ClawHub

Zeelin Report Publisher

v0.1.1

Publish reports to the ZeeLin reports website ("智灵报告网站") by copying report assets, inserting a new top entry into public/reports_config.json for any category...

0· 279·0 current·0 all-time
by@thu-nmrc

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for thu-nmrc/zeelin-report-publisher.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Zeelin Report Publisher" (thu-nmrc/zeelin-report-publisher) from ClawHub.
Skill page: https://clawhub.ai/thu-nmrc/zeelin-report-publisher
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python3, git, npm
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install zeelin-report-publisher

ClawHub CLI

Package manager switcher

npx clawhub@latest install zeelin-report-publisher
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (publish reports to the ZeeLin site) matches the included scripts and instructions: copying assets, editing public/reports_config.json, running npm build, creating a feature branch, pushing, and opening a PR. Required binaries (git, python3, npm, optionally gh) are appropriate for these tasks.
Instruction Scope
SKILL.md and the scripts instruct the agent to configure global git identity, generate/upload an SSH key, verify push access, mutate repo files (reports_config.json and public/<category>), run npm build, commit, push, and create a PR. These actions are within the publishing scope but are intrusive (global git config changes, SSH key creation/upload, remote push dry-run and real push). The instructions do not read unrelated system files or request unrelated credentials.
Install Mechanism
There is no install spec; the skill is instruction-plus-scripts only. That reduces supply-chain risk. Provided scripts are plain bash/Python and do not download arbitrary archives or execute code fetched from unknown servers.
Credentials
No environment variables or external credentials are declared or required. However, the bootstrap script will create an SSH key at ~/.ssh/id_ed25519 (if missing) and, when the GitHub CLI (gh) is available and authenticated, will upload that public key to the user's GitHub account. That is a sensitive operation but is reasonably explained by the need to ensure SSH-based repo push access.
Persistence & Privilege
The skill does not request always:true and does not autonomously persist itself into other skills. It does modify user-level state: git global config (user.name/user.email) and the user's ~/.ssh keys (possibly creating and uploading a key). Those are user-wide changes that persist beyond a single run and thus warrant explicit user consent before running bootstrap.
Assessment
This skill appears to do what it claims, but it will make persistent, user-level changes: it can set your git global user.name/user.email, generate an SSH key at ~/.ssh/id_ed25519 (if one is absent), and upload that public key to your GitHub account via the gh CLI. Before running bootstrap/publish: (1) verify the repo path and backup any existing ~/.ssh/id_ed25519 and your git global config if you care about them; (2) run bootstrap only on machines you control; (3) be prepared to complete gh auth login in your browser (the script may attempt that); (4) review and test in a fork or disposable repo if you want to avoid accidental pushes to a shared repository; (5) if you do not want global git config changes or SSH key uploads, run the publish script manually after performing your own authentication/configuration steps. If you need additional assurance, request the full publish_report.py contents (already included) be audited for any hidden network calls — the script interacts with Git/GitHub and placehold.co (for placeholder cover images), which is expected behavior.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🗂️ Clawdis
Binspython3, git, npm
Any bingh
latestvk97fnyyskwvmr8ne8m3nf855x182hw19
279downloads
0stars
2versions
Updated 1mo ago
v0.1.1
MIT-0
@thu-nmrc
latest
Download

ZeeLin Report Publisher

When To Use

Use this skill when the user asks to publish, upload, or add a report to the 智灵报告网站.

Trigger intent should include both:

  • the site phrase: 智灵报告网站
  • an action phrase: 发布 / 上架 / 新增报告

This skill supports multiple categories (not only OpenClaw).

Inputs

Collect these fields before running:

  • report_file (required)
  • title (required)
  • category (required)
  • date (optional, auto-infer if omitted)
  • abstract (optional, auto-generate if omitted)
  • version (optional, default 1.0)
  • id (optional)
  • cover_url (optional)
  • category_dir (optional)

Field details: see report-metadata.md.

Workflow

  1. On a new machine, run GitHub bootstrap first (section below).
  2. Confirm target repo path and that it contains public/reports_config.json.
  3. Run the publisher script (below).
  4. Verify build result.
  5. Confirm branch push and PR URL.

Bootstrap (New Machine)

Run this once per user machine to set git identity, authenticate GitHub, upload SSH key, and validate repo push permission:

bash {baseDir}/scripts/bootstrap_github.sh \
  --name "Your Name" \
  --email "you@example.com" \
  --repo "<repo_root>"

<repo_root> should point to your local report-site repository (for example THU-ZeeLin-Reports).

Fork workflow setup (recommended for team members without write access on main repo):

bash {baseDir}/scripts/bootstrap_github.sh \
  --name "Your Name" \
  --email "you@example.com" \
  --clone-url "git@github.com:<your-user>/THU-ZeeLin-Reports.git" \
  --upstream-url "git@github.com:thu-nmrc/THU-ZeeLin-Reports.git"

--clone-dir is optional. If omitted, repo is cloned to current workspace as <workspace>/THU-ZeeLin-Reports.

Script

Primary command:

python3 {baseDir}/scripts/publish_report.py \
  --repo "<repo_root>" \
  --report-file "<report_file>" \
  --title "Report Title" \
  --category "OpenClaw" \
  --date "2026" \
  --version "1.0" \
  --abstract "Short summary text."

Default behavior:

  • Copies file into public/<category_dir>/.
  • Inserts new entry at index 0 in public/reports_config.json.
  • Auto-detects date from file name/title (YYYY-MM/YYYY) and falls back to current year.
  • Auto-generates abstract when omitted.
  • Runs npm run build.
  • Creates feature branch codex/report-<id>.
  • Commits and pushes to origin (fork).
  • Uses upstream as PR base remote when available (otherwise origin).
  • Creates PR with gh if available; otherwise prints manual compare URL.

Remote options:

  • --push-remote controls where branches are pushed (default origin).
  • --base-remote controls PR base remote (default auto: upstream if exists, else origin).

Abstract Generation Standard

When abstract is omitted, generate a concise, neutral summary by these rules:

  • Use one sentence in Chinese, around 40-90 characters.
  • Mention scope + value (for example: "核心进展、关键问题、落地路径").
  • Avoid unverifiable claims and marketing tone.
  • If content context is limited, use title/category-based generic summary.

Guardrails

  • Do not push directly to main as final delivery; use PR workflow.
  • If working tree is dirty, stop unless user explicitly allows mixed changes.
  • Validate git identity and push remote access before mutating files.
  • Keep existing entry format compatible with site fields: id/title/version/date/category/abstract/coverUrl/pdfUrl.

Comments

Loading comments...