← 返回 Skills 市场

Agent Bug Submission

Name: Agent Bug Submission
Author: luiciferyi

作者 LuiciferYi · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install agent-bug-submission

功能描述

提交缺陷信息到TeamCycle平台，支持缺陷全生命周期管理，含飞书多维表格和文档记录与查询功能。

使用说明 (SKILL.md)

Agent Bug Submission - 智能体缺陷提交

飞书文档写入位置

知识库: 7616288931050507220
节点: 效果评测/缺陷报告

飞书多维表格写入位置

缺陷跟踪表: https://my.feishu.cn/wiki/FWYmwGwgziQGzBkxETHctCg5nDK?table=tblt64TGQqsHqcSu&view=vewqJU0Fv4

提交缺陷到TeamCycle平台，跟踪缺陷生命周期。

触发条件

当用户需要以下操作时触发：

"提交缺陷"
"创建缺陷单"
"提bug"
"记录缺陷"
"缺陷跟踪"

功能

提供缺陷全生命周期管理：

缺陷信息收集与格式化
缺陷提交到TeamCycle平台
缺陷状态跟踪
缺陷信息查询

依赖

此 skill 依赖 bug-reporter skill 进行实际的缺陷提交：

路径: C:\Users\zhanju.zhang\.openclaw\workspace\skills\bug-reporter
功能: 调用 TeamCycle API 提交缺陷

使用方法

1. 提交缺陷到 TeamCycle

提交缺陷:
- 项目ID: [TeamCycle项目ID，如58]
- 缺陷标题: [简明描述]
- 缺陷描述: [详细描述，支持HTML]
- 缺陷类型ID: [TeamCycle缺陷类型ID，如211]
- 优先级: [高级/中级/低级]
- 所处阶段: [需求阶段/设计阶段/开发阶段/测试阶段]
- 关注人: [可选]

示例:
python scripts/bug_reporter.py zhanju.zhang "密码" 58 "登录功能异常" "\x3Cp>用户在登录时偶尔出现白屏\x3C/p>" 211 "高级" "测试阶段"

2. 缺陷信息模板

【缺陷标题】[一句话描述问题]

【缺陷描述】
[详细描述问题现象]

【重现步骤】
1. [步骤1]
2. [步骤2]
3. [步骤3]

【预期结果】[预期行为]
【实际结果】[实际行为]

【环境信息】
- 版本: [版本号]
- 环境: [测试环境]
- 浏览器: [浏览器版本]

【附件】[截图/日志]

TeamCycle 配置

系统信息

平台地址: https://teamcycle.100credit.cn
登录接口: POST /api/login
缺陷提交接口: POST /api/projectBug/save

必需参数

参数	说明	示例
username	用户名	zhanju.zhang
password	密码	[用户密码]
projectId	项目ID	58
title	缺陷标题	登录功能异常
desc	缺陷描述	\x3Cp>详细描述\x3C/p>
bugTypeId	缺陷类型ID	211

可选参数

参数	说明	示例
priority	优先级	高级/中级/低级
phase	所处阶段	需求阶段/测试阶段
focustors	关注人	["user1","user2"]

缺陷类型ID参考

类型	ID
功能缺陷	211
UI缺陷	212
性能缺陷	213
安全缺陷	214
兼容性缺陷	215
其他	216

严重程度映射

严重程度	TeamCycle优先级
致命	高级
严重	高级
一般	中级
轻微	低级

工作流程

1. 收集缺陷信息
   ↓
2. 格式化缺陷描述（HTML）
   ↓
3. 调用 bug-reporter 提交
   ↓
4. 获取缺陷ID
   ↓
5. 记录到本地跟踪

输出

TeamCycle 缺陷链接
缺陷ID
本地缺陷记录

示例

提交功能缺陷

项目ID: 58
标题: 智能问答Agent意图识别失败
描述: \x3Cp>当用户输入"查一下北京天气"时，系统未能正确识别"查天气"意图\x3C/p>\x3Cp>\x3Cb>重现步骤：\x3C/b>\x3C/p>\x3Cp>1. 进入智能问答Agent\x3C/p>\x3Cp>2. 输入"查一下北京天气"\x3C/p>\x3Cp>3. 观察返回结果\x3C/p>\x3Cp>\x3Cb>预期结果：\x3C/b>返回北京天气信息\x3C/p>\x3Cp>\x3Cb>实际结果：\x3C/b>返回"我不理解您的问题"\x3C/p>
缺陷类型ID: 211
优先级: 高级
阶段: 测试阶段

