← 返回 Skills 市场
aipoch-ai

Dei Statement Drafter

作者 AIpoch · GitHub ↗ · v0.1.2 · MIT-0
cross-platform ⚠ suspicious
212
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install dei-statement-drafter
功能描述
Draft Diversity, Equity, and Inclusion statements for academic applications
使用说明 (SKILL.md)

DEI Statement Drafter

Draft Diversity, Equity, and Inclusion (DEI) statements for academic job applications and grant proposals.

Usage

python scripts/main.py --template faculty --experiences experiences.txt

Parameters

Parameter Type Default Required Description
--template, -t string faculty No Statement template (faculty, postdoc, grant)
--experiences, -e string - No File with DEI-related experiences
--output, -o string - No Output file path
--best-practices, -b flag - No Show DEI statement best practices

Statement Components

  • Personal background and perspective
  • DEI-related experiences
  • Future plans and commitment
  • Specific actions and initiatives

Output

  • Structured DEI statement
  • Section suggestions
  • Best practice tips

Risk Assessment

Risk Indicator Assessment Level
Code Execution Python/R scripts executed locally Medium
Network Access No external API calls Low
File System Access Read input files, write output files Medium
Instruction Tampering Standard prompt guidelines Low
Data Exposure Output files saved to workspace Low

Security Checklist

  • No hardcoded credentials or API keys
  • No unauthorized file system access (../)
  • Output does not expose sensitive information
  • Prompt injection protections in place
  • Input file paths validated (no ../ traversal)
  • Output directory restricted to workspace
  • Script execution in sandboxed environment
  • Error messages sanitized (no stack traces exposed)
  • Dependencies audited

Prerequisites

No additional Python packages required.

Evaluation Criteria

Success Metrics

  • Successfully executes main functionality
  • Output meets quality standards
  • Handles edge cases gracefully
  • Performance is acceptable

Test Cases

  1. Basic Functionality: Standard input → Expected output
  2. Edge Case: Invalid input → Graceful error handling
  3. Performance: Large dataset → Acceptable processing time

Lifecycle Status

  • Current Stage: Draft
  • Next Review Date: 2026-03-06
  • Known Issues: None
  • Planned Improvements:
    • Performance optimization
    • Additional feature support
安全使用建议
This skill is coherent with its stated purpose and contains only a small Python script, but the README's security checklist promises protections (input path validation, sanitized errors, sandboxing) that the code does not implement. Before running: (1) inspect the script yourself (you already have it) and confirm it meets your safety requirements; (2) do not point --experiences at sensitive system files (e.g., ~/.ssh, /etc/passwd) because the script will read whatever path you provide; (3) avoid running with an output path that could overwrite important files; (4) run it in a sandbox/container or with limited filesystem permissions if you want extra safety; and (5) if you plan to use this in an automated agent, consider adding explicit path validation and error handling to the code to enforce the checklist items the SKILL.md lists.
功能分析
Type: OpenClaw Skill Name: dei-statement-drafter Version: 0.1.2 The skill contains a path traversal vulnerability in `scripts/main.py`, as it accepts arbitrary file paths for the `--experiences` and `--output` arguments without any sanitization or validation. This allows for reading sensitive system files or overwriting critical files if the agent is directed to do so. Furthermore, `SKILL.md` includes a security checklist claiming that input paths are validated and restricted to the workspace, which is factually incorrect based on the provided code logic.
能力评估
Purpose & Capability
Name/description match the actual code: a simple local Python script that generates DEI statement text from built-in templates and optionally reads an experiences file and writes output. No unexplained dependencies, credentials, or network access are requested.
Instruction Scope
SKILL.md and usage describe reading an experiences file and writing output (which the code does). However the documentation's security checklist claims path validation (no ../ traversal), prompt-injection protections, and sanitized error messaging — none of these protections are implemented in scripts/main.py. The script opens a user-supplied file path with no validation and writes to the given output path without checks, which could allow accidental exposure or overwriting of files if misused.
Install Mechanism
No install spec and no external packages required; the skill is instruction-only plus a small Python script, so nothing is downloaded or installed during skill use.
Credentials
No environment variables, credentials, or config paths are requested. The only sensitive operation is reading a user-supplied file path and writing an output file — operations consistent with the stated purpose.
Persistence & Privilege
Skill does not request persistent presence (always: false), does not modify other skills or system configuration, and does not store credentials or enable autonomous escalation.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install dei-statement-drafter
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /dei-statement-drafter 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.2
- No changes detected in this release. - Version remains the same as the previous release.
v0.1.1
No user-facing changes in this version. - No file changes detected. - Version number remains unchanged. - No new features, bug fixes, or documentation updates.
v0.1.0
- Initial release of dei-statement-drafter skill for drafting Diversity, Equity, and Inclusion statements. - Supports templates for faculty, postdoc, and grant applications. - Accepts user-provided DEI experiences and generates structured statements with section suggestions. - Includes best practice tips and customizable output options. - Medium risk level assessed; includes comprehensive security and risk assessment checklist.
元数据
Slug dei-statement-drafter
版本 0.1.2
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

Dei Statement Drafter 是什么?

Draft Diversity, Equity, and Inclusion statements for academic applications. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 212 次。

如何安装 Dei Statement Drafter?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install dei-statement-drafter」即可一键安装,无需额外配置。

Dei Statement Drafter 是免费的吗?

是的,Dei Statement Drafter 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Dei Statement Drafter 支持哪些平台?

Dei Statement Drafter 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Dei Statement Drafter?

由 AIpoch(@aipoch-ai)开发并维护,当前版本 v0.1.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论