← Back to Skills Marketplace
81
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install decision-briefing-claw
Description
每日经营数据自动汇总与简报推送助手(决策简报虾)。从多个数据源(数据库/API/Excel/飞书多维表格)采集关键业务指标,自动计算同比环比,生成结构化简报,并推送到飞书/邮件/企业微信等渠道。激活场景:(1) 需要每日自动汇总经营数据;(2) 想要定时收到业务进展简报;(3) 需要将散落在多个系统的数据整合到一...
README (SKILL.md)
决策简报虾 (decision-briefing-claw)
每日经营数据自动汇总与简报推送。从多数据源采集 → 计算 KPI → 生成简报 → 多渠道推送 → 自动归档。
工作流程
步骤 1:了解配置需求
首次使用时,询问用户:
- 数据源类型(数据库/API/Excel/飞书多维表格)及连接信息
- 需要监控的核心指标(收入、订单数、用户数等)
- 推送时间(如每天 09:00)和推送渠道(飞书群/个人/邮件)
- 简报模板偏好(极简/标准/详细/高管版)
步骤 2:数据采集
使用 scripts/data-collector.py 从配置的数据源采集数据:
# 验证数据源连接
python3 scripts/data-collector.py validate --source \x3Cname>
# 采集所有数据源
python3 scripts/data-collector.py collect --all
# 测试单条 SQL
python3 scripts/data-collector.py test --query "SELECT COUNT(*) FROM orders WHERE DATE(created_at) = CURDATE() - INTERVAL 1 DAY"
数据源配置详见 references/data-sources.md。
步骤 3:计算 KPI 与异常检测
- 计算同比(YoY)、环比(MoM/DoD)
- 标记超出阈值或大幅波动的异常数据
- 指标计算规则详见
references/metrics-calculation.md
步骤 4:生成简报
使用 scripts/report-generator.sh 生成并推送简报:
# 生成简报(指定模板)
./scripts/report-generator.sh generate --template standard
# 推送到飞书
./scripts/report-generator.sh push --channel feishu
# 归档
./scripts/report-generator.sh archive --date $(date +%Y-%m-%d)
简报模板详见 references/report-templates.md。
步骤 5:配置定时任务
使用 OpenClaw cron 或系统 crontab 设置定时触发:
# 每天早上 9:00 触发(crontab 示例)
0 9 * * * cd /path/to/skill && python3 scripts/data-collector.py collect --all && ./scripts/report-generator.sh generate --template standard && ./scripts/report-generator.sh push --channel feishu
步骤 6:归档与追溯
简报自动保存到 reports/YYYY-MM-DD.md,支持历史查询:
./scripts/report-generator.sh history --days 7
配置文件结构
config/
├── data-sources.json # 数据源连接配置
└── channels.json # 推送渠道配置
reports/ # 归档简报目录
与其他 Skill 协作
- 发现异常数据 → 调用 auto-data-analysis-claw 深度分析
- 生成正式月报 → 调用 financial-report-render-claw 渲染
- 获取战略建议 → 调用 strategy-advisor-claw
- 推送到更多平台 → 调用 cross-platform-messenger-claw
常见问题
- 数据库连接超时 → 检查网络权限,增加
connect_timeout - 推送失败 → 检查 webhook/token 是否有效,配置重试
- 时区错乱 → 统一使用
Asia/Shanghai,SQL 中显式转换时区 - SQL 慢 → 添加索引或改用数据仓库查询
Usage Guidance
This skill appears to implement the described reporting workflow, but be cautious before installing and running it:
- Expect to provide sensitive credentials: DB passwords, API tokens, and push-webhook URLs (e.g., Feishu webhook) are read from config files and expanded from environment variables (examples in references use ${MYSQL_PASSWORD}, ${FINANCE_API_TOKEN}). The skill metadata does not declare these env vars — verify and supply only least-privilege secrets (readonly DB accounts, scoped API tokens).
- Review and secure config files: config/data-sources.json and config/channels.json will contain secrets or webhook endpoints. Store them with restricted file permissions and do not put production credentials in world-readable locations.
- Arbitrary SQL capability: the test subcommand executes whatever SQL you pass against the first DB in the config. Avoid running untrusted queries and prefer readonly accounts to reduce risk.
