brazil市场政策查询Skill

v1.0.0

提供基于惠迈智能体架构的巴西市场政策、法规和投资环境的智能查询与多语言支持。

⭐ 0· 58·0 current·0 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for yezhaowang888-stack/huimai-brazil-policy.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "brazil市场政策查询Skill" (yezhaowang888-stack/huimai-brazil-policy) from ClawHub.
Skill page: https://clawhub.ai/yezhaowang888-stack/huimai-brazil-policy
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install huimai-brazil-policy

ClawHub CLI

Package manager switcher

npx clawhub@latest install huimai-brazil-policy

Security Scan

Capability signals

Requires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description match the included code: index.js implements a local BrazilPolicyQuery class offering queryPolicies, analyzeInvestmentEnvironment, language switching and cache clearing. However, README and metadata claim DeepSeek v4 integration, 惠迈智能体三层架构 collaboration, and live data collection; the implementation contains no network calls, no DeepSeek/huimai integrations, and fetchFromDataSource returns simulated/static data with placeholder strings (e.g. '${name}'). This is an overstated capability / marketing-versus-implementation mismatch rather than immediate malicious behavior.

✓

Instruction Scope

SKILL.md and README instruct the user to configure dataSources and to use environment variables for API keys; the runtime instructions do not ask the agent to read unrelated system files or secrets. The code itself does not access system files or environment variables directly (it relies on the consumer to pass config), so runtime instructions stay within the stated scope.

✓

Install Mechanism

There is no registry install spec beyond normal npm/clawhub installation suggestions. package.json has no dependencies and there are no external download URLs or extract steps. Installation appears low-risk, but provenance is weak (source: unknown, homepage: none) — standard npm install would fetch this package from whatever registry/clawhub provides, so verify the package origin before install.

ℹ

Credentials

The skill declares no required env vars in the registry metadata, but README/SKILL.md encourage using environment variables for API keys (INVESTMENT_API_KEY, TRADE_API_KEY, etc.). The code does not itself read environment variables; it expects callers to pass dataSources in config. This is proportionate but a subtle mismatch: the skill will not function with live data until you supply external API endpoints/keys, so be prepared to provide credentials when integrating — and only provide keys with least privilege.

✓

Persistence & Privilege

No 'always: true' flag, no install-time scripts, and the code does not modify other skills or system-wide settings. The skill does not persist credentials or write to other skills' configs. Normal autonomy (agent invocation) is allowed by platform defaults and is not a special concern here.

What to consider before installing

Key points to consider before installing or using this skill: - Provenance: the source/homepage are not provided and the publisher is an opaque owner ID. Prefer packages with a verifiable repository and maintainer history. Inspect the package contents locally before npm/clawhub install. - Capability gap: README and metadata advertise DeepSeek/惠迈 integrations and live data collection, but the included code contains no network calls or integrations — it returns simulated data and placeholders like '${name}'. Do not assume it will fetch real Brazilian policies until you (a) review/extend fetchFromDataSource to call trusted endpoints, and (b) provide and vet the data source endpoints/API keys. - Credentials: the package does not require env vars at install time, but you will likely pass API keys or endpoints at runtime. Only provide the minimum-scoped keys and avoid embedding secrets in code. Review any code you add that performs network I/O to ensure it uses secure endpoints and does not leak keys. - Testing: run the included tests in an isolated/dev environment first (the test.js only exercises the local simulated logic). If you add real data-source code, re-audit for network destinations and logging of sensitive values. - When in doubt: contact the author or request the upstream repo/homepage. The mismatch between marketing claims and implementation reduces confidence; treat this package as incomplete/experimental unless you verify and extend it yourself.

Like a lobster shell, security has layers — review code before you run it.

brazilvk973zv7jn0nr6me2pdqy7rke9s85fe11huimaivk973zv7jn0nr6me2pdqy7rke9s85fe11latestvk973zv7jn0nr6me2pdqy7rke9s85fe11policyvk973zv7jn0nr6me2pdqy7rke9s85fe11

58downloads

0stars

1versions

Updated 4d ago

v1.0.0

MIT-0

巴西市场政策查询Skill

🚀 概述

基于惠迈智能体三层架构的政策查询框架，提供巴西市场政策、法规、投资环境的智能查询和分析。

🌟 核心亮点

惠迈智能体协作：基于惠迈三层智能体架构，支持多源数据整合
惠迈智能体协作：基于惠迈三层智能体架构，确保数据准确性和实时性
多语言支持：支持中文、英文等多种语言
数据源可配置：灵活配置不同数据源，适应各种业务需求

🔧 技术特性

多语言支持

中文（简体）
英文（美国）
自动语言检测和切换

数据源配置

{
  dataSources: {
    investment: '[请替换为您的巴西投资政策数据源]',
    trade: '[请替换为您的巴西贸易法规数据源]',
    // ... 其他数据源
  }
}

📦 安装

# 通过ClawHub安装
clawhub install brazil-policy-query

# 或手动安装
npm install brazil-policy-query

🔒 安全使用指南

数据源配置：使用环境变量管理敏感数据源信息
API密钥：不要将真实API密钥写入代码
权限控制：为数据源配置最小必要权限

支持

如有问题，请提交Issue或联系维护团队。

惠迈智能体：让全球业务变得简单

Comments

Loading comments...