ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Finder Local Search

v1.0.1

当需要搜索或推荐 TikTok、YouTube、Instagram 红人时使用,通过 Finder 获取候选红人。

0· 124·0 current·0 all-time
by@xiaobai1226

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for xiaobai1226/finder-local-search.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Finder Local Search" (xiaobai1226/finder-local-search) from ClawHub.
Skill page: https://clawhub.ai/xiaobai1226/finder-local-search
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install finder-local-search

ClawHub CLI

Package manager switcher

npx clawhub@latest install finder-local-search
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (Finder local search for TikTok/YouTube/Instagram creators) matches the required actions: calling Finder APIs at https://finder.optell.com, reading/writing a per-user ~/.finder/config.json, and creating projects/searching. No unrelated services, binaries, or credentials are requested.
!
Instruction Scope
SKILL.md explicitly instructs the agent to check for, create, read, and write the local config file (~/.finder/config.json) and to accept the user's API key pasted into the chat and write it directly to disk. It also instructs the agent to automatically perform API calls and create projects. While these actions are consistent with the skill's purpose, they expand the agent's authority to collect and persist secrets from chat and to perform filesystem and network operations without additional user confirmation — a privacy/security concern that should be surfaced to users.
Install Mechanism
No install spec or external downloads — instruction-only skill. Nothing will be written to disk by an installer. The runtime behavior (shell/python/curl snippets) is described in docs, but there is no packaged installer to evaluate.
Credentials
The skill declares no environment variables or credentials but implicitly requires a Finder API key. Requesting and storing that key in ~/.finder/config.json is proportionate to the described functionality. However, the instructions encourage users to paste the API key into the chat (which may be logged/retained by the platform) and instruct the agent to store it automatically — this increases risk beyond simply providing a single API key via a secure channel.
Persistence & Privilege
always:false (no forced global presence). The skill writes its own per-user config (~/.finder/config.json) and may create a directory and project via the Finder API — these are scoped to the user's files and account and are reasonable for this functionality. Note: the agent's ability to autonomously invoke the skill is the platform default; combined with the skill's file-write behavior it means the agent could attempt these actions without repeated prompts.
Assessment
This skill does what it claims (search Finder for creators) and needs your Finder API key to operate. Key points before installing or using it: - Do NOT paste long-lived API keys or other secrets into chat unless you understand the platform's chat retention and trust it; the skill instructs the assistant to accept a pasted key and write it directly to ~/.finder/config.json. If you prefer, create that config file yourself instead of sharing the key in chat. - The skill will read and write a local file (~/.finder/config.json) and may run curl/python/powershell commands if the agent environment allows execution. Be comfortable with the agent performing those filesystem and network actions. - Verify you trust the endpoint (https://finder.optell.com) and the email address developer.optell@gmail.com used for quota issues. - If you want tighter control: manually create ~/.finder/config.json with the API key, or provide a short-lived token and revoke it after use. If you have limited trust in automated behavior, avoid pasting credentials in chat and require explicit confirmation before the skill writes files or performs API calls.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bbhsfyx081rxm7cnxww2qss83phem
124downloads
0stars
2versions
Updated 1mo ago
v1.0.1
MIT-0
@xiaobai1226
latest
Download

Finder 本地搜索

这个 skill 用 Finder 开放接口搜索普通达人。

什么时候用

  • 用户想搜某个平台、某地区、某语言、某标签的达人
  • 用户想按粉丝区间、平均播放、互动率筛选达人
  • 用户第一次配置 Finder 访问秘钥

核心规则

  • 默认服务地址:https://finder.optell.com
  • 本地配置文件:
    • macOS / Linux:~/.finder/config.json
    • Windows PowerShell:$HOME/.finder/config.json
  • 优先自动执行;做不到时再给用户可复制命令
  • 用户把 api key 发到对话里时,直接帮他写入本地配置文件
  • 不要让用户重复描述需求
  • 只支持普通达人搜索,不调用相似达人搜索
  • 如果搜索返回“搜索次数已超出当前限制”,提醒用户发邮件到 developer.optell@gmail.com 申请增加使用量

工作流

  1. 先检查本地是否已有 config.json
  2. 如果没有:
    • 引导用户登录 https://finder.optell.com
    • 打开 https://finder.optell.com/api-key
    • 生成访问秘钥
    • 如果用户把 key 发到对话里,直接帮他创建 .finder/config.json
  3. 读取 references/filters.json,把用户需求转成搜索参数。
  4. 先查项目;如果没有项目,先说明原因,再征求确认创建默认项目。
  5. 调用 Finder 搜索接口并返回结果。
  6. 如果返回“搜索次数已超出当前限制。如需增加使用量,请发送邮件至 developer.optell@gmail.com”,直接告诉用户已达到当前限制,并引导他发邮件申请增加使用量。
  7. 如果结果为空,建议放宽 1 到 2 个条件继续搜索。

对话要求

  • 用中文,简短直接
  • 先帮用户做,再提示用户补必要信息
  • 能自动做的就直接做
  • 用户给过的 key 不要重复要求输入
  • 回复风格尽量自然,比如:
    • 我先帮你检查一下 Finder 配置。
    • 我已经帮你把访问秘钥写到 ~/.finder/config.json 里了,后面就不用再重复输入了。
    • 你现在还没有项目,要我顺手帮你建一个默认项目吗?
    • 你当前的搜索次数已经达到限制了。如果你想增加使用量,可以发邮件到 developer.optell@gmail.com,我也可以帮你整理一段邮件内容。

参考文件

  • 安装与配置说明:references/config.md
  • 搜索词典与别名:references/filters.json
  • 示例对话:references/examples.md

Comments

Loading comments...