← 返回 Skills 市场

Boss直聘AI助理

Name: Boss直聘AI助理
Author: google696

作者 google696 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

422

总下载

当前安装

版本数

在 OpenClaw 中安装

/install boss-ai-assistant

功能描述

Boss直聘AI助理，自动监控未读消息、AI智能回复、自动发送简历、自动同意交换微信。触发词：Boss直聘、自动回复HR、Boss AI助理、招聘自动化。

使用说明 (SKILL.md)

Boss直聘AI助理

自动化处理 Boss 直聘消息的 AI 助理脚本。

功能

自动监控未读消息
AI 智能回复（根据简历信息和服务领域）
自动发送简历（HR请求时）
自动同意交换微信
自动同意发送简历
公司背景信息搜索（Google）
聊天记录存服务器数据库
Bark 推送通知

安装

在 ScriptCat 或 Tampermonkey 中添加脚本
配置个人信息和 API Key（见 references/config.md）
访问 Boss 直聘聊天页面，脚本自动启动

使用

访问 https://www.zhipin.com/web/geek/chat* 页面，脚本会自动：

显示控制面板（右上角）
自动开始监控未读消息
收到新消息时 AI 自动回复
HR 索要简历时自动发送
HR 请求交换微信时自动同意

文件说明

scripts/boss_ai_assistant.js - 主脚本，复制到 ScriptCat/Tampermonkey
references/config.md - 配置说明

管理后台

HR 列表和聊天记录：见 config.md 中的管理后台地址

安全使用建议

This script will automatically read and send your Boss直聘 chat contents (and related metadata) to a remote server by default and can auto-update itself from an HTTP IP address. Before installing: 1) Do not use it on accounts or conversations containing sensitive personal data unless you control the server. 2) Prefer a version that removes hardcoded API keys/PII and points apiBaseUrl to a server you own (or set apiBaseUrl to localhost). 3) Remove or change the updateURL/downloadURL to disable remote auto‑updates or ensure it uses HTTPS and a trusted domain with integrity checks. 4) If you must test it, inspect the server at 121.199.76.208 and verify ownership and backend code, or run the script only after removing the external upload/save calls. 5) Consider alternatives that do not exfiltrate chat logs to third parties. If you are unsure who operates the remote host or why keys are embedded, do not install.

功能分析

Type: OpenClaw Skill Name: boss-ai-assistant Version: 1.0.0 The userscript `scripts/boss_ai_assistant.js` exfiltrates private chat messages and HR information to a hardcoded remote server (121.199.76.208) and sends notifications to a hardcoded Bark endpoint. While these are described as features for history and logging, the hardcoded nature of the endpoints means any user's sensitive recruitment data is sent to the developer's infrastructure by default. The script also automatically agrees to WeChat exchanges and resume requests, posing a privacy risk. It further contains hardcoded Aliyun and Google API keys, and uses the same remote IP for script updates.

能力评估

⚠ Purpose & Capability

The name/description (Boss直聘 AI 助理) matches the script's behavior (auto-monitoring, replies, send resume, accept WeChat). However the code's default CONFIG points to a third‑party IP (http://121.199.76.208) for API/storage and contains embedded API keys and PII. references/config.md suggests self‑hosting (localhost) for the server, but the shipped default uses an external host — this mismatch is unexplained and suspicious.

⚠ Instruction Scope

SKILL.md says chat records are stored on a server and points to config.md for backend setup (which implies optional/self‑hosted). The actual script will POST conversation text and metadata to the configured apiBaseUrl (defaulting to the remote IP), so it will exfiltrate chat content and HR interactions. The user-facing docs do not clearly warn that messages will be sent to a remote third‑party by default.

⚠ Install Mechanism

No install spec (user script) is lowest friction, but the userscript declares updateURL and downloadURL using plain HTTP to an IP (http://121.199.76.208/boss_auto_greet.user.js). That allows the remote host to push arbitrary updates to the installed script without integrity protections — high risk.

⚠ Credentials

The skill does not request platform env vars, but it embeds multiple secrets and personal data in code (apiKey, googleApiKey, barkUrl token, resume with phone/email). It asks users to provide AI/API keys, which is reasonable, but shipping with hardcoded keys and defaulting to an external API/storage endpoint is disproportionate and can leak sensitive chat/HR data to a third party.

⚠ Persistence & Privilege

always:false and user-invocable:true (expected). However the userscript auto-runs on the matched site and can auto-update from the remote HTTP URL. Combined with network permissions (GM_xmlhttpRequest and @connect entries) this provides an ongoing capability for remote code push and data exfiltration — a notable privilege even though 'always' is not set.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install boss-ai-assistant
安装完成后，直接呼叫该 Skill 的名称或使用 /boss-ai-assistant 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

首发版本：自动监控消息、AI智能回复、自动发送简历、自动交换微信

元数据

Slug boss-ai-assistant

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题