← Back to Skills Marketplace

military bidding fetcher

Name: military bidding fetcher
Author: zhangpengle

by zhangpengle · GitHub ↗ · v0.2.6 · MIT-0

cross-platform ⚠ suspicious

302

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install military-bidding-fetcher

Description

军工采招商机自动抓取工具。从全军武器装备采购信息网、军队采购网、国防科大采购网抓取招标信息，过滤并生成 Excel 报表。当用户说"抓取商机"、"查新"、"采集招标"时触发。

Usage Guidance

This package appears to implement the described scraper, but take these precautions before installing: 1) Review the full fetcher.py (the provided file was truncated) to ensure no hidden network endpoints or data exfiltration paths exist. 2) Check and control any milb_fetcher/.env or ~/.config/milb-fetcher/.env files — do not place API keys or other secrets there unless you trust the author. 3) Avoid setting FETCHER_PROXY to an untrusted proxy (it will route scraped data through that endpoint). 4) Because the owner and homepage are unknown, consider running it in an isolated environment (container/VM) first and monitor network traffic. 5) If you plan to use it in production, request a proper install spec and a vetted source/repository (or maintain your own fork) so you can audit updates.

Capability Analysis

Type: OpenClaw Skill Name: military-bidding-fetcher Version: 0.2.6 The skill bundle is a specialized scraper designed to aggregate military procurement information from three official Chinese websites (weain.mil.cn, plap.mil.cn, and nudt.edu.cn). The code in `fetcher.py` and `config.py` aligns with the functionality described in `SKILL.md`, using standard libraries like `requests` for data retrieval and `pandas`/`openpyxl` for report generation. While it uses a shell call to the `date` command in `fetcher.py` to generate timestamps, it is implemented safely without shell expansion and includes a native Python fallback. No evidence of data exfiltration, malicious execution, or prompt injection was found.

Capability Assessment

ℹ Purpose & Capability

Name/description promise a web-scraper for three military procurement sites; included Python files (requests/pandas/openpyxl) implement exactly that. This capability reasonably explains the dependencies and behavior. Minor mismatch: registry metadata lists no required env vars, but SKILL.md and the code describe many optional FETCHER_* environment variables and a .env config file—so the manifest underreports configuration needs.

⚠ Instruction Scope

SKILL.md and code instruct the agent to read configuration from ~/.config/milb-fetcher/.env and ./ .env and to write output to a workspace path. The code uses optional proxy configuration (FETCHER_USE_PROXY, FETCHER_PROXY) and may access networked endpoints (the three stated sites). These behaviors are consistent with scraping, but the skill will read user config files in the home directory which might contain unrelated secrets, and the registry did not declare those config paths. The SKILL.md contains an install hint (pip install -e {baseDir}) even though the registry lists no install spec.

✓ Install Mechanism

No remote download or opaque installer is used; the package is a local Python package (pyproject.toml present) and SKILL.md suggests pip install -e {baseDir}. No high-risk download URLs or extract steps seen. Slight inconsistency: the registry reported 'No install spec — instruction-only' while code and SKILL.md indicate a local pip install is intended.

⚠ Credentials

The registry requires no credentials, which aligns with scraper functionality. However the SKILL.md and code expect optional FETCHER_* settings (keywords, exclude lists, high-value keywords, regions, FETCHER_USE_PROXY, FETCHER_PROXY, FETCHER_OUTPUT_DIR) stored in milb_fetcher/.env or ~/.config/milb-fetcher/.env. Reading a ~/.config/.../.env file gives the skill access to any environment-like secrets a user might store there; the ability to proxy requests via FETCHER_PROXY could be abused if a user sets it to an attacker-controlled endpoint. These env/config usages are plausible for the stated purpose but were not declared in registry metadata, which is a proportionality/visibility problem.

✓ Persistence & Privilege

The skill is not always: true and does not request system-wide changes. It writes output to a workspace path and reads its own config files; there is no evidence it modifies other skills or system settings. Autonomous invocation is allowed (default) but not, by itself, an unexplained privilege.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install military-bidding-fetcher
After installation, invoke the skill by name or use /military-bidding-fetcher
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.2.6

- Internal improvements in milb_fetcher/fetcher.py. - No user-facing changes in functionality or options.

v0.2.5

- Changed default output Excel file name to “军队采购商机汇总_{date}.xlsx”. - Updated documentation in SKILL.md to reflect the new output file name.

v0.2.4

- Updated milb_fetcher/config.py. - No user-facing feature or interface changes.

v0.2.3

- Improved environment variable fetching logic in config.py for more reliable configuration loading. - Added exception handling for missing or invalid configuration entries. - Internal code refactoring in fetcher.py for better maintainability and error reporting.

v0.2.2

- Improved internal code structure in config.py and fetcher.py. - No user-facing feature changes. - Documentation remains unchanged.

v0.2.1

- No file changes detected in this version. - Documentation and usage instructions remain the same as in the previous release. - No new features, bug fixes, or updates introduced.

v0.2.0

- Major internal refactor: migrated codebase to milb_fetcher module with config file support. - Added dedicated configuration file (.env) for customizable keywords, exclusion words, and regions. - Expanded and clarified command-line parameters for flexible date, output, and filtering control. - Improved documentation with clear usage instructions and updated trigger phrases. - Output path and file naming now standardized; regions can be restricted for specific data sources.

v0.1.4

military-bidding-fetcher v0.1.4 - 新增 _meta.json 文件，补充元数据说明。 - fetcher.py 文件有更新，优化实现或修正细节。 - 其余文档、核心功能及参数接口保持不变。

v0.1.3

military-bidding-fetcher 0.1.3 - Updated fetcher.py with new changes. - No updates to documentation or interface. - No major user-facing changes.

v0.1.1

- Added comprehensive platform integration for WEAIN, PLAP, and NUDT military bidding sources. - Implemented an intelligent recommendation engine to rate project relevance by keywords. - Enhanced data cleaning: filters out non-bid announcements, noise, and low-relevance categories. - Automated Excel report generation summarizing military bidding opportunities with key details. - New fetch_all_bidding interface supports keyword, exclusion, and date-based custom fetching.

Metadata

Slug military-bidding-fetcher

Version 0.2.6

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 10

Frequently Asked Questions

What is military bidding fetcher?

军工采招商机自动抓取工具。从全军武器装备采购信息网、军队采购网、国防科大采购网抓取招标信息，过滤并生成 Excel 报表。当用户说"抓取商机"、"查新"、"采集招标"时触发。 It is an AI Agent Skill for Claude Code / OpenClaw, with 302 downloads so far.

How do I install military bidding fetcher?

Run "/install military-bidding-fetcher" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is military bidding fetcher free?

Yes, military bidding fetcher is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does military bidding fetcher support?

military bidding fetcher is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created military bidding fetcher?

It is built and maintained by zhangpengle (@zhangpengle); the current version is v0.2.6.

More Skills