TANGSUAN1994

v1.0.0

将文档摘要、分类和原链接记录到「工作知识库」智能表格中。当用户提到「知识库」，或要求"记录/存入/归档到知识库"，或发来文档链接并希望整理归档时触发。流程：AI 自动生成简短摘要 → 用户指定主题分类 → 写入企业微信智能表格。

⭐ 0· 117·0 current·0 all-time

by@tangsuan1221

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for tangsuan1221/knowledgeskill.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "TANGSUAN1994" (tangsuan1221/knowledgeskill) from ClawHub.
Skill page: https://clawhub.ai/tangsuan1221/knowledgeskill
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install knowledgeskill

ClawHub CLI

Package manager switcher

npx clawhub@latest install knowledgeskill

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill claims to record documents into a 'work knowledge base' and the SKILL.md shows exactly how (mcporter call to wecom-doc with a fixed docid and sheet_id). However, the registry metadata lists no required binaries, env vars, or primary credential even though the runtime requires the mcporter binary and configured wecom-doc MCP credentials. The fixed docid/sheet link implies writes to a specific remote sheet (not declared), which may not belong to the installer.

Instruction Scope

Runtime instructions are specific and limited (extract title/summary, ask user for category, then call mcporter to add records). They do not request system files or other unrelated env vars. Concerns: (1) instructions assume mcporter is present and configured but metadata doesn't state that; (2) they will send user-provided content to a hard-coded remote smart sheet (doc.weixin.qq.com) — the skill does not instruct verifying ownership/permission or warning about sensitive content.

ℹ

Install Mechanism

This is instruction-only (no install spec), so it won't write code to disk — low install risk. But it's inconsistent: SKILL.md requires the mcporter CLI and a configured wecom-doc MCP server, yet the skill metadata declares no required binaries or install steps. The installer should expect to install/configure mcporter externally.

Credentials

No environment variables or credentials are declared, but the skill implicitly requires credentials for the wecom-doc MCP (to authenticate writes) stored/configured in mcporter. That credential access is not documented in metadata and the target docid is hard-coded, raising proportionality and transparency concerns (who owns the target sheet, where will user data go?).

ℹ

Persistence & Privilege

always is false and the skill is user-invocable — normal. The skill does not request persistent installation privileges. However, because it can be invoked by the agent and will write externally to a fixed sheet, autonomous invocation combined with the hard-coded data sink increases potential impact; this should be considered when granting the agent permission to run autonomously.

What to consider before installing

Before installing or enabling this skill: (1) Confirm who owns the hard-coded WeCom smart-sheet (docid/sheet_id). If it is not under your control, do not send sensitive documents to it. (2) Expect to install and configure the mcporter CLI and the wecom-doc MCP server yourself; the skill metadata should have declared this — ask the author to add required binaries and credential details. (3) If you will use this in production, request that docid/sheet_id be configurable (not hard-coded) and that the skill explicitly state which credentials it will use. (4) Test with non-sensitive sample data first. (5) If you need higher assurance, ask the publisher for the skill's origin/homepage and for proof that the remote sheet belongs to your org or is a trusted endpoint.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dd99mqzgcfnsqcwzs04z28s83a0es

117downloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

工作知识库记录 Skill

将文档信息（摘要、分类、链接）自动写入用户的「工作知识库」智能表格。

智能表格信息（固定）

docid: dc582Cpold81fGNQo15Ky9YOmywvoKi6YHxC8mCoEjY6dL1F90iJidFzHo-BVnWZA01cnFxG7gtqnUFBEWYJiAFg
sheet_id: q979lj
表格链接: https://doc.weixin.qq.com/smartsheet/s3_ALIA4HicAGQCNvM2rGEgMRsiZ11bd_a?scode=AJEAIQdfAAoyejQcdBALIA4HicAGQ
字段结构:
字段标题类型
文档名称 FIELD_TYPE_TEXT
主题分类 FIELD_TYPE_SINGLE_SELECT
链接 FIELD_TYPE_URL
备注 FIELD_TYPE_TEXT

字段标题	类型
文档名称	FIELD_TYPE_TEXT
主题分类	FIELD_TYPE_SINGLE_SELECT
链接	FIELD_TYPE_URL
备注	FIELD_TYPE_TEXT

工作流程

第一步：提取文档信息

用户发来文档链接或内容后：

文档名称：从链接标题或用户描述中提取，若无法判断则询问用户
摘要：基于文档内容或链接描述，AI 自动生成一句话简短描述（20-50字），放入「备注」字段
链接：直接使用用户提供的原始链接
主题分类：必须询问用户，不要自行猜测

询问分类示例：

我已提取摘要：「{摘要内容}」，请问这份文档归属哪个主题分类？（如没有现成分类，告诉我新分类名称即可）

第二步：写入知识库

确认分类后，使用 mcporter call wecom-doc.smartsheet_add_records 写入：

mcporter call wecom-doc.smartsheet_add_records --args '{
  "docid": "dc582Cpold81fGNQo15Ky9YOmywvoKi6YHxC8mCoEjY6dL1F90iJidFzHo-BVnWZA01cnFxG7gtqnUFBEWYJiAFg",
  "sheet_id": "q979lj",
  "records": [
    {
      "values": {
        "文档名称": [{"type": "text", "text": "{文档名称}"}],
        "主题分类": [{"text": "{用户指定的分类}"}],
        "链接": [{"type": "url", "text": "{文档名称}", "link": "{原始链接}"}],
        "备注": [{"type": "text", "text": "{AI生成的摘要}"}]
      }
    }
  ]
}' --output json

第三步：回复用户

写入成功后告知用户：

✅ 已记录到知识库！查看知识库

前置依赖

需要 mcporter 已安装且 wecom-doc MCP server 已配置
若未配置，参考 wecom-doc skill 的配置流程

批量录入

用户一次发多个文档时，逐条提取摘要，一次性询问所有文档的分类，确认后批量写入（单次 smartsheet_add_records 支持多条 records）。

Comments

Loading comments...