ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tender Writer

v1.0.0

光伏/弱电智能化投标技术方案生成器。根据招标文件自动生成Word格式投标技术方案。支持:光伏EPC、光伏EMC、光伏代运维、弱电智能化工程。触发词:投标、标书、技术方案、招标文件。

0· 107·0 current·0 all-time
by@shendingyi

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for shendingyi/tender-writer.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Tender Writer" (shendingyi/tender-writer) from ClawHub.
Skill page: https://clawhub.ai/shendingyi/tender-writer
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install tender-writer

ClawHub CLI

Package manager switcher

npx clawhub@latest install tender-writer
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (tender/technical proposal generator for PV and weak-electrical projects) matches the SKILL.md content: parsing bid documents, producing Word files from templates, and supporting various PV/weak-electrical templates. That is coherent with the skill's purpose. However, the SKILL.md explicitly states it will use python-docx to generate Word documents and will send results via Feishu — runtime capabilities that would normally require installed Python packages and messaging credentials, which are not declared in the skill metadata.
!
Instruction Scope
Instructions tell the agent to: (1) accept user-provided PDF/Word bid documents and automatically extract key information, (2) generate .docx files using python-docx, (3) save outputs to a tender/ directory, and (4) send results via Feishu. Reading user-supplied files and writing output locally is expected, but the instructions assume availability of python-docx and an authenticated Feishu sender without specifying where credentials come from or confirming user consent for transmission. This gap grants the agent discretion to access files and transmit them externally (via Feishu) in ways not fully specified.
Install Mechanism
This is an instruction-only skill with no install spec and no code files — the lowest install risk. There are no download URLs or install scripts to evaluate.
!
Credentials
The skill requires access to tooling (python-docx) and an external messaging service (Feishu) to perform its stated tasks, but it declares no required environment variables, tokens, or config paths. In practice, sending via Feishu requires an API token/webhook or a platform-integrated messenger; generating Word files requires python and python-docx. The absence of declared credentials or dependencies is a mismatch and prevents a clear security assessment of where files will be transmitted and what secrets (if any) the skill will need.
Persistence & Privilege
The skill does not request always:true, does not claim any special persistent installation, and does not declare modifications to other skill configs. It will save outputs to a local tender/ directory per its instructions, which is a limited and stated file-write behavior.
What to consider before installing
This skill appears to do what it claims (generate Word-format tender proposals), but it omits important runtime details. Before installing or trusting it: 1) Confirm where python-docx (and Python) will run — the skill assumes that package is available; otherwise generation will fail. 2) Ask the author how Feishu delivery is implemented and whether any Feishu API tokens, webhooks, or credentials are required — do not provide general secrets without knowing the endpoint. 3) Verify where the skill writes files (the tender/ directory) and whether those outputs might be automatically transmitted to external accounts. 4) If you plan to feed sensitive bid documents, test the skill in a sandbox or isolated environment first. 5) Prefer skills with a known source or homepage and explicit declarations of required dependencies and env vars; request the missing metadata (required packages, any env vars/webhooks, and delivery endpoints) before using in production.

Like a lobster shell, security has layers — review code before you run it.

bidvk975njnvn1a0wqqd58ahw8bnh584jcaslatestvk975njnvn1a0wqqd58ahw8bnh584jcasproposalvk975njnvn1a0wqqd58ahw8bnh584jcaspvvk975njnvn1a0wqqd58ahw8bnh584jcastendervk975njnvn1a0wqqd58ahw8bnh584jcaswordvk975njnvn1a0wqqd58ahw8bnh584jcas
107downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@shendingyi
bidlatestproposalpvtenderword
Download

投标技术方案生成器 📋

专为光伏和弱电智能化行业定制的投标技术方案自动生成工具。

🎯 支持的项目类型

类型说明典型内容
光伏代运维已建电站的运维服务投标服务方案、安全管理、应急预案、合理化建议
光伏EMC合同能源管理投资建设运维系统设计、设备选型、施工方案、25年运维、收益测算
光伏EPC总承包建设设计方案、施工组织、进度控制、质量控制
弱电智能化安防/门禁/综合布线/楼宇自控系统设计、设备选型、施工方案、调试方案

🔧 使用流程

1. 接收招标文件

用户发来招标文件(PDF/Word),自动提取关键信息:

  • 项目名称、招标人、位置
  • 项目规模和技术要求
  • 评分规则和权重
  • 资质要求和人员要求
  • 设备参数要求
  • 工期要求

2. 分析评分重点

根据评分细则确定方案编写重点,高分值章节重点展开。

3. 生成技术方案

使用 python-docx 生成规范的 Word 文档:

  • 封面(项目名称、投标人、日期)
  • 目录
  • 各章节内容(根据项目类型和评分要求定制)
  • 表格(设备参数、进度计划、巡检计划等)

4. 输出与交付

  • 保存到 tender/ 目录
  • 通过飞书发送给用户

📐 文档格式标准

  • 正文:宋体 12pt
  • 标题:黑体(一级22pt,二级16pt,三级14pt)
  • 页边距:上下2.5cm,左3cm,右2.5cm
  • 行间距:1.5倍
  • 首行缩进:2字符
  • 表格:宋体 10pt,表格线框

📚 已有模板经验

模板1:光伏代运维(京能BIPV案例)

  • 服务方案(组织架构、巡检计划、智能运维)
  • 质量/安全/进度保证措施(安全管理体系、两票三制)
  • 应急预案(触电、火灾、高空坠落、设备故障、自然灾害)
  • 合理化建议(提质增效、智能运维、降本措施)
  • 增值服务方案

模板2:光伏EMC投资运维(濮院景区案例)

  • 项目概况分析(景区/工商业特点)
  • 产品选型方案(组件、逆变器、支架、电气、监控、消防)
  • 系统设计方案(电气设计、防雷接地、消防、并网)
  • 施工组织方案(流程、工艺、关键工序控制)
  • 进度控制方案(里程碑、甘特图、保障措施)
  • 质量控制方案(体系、过程控制、验收标准)
  • 应急方案(施工期+运营期)
  • 25年运维服务方案(巡检、数字化平台、备件、发电量保证)
  • 环保与景观保护
  • 服务承诺与优惠措施

🔑 关键知识库

光伏设备品牌参考

  • 组件:隆基、晶科、晶澳、天合、通威、阿特斯(前六)
  • 逆变器:华为、阳光电源、锦浪、固德威、上能电气
  • 支架:中信博、迈贝特、安泰新能源
  • 电气:正泰、良信、ABB
  • 监控:海康威视、大华

行业标准引用

  • GB 50797 光伏发电站设计规范
  • GB/T 50796 光伏发电工程验收规范
  • GB/T 38335 光伏发电站运行规程
  • DL/T 596 电力设备预防性试验规程
  • GB 26860 电力安全工作规程
  • IEC 61215/61730 光伏组件标准

弱电行业标准引用

  • GB 50348 安全防范工程技术标准
  • GB 50311 综合布线系统工程设计规范
  • GB 50339 智能建筑工程质量验收规范
  • GB 50314 智能建筑设计标准

⚠️ 注意事项

  1. 每次生成前仔细阅读招标文件的评分规则,高分值章节重点展开
  2. 设备选型必须响应招标文件的品牌和参数要求
  3. 人员配置必须满足招标文件的资质和数量要求
  4. 工期安排必须满足招标文件的时间节点要求
  5. 文档中"投标人"处留空,由用户填写公司名称

Comments

Loading comments...