ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Smart Home Quotation System

Smart Home Quotation System | 智能家居全屋方案报价系统。完整报价流程:需求采集→品牌选择(小米/米家、Aqara/HomeKit、华为生态)→产品选型→开关配置计算→报价单生成。支持 linptech 开关、人体存在传感器、电动窗帘、空调控制、门锁、摄像头等全品类。自动计算双控开关、...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 16 · 0 current installs · 0 all-time installs
byLrs@Lrs-GreenBottle
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to generate and send Feishu (Lark) documents, but the package declares no required environment variables, credentials, or integration details for Feishu. Creating/sending Feishu docs normally requires API credentials or an authenticated user session; the skill provides no guidance or declared env vars for that, which is incoherent with its stated purpose.
!
Instruction Scope
Runtime instructions ask the agent to save local copies to workspace/quotes/ (reasonable) and to generate/send Feishu documents (requires external access). README also references a desktop Excel source path ('桌面 `(已瘦身)Aqara全屋智能方案(模板).xlsx`'), which implies reading a local file on the user's Desktop — the SKILL.md does not explicitly instruct reading that file, but the README reference suggests potential scope creep into arbitrary local file access.
Install Mechanism
This is an instruction-only skill with no install spec and no code files; nothing will be written to disk by an installer. That lowers install-time risk.
!
Credentials
No env vars or credentials are declared despite operations that typically need them (Feishu API access). The skill also requires writing to workspace/quotes/ (declared in instructions) which is reasonable, but the undeclared requirement for Feishu authentication is disproportionate and ambiguous. The README's mention of a Desktop Excel path further implies access to user files that was not declared or justified.
Persistence & Privilege
The skill is not always-enabled (always: false) and is user-invocable; autonomous invocation is permitted (default). The instructions indicate saving local backups to workspace/quotes/, which is limited persistence within the agent workspace and not inherently privileged. No attempt to modify other skills or global agent settings is shown.
What to consider before installing
This skill mostly looks like a quotation generator, but it has two gaps you should address before installing or using it: 1) Feishu integration: SKILL.md requires creating and sending Feishu documents, but the skill declares no credentials or config (e.g., FEISHU_APP_ID / FEISHU_APP_SECRET / FEISHU_TOKEN). Ask the author to explicitly declare the required env vars and the exact permissions/scopes the skill needs (prefer minimal scopes such as docs.create/docs.read). If you plan to provide a token, treat it as sensitive and only grant least privilege. 2) Local file access: README references a Desktop Excel file path (an Excel database). Confirm whether the skill will attempt to read files from your Desktop or other arbitrary paths. If so, require the author to limit file paths and document exactly what files will be read and when, or remove that dependency. Other practical recommendations: - Request the developer update SKILL.md or metadata to list required credentials and exactly which external endpoints will be used. - If possible, run the skill in a restricted environment or test account for Feishu, and inspect any files written to workspace/quotes/ before sharing them externally. - If you don't want external network access for quotes, ask the developer to allow a local-only mode (export markdown/plain files) so you can approve outputs manually instead of granting Feishu access. If the developer can justify and declare the Feishu credentials and remove/clarify any Desktop-file access, the skill would be coherent; until then, proceed cautiously.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.2.0
Download zip
latestvk974stp72ef9z6vfjjyhxrrkwd8362hs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Smart Home Quotation System

智能家居全屋方案报价技能

Overview | 简介

An AI-powered quotation system for smart home installation businesses. Generates professional quotes from natural language customer requirements.

智能家居全屋方案报价系统,从客户自然语言需求生成专业报价单。

Activation | 激活条件

Triggered when user says:

  • "帮我做个智能家居方案" / "设计全屋智能"
  • "Smart home quotation" / "智能家居报价"
  • Any request for smart home design or quote

Workflow | 工作流程

Step 1: Collect Requirements | 采集需求

Ask in natural language:

  • House type (户型) — 几室几厅
  • Desired features (功能) — 灯控/窗帘/空调/安防/传感器
  • Special requirements (特殊需求) — 语音控制/APP远程/场景联动
  • Budget range (预算)

Step 2: Product Matching | 产品选型

Ecosystem Rule: Default to Xiaomi/Mijia (蓝牙mesh) unless specified.

NeedProductPrice
Door sensor小米门窗传感器2¥49
Curtain motor米家智能隐形窗帘电机【直轨不限】¥699
AC control (ducted)米家空调内机控制器B27(小超人)¥340
Central panel小米智能中控屏¥399
Voice assistantXiaomi智能音箱Pro¥299
Gateway小米智能中枢网关¥349
Human sensorlinptech ES1¥158
1-gang switchlinptech智能屏显开关T3(零火单键)¥134
2-gang switchlinptech智能屏显开关T3(零火双键)¥163
3-gang switchlinptech智能屏显开关T3(零火三键)¥191

Step 3: Switch Calculation | 开关计算

Core Rule: 1 circuit = 1 switch. Unless customer says otherwise.

CircuitsConfiguration
11-gang × 1
22-gang × 1
33-gang × 1
43-gang + 1-gang
63-gang + 3-gang

Dual-control: Use 2 identical switches (same model, same gang count).

Step 4: Generate Quote | 生成报价单

Create Feishu document with:

  • Room-by-room itemized list
  • Model / Quantity / Unit Price / Subtotal
  • Equipment Total
  • Service Fee (25%)
  • Final Quote

Step 5: Deliver | 交付

  • Send Feishu document link to user
  • Save local copy to workspace/quotes/

Quote Template | 报价单模板

# 全屋智能方案报价单

**项目名称:** [户型]
**方案日期:** [YYYY-MM-DD]
**客户需求:** [features]

---

## [房间]

| 设备名称 | 型号 | 数量 | 单位 | 单价 | 小计 |
|---------|------|------|------|------|------|
| ... | ... | ... | ... | ¥... | ¥... |

---

## 报价汇总

| 项目 | 金额 |
|------|------|
| 设备合计 | ¥X,XXX |
| 服务费(25%) | ¥X,XXX |
| **总计** | **¥X,XXX** |

Pricing Formula | 报价公式

设备总价 = Σ(单价 × 数量)
服务费 = 设备总价 × 25%
最终报价 = 设备总价 + 服务费

References | 参考资料

  • Products: references/products.md
  • Business Rules: references/business_rules.md

Notes | 注意事项

  1. Always confirm ecosystem (Xiaomi vs Aqara) before selecting products
  2. Double-check switch count matches circuit count
  3. Generate Feishu document for all quotes
  4. Save local backup to workspace/quotes/

For Skill Updates | 技能更新

To modify business logic:

  • Product prices → Edit references/products.md
  • Switch rules → Edit references/business_rules.md
  • Workflow → Edit this SKILL.md

Version: 1.0.0

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…