← 返回 Skills 市场
322
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install codropshiping-product-search
功能描述
Searches for products on the Codrop shipping platform using a keyword.
使用说明 (SKILL.md)
\r \r
Description\r
\r This skill searches for products on the Codrop shipping platform by sending a keyword to the product search API. It requires an authentication token to access the API.\r \r
Usage\r
\r To use this skill, run the following command with the required parameters.\r \r
skill codropshiping-product-search --keyword=\x3Csearch_term> --token=\x3Cyour_auth_token>\r
```\r
\r
### Parameters\r
\r
- `--keyword=\x3Csearch_term>`: **(Required)** The product keyword you want to search for (e.g., `shoes`).\r
- `--token=\x3Cyour_auth_token>`: **(Required)** Your authentication token for the Codrop API.\r
\r
### Example\r
\r
This example searches for products with the keyword "shoes".\r
\r
```bash\r
skill codropshiping-product-search --keyword=shoes --token=12345abcdef\r
```\r
\r
## Output\r
\r
- **On Success**: If the request is successful, the output will be a JSON object containing the product data.\r
- **On Failure**: If the request fails, an error message will be displayed. Common errors include:\r
- Missing `keyword` or `token`.\r
- Invalid authentication token (e.g., `API Error: Please log in first`).\r
- The server returns a non-JSON response.\r
安全使用建议
This skill's behavior is coherent with its description — it POSTs {keyword} to a Codrop-like endpoint using the provided token — but there are a few things to check before using it with real credentials:
- Provenance: there is no homepage or known source; verify the author and whether the endpoint (test-codrop.cargosoon.online) is the correct/trusted service you intend to query.
- Secret handling: the script expects --token on the command line. CLI args can leak via process listings and may be saved in shell history. Prefer a version that reads the token from an environment variable or prompts interactively, and update metadata to declare the credential.
- Test first: run with a dummy token to observe responses and ensure the endpoint behaves as expected.
- TLS/endpoint trust: the script uses HTTPS but points to an unfamiliar host. Confirm the certificate and that you trust the service before sending real tokens.
- If you need stronger assurance: ask the author for a package with declared required credentials (primaryEnv) and supply instructions for safer secret handling, or request a reputable source/homepage.
Given the metadata mismatch and unknown host, proceed cautiously — this looks legitimate in function but has enough provenance and secret-handling issues to treat as suspicious until validated.
功能分析
Type: OpenClaw Skill
Name: codropshiping-product-search
Version: 1.0.0
The skill is a straightforward implementation of a product search tool for the Codrop shipping platform. The script `scripts/product-search.js` uses the standard Node.js `https` module to send a keyword and authentication token to a specific API endpoint (test-codrop.cargosoon.online). There is no evidence of data exfiltration, malicious execution, or prompt injection; the code's behavior aligns perfectly with its documented purpose.
能力评估
Purpose & Capability
The code and SKILL.md implement a product search against a Codrop-like API (POST to /api/shipping/Goods/ProductSearchKeywordQuery on test-codrop.cargosoon.online) which aligns with the stated purpose. However the registry metadata lists no required credentials while the SKILL.md and code clearly require an authentication token passed as --token. The skill's source/homepage are also missing, reducing provenance.
Instruction Scope
The runtime instructions and the script are narrowly scoped: they accept a keyword and token, POST JSON to the remote API, and print the JSON response or an error. The script does not read files, environment variables, or other system state. It does log raw responses on parse failure.
Install Mechanism
This is an instruction-only skill with a small Node.js script and no install spec; nothing is downloaded or written by an installer. That lowers install-time risk.
Credentials
No environment variables or platform credentials are declared in metadata, but the skill requires an auth token passed on the command line. Passing secrets via CLI can expose them in process listings and shell history; the token requirement should be declared in metadata (primaryEnv) or documented with safer usage guidance.
Persistence & Privilege
The skill is not always-enabled and does not request any elevated persistence or modify other skills/config. It is user-invocable and can be invoked autonomously (platform default), which is expected.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install codropshiping-product-search - 安装完成后,直接呼叫该 Skill 的名称或使用
/codropshiping-product-search触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of codropshiping-product-search:
- Enables product searches on the Codrop shipping platform with a keyword.
- Requires an API authentication token.
- Returns product data as JSON on success.
- Includes error handling for missing parameters, invalid tokens, and server errors.
元数据
常见问题
codropshiping-product-search 是什么?
Searches for products on the Codrop shipping platform using a keyword. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 322 次。
如何安装 codropshiping-product-search?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install codropshiping-product-search」即可一键安装,无需额外配置。
codropshiping-product-search 是免费的吗?
是的,codropshiping-product-search 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
codropshiping-product-search 支持哪些平台?
codropshiping-product-search 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 codropshiping-product-search?
由 shan-vvv(@shan-vvv)开发并维护,当前版本 v1.0.0。
推荐 Skills