← 返回 Skills 市场
du425

eleme-food-recommend

作者 Du425 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
285
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install eleme-food-recommend
功能描述
饿了么外卖推荐技能,根据用户饭点和口味偏好推荐附近外卖
使用说明 (SKILL.md)

饿了么外卖推荐 Skill

根据用户的饭点设置和口味偏好,在饭点前推荐附近外卖店铺的菜品。

功能

  • 设置用户饭点(早餐、午餐、晚餐时间)
  • 设置口味偏好(清淡、重口、微辣、中辣等)
  • 设置每日推荐菜品数量
  • 根据定位获取附近外卖店
  • 智能推荐符合口味的菜品

使用

# 设置用户信息(cookie、饭点、口味、数量)
python main.py set-config --cookie "your_eleme_cookie" --breakfast "07:30" --lunch "11:30" --dinner "18:30" --flavor "清淡" --count 3

# 获取今日推荐
python main.py recommend

# 查看当前配置
python main.py show-config
安全使用建议
This skill appears to do what it claims, but exercise caution before installing or providing secrets. Specific recommendations: - The skill requires you to paste your Ele.me browser session cookie; that cookie grants account access. Only use cookies from accounts you control and avoid pasting them on shared or untrusted machines. - The cookie is stored in plaintext at ~/.openclaw/skills/eleme-food-recommend/config.json. Consider restricting file permissions (chmod 600) or removing the cookie from disk after use. - The eleme_api module disables SSL verification (ssl.verify_mode = CERT_NONE and check_hostname = False). This weakens TLS and makes requests vulnerable to man-in-the-middle interception of your cookie. If you plan to use this, edit create_ssl_context() to use the default, secure SSL context. - Inspect and run the code locally rather than running unknown binaries. Because this is pure Python making HTTP requests, review or modify it to use more secure storage or to accept a short-lived token rather than a full session cookie. - If you want stronger assurance, ask the author for an explanation why SSL verification is disabled and for an option to store credentials encrypted or to use an OAuth/app token instead of a browser cookie.
功能分析
Type: OpenClaw Skill Name: eleme-food-recommend Version: 1.0.0 The skill bundle contains a significant security vulnerability in scripts/eleme_api.py, where SSL certificate verification is explicitly disabled (ssl.CERT_NONE), making the connection susceptible to Man-in-the-Middle (MitM) attacks. Additionally, the skill requires users to input sensitive session cookies, which are stored in plaintext in a local configuration file (~/.openclaw/skills/eleme-food-recommend/config.json). While these are high-risk practices, there is no clear evidence of intentional malice or data exfiltration to unauthorized third-party domains.
能力评估
Purpose & Capability
Name/description match the code: the skill asks the user for an Ele.me cookie and location, stores settings, calls Ele.me endpoints to list restaurants and menus, and filters foods by flavor. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md and README instruct the user to supply their Ele.me cookie (via CLI or copy from browser). The skill reads/writes a config.json in ~/.openclaw/skills/eleme-food-recommend; that storage of a full session cookie is expected for this functionality but is sensitive. The runtime instructions do not attempt to read other system files or environment variables.
Install Mechanism
No install/download steps are present (instruction-only metadata). The repository includes Python scripts that run locally; nothing is downloaded from untrusted URLs or installed automatically.
Credentials
The skill does not request environment variables or external credentials, but it does require the user to provide their Ele.me session cookie. Storing that cookie in a plaintext JSON file in the user's home directory is proportionate to the feature but carries privacy risk: the cookie grants access to the user's Ele.me account and should be treated as a secret.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide configs. It persists only its own config under ~/.openclaw/skills/eleme-food-recommend, which is expected for a user-facing CLI utility.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install eleme-food-recommend
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /eleme-food-recommend 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
first publish
元数据
Slug eleme-food-recommend
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

eleme-food-recommend 是什么?

饿了么外卖推荐技能,根据用户饭点和口味偏好推荐附近外卖. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 285 次。

如何安装 eleme-food-recommend?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install eleme-food-recommend」即可一键安装,无需额外配置。

eleme-food-recommend 是免费的吗?

是的,eleme-food-recommend 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

eleme-food-recommend 支持哪些平台?

eleme-food-recommend 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 eleme-food-recommend?

由 Du425(@du425)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论