ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cnc Quote Skill

v1.0.0

AI-powered CNC machining quote system with risk detection, material optimization, and multi-channel integration. Built for OpenClaw ecosystem.

0· 74·1 current·1 all-time
by@timo2026

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for timo2026/cnc-quote-skill.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Cnc Quote Skill" (timo2026/cnc-quote-skill) from ClawHub.
Skill page: https://clawhub.ai/timo2026/cnc-quote-skill
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install cnc-quote-skill

ClawHub CLI

Package manager switcher

npx clawhub@latest install cnc-quote-skill
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
SKILL.md and README describe a Python QuoteEngine, RAG-powered model using 1213 records, DashScope AI integration, multi-channel (QQ, email, API) and filesystem-backed configuration. The published bundle contains only docs (no code modules, no data) and the registry metadata at top lists no required env/config. That mismatch (advertised executable capability vs. no code/data and no declared credentials) is incoherent.
!
Instruction Scope
Runtime instructions tell users/agents to edit ~/.openclaw/config.json to add a DashScope API key, copy the skill into ~/.openclaw/skills, run python -m cnc_quote_skill.import_data and instantiate QuoteEngine() — actions that read/write config and invoke modules that are not present in the package. The SKILL.md thus directs filesystem and credential changes that are not declared by the registry metadata.
Install Mechanism
No install spec is bundled (instruction-only), which lowers direct install risk. The docs reference installing from a GitHub repo (several URLs included). Installing from that external repo would fetch code — that's a normal workflow but it shifts risk to the external source; absence of a packaged install makes the published skill incomplete.
!
Credentials
The skill instructs adding a DashScope API key and integrating channels (QQ, email, API) but the registry shows no required env vars or primary credential. meta.json lists channels and fs permissions but the top-level requirements list none — requests for unspecified external API keys and channel credentials are disproportionate to what the registry declares and should be explicitly declared before install.
!
Persistence & Privilege
always:false (normal), but SKILL.md and examples expect write access to user config (~/.openclaw/config.json) and copying into ~/.openclaw/skills; _meta.json also lists fs.read/fs.write permissions. The combination of undocumented filesystem access and missing code/data elevates concern about what would actually run after installation. No 'always:true' privilege is present.
What to consider before installing
Do not install blindly. The package on the registry is documentation-only but claims runnable code and external AI integration; before installing, verify the upstream GitHub repository contains the actual code and that the maintainer is legitimate. Ask the publisher to: (1) provide the Python package/module referenced (cnc_quote_skill) or a valid install artifact; (2) explicitly declare required credentials and config paths (DashScope API key, QQ/email channel creds) and explain how secrets are stored; (3) supply or document the provenance of the 1213 training records. If you must test, run installation in an isolated environment (container or VM), inspect the source code you download, and avoid pasting API keys into public files. If anything asks to upload your OpenClaw config or private keys to a remote endpoint not documented here, stop and investigate.

Like a lobster shell, security has layers — review code before you run it.

latestvk979jmjmr6tvah3h3ar0fme9rh84qmf3
74downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@timo2026
latest
Download

CNC Quote Skill

Overview

An intelligent CNC machining quotation system that combines rule-based pricing with AI-powered risk detection. Designed for manufacturers, machine shops, and procurement teams.

Key Features

  • Smart Quote Engine: Material cost + machining time + surface treatment calculation
  • Risk Detection: Automatic flagging of unusual orders (up to 25% risk detection rate)
  • Multi-Channel: QQ Bot, Email, and API integration
  • RAG-Powered: Hybrid retrieval with 1213 real quote records
  • Self-Learning: Continuous improvement from feedback

Installation

# Via ClawHub
openclaw skill install cnc-quote-skill

# Or from source
git clone https://github.com/openclaw-community/cnc-quote-skill.git
cd cnc-quote-skill
openclaw skill install .

Quick Start

from cnc_quote_skill import QuoteEngine

# Initialize engine
engine = QuoteEngine()

# Create a quote request
quote = engine.calculate({
    "material": "AL6061",
    "dimensions": {"length": 100, "width": 50, "height": 20},
    "surface_treatment": "anodizing",
    "quantity": 100,
    "urgency": "normal"
})

print(quote.total_price)  # ¥310.11
print(quote.confidence)   # 0.96
print(quote.risk_flags)   # []

Use Cases

Case 1: Risk Detection

Scenario: A customer requests an unusual combination of surface treatments.

Input: Anodizing + Chrome Plating (incompatible)
Output: ⚠️ RISK FLAGGED - Surface treatment conflict detected
        Recommended: Manual review required

Case 2: Cost Optimization

Scenario: Bulk order with complex geometry.

Input: 1000 units, complex 5-axis machining
Output: ✓ Optimized quote with bulk discount (15% off)
        Suggested: Batch processing for 20% additional savings

Case 3: Material Suggestion

Scenario: Customer requests generic "steel" material.

Input: Steel, outdoor application
Output: 💡 Suggestion: 304 Stainless Steel recommended
        Reason: Better corrosion resistance for outdoor use
        Price difference: +12%, but saves maintenance costs

Configuration

Edit config/quote_settings.json:

{
  "confidence_threshold": 0.7,
  "risk_sensitivity": "high",
  "currency": "CNY",
  "tax_rate": 0.13,
  "channels": ["qq", "email", "api"]
}

API Reference

QuoteEngine.calculate(order_details)

Calculate quote for a machining order.

Parameters:

  • material (str): Material type (e.g., "AL6061", "SUS304")
  • dimensions (dict): Length, width, height in mm
  • surface_treatment (str): Surface treatment type
  • quantity (int): Order quantity
  • urgency (str): "normal", "urgent", "rush"

Returns:

  • total_price (float): Total quote amount
  • breakdown (dict): Itemized costs
  • confidence (float): Quote confidence (0-1)
  • risk_flags (list): Risk warnings
  • suggestions (list): Optimization suggestions

Data Requirements

  • Training Data: Minimum 100 historical quotes recommended
  • Material Database: Pre-configured with 7 material types
  • Surface Treatments: 11 types with pricing rules

Performance Metrics

MetricValue
Quote Accuracy94% (within ±10%)
Risk Detection Rate25% of orders flagged
Average Processing Time< 2 seconds
Supported Materials111+ types

Changelog

v1.0.0 (2026-03-23)

  • Initial release
  • Core quote engine
  • Risk detection module
  • Multi-channel integration

License

MIT License - Free for commercial and personal use.

Support

Comments

Loading comments...