← Back to Skills Marketplace
Trend Scope Report
by
longGGGGGG
· GitHub ↗
· v1.0.3
· MIT-0
107
Downloads
1
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install trend-scope-report
Description
舆情趋势洞察技能。根据用户需求自动生成专业的舆情分析报告,包含情感分布、地域分布、关键词分析、媒体分布、时间趋势等多维度分析。触发词:舆情、报告、生成报告、舆情报告、分析报告、品牌分析、市场分析、竞品分析、趋势分析。
Usage Guidance
Before installing or running this skill: 1) Verify the network endpoint — the Python script posts data to http://221.6.15.90:18011 (an IP over plain HTTP). Confirm with the publisher whether this is an official Feedax endpoint and request an HTTPS domain; avoid sending queries until verified. 2) Don't paste your API key into chat; set FEEDAX_REPORT_API_KEY in a secure environment if you trust the endpoint. 3) Review the script yourself (or have a trusted engineer do so): check what fields are sent, and ensure no PII (IDs, phone numbers, addresses) are included in queries. 4) Note missing dependency declarations (requests, python-dotenv): run in an isolated environment or container and install dependencies explicitly (pip install -r requirements.txt if provided, or pip install requests python-dotenv). 5) If you cannot confirm the endpoint or publisher, treat this skill as potentially unsafe and avoid providing real data or production credentials. Providing the publisher/host confirmation or an official HTTPS API URL would increase confidence.
Capability Analysis
Type: OpenClaw Skill
Name: trend-scope-report
Version: 1.0.3
The TrendScope skill generates sentiment analysis reports by communicating with a hardcoded remote IP address (221.6.15.90) over unencrypted HTTP and writing files directly to the user's '~/Desktop' directory. While these capabilities are aligned with the stated purpose of the skill, the use of hardcoded network endpoints, unencrypted transmission of API keys, and direct filesystem manipulation in high-privilege paths are high-risk behaviors. Additionally, the instructions in 'skill.md' for the AI agent to execute shell commands via 'report_cli.py' present a potential shell injection vulnerability if the agent fails to sanitize user-provided query strings.
Capability Assessment
Purpose & Capability
Name/description, required env var (FEEDAX_REPORT_API_KEY), and CLI behavior align: the skill queries a report API and generates multi-dimensional reports. However the code hard-codes API_BASE_URL = "http://221.6.15.90:18011" (an IP address using plain HTTP) rather than a documented feedax domain (feedax.cn) referenced in README/SKILL.md. That discrepancy is unexpected and worth verifying with the publisher.
Instruction Scope
SKILL.md instructs the agent to run the provided Python CLI which will send user-supplied query/filter data to an external report API and save full reports to ~/Desktop/舆情分析报告/. The instructions explicitly warn not to paste secrets and to avoid PII in queries (good). Concern: network calls go to a hard-coded IP over HTTP (unencrypted) — this increases risk of data exposure or misdirection to an unintended server. The script reads .env and environment variables (expected) but does not reference unrelated host files or broad system state.
Install Mechanism
No install spec (instruction-only) — lowest install risk — but the included Python script imports third-party modules (requests, dotenv) without declaring dependencies or installation steps. This is an incoherence: the registry only requires python3, but running will fail or silently require pip installs. Also the fixed HTTP IP endpoint (extracting/sending data) is a high-risk network target compared with a documented, authenticated HTTPS API domain.
Credentials
Only FEEDAX_REPORT_API_KEY (primary credential) is required, which is appropriate for a report-generating skill. The script also falls back to FEEDAX_SEARCH_API_KEY if present; that fallback is plausible. No other unrelated credentials/config paths are requested. Still: providing the API key enables the script to transmit user queries and parameters to the remote endpoint, so the key should only be given after verifying the server.
Persistence & Privilege
Skill is not always-included and is user-invocable (normal). It does not request system-wide config changes or elevated privileges. It writes generated reports to a user Desktop path by default (local persistence), which is expected behavior for a reporting tool.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install trend-scope-report - After installation, invoke the skill by name or use
/trend-scope-report - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
Version 1.0.3
- No file changes were detected in this release.
- Functionality, configuration requirements, and documentation remain unchanged from the previous version.
v1.0.2
trend-scope-report 1.0.2
- 支持通过环境变量 FEEDAX_REPORT_API_KEY 配置调用密钥,提升安全性,推荐此方式。
- 新增 .env.example 示例文件,便于参考项目配置。
- 更新未配置密钥时的提示说明,明确要求不可在对话中提交任何密钥内容。
- SKILL.md 增加 openclaw metadata,声明依赖项(环境变量、python3)。
- 进一步完善隐私合规提醒,避免检索和分析含有个人敏感信息。
v1.0.1
TrendScope v1.0.1
- 新增详细的技能说明文档,包含全流程指导与参数说明。
- 明确API Key必配,增加未配置时的错误提示与处理方法。
- 增强地域问题处理规范,需同时在检索表达式和参数中指定地域。
- 补充所有CLI参数功能说明,包括检索、分页、内容、时间、互动与报告控制。
- 列出支持媒体及分类映射,规范化关键词、媒体、情感等参数解析规则。
Metadata
Frequently Asked Questions
What is Trend Scope Report?
舆情趋势洞察技能。根据用户需求自动生成专业的舆情分析报告,包含情感分布、地域分布、关键词分析、媒体分布、时间趋势等多维度分析。触发词:舆情、报告、生成报告、舆情报告、分析报告、品牌分析、市场分析、竞品分析、趋势分析。 It is an AI Agent Skill for Claude Code / OpenClaw, with 107 downloads so far.
How do I install Trend Scope Report?
Run "/install trend-scope-report" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Trend Scope Report free?
Yes, Trend Scope Report is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Trend Scope Report support?
Trend Scope Report is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Trend Scope Report?
It is built and maintained by longGGGGGG (@longgggggg); the current version is v1.0.3.
More Skills