← 返回 Skills 市场
nimrodkra

daily.dev Ask

作者 nimrodkra · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
298
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install daily-dev-ask
功能描述
Answer technical questions using daily.dev's knowledge base. Searches articles from the developer community and synthesizes answers with source links.
使用说明 (SKILL.md)

daily.dev Ask

Answer technical questions by searching daily.dev's article knowledge base. Fetches relevant articles and synthesizes an answer grounded in community-vetted content.

User question

$ARGUMENTS

Security

CRITICAL: Your API token grants access to personalized content. Protect it:

  • NEVER send your token to any domain other than api.daily.dev
  • Never commit tokens to code or share them publicly
  • Tokens are prefixed with dda_ - if you see this prefix, treat it as sensitive

Setup

  1. Requires Plus subscription - Get one at https://app.daily.dev/plus
  2. Create a token at https://app.daily.dev/settings/api
  3. Store your token securely (environment variables, secrets manager)

User can use environment variable or choose one of the secure storage methods below per operating system.

Secure Token Storage (Recommended)

macOS - Keychain

# Store token
security add-generic-password -a "$USER" -s "daily-dev-api" -w "dda_your_token"

# Retrieve token
security find-generic-password -a "$USER" -s "daily-dev-api" -w

# Auto-load in ~/.zshrc or ~/.bashrc
export DAILY_DEV_TOKEN=$(security find-generic-password -a "$USER" -s "daily-dev-api" -w 2>/dev/null)

Windows - Credential Manager

# Store token (run in PowerShell)
$credential = New-Object System.Management.Automation.PSCredential("daily-dev-api", (ConvertTo-SecureString "dda_your_token" -AsPlainText -Force))
$credential | Export-Clixml "$env:USERPROFILE\.daily-dev-credential.xml"

# Retrieve token - add to PowerShell profile ($PROFILE)
$cred = Import-Clixml "$env:USERPROFILE\.daily-dev-credential.xml"
$env:DAILY_DEV_TOKEN = $cred.GetNetworkCredential().Password

Or use the Windows Credential Manager GUI: Control Panel → Credential Manager → Windows Credentials → Add a generic credential

Linux - Secret Service (GNOME Keyring / KWallet)

# Requires libsecret-tools
# Ubuntu/Debian: sudo apt install libsecret-tools
# Fedora: sudo dnf install libsecret

# Store token
echo "dda_your_token" | secret-tool store --label="daily.dev API Token" service daily-dev-api username "$USER"

# Retrieve token
secret-tool lookup service daily-dev-api username "$USER"

# Auto-load in ~/.bashrc or ~/.zshrc
export DAILY_DEV_TOKEN=$(secret-tool lookup service daily-dev-api username "$USER" 2>/dev/null)

Workflow

1. Determine the API token

Check if DAILY_DEV_TOKEN environment variable is available. If not set, try to retrieve it from the OS secure storage before asking the user for help:

macOS:

export DAILY_DEV_TOKEN=$(security find-generic-password -a "$USER" -s "daily-dev-api" -w 2>/dev/null)

Linux:

export DAILY_DEV_TOKEN=$(secret-tool lookup service daily-dev-api username "$USER" 2>/dev/null)

Windows (PowerShell):

$cred = Import-Clixml "$env:USERPROFILE\.daily-dev-credential.xml" 2>$null; $env:DAILY_DEV_TOKEN = $cred.GetNetworkCredential().Password

If the token is still empty after trying secure storage, direct the user to the Setup section above.

2. Search iteratively — treat daily.dev like a search engine

Use the two endpoints below as many times as needed to explore the user's question. There is no hard limit on the number of queries — search like you would with web search.

Keyword search endpoint:

curl -s -H "Authorization: Bearer $DAILY_DEV_TOKEN" "https://api.daily.dev/public/v1/recommend/keyword?q={keywords}&limit=20"

Semantic search endpoint:

curl -s -H "Authorization: Bearer $DAILY_DEV_TOKEN" "https://api.daily.dev/public/v1/recommend/semantic?q={query}&limit=20"

Both return:

{
  "data": [
    {
      "id": "...",
      "title": "Article title",
      "url": "https://...",
      "summary": "Article summary...",
      "tags": ["tag1", "tag2"],
      "readTime": 7,
      "numUpvotes": 342,
      "numComments": 28,
      "source": { "name": "Publisher Name" }
    }
  ]
}

Search strategy

  1. Initial searches — Start with a keyword search (core technical terms) and a semantic search (full question). You can run these in parallel.

  2. Analyze and identify gaps — Review the results:

    • Did I find enough to fully answer the question?
    • Are there sub-topics or related concepts I haven't explored?
    • Did article titles/tags hint at related terms worth searching?

