← Back to Skills Marketplace
185
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install crewai-team
Description
使用 CrewAI 多 Agent 团队进行产品需求分析和 PRD 生成
README (SKILL.md)
CrewAI 团队协作技能
概述
本技能调用 CrewAI 多 Agent 团队,进行完整的产品需求分析,输出标准 PRD 文档。
团队成员
| 角色 | 职责 |
|---|---|
| 📊 市场调研分析师 | 竞品分析、用户研究 |
| 🎨 产品设计专家 | 功能设计、UI 建议 |
| 🏗️ 技术总监 | 架构设计、任务拆分 |
| 💻 全栈技术专家 | 代码实现示例 |
| ✅ 质量专家 | 测试计划、验收标准 |
使用方法
方式 1:直接运行脚本
cd ~/.openclaw/workspace/crewai_team
python3.10 run_team.py "产品创意描述"
方式 2:通过 OpenClaw 子代理
sessions_spawn(
task="用 CrewAI 分析产品需求:[产品创意]",
runtime="subagent",
cwd="/Users/dayangyu/.openclaw/workspace/crewai_team"
)
方式 3:Python 代码调用
from crewai_team.team_config import create_product_team
crew = create_product_team("产品创意", verbose=True)
result = crew.kickoff()
输出
完整的 PRD 文档,包含:
- 市场调研报告
- 产品设计方案
- 技术架构方案
- 开发指南
- 质量保障计划
前置条件
- 安装 CrewAI:
python3.10 -m pip install crewai crewai-tools - 配置 API Key: 复制
.env.example为.env并填入 DashScope API Key
注意事项
- 首次运行需要 5-10 分钟(依赖下载 + 多轮分析)
- 确保有足够的 API 额度
- 输出结果建议人工审核
Usage Guidance
This package appears to implement a legitimate CrewAI multi-agent PRD generator, but exercise caution before running it. Key points: (1) Several runtime scripts embed and set a hard-coded API key and API base (e.g., run_discussion.py and others set os.environ['OPENAI_API_KEY'] = "sk-..." and OPENAI_API_BASE to a DashScope URL). Embedded secrets are a serious red flag — they may be stale, leaked, or intentionally included to route usage through someone else's account. (2) The SKILL.md/SETUP.md tell you to configure your own .env/DASHSCOPE_API_KEY, yet the registry metadata lists no env vars — this inconsistency suggests sloppy or unsafe packaging. (3) Don’t run the scripts until you’ve inspected and removed the hard-coded keys: search all run_*.py and team_config files for os.environ assignments and replace them with secure code that reads from your .env or process environment. (4) If the embedded key is valid, treat it as compromised: do not rely on it, and rotate any of your own keys if you ran these scripts with them present. (5) Prefer running in an isolated environment (container or VM), review network calls (especially to the configured OPENAI_API_BASE / dashscope endpoint), and review send-to-external integrations (Feishu/webhook code) before use. If you want to proceed safely: a) remove/neutralize the hard-coded key lines, b) ensure the code reads API credentials only from your explicit .env or process env, c) run tests offline or with a known test key, and d) consider auditing the code for any unexpected outbound network calls.
Capability Analysis
Type: OpenClaw Skill
Name: crewai-team
Version: 1.0.0
The skill bundle contains a hardcoded API key (sk-sp-e0fb4e4a6dba43fb9bd707b8ef48bd6b) across multiple Python files, including run_discussion.py, run_hierarchical.py, and various team_config_*.py files. While the key appears to be intended for accessing the DashScope (Aliyun) API to facilitate the tool's stated purpose of generating PRDs, hardcoding credentials is a significant security vulnerability. No evidence of intentional data exfiltration, backdoors, or malicious prompt injection was found; the code logic is consistent with a complex multi-agent orchestration framework using CrewAI.
Capability Assessment
Purpose & Capability
The name/description (CrewAI multi-agent PRD generation) matches the included code and docs (team_config, run_*.py, README, etc.). Requiring python3.10 is reasonable. However the registry metadata claims no required env vars while the SKILL.md and SETUP.md clearly instruct the user to configure a DASHSCOPE_API_KEY / OPENAI_API_KEY — the declared requirements are inconsistent with the skill's own instructions.
Instruction Scope
SKILL.md and SETUP.md instruct the user to supply an API key and run local scripts. Multiple runtime scripts (e.g., run_discussion.py, run_hierarchical.py, run_interactive.py, run_minimal.py, run_mobile.py) programmatically set environment variables to a hard-coded API key and base URL (for example: os.environ["OPENAI_API_KEY"] = "sk-sp-e0fb4e4a6dba43fb9bd707b8ef48bd6b" and OPENAI_API_BASE pointing to a DashScope endpoint). That contradicts instructions to use your own .env and means the skill will override user settings and use the embedded key when executed. Overwriting env vars and shipping an embedded secret widens the runtime scope beyond what's documented and could cause unintended network calls and billing or data exposure through that credential.
Install Mechanism
There is no automatic install spec (instruction-only in registry), and dependencies are listed via requirements.txt (crewai, crewai-tools, langchain-*). That is proportionate for a Python-based multi-agent tooling package. No suspicious external download URLs or archive extracts were found in the manifest provided.
Credentials
The skill's files and docs require an LLM API key in practice (DASHSCOPE_API_KEY / OPENAI_API_KEY), yet the registry declares no required env vars. Worse, multiple run_*.py scripts hard-code an API key and base URL into os.environ — a clear mismatch and an embedded credential. Embedded keys can be abused (unexpected network requests, billing, or data exposure). The number of env vars is small and appropriate for the purpose, but the presence of a hard-coded secret is disproportionate and suspicious.
Persistence & Privilege
The skill does not declare always:true and does not request system-wide config changes. It writes output PRD files to the workspace (expected). The problematic behavior is not privilege escalation but the scripts' tendency to override environment variables at runtime (process-level, not persistent system-wide), which may still cause undesired use of the embedded credential.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install crewai-team - After installation, invoke the skill by name or use
/crewai-team - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the crewai-team skill.
- Enables product requirement analysis and PRD generation using a multi-agent CrewAI team.
- Defines clear roles: Market Analyst, Product Designer, Tech Director, Full-stack Expert, and Quality Expert.
- Provides three usage methods: direct script, OpenClaw subagent, and Python API.
- Outputs a complete PRD including research, design, architecture, development, and QA plans.
- Lists setup instructions and important usage notes.
Metadata
Frequently Asked Questions
What is Crewai Team?
使用 CrewAI 多 Agent 团队进行产品需求分析和 PRD 生成. It is an AI Agent Skill for Claude Code / OpenClaw, with 185 downloads so far.
How do I install Crewai Team?
Run "/install crewai-team" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Crewai Team free?
Yes, Crewai Team is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Crewai Team support?
Crewai Team is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Crewai Team?
It is built and maintained by Mr-ChenXY (@namechenxinyu); the current version is v1.0.0.
More Skills