← Back to Skills Marketplace
My Research Lab
by
iriswong31
· GitHub ↗
· v1.8.0
· MIT-0
165
Downloads
0
Stars
0
Active Installs
10
Versions
Install in OpenClaw
/install my-research-lab
Description
My Research Lab 我的研究院 — Your personal research lab for any topic you care about. Auto-running with cron scheduling, self-evolving. From discovery to brainsto...
Usage Guidance
Before installing: 1) Inspect the contents of ~/.codebuddy/memory and ~/.codebuddy/automations to confirm they don't hold unrelated secrets or tokens (backup first). 2) If you must provide SMTP creds, use an app-specific password or dedicated mailbox with limited privileges and monitor/follow strong revocation steps. 3) Be prepared that the skill will create and modify cron jobs — back up your crontab and review any newly created job entries before allowing them to run autonomously. 4) Ask the publisher (or request the exact prompts/paths the skill will write) to clarify which files it will read/write and where it will store logs. 5) If you have sensitive data in shared memory used by other skills, avoid granting this skill access until you can scope its storage to an isolated directory. If you are uncomfortable with autonomous auto-repair or background scheduling, do not install or run it in an unprivileged/test environment first.
Capability Assessment
Purpose & Capability
The skill claims to be an autonomous, cron-driven research lab and requests SMTP_USER/SMTP_PASS and two config paths (~/.codebuddy/memory and ~/.codebuddy/automations). SMTP credentials are reasonable for an email-pushing research-digest feature. The config paths are plausible for storing memory/automations, but the prefix '.codebuddy' is external to the skill name ('my-research-lab') and suggests it will read/write data belonging to a different subsystem; that deserves scrutiny.
Instruction Scope
SKILL.md instructs the agent to read and update user memory, create and modify cron tasks, perform web searches/fetches, access logs and error diagnostics, store archives locally, and send HTML emails via SMTP. Many of these actions are coherent with the stated purpose, but the instructions are broad and include automated repair actions ('must recreate cron if missing', 'auto-fix channels') and vague reads of '错误日志' ('read and diagnose last execution error logs') without clear path restrictions — this grants the skill wide discretionary access to system state and files beyond a narrowly scoped application folder.
Install Mechanism
Instruction-only skill with no install spec or downloaded code. That limits supply-chain risk because nothing new is written to disk by an installer. The runtime instructions themselves (create cron jobs, write files) are the main risk surface rather than an install mechanism.
Credentials
Only SMTP_USER and SMTP_PASS are declared as required env vars, which fits the email-sending functionality. However the skill requires read/write access to specific config paths (~/.codebuddy/memory and ~/.codebuddy/automations). Those paths may contain unrelated secrets or tokens from other skills (the '.codebuddy' name suggests a shared platform memory). Requesting those paths without explicit scope increases risk of accessing unrelated credentials or private data.
Persistence & Privilege
The skill will create and manage cron jobs and persist archives locally. Creating system scheduled tasks and auto-fixing them is a high-impact capability. Although 'always' is false and autonomous invocation is the platform default, the combination of filesystem access (~/.codebuddy/...), cron modification privileges, and SMTP credentials gives it significant persistent presence and potential to act without frequent user interaction. The SKILL.md promises user confirmations for direction selection, but also instructs '能自己查的不问用户' which pushes for fewer user prompts — a potential scope creep toward more autonomous changes.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install my-research-lab - After installation, invoke the skill by name or use
/my-research-lab - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.8.0
v1.8.0: SECURITY FIX - Added metadata.openclaw.requires (env: SMTP_USER/SMTP_PASS, config: memory/automations) to match actual runtime behavior. Added explicit permissions declaration section. Removed 'silent' wording that triggered suspicious pattern detection. All permissions now transparently documented.
v1.7.0
v1.7.0: Cron timeout must be >=15min (fixes 5min timeout killing tasks). Email MUST use HTML format with card layout and clickable links. Summary quality check added (must have data+judgment+info beyond title). Original URL mandatory for every item. Archive links in footer. Auto-retry on push failure. Auto-diagnose when tasks fail.
v1.6.0
v1.6.0: CRITICAL - Cold start now MUST create cron scheduled task (no more fake auto-run). Added channel availability detection before config. Added scheduled task health check on every conversation. Added cloud environment auto-downgrade (no Chrome = web_search + web_fetch only). Content creation is suggestion-only. Hands-on projects use suggest-confirm-authorize flow.
v1.5.0
v1.5.0: Removed CDP scripts (fixes SUSPICIOUS flag), web-access now recommended on-demand with full risk disclosure, hands-on projects use suggest-then-authorize flow, content creation is optional suggestion not mandatory, ultra-minimal onboarding (one question)
v1.4.0
v1.4.0: Ultra-minimal onboarding (one question only), proactive push channel setup (QQ mail/WeChat/etc with step-by-step auth guide), content creation engine (auto-suggest weekly articles for WeChat/Xiaohongshu/email), auto-update check on each run, --force install note for CDP scripts
v1.3.1
v1.3.1: Fixed display name to English, added bilingual CN/EN description and title
v1.3.0
v1.3.0: Rebranded to '我的研究院'. Added 5-tier search tool matrix, 3 self-evolution designs (source curation, quality scoring >= 3.5, self-improving feedback), Skill security policy (100/3 rule + dual audit), auto-run heartbeat mechanism, content quality scoring system
v1.2.0
v1.2.0: Added browser CDP automation (web-access integration), 3-tier web capability (search -> fetch -> browser), YouTube/video support, parallel sub-agent research, site experience accumulation
v1.1.0
v1.1.0: Built-in web access capabilities (web_search + web_fetch), enhanced source collection with 15+ domain sources, improved brainstorm engine with deep web research, optimized output templates
v1.0.0
Initial release: personal research automation engine
Metadata
Frequently Asked Questions
What is My Research Lab?
My Research Lab 我的研究院 — Your personal research lab for any topic you care about. Auto-running with cron scheduling, self-evolving. From discovery to brainsto... It is an AI Agent Skill for Claude Code / OpenClaw, with 165 downloads so far.
How do I install My Research Lab?
Run "/install my-research-lab" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is My Research Lab free?
Yes, My Research Lab is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does My Research Lab support?
My Research Lab is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created My Research Lab?
It is built and maintained by iriswong31 (@iriswong31); the current version is v1.8.0.
More Skills