pre-sales-engineer-assistant
v1.0.1专为AI安全领域售前工程师设计的助手技能。当用户需要撰写项目立项书、生成技术解决方案、设计POC测试方案、制作PPT汇报、绘制架构拓扑图、起草招投标文件、生成竞品Battlecard、计算BOM报价、撰写POC总结报告时使用此技能。适用于企业级网络安全与AI行业的售前工作场景,包括客户需求分析、方案设计、招投标支...
⭐ 1· 241·1 current·1 all-time
by张志旭@zhangzhixu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name, description, and workflows (project proposals, POC design, PPT outlines, mermaid diagrams, BOM calculation, etc.) align with the declared requirements: no binaries, no env vars, no install. Nothing requested appears extraneous to pre-sales/document-generation tasks.
Instruction Scope
All runtime instructions are document-generation workflows and code-generation for diagrams (mermaid). The SKILL.md references optional local directories (scripts/, references/, assets/) that could contain executable scripts or internal templates, but no code files are shipped in this package. Because those directories are only suggested (and currently empty), the runtime instructions themselves do not instruct reading system files, accessing credentials, or contacting external endpoints.
Install Mechanism
No install spec is present (instruction-only). This is lowest-risk: nothing will be downloaded or written by an installer as part of skill installation.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. That is proportionate for a document- and template-focused pre-sales assistant. No secrets or cloud credentials are requested.
Persistence & Privilege
The skill is not marked always:true and uses default agent invocation settings. It does not request persistent system presence or modify other skills. Autonomous invocation is enabled by default (platform behavior) but is not elevated here.
Assessment
This skill appears coherent and low-risk as delivered: it only defines structured workflows for pre-sales content and does not request credentials or install code. Things to watch for before installing or enabling broadly:
- If the publisher later adds files under scripts/, references/, or assets/, inspect them: scripts could perform file I/O or network calls not described in SKILL.md.
- If you plan to supply sensitive customer or internal data to the skill (RFPs, internal product specs, competitor intel), avoid pasting secrets or PII into prompts unless you trust the environment and logging practices.
- Legal documents (質疑函) or pricing outputs may require legal/finance review — the assistant can draft text but it's not a substitute for formal approval.
- Because the skill can be invoked by the agent, restrict access to users who should perform pre-sales work; monitor usage for unexpected behavior.
If you want stronger assurances, request the publisher supply the optional assets/references under review (templates and scripts) and re-evaluate those files before use.Like a lobster shell, security has layers — review code before you run it.
assistantvk975ntf3jfdkez30x5rgreay8982pjeglatestvk975ntf3jfdkez30x5rgreay8982pjeg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.