- Outbound push targets: the script will POST report content to whatever webhook URL is configured. Ensure webhooks point to trusted endpoints; a malicious webhook could exfiltrate sensitive business data.
- Run first in a non-production / isolated environment: validate behavior using test credentials and sample data, confirm required tools (jq, mail, curl, Python deps) and consider adding explicit metadata about required env vars before deploying broadly.
- Operational recommendations: use least-privilege DB users, rotate tokens, restrict file system locations it can read (avoid mounting / or sensitive dirs), and review cron entries for who can edit them.
Given the unadvertised credential use and ability to execute SQL and post data externally, treat this skill as suspicious until you audit and harden its configuration.
Capability Analysis
Type: OpenClaw Skill
Name: decision-briefing-claw
Version: 1.0.0
The 'decision-briefing-claw' skill is a legitimate business intelligence tool designed to automate daily data collection and reporting. It includes a Python script (scripts/data-collector.py) for querying databases and APIs, and a shell script (scripts/report-generator.sh) for generating Markdown reports and pushing them to user-configured channels like Feishu or email. The code follows standard practices, such as using environment variables for secrets and providing clear documentation in SKILL.md and the references/ directory. No evidence of malicious intent, unauthorized data exfiltration, or prompt-injection attacks was found.
Capability Assessment
Purpose & Capability
The skill's functionality (DB/API/CSV/Feishu collection and push to webhooks/email) aligns with its description. However, the skill declares no required environment variables or primary credential while the code and reference configs expect sensitive credentials (e.g., MYSQL_PASSWORD, FINANCE_API_TOKEN, Feishu webhook/token). That mismatch is disproportionate: consumers will need to provide secrets but the skill metadata does not advertise or scope them.
Instruction Scope
Runtime instructions instruct the agent to run included scripts that read config/data-sources.json and config/channels.json, expand environment variables inside those configs, connect to databases and external APIs, run arbitrary SQL (via the test command), and post report content to external webhooks. The SKILL.md does not explicitly enumerate the environment variables the scripts will expand or warn about arbitrary-SQL execution or external webhook destinations.
Install Mechanism
There is no install spec (instruction-only), so nothing is downloaded at install time. The included code files are small local scripts that use standard tools (python requests/sqlalchemy, jq, curl, mail). No remote install URLs or archives are used.
Credentials
Although the registry metadata lists no required env vars, the references and scripts expect and expand environment variables such as MYSQL_PASSWORD and FINANCE_API_TOKEN and depend on user-provided webhook tokens in config/channels.json. Requesting/using DB credentials, API tokens, and webhook URLs is expected for this capability, but the absence of declared env requirements and lack of guidance about least-privilege credentials is an incoherence and increases risk.
Persistence & Privilege
always is false and the skill only writes to its own reports/ and config/ paths per SKILL.md. It doesn't request system-wide config modification or permanent platform-level privileges. It can be scheduled (cron) as intended; that is normal.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install decision-briefing-claw - After installation, invoke the skill by name or use
/decision-briefing-claw - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: 每日经营数据自动汇总与简报推送助手
Metadata
Frequently Asked Questions
What is 决策简报虾 (decision-briefing-claw)?
每日经营数据自动汇总与简报推送助手(决策简报虾)。从多个数据源(数据库/API/Excel/飞书多维表格)采集关键业务指标,自动计算同比环比,生成结构化简报,并推送到飞书/邮件/企业微信等渠道。激活场景:(1) 需要每日自动汇总经营数据;(2) 想要定时收到业务进展简报;(3) 需要将散落在多个系统的数据整合到一... It is an AI Agent Skill for Claude Code / OpenClaw, with 81 downloads so far.
How do I install 决策简报虾 (decision-briefing-claw)?
Run "/install decision-briefing-claw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 决策简报虾 (decision-briefing-claw) free?
Yes, 决策简报虾 (decision-briefing-claw) is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 决策简报虾 (decision-briefing-claw) support?
决策简报虾 (decision-briefing-claw) is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 决策简报虾 (decision-briefing-claw)?
It is built and maintained by Ricky (@tujinsama); the current version is v1.0.0.
More Skills