.27%1,09417.55%
2026-018,7161,53717.63%4324.95%
2026-025,40781315.04%-251-4.65%
2026-0311,1912,10818.84%8737.80%

飞书用户映射

飞书用户英文名保存路径
Richard (张召良)Richard/Users/zhangzhaoliangdemacmini/Desktop/Openclaw_Pool/Richard_Folder/
JING (李京)JING/Users/zhangzhaoliangdemacmini/Desktop/Openclaw_Pool/JING_Folder/
Jeanie (王琴)Jeanie/Users/zhangzhaoliangdemacmini/Desktop/Openclaw_Pool/Jeanie_Folder/
Mickey (熊伟)Mickey/Users/zhangzhaoliangdemacmini/Desktop/Openclaw_Pool/Mickey_Folder/
City (袁思婷)City/Users/zhangzhaoliangdemacmini/Desktop/Openclaw_Pool/City_Folder/

文件名规范

  • 标准格式:BI2 事业部经营分析报告_{YYYYMMDD}.html
  • 多版本格式:BI2 事业部经营分析报告_{YYYYMMDD}_v{版本号}.html
  • 最终版本:BI2 事业部经营分析报告_{YYYYMMDD}_完善版.html

注意事项

  1. 数据准确性:必须基于截图紫色底色实际数据,不可编造
  2. 单位统一:所有金额统一为万元
  3. 中文显示:HTML 必须使用微软雅黑字体,避免乱码
  4. 交互友好:使用导航标签切换章节,图表可视化
  5. 版本管理:多轮修改时保留版本号,用户确认后清理中间版本

技能位置

~/.openclaw/workspace/skills/bi2-report-generator/

版本历史

  • v1.0 (2026-04-13):初始版本,支持 10 个维度报告生成

Comments

Loading comments...