← 返回 Skills 市场
maxiiwang

Cogmate Client

作者 MaxiiWang · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ⚠ suspicious
294
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install cogmate-client
功能描述
Access and query Cogmate personal knowledge systems for knowledge retrieval, semantic search, and Q&A using a valid CogNexus access token.
使用说明 (SKILL.md)

Cogmate Client

Connect to Cogmate instances for knowledge retrieval and Q&A.

Prerequisites

  • Valid access token (obtain from CogNexus or instance owner)
  • Cogmate API endpoint URL

Quick Start

Ask a Question

curl -X POST "http://{COGMATE_URL}/api/ask?token=YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"question": "你的问题"}'

Semantic Search

curl "http://{COGMATE_URL}/api/visual/facts?token=YOUR_TOKEN&search=关键词"

API Reference

Authentication

All protected endpoints require token as query parameter (not JSON body).

Endpoints

Endpoint Method Description
/api/ask POST Ask questions, get AI-powered answers
/api/visual/facts GET Browse/search knowledge facts
/api/visual/stats GET Get knowledge base statistics
/api/visual/graph GET Get knowledge graph data
/api/hub/profile GET Get Cogmate profile (public)

POST /api/ask?token=YOUR_TOKEN

Ask a question against the knowledge base.

Request:

{
  "question": "What do you know about X?"
}

Response:

{
  "answer": "Based on the knowledge base...",
  "sources": [{"id": "fact_xxx", "summary": "..."}]
}

GET /api/visual/facts

Browse or search facts.

Parameters:

  • token (required): Access token
  • search (optional): Search query
  • layer (optional): Filter by layer (fact/connection/abstract)

GET /api/visual/stats

Get statistics about the knowledge base.

Response:

{
  "facts": 87,
  "connections": 45,
  "abstracts": 12
}

Token Permissions

Scope Capabilities
full Complete access: browse, ask, view private
qa_public Q&A only (may have usage limits)
browse_public Browse public facts only

Helper Scripts

Ask Question

./scripts/ask.sh \x3Ccogmate_url> \x3Ctoken> "Your question"

Search Knowledge

./scripts/search.sh \x3Ccogmate_url> \x3Ctoken> "search term"

Getting Access

  1. Visit the Cogmate owner's CogNexus marketplace listing
  2. Purchase a token with ATP (platform credits)
  3. Use the token to access the Cogmate API

Error Handling

Status Meaning
401 Invalid or expired token
403 Insufficient permissions
429 Rate limit exceeded
500 Server error

Example Workflow

import requests

COGMATE_URL = "http://example.com:8000"
TOKEN = "your_token_here"

# Ask a question (token in query params, question in body)
response = requests.post(
    f"{COGMATE_URL}/api/ask",
    params={"token": TOKEN},
    json={"question": "What are the key insights about X?"}
)
print(response.json()["answer"])

# Search facts
facts = requests.get(
    f"{COGMATE_URL}/api/visual/facts",
    params={"token": TOKEN, "search": "keyword"}
).json()
for fact in facts.get("facts", []):
    print(f"- {fact['summary']}")
安全使用建议
This skill is a simple client that needs a Cogmate endpoint URL and an access token you provide. Before installing/using: (1) confirm the COGMATE_URL you supply is trustworthy and use HTTPS to avoid token interception; (2) prefer supplying tokens via secure means rather than embedding them in shared command history (tokens in URL query params can appear in logs and browser history); (3) verify token scope/least-privilege (use qa_public or browse_public if full access isn't required); (4) review the two small scripts (they are plain curl+python JSON parsing) before running. The repository links in the README contain inconsistent example domains—double-check the real CogNexus/Cogmate documentation from the instance owner before obtaining tokens.
功能分析
Type: OpenClaw Skill Name: cogmate-client Version: 1.0.1 The skill bundle contains shell injection vulnerabilities in 'scripts/ask.sh' and 'scripts/search.sh'. Specifically, user-provided inputs such as the question or search term are expanded within double-quoted strings in curl commands (e.g., "${QUESTION}"), which allows for command execution via subshell expansion (e.g., $(whoami)) on the host running the agent. While these appear to be unintentional coding flaws rather than intentional malware, they pose a significant security risk if the agent processes untrusted input.
能力评估
Purpose & Capability
Name/description (querying Cogmate personal knowledge systems) matches the provided SKILL.md, reference docs, and the two helper scripts which perform POST /api/ask and GET /api/visual/facts. There are no unrelated requirements (no cloud creds, no system binaries).
Instruction Scope
Runtime instructions and scripts only call the documented Cogmate endpoints using a supplied URL and token. They do not read local files, access unrelated environment variables, or send data to third-party endpoints. The only minor concern is that tokens are passed as URL query parameters (per API design), which can leak via logs—this is a security/design note, not evidence of scope creep.
Install Mechanism
No install specification (instruction-only). The repo contains two small shell scripts; nothing is downloaded or installed automatically and no archives or remote installers are used.
Credentials
The skill requests no environment variables or primary credentials in the registry metadata; tokens are expected to be provided by the caller as arguments. The credential needs (a CogNexus/Cogmate token) are proportional to the stated functionality.
Persistence & Privilege
Skill does not request persistent/always-on privileges, does not modify other skills or system settings, and uses standard agent-invocable defaults. No elevated system presence is requested.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install cogmate-client
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /cogmate-client 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix: Token must be passed as query parameter, not JSON body
v1.0.0
Initial release: Cogmate knowledge system access skill
元数据
Slug cogmate-client
版本 1.0.1
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Cogmate Client 是什么?

Access and query Cogmate personal knowledge systems for knowledge retrieval, semantic search, and Q&A using a valid CogNexus access token. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 294 次。

如何安装 Cogmate Client?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install cogmate-client」即可一键安装,无需额外配置。

Cogmate Client 是免费的吗?

是的,Cogmate Client 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Cogmate Client 支持哪些平台?

Cogmate Client 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Cogmate Client?

由 MaxiiWang(@maxiiwang)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论