ClawHub

友盟 U-APP 统计 SDK 集成

v1.0.0

帮助用户在 Android 项目中快速集成友盟 U-APP 统计 SDK。包括自动配置依赖、权限、初始化代码、混淆规则等。触发:用户提到'友盟'、'umeng'、'U-APP'、'统计 SDK'、'集成友盟'、'移动统计'、'应用埋点'等关键词。

1· 145·0 current·0 all-time
byUmeng+@squall0925
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the skill only describes adding Maven repos, Gradle dependencies, AndroidManifest permissions, Application initialization, ProGuard rules and verification steps — all directly relevant to integrating the Umeng SDK. The declared required files (build.gradle/build.gradle.kts/AndroidManifest.xml) are appropriate.
Instruction Scope
SKILL.md stays on-topic: it instructs code and manifest edits needed for SDK integration, includes privacy/consent guidance, and references official URLs. It does recommend adding READ_PHONE_STATE and other permissions that enable collection of device identifiers — this is expected for analytics but has privacy implications (the doc itself notes consent requirements). The skill does not instruct reading or exfiltrating unrelated system files or secrets.
Install Mechanism
Instruction-only skill with no install spec and no code to download or execute. No archives or external installers are referenced.
Credentials
No environment variables, credentials, or config paths are requested. The permissions and dependencies listed are proportional to an analytics SDK integration.
Persistence & Privilege
always:false and normal user-invocable behavior. The skill is instruction-only and does not request persistent system presence or modify other skills or global agent settings.
Assessment
This skill appears to be what it says — a step-by-step guide to integrate Umeng U-APP. Before using it, consider: (1) the instructions include sensitive Android permissions (e.g., READ_PHONE_STATE) that enable collection of device identifiers — only request them if strictly necessary and ensure you obtain user consent as the guide recommends; (2) follow local privacy/Play Store rules (Google Play restricts some identifier collection); (3) do not hardcode AppKey or secrets in public repos — retrieve from your Umeng console and keep them private; (4) verify the SDK versions and Maven repository URLs are up-to-date; (5) test in staging and disable debug logging in production; (6) the skill metadata indicates it will look for your project files (build.gradle, AndroidManifest.xml) — only allow the agent to read project files you are comfortable sharing. If you need stricter guarantees, review the code snippets yourself rather than allowing any automated edits.

Like a lobster shell, security has layers — review code before you run it.

latestvk9771esznez4rf8j7s95p0ksf9833dy5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📊 Clawdis

Comments