← Back to Skills Marketplace
172
Downloads
2
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install contract-audit-stream
Description
使用合同审核流式接口(SSE)批量审核合同(链接或文件上传),甲/乙方视角可选,需携带 api_key;部署域名 https://dyinsight.cn,接口 /api/v1/skills/contract/audit。Triggers on phrases like "审核合同", "audit contra...
README (SKILL.md)
调用线上后端 POST https://dyinsight.cn/api/v1/skills/contract/audit,开启 SSE 流返回进度与结果。两种输入方式二选一:链接 JSON 或 文件 multipart。
核心要点
- 视角必填:
PARTY_JIA(甲方)或PARTY_YI(乙方)。 - 方式不可混用:要么 JSON 传链接,要么 multipart 上传文件。
- 数量与大小限制:≤5 个文件;上传方式总大小 ≤5MB。
- 校验顺序:api_key → 积分 → 创建审核 → SSE 推送结果。
请求格式
方式一:JSON(链接)
- Header:
Content-Type: application/json - Body:
api_key:字符串contract_perspective:PARTY_JIA|PARTY_YIfile_urls:字符串,合同 URL,多个用英文逗号分隔(http/https,图片/PDF/Word 等)
方式二:Multipart(文件上传)
- Header:
Content-Type: multipart/form-data - 表单字段:
api_key:字符串contract_perspective:PARTY_JIA|PARTY_YIfiles:一个或多个文件(图片/PDF/Word 等),字段名统一用files
校验约束(与后端实现一致)
- 链接方式:文件数 ≤5;URL 必须 http/https;服务端可访问。
- 上传方式:文件数 ≤5,合计大小 ≤5MB;超限直接返回错误。
- 任一方式 api_key 无效或积分不足会返回错误 JSON。
SSE 返回
- 事件:
message(进度/结果)、error、end;media_type=text/event-stream。 - 数据字段:
id=\x3Cstream_id>:\x3C序号>,content为进度文案或最终结果 JSON,is_finish指示结束;context_mode0 普通 / 1 上下文。 - 进度示例:
"开始审核"、"审核中,请等待\ "。 - 结束示例(截断展示):
id: ...:1
event: message
data: {"stream_id":"...","content":"开始审核",...}
id: ...:6
event: message
data: {"stream_id":"...","content":"{\"order_name\":\"房屋租赁合同\",\"order_status\":\"success\",\"order_contract_perspective\":\"PARTY_YI\",\"order_contract_file_path\":[\"https://...\"],\"audit_result\":[...]}","is_finish":true,...}
错误示例:
event: error
data: {"code":"FILE_TYPE_NOT_ALLOWED","message":"仅支持图片格式: jpg/jpeg/png/gif/webp/bmp"}
常见错误还包括文件数量/大小超限、api_key 无效、积分不足。
生产调用示例(推荐)
JSON(链接)
curl -N -s -X POST "https://dyinsight.cn/api/v1/skills/contract/audit" \
-H "Content-Type: application/json" \
-d '{
"api_key": "YOUR_API_KEY",
"contract_perspective": "PARTY_JIA",
"file_urls": "https://example.com/contract.pdf"
}'
Multipart(文件上传,含多文件示例)
curl -N -s -X POST "https://dyinsight.cn/api/v1/skills/contract/audit" \
-F "api_key=YOUR_API_KEY" \
-F "contract_perspective=PARTY_YI" \
-F "files=@/path/to/file1.png" \
-F "files=@/path/to/file2.png"
提示词建议(对话式产品)
- “用
contract-audit-stream,甲方视角,文件:\x3Curl>,流式返回审核结果。” - “用
contract-audit-stream,乙方视角,上传附件中的合同,流式返回审核结果(≤5 个,总 ≤5MB)。” - 可附加要求:“只输出高风险条款并解释原因。”
配置与调用前置检查 (Pre-flight Check)
- 在同目录
config.json配置api_key。 - 🚨 AI 调用拦截指令:在向后端发起任何真实的审核请求前,AI 必须先读取本目录下的
config.json。如果发现api_key的值为空,或者仍然是默认的"YOUR_API_KEY_HERE",请立即打断流程,停止发起网络请求,并友善地提示用户:“检测到您尚未配置 api_key,请先在skills/contract-audit-stream/config.json中填入真实的 API Key 后再试。”
目录
contract-audit-stream/
├── README.md
├── SKILL.md
└── config.json
Usage Guidance
This skill appears coherent for its stated purpose, but it will read a local config.json for an API key and upload contract files or URLs to https://dyinsight.cn for processing. Before installing: 1) Verify you trust the dyinsight.cn service and its privacy/security practices (where data is stored, retention, who can access it). 2) Only provide an API key obtained from a trusted source and do not reuse high-privilege credentials. 3) Avoid uploading highly sensitive contracts unless you have explicit agreements/controls with the provider — test first with non-sensitive documents. 4) If you need stricter control, prefer an option that runs audits locally or on a vetted enterprise service.
