← 返回 Skills 市场
hanjin714

coze-workflow-runner

作者 beilunjuzhen · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
141
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install coze-workflow-runner
功能描述
调用 Coze 工作流执行自动化任务,支持生成图片、处理数据等操作
使用说明 (SKILL.md)

Coze 工作流运行器

概述

通过 Coze API 调用工作流,执行自动化任务。目前支持生成宠物知识卡片等图像生成工作流。

快速开始

1. 配置令牌

服务令牌存储在:~/workspace-prod/coze/coze-tokens.md

首次使用时确认令牌有效。

2. 查看可用工作流

工作流列表存储在:~/workspace-prod/coze/workflows.md

包含每个工作流的 ID、链接和用途说明。

3. 调用工作流

使用 cozepy 库调用:

import cozepy

# 认证
auth = cozepy.TokenAuth(token='你的服务令牌')
coze = cozepy.Coze(auth=auth, base_url='https://api.coze.cn')

# 调用工作流
response = coze.workflows.runs.create(
    workflow_id='工作流ID',
    parameters={'input': '输入参数'}
)

现有工作流

短视频文案拆解(13层逻辑)

  • 工作流 ID: 7610429408704413759
  • 用途: 通过13层逻辑拆解短视频文案,输入抖音口令链接即可提取并分析底层逻辑
  • 输入: 抖音口令链接(如 7:/ xxx)
  • 返回: 短视频文案内容 + 13层逻辑拆解结果

调用示例:

import cozepy

auth = cozepy.TokenAuth(token='你的服务令牌')
coze = cozepy.Coze(auth=auth, base_url='https://api.coze.cn')

response = coze.workflows.runs.create(
    workflow_id='7610429408704413759',
    parameters={'input': '7:/ xxx:】'}
)

生成宠物知识卡片

  • 工作流 ID: 7610527662062665754
  • 用途: 生成宠物知识卡片图片(5张)
  • 输入: 宠物名称和描述文本
  • 返回: 5个图片 URL(短链接形式)

调用示例:

import cozepy

auth = cozepy.TokenAuth(token='你的服务令牌')
coze = cozepy.Coze(auth=auth, base_url='https://api.coze.cn')

response = coze.workflows.runs.create(
    workflow_id='7610527662062665754',
    parameters={'input': '布偶猫宠物知识卡片:布偶猫又称布拉多尔猫,是体型和体重最大的猫品种之一。'}
)

# 返回: {"output": ["https://s.coze.cn/t/xxx/", ...]}

处理返回的短链接

工作流返回的是短链接,需要跟随跳转才能获取真实图片 URL:

import subprocess

urls = response['data']['output']
for i, url in enumerate(urls, 1):
    # curl -L 自动跟随跳转,直接下载图片
    subprocess.run(['curl', '-sL', url, '-o', f'pet_card_{i}.png'])

资源

配置目录

  • ~/workspace-prod/coze/coze-tokens.md - 服务令牌
  • ~/workspace-prod/coze/workflows.md - 工作流列表

最后更新:2026-03-24

安全使用建议
Things to check before installing or running this skill: - Confirm where your Coze service token is stored. The SKILL.md says ~/workspace-prod/coze/coze-tokens.md but the script reads /Users/hanjin/.openclaw/... — that hardcoded developer path is suspicious. Do NOT place high-privilege tokens in a file that this script might read. Use a dedicated service token with limited scope. - Ask the author to declare the credential (primaryEnv or required config path) and to remove hardcoded, user-specific paths. Prefer explicit configuration (env var or configurable path) over hardcoded filesystem locations. - Verify dependencies (cozepy, curl) will be available in your runtime; missing deps could cause fallback behaviors. - Be cautious about automatic downloads of workflow output URLs: outputs are short links and the skill's instructions and script will follow redirects and download content. Review outputs before auto-downloading to avoid fetching malicious payloads. - If you must run it, run in an isolated environment (throwaway account or container) and inspect the token file contents and code modifications first. If the developer cannot explain the path mismatch, treat it as unsafe.
功能分析
Type: OpenClaw Skill Name: coze-workflow-runner Version: 1.0.0 The skill bundle contains a Python script (scripts/run_workflow.py) with a hardcoded absolute path to a specific user's home directory (/Users/hanjin/) to retrieve sensitive API tokens, which is a significant security flaw and environment-specific risk. Additionally, SKILL.md provides instructions for the AI agent to execute shell commands via subprocess/curl to download content from URLs returned by the Coze API. While these behaviors are functionally related to the stated purpose of running Coze workflows, the insecure credential handling and hardcoded local paths are high-risk indicators.
能力评估
Purpose & Capability
The skill claims only to call Coze workflows and provide examples for image/text workflows, which matches included code that uses the cozepy client. However, the skill declares no required credentials/config, yet both SKILL.md and the script expect a local token file. The script hardcodes a user-specific path (/Users/hanjin/.openclaw/workspace-prod/coze/coze-tokens.md) while SKILL.md references ~/workspace-prod/coze/coze-tokens.md — this mismatch and the omission of the token as a declared requirement is incoherent.
Instruction Scope
Instructions direct the agent to read a local tokens file and a workflows file and to follow shortlink redirects and download images via curl. Reading a token file and writing downloaded images is within the skill's purpose, but the script reads a hardcoded path in another user's dot-directory which is outside the documented workspace path. That behavior increases the chance of reading unrelated/privileged secrets and is not documented in requires/config.
Install Mechanism
There is no install spec (instruction-only plus a helper script). This minimizes install-time risk. Note: the skill depends on the cozepy library and curl being available, but these dependencies are not declared.
Credentials
No environment variables or credentials are declared in metadata, yet the runtime expects a service token stored in a local file. The script looks for lines containing 'Bearer' and 'sat_' — i.e., a credential-like token — but this credential isn't declared as primaryEnv or required config. Requiring access to a token file without declaring it is disproportionate and raises risk of silent credential access/exfiltration.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does not modify other skills' configs. Autonomous invocation is allowed (platform default) but not combined with other high-privilege flags.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install coze-workflow-runner
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /coze-workflow-runner 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
coze-workflow-runner 1.0.0 - Initial release with support for invoking Coze workflows via API. - Enables automation tasks such as generating images and processing data. - Includes documentation for workflow authentication, listing, and invocation using the `cozepy` library. - Provides built-in workflows for short video script analysis (13-level logic) and pet knowledge card image generation. - Details how to handle and download images from returned short URLs.
元数据
Slug coze-workflow-runner
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

coze-workflow-runner 是什么?

调用 Coze 工作流执行自动化任务,支持生成图片、处理数据等操作. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 141 次。

如何安装 coze-workflow-runner?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install coze-workflow-runner」即可一键安装,无需额外配置。

coze-workflow-runner 是免费的吗?

是的,coze-workflow-runner 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

coze-workflow-runner 支持哪些平台?

coze-workflow-runner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 coze-workflow-runner?

由 beilunjuzhen(@hanjin714)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论