Food Safety Sentiment Monitor (Kevin)
Monitors food safety sentiment on Chinese social platforms, detects negative events, grades risks, and generates PR plans and reports automatically.
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 1 · 17 · 0 current installs · 0 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The description claims real‑time monitoring of Weibo, Zhihu, Xiaohongshu, and Douyin, but the shipped code only implements a simple Playwright-based Weibo scraper (and even that falls back to simulated data). The skill also advertises automated risk grading and report generation; the implementation uses hard-coded/simulated thresholds and outputs stubbed responses. This is an overclaim vs actual capability.
Instruction Scope
SKILL.md is lightweight and non-prescriptive. The runtime code uses Playwright to visit a public Weibo search URL and extracts text from page elements — behavior consistent with a monitoring scraper. It logs results to stdout and does not exfiltrate data to any hidden endpoint in the provided code. However the code includes (commented) references to an external OpenClaw/minimax client and a minimax config block: if a user later enables that path and provides API keys, data could be sent to an external LLM provider.
Install Mechanism
There is no install spec in the registry, but package.json lists 'playwright' as a dependency and an npm script to run 'npx playwright install' (which will download browser binaries). That's a legitimate but heavyweight dependency: installing will fetch browser artifacts from Playwright release hosts. No direct downloads from unknown personal URLs are present in the included files.
Credentials
The skill declares no required env vars or credentials. The code includes a minimax.apiKey and groupId in config.default.js (currently empty), which are expected for optional LLM calls — but there is no secure handling or env-var wiring present. If a user fills API keys into the config file or modifies the code to read secrets from environment variables, those keys could be transmitted to the configured provider. No unrelated credentials are requested.
Persistence & Privilege
The skill does not request 'always: true', does not modify other skills or system configuration, and simply runs a local Playwright process. It has normal runtime privileges for a scraper and does not persist itself as a global agent plugin.
What to consider before installing
This skill is not obviously malicious, but it is overstated and partially unimplemented. Before installing or running it: 1) Expect it to only scrape Weibo in its current form — other platforms are not implemented. 2) Run it in a sandboxed environment (or container) because Playwright will launch headless browsers and may download browser binaries. 3) Do not paste API keys or credentials into the repository files; if you enable the minimax/OpenClaw path, prefer environment variables and audit network destinations. 4) Verify compliance with target sites' terms of service for scraping. 5) If you need full multi‑platform monitoring or production reliability, treat this as a prototype and audit/extend the code (and add explicit install steps) rather than using it as-is.index.js:36
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.1
Download zipcrisis-managementdouyinfood-safetylatestmonitoringpr-responsepublic-opinionsentiment-analysisweiboxiaohongshuzhihu
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Food Safety Sentiment Monitor | 食品安全舆情监控
作者 / Author
Kevin(凯文老师)
- WeChat: ai94287
- Email: maifieldai@gmail.com
功能 / Features
- 实时监控微博/知乎/小红书/抖音食品安全舆情
- 自动识别负面事件
- 智能风险分级:低/中/高/特级
- 一键生成公关应急话术
- 自动生成事件复盘报告
Files
5 totalSelect a file
Select a file to preview.
Comments
Loading comments…