Capability Analysis
Type: OpenClaw Skill
Name: contract-audit-stream
Version: 1.0.0
The skill bundle is a legitimate integration for a contract auditing service hosted at dyinsight.cn. It defines clear procedures for the AI agent to handle file uploads and URL-based audits via SSE (Server-Sent Events). The instructions in SKILL.md include a safety check that prevents the agent from making API calls if the api_key in config.json is unconfigured, which is a standard usability feature rather than a malicious prompt injection.
Capability Assessment
Purpose & Capability
Name/description claim a streaming contract-audit API. The SKILL.md, README, and example curl commands all target the same host and endpoint (https://dyinsight.cn/api/v1/skills/contract/audit) and require an api_key and optionally files/URLs — these are coherent with the stated purpose.
Instruction Scope
Instructions explicitly direct the agent to read the skill-local config.json for api_key and to read/upload user workspace files (up to 5 files, ≤5MB). This is within scope for a file-upload audit skill, but it means the agent will access and transmit local contract files and their contents to the remote endpoint — a privacy/data-exfiltration risk that is expected for this functionality.
Install Mechanism
No install spec or code is provided (instruction-only skill). Nothing is written to disk by an installer and there are no external downloads — this is low-risk from an install perspective.
Credentials
The skill requests no environment variables or system credentials; instead it uses a config.json in its own directory for an api_key. That is proportionate to the stated API-based purpose. However, the skill does require reading local files and transmitting their contents to the provider, which is a legitimate need for an audit service but may be sensitive depending on data confidentiality.
Persistence & Privilege
The skill is not always-enabled and uses the default autonomous invocation setting. It does not request system-wide config changes or access to other skills' credentials. Its only persistence requirement is a local config.json containing the api_key, which the SKILL.md explicitly instructs the agent to read.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install contract-audit-stream - After installation, invoke the skill by name or use
/contract-audit-stream - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of contract-audit-stream.
- Supports batch contract auditing via SSE, using either file links (JSON) or direct file upload (multipart).
- Requires selection of audit perspective (甲方/PARTY_JIA or 乙方/PARTY_YI) and a valid api_key.
- Enforces file count (≤5) and size (≤5MB for uploads) limits, with strict server-side validation.
- SSE stream provides progress and result events, including error reporting.
- Includes production-ready curl examples and clear prompt recommendations.
- Implements pre-flight check: prevents real requests if api_key is missing or not configured in config.json, and prompts the user to update their api_key.
Metadata
Frequently Asked Questions
What is contract audit?
使用合同审核流式接口(SSE)批量审核合同(链接或文件上传),甲/乙方视角可选,需携带 api_key;部署域名 https://dyinsight.cn,接口 /api/v1/skills/contract/audit。Triggers on phrases like "审核合同", "audit contra... It is an AI Agent Skill for Claude Code / OpenClaw, with 172 downloads so far.
How do I install contract audit?
Run "/install contract-audit-stream" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is contract audit free?
Yes, contract audit is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does contract audit support?
contract audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created contract audit?
It is built and maintained by tzz (@tzz-v); the current version is v1.0.0.
More Skills