ClawHub

Amazon Review Analyzer

v1.1.6

使用 Reveyes API 批量抓取亚马逊商品评论,支持 20 个站点。 输出完整评论数据(含所有字段),并由 AI 从跨境电商运营者视角深度分析差评, 提供产品质量、物流包装、Listing 准确性、客服反馈、改善优先级等结构化分析报告。 Use when: 用户提到抓评论、查差评、分析竞品口碑、给出 ASI...

0· 49·0 current·0 all-time
by@zhuojiuya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe fetching reviews and running an AI analysis; the skill only requires REVEYES_API_KEY and uses a Reveyes Python SDK and API, which is coherent and expected for this purpose.
Instruction Scope
SKILL.md instructs the agent to run scripts/fetch.py with ASIN and parameters, present the full JSON output, and run an AI analysis prompt. The instructions do not ask the agent to read unrelated files or other credentials. Note: returned JSON can include reviewer usernames/profile URLs and full review text (potential PII); consider privacy when sharing outputs outside your environment.
Install Mechanism
No install script bundled; the skill is instruction-first and the only external requirement is the reveyes Python package (pip). This is a low-risk, common dependency model. As always, verify the reveyes package/source before installation (PyPI/package supply-chain risk).
Credentials
Only REVEYES_API_KEY is required (declared). That single credential is proportional to the stated behavior of calling the Reveyes API. There are no unrelated credentials or config paths requested.
Persistence & Privilege
Skill does not request always:true, does not modify other skills, and contains no installation steps that persist unusual system-wide configuration. Runtime behavior is limited to calling the Reveyes API and printing results.
Assessment
This skill appears coherent with its description, but consider the following before installing: 1) Trust and verify the reveyes service and Python package (inspect the PyPI package and the GitHub repo referenced in README) because networked dependencies can exfiltrate data. 2) Provide REVEYES_API_KEY only if you trust Reveyes; avoid placing the key in shared/open config files (e.g., ~/.openclaw/openclaw.json) unless you understand access scope. 3) Outputs include reviewer names, profile URLs and full review text — treat as potentially sensitive and avoid pasting into public places. 4) Confirm billing/credit model on reveyes.cn (skill references per-page credits). 5) If you need stronger isolation, run the skill in an environment with restricted network access or a dedicated API key you can revoke. If any of these are unacceptable, don’t install or restrict the skill’s access.

Like a lobster shell, security has layers — review code before you run it.

latestvk976z6nqt87bb5ee1432y7fa0n848zpv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvREVEYES_API_KEY

Comments