提交性能缺陷

项目ID: 58
标题: 高并发下响应时间超过阈值
描述: \x3Cp>在10并发用户场景下，首字响应时间超过6秒，不符合性能要求\x3C/p>\x3Cp>详见性能测试报告附件\x3C/p>
缺陷类型ID: 213
优先级: 高级
阶段: 测试阶段

安全使用建议

This skill appears to perform the advertised task but has several red flags you should address before installing or using it: - Verify the 'bug-reporter' dependency: the SKILL.md points to a hard-coded local path (C:\Users\zhanju.zhang\...). Confirm that the referenced code exists on your system, inspect its source, and ensure it is trustworthy before allowing the agent to execute it. - Do not pass passwords on the command line: the example shows a plaintext password argument. That exposes credentials via process lists and logs. Prefer secure credential storage (environment variables, secret manager, or token-based auth) and confirm how the agent will obtain credentials. - Clarify Feishu authentication: the skill uses Feishu doc/bitable actions but declares no Feishu credentials. Ensure integration tokens are provided securely and that you understand where and how they are stored or transmitted. - Review allowed tools and local writes: the agent is permitted exec/read/write; audit any scripts it will run and confirm where local tracking files will be written. Be cautious if the skill will read other files or credentials on disk. - Origin and provenance: the skill's source/homepage is unknown. If you do not trust the author, do not install or run it until you can review the bug-reporter code and confirm endpoints and auth flows. If you want to proceed safely: obtain or implement a version that (a) uses token-based auth or secure env vars for TeamCycle/Feishu, (b) documents where credentials are stored, (c) avoids passing secrets on the command line, and (d) removes hard-coded user-specific paths or makes the dependency explicit and configurable.

功能分析

Type: OpenClaw Skill Name: agent-bug-submission Version: 1.0.0 The skill is classified as suspicious due to insecure credential handling and hardcoded environment-specific paths. SKILL.md instructs the agent to execute a Python script (bug_reporter.py) using the 'exec' tool while passing a plaintext password as a command-line argument, which is a major security risk as it exposes credentials in process logs. Additionally, the skill references a hardcoded absolute path to a specific user's directory (C:\Users\zhanju.zhang\...) for its dependencies, which is highly unusual for a portable skill bundle and suggests it was designed for a specific, non-standard environment. The skill targets the TeamCycle platform at teamcycle.100credit.cn.

能力评估

ℹ Purpose & Capability

The skill's name/description say it submits bugs to TeamCycle and writes to Feishu, which matches the instructions. However the SKILL.md depends on a local 'bug-reporter' component at a specific Windows path under a user's home (C:\Users\zhanju.zhang\.openclaw\workspace\skills\bug-reporter). Requiring a user-specific local path is unusual for a generic skill and is not explained; it reduces portability and may indicate the skill was authored for a single developer environment.

⚠ Instruction Scope

Instructions tell the agent to invoke a local script (python scripts/bug_reporter.py) and pass credentials directly on the command line (example includes a password parameter). It permits exec/read/write and Feishu tool actions. The document references TeamCycle API endpoints and specific Feishu doc/table IDs. The SKILL.md does not say where TeamCycle/Feishu credentials come from, nor constrain where local records are written — this gives the agent broad discretion to run commands and access files beyond what's explicitly justified.

✓ Install Mechanism

This is an instruction-only skill with no install spec and no code files beyond a package.json and SKILL.md; that's low install risk. Nothing is downloaded or written to disk by an installer as part of the skill itself.

⚠ Credentials

The skill clearly requires sensitive credentials (TeamCycle username/password and Feishu API/auth tokens) to operate, but requires.env is empty and no primary credential is declared. The example demonstrates passing a plaintext password as a command-line argument (which exposes it to process listings and logs). Feishu actions are listed in allowed-tools but no Feishu credentials or token handling are described. This mismatch between needed secrets and declared requirements is disproportionate and risky.

ℹ Persistence & Privilege

always:false (normal). The skill requests potentially powerful tools (exec, read, write) and Feishu actions, which allow filesystem and network activity; that is expected for an integration skill but increases blast radius if misused. The dependency on a local bug-reporter skill path implies access to other skill code/config on disk; the SKILL.md does not clarify whether credentials or tokens are stored locally or how records are persisted.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install agent-bug-submission
安装完成后，直接呼叫该 Skill 的名称或使用 /agent-bug-submission 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of agent-bug-submission skill. - Submit and track defects on TeamCycle with full lifecycle management. - Supports logging defect info to Feishu Docs and Feishu Bitable. - Triggers on keywords like "提交缺陷", "创建缺陷单", "提bug", "记录缺陷". - Relies on the bug-reporter skill for integration with TeamCycle API. - Includes detailed templates, parameter instructions, and workflows for defect submission and tracking.

元数据

Slug agent-bug-submission

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题