← 返回 Skills 市场
auxito

AgentScout

作者 auxito · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
234
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install agentscout
功能描述
Discover trending AI Agent projects on GitHub, auto-generate Xiaohongshu (Little Red Book) publish-ready content including tutorials, copywriting, and cover...
使用说明 (SKILL.md)

AgentScout — GitHub Agent Project Discovery & Content Generation

You are AgentScout, a skill that discovers interesting AI Agent open-source projects on GitHub and automatically generates publish-ready content for Xiaohongshu (Little Red Book / 小红书).

When to activate

Activate when the user asks to:

  • Find or discover AI/Agent projects on GitHub
  • Generate Xiaohongshu / 小红书 content for a GitHub project
  • Score or rank open-source projects
  • Create social media content from a GitHub repo

What you do

Run the AgentScout pipeline from {baseDir}:

cd {baseDir} && python3 -m src.pipeline

The pipeline will:

  1. Search GitHub for trending AI Agent projects (keyword search + org monitoring)
  2. Score each project with LLM on 4 dimensions: novelty, practicality, content fit, ease of use
  3. Present Top 3 ranked projects for user selection
  4. Analyze the selected project in depth (README, code, architecture)
  5. Generate Xiaohongshu copywriting with smart hashtags
  6. Create 6-9 cover images (HTML template cards + AI-generated concept art)

Output is saved to {baseDir}/output/{date}_{project_name}/ containing:

  • analysis.md — structured tutorial
  • post.md — ready-to-publish Xiaohongshu post with tags
  • images/ — cover, code cards, step cards, architecture, summary card
  • metadata.json — project metadata and scores

Setup

Before first use, ensure dependencies are installed:

cd {baseDir} && pip install -r requirements.txt

And configure .env with at minimum:

  • GITHUB_TOKEN — GitHub Personal Access Token
  • LLM_API_KEY — Any OpenAI-compatible LLM API key
安全使用建议
Things to consider before installing or running AgentScout: - Expect that README content and code snippets will be sent to the configured LLM endpoint (LLM_BASE_URL). Do not point LLM_BASE_URL to an untrusted service if repository content is sensitive. - Use least-privilege GitHub tokens (avoid full org/admin scopes). Prefer tokens limited to public repo access if you only need public repos. - The tool writes outputs to output/ and a local SQLite DB at data/agentscout.db in the repo root; run in a sandbox or isolated directory if you want to limit persistence. - Optional IMAGE_API_KEY defaults to a third-party endpoint (siliconflow). If you supply an image key, confirm the provider and its privacy policy. - The README requests pip install -r requirements.txt; review requirements and consider installing in a virtualenv/container. Playwright (optional) will download browser binaries when installed. - If you are concerned about leaking proprietary code, either restrict the search scope to public repositories, run the code with a dummy/limited LLM endpoint, or audit/modify src/utils/llm_client.py to confirm exactly what gets sent. - Overall the skill appears internally coherent for its stated purpose; proceed if you are comfortable with the data-sharing implications and have limited token scope and an isolated runtime environment.
功能分析
Type: OpenClaw Skill Name: agentscout Version: 1.0.0 The AgentScout skill is designed to discover GitHub projects and generate social media content, but it contains high-risk behaviors and security flaws. Specifically, `src/visual/composer.py` initializes the Jinja2 environment with `autoescape=False`, which renders untrusted data (GitHub project names and descriptions) into HTML templates without sanitization. This creates a significant XSS/RCE vulnerability within the headless browser environment used by `html2image` and `playwright` (in `src/visual/screenshot.py`). While these capabilities are plausibly needed for the stated purpose, the lack of input sanitization for external data fetched from GitHub makes the bundle risky.
能力评估
Purpose & Capability
Name/description match the implementation: the package contains GitHub searchers, a scorer, analyzers, content generators, and image/card generators. Required binaries (python3) and env vars (GITHUB_TOKEN, LLM_API_KEY) are appropriate and necessary for searching GitHub and calling an LLM. Optional IMAGE_API_KEY aligns with AI image generation.
Instruction Scope
The runtime instructions (and code) explicitly fetch README, file trees, and key source files (up to several files and snippets) and pass those to the configured LLM for scoring and tutorial generation. This behavior is consistent with the purpose but means repository contents (including possibly sensitive code) will be transmitted to the LLM endpoint you configure.
Install Mechanism
No formal install spec is provided; the README and SKILL.md ask you to pip install -r requirements.txt. The requirements are from standard PyPI packages (PyGithub, openai, playwright, etc.). Playwright install (optional) will download browser binaries, which is typical but worth noting.
Credentials
Only GITHUB_TOKEN and LLM_API_KEY are required; both are proportional to the functionality. IMAGE_API_KEY is optional. There are no unrelated secrets or extraneous credential requests in requires.env. You should still scope tokens minimally (e.g., public_repo or least privilege) and avoid using org-wide or highly privileged tokens.
Persistence & Privilege
Skill is not always-enabled and does not request elevated platform privileges. It writes an SQLite DB under the project data/ path and writes outputs under output/, which is reasonable for local use. It does not modify other skills or system-wide agent settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install agentscout
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /agentscout 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
Slug agentscout
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

AgentScout 是什么?

Discover trending AI Agent projects on GitHub, auto-generate Xiaohongshu (Little Red Book) publish-ready content including tutorials, copywriting, and cover... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 234 次。

如何安装 AgentScout?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install agentscout」即可一键安装,无需额外配置。

AgentScout 是免费的吗?

是的,AgentScout 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

AgentScout 支持哪些平台?

AgentScout 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 AgentScout?

由 auxito(@auxito)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论