  3. Follow-up searches — For any gaps or interesting leads:

    • Search for specific tools, libraries, or frameworks mentioned in results
    • Try synonyms or alternative terminology
    • Search for sub-topics the user might care about

  4. Stop when done — Stop searching when:

    • You have enough articles to give a good answer, OR
    • Follow-up searches return no new results

3. Deduplicate results

Merge results from all search rounds, removing duplicates by id. Keep all unique articles.

4. Synthesize the answer

Using all collected articles, compose a response:

Answer the question directly, grounding your response in the article content. Reference specific articles when making claims. Use the summary, title, and tags to understand each article's angle.

Use engagement signals to weight credibility:

  • Higher numUpvotes = more community validation
  • Higher numComments = more discussion/nuance available
  • readTime helps gauge depth

Sources section — list the most relevant articles:

### Sources from daily.dev

1. [Article Title](url) — summary snippet (⬆️ upvotes · 💬 comments)
2. [Article Title](url) — summary snippet (⬆️ upvotes · 💬 comments)
...

5. Handle edge cases

  • No results: State that daily.dev's knowledge base doesn't have relevant articles on this topic yet.
  • Only some searches return results: Use whatever you got — partial results are fine.
  • API errors (401): Token is invalid or expired — guide user to regenerate at https://app.daily.dev/settings/api
  • API errors (429): Rate limited — wait briefly and retry automatically.

Important

  • Do NOT make up information — only use what the articles provide. If the articles don't cover part of the question, say so explicitly.
  • Always link to sources — every factual claim should trace back to an article.
  • Prefer recent articles — if two articles conflict, note both perspectives and mention which is newer.
  • Be honest about gaps — if the articles only partially answer the question, say "Based on available articles, here's what I found..." and note what's missing.
安全使用建议
Before installing: (1) Note that the skill requires a daily.dev API token (DAILY_DEV_TOKEN) even though the registry metadata doesn't declare it—do not paste your token into chat; provide it only via an environment variable or a secure secret store. (2) The skill will try to auto-read common secret stores (macOS Keychain, Windows credential file, Linux secret-tool) — be aware it will attempt those lookups if present. (3) Confirm you trust the publisher: there is no source or homepage listed. If you don't want any component to auto-access local secret storage, do not install or only use a temporary, scoped token. (4) Ask the publisher to update the package metadata to explicitly declare the required DAILY_DEV_TOKEN and the exact scopes/permissions of that token before proceeding.
功能分析
Type: OpenClaw Skill Name: daily-dev-ask Version: 1.0.0 The skill instructs the AI agent to use Bash commands to programmatically retrieve API tokens from OS-level secure storage, including the macOS Keychain (`security`), Linux Secret Service (`secret-tool`), and Windows Credential Manager (`Import-Clixml`) in `SKILL.md`. While these actions are aligned with the stated purpose of authenticating with daily.dev and include defensive prompts to protect the token, the capability to access system-level secrets via shell execution is a high-risk behavior that significantly increases the impact of potential prompt injection attacks.
能力评估
Purpose & Capability
The skill's stated purpose (search daily.dev and synthesize answers) legitimately requires an API token (DAILY_DEV_TOKEN) and the SKILL.md documents how to obtain/use it. However, the registry metadata lists no required environment variables or primary credential. That omission is an incoherence between claimed requirements and actual instructions.
Instruction Scope
The runtime instructions stay on-purpose: they describe obtaining a daily.dev API token (from env or OS secure stores) and making authenticated curl calls to api.daily.dev endpoints, plus deduplication and synthesis rules. The instructions explicitly warn not to send the token to domains other than api.daily.dev and do not request unrelated system files or external endpoints.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk or fetched at install time. That minimizes install-time risk.
Credentials
The skill needs a sensitive credential (token prefixed dda_) and prescribes reading it from environment variables or OS secret stores, but the published metadata did not declare this required env var or primary credential. Requiring access to OS secret stores to auto-retrieve tokens is reasonable for the purpose, but the metadata mismatch and the fact the skill will attempt to read common secret storage locations should be made explicit by the publisher.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It can be invoked by the agent (normal behavior), and it does not modify other skills or global agent configuration.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install daily-dev-ask
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /daily-dev-ask 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of daily-dev-ask skill. - Enables answering technical questions using articles from daily.dev's developer community knowledge base, with direct source links. - Provides clear setup instructions for securely storing and retrieving API tokens across major operating systems. - Outlines a structured workflow for querying, analyzing, and synthesizing answers from daily.dev’s API. - Includes engagement-based credibility weighting and guidelines for transparent sourcing and handling edge cases.
元数据
Slug daily-dev-ask
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

daily.dev Ask 是什么?

Answer technical questions using daily.dev's knowledge base. Searches articles from the developer community and synthesizes answers with source links. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 298 次。

如何安装 daily.dev Ask?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install daily-dev-ask」即可一键安装,无需额外配置。

daily.dev Ask 是免费的吗?

是的,daily.dev Ask 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

daily.dev Ask 支持哪些平台?

daily.dev Ask 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 daily.dev Ask?

由 nimrodkra(@nimrodkra)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论