功能描述

Query land ownership, leases, landlord info, and land payments. Write operations for payment management and lease renewals.

使用说明 (SKILL.md)

FarmOS Land Portfolio

Name: Farmos Land Portfolio
Author: brianppetty

Track owned and leased land, lease terms, landlord relationships, payments, and annual land costs.

CRITICAL: Data Completeness Rules

NEVER use partial or truncated data. These rules are non-negotiable:

NEVER use /api/integration/dashboard — it truncates results to 5 items. Partial payment data is worse than no data because it creates a false sense of completeness.
ALWAYS use the /all endpoints listed below for complete data.
If an endpoint returns an error or empty results, REPORT THE FAILURE to the user. Do not silently fall back to a different endpoint or present partial data.
ALWAYS state the total count of records returned so the user knows the data is complete. Example: "Found 11 payments due in March totaling $175,058."
If you cannot get complete data, say so explicitly. "I was unable to retrieve complete payment data" is infinitely better than showing 5 of 11 payments.

When This Skill Triggers

"When do our leases expire?"
"What's the rent on the Smith ground?"
"Total land costs this year?"
"Show overdue payments"
"Landlord contact info"
"Cost per acre by parcel"
"List all leased parcels"
"What payments are due in March?"
"Cash requirements for next month"
"Mark payment [X] as paid"
"Mark all March payments paid"
"Renew the Smith lease"
"Preview lease renewals"

Access Control

Lease terms, rent amounts, and landlord info are sensitive business data. Restrict to admin or manager roles only.

Role mapping: Check the sender's role in ~/.openclaw/farmos-users.json. If the user is not admin or manager, tell them they don't have access to land portfolio data.

API Base

http://100.102.77.110:8009

Integration Endpoints (No Auth Required) — READ OPERATIONS ONLY

IMPORTANT: Use auth endpoints for WRITE operations (mark-paid, renewals). Use integration /all endpoints for READ operations (listing payments, leases, landlords).

Payments (FULL — use this, not dashboard)

GET /api/integration/payments/all

Returns ALL payments with full details — parcel names, landlord names, overdue status
Query parameters:
- status — pending, paid, overdue, scheduled
- payment_type — rent, mortgage, property_tax, insurance, improvement, other
- parcel_id — filter by specific parcel
- due_date_from — YYYY-MM-DD range start
- due_date_to — YYYY-MM-DD range end
- crop_year — filter by crop year
Examples:
- All overdue: /api/integration/payments/all?status=overdue
- March 2026 payments: /api/integration/payments/all?due_date_from=2026-03-01&due_date_to=2026-03-31
- All rent payments: /api/integration/payments/all?payment_type=rent

Upcoming Payments (next N days)

GET /api/integration/payments/upcoming?days=30

Returns ALL upcoming payments within N days (no truncation)
Use days=60 or days=90 for longer lookahead

Leases (FULL)

GET /api/integration/leases/all

Returns ALL leases with landlord contact info, rent terms, expiration status
Query parameters:
- status — active, expired
- landlord_id — filter by landlord

Expiring Leases

GET /api/integration/leases/expiring?days=90

Returns ALL leases expiring within N days

Landlords (FULL)

GET /api/integration/landlords/all

Returns ALL landlords with contact info, active lease count, total acres, total rent

Parcels

GET /api/integration/parcels

Returns ALL parcels with ownership type, acres, county
Query parameter: ownership_type — owned, leased

Summary Stats

GET /api/integration/summary

Total acres, owned/leased breakdown, parcel/lease/landlord counts, annual cost

Annual Land Costs (by month and entity)

GET /api/integration/finance/costs?year=2026

Monthly cost breakdown by category (rent, mortgage, tax, insurance)
Entity breakdown
Query parameters: year, entity_id

Cost Per Field (for P&L)

GET /api/integration/finance/cost-per-field?year=2026

Land costs allocated to production fields
Query parameters: year, entity_id

Overdue Items

GET /api/integration/tasks/overdue

All overdue payments and reminders — high priority items

Actionable Items

GET /api/integration/tasks/actionable?days_ahead=30

Upcoming payments, expiring leases, pending reminders

Authenticated Endpoints — WRITE OPERATIONS

These require JWT auth. See Authentication section below.

Authentication

This skill accesses protected FarmOS endpoints that require a JWT token.

To get a token: Run the auth helper with the appropriate role:

TOKEN=$(~/clawd/scripts/farmos-auth.sh admin)

To use the token: Include it as a Bearer token:

curl -H "Authorization: Bearer $TOKEN" http://100.102.77.110:8009/api/endpoint

Token expiry: Tokens last 15 minutes. If you get a 401 response, request a new token.

Mark Single Payment Paid

POST /api/payments/{id}/mark-paid Authorization: Bearer {token} Content-Type: application/json

Body:

{
  "paid_date": "2026-02-15",
  "notes": "Check #1234"
}

Mark Multiple Payments Paid (Bulk)

POST /api/payments/bulk/mark-paid Authorization: Bearer {token} Content-Type: application/json

Body:

{
  "payment_ids": [12, 34, 56],
  "paid_date": "2026-02-15",
  "notes": "Batch check run"
}

Mark Payments Paid by Date Range

POST /api/payments/bulk/mark-paid-by-date Authorization: Bearer {token} Content-Type: application/json

Body:

{
  "due_date_from": "2026-03-01",
  "due_date_to": "2026-03-31",
  "paid_date": "2026-02-15",
  "payment_type": "rent",
  "notes": "March rent payments"
}

Use this when the user says "mark all March payments as paid" or similar bulk date-based operations.

Preview Lease Renewal

POST /api/leases/renewal-preview Authorization: Bearer {token} Content-Type: application/json

Body:

{
  "lease_ids": [5, 12],
  "new_start_date": "2027-03-01",
  "rent_increase_percent": 3.0
}

Returns: Preview of what the renewed leases would look like, including new payment schedules. Use this BEFORE executing bulk renewals so the user can confirm.

Execute Bulk Lease Renewal

POST /api/leases/bulk-renew Authorization: Bearer {token} Content-Type: application/json

Body:

{
  "lease_ids": [5, 12],
  "new_start_date": "2027-03-01",
  "new_end_date": "2028-02-28",
  "new_rent_amount": 52000.00,
  "rent_increase_percent": 3.0,
  "notes": "Annual renewal with 3% increase"
}

IMPORTANT: Always preview first, confirm with user, then execute.

Year-End Rollover Preview

POST /api/payments/year-end-rollover/preview Authorization: Bearer {token} Content-Type: application/json

Body:

{
  "from_year": 2026,
  "to_year": 2027
}

Returns: Preview of payment schedules that would be created for the new crop year.

Year-End Rollover Execute

POST /api/payments/year-end-rollover/execute Authorization: Bearer {token} Content-Type: application/json

Body:

{
  "from_year": 2026,
  "to_year": 2027,
  "apply_rent_increase": true,
  "rent_increase_percent": 2.5
}

IMPORTANT: This creates next year's payment schedules based on current year leases. Always preview first.

FORBIDDEN Endpoints — Do NOT Use

Endpoint	Why
`GET /api/integration/dashboard`	Truncates to 5 items. NEVER use this.

Key Concepts

Parcel: A land unit — either owned or leased.
Lease types: Cash rent, crop share, flex rent.
Lease expiration: Critical to track — approaching expirations need proactive attention.
Land payments: Rent, mortgage, property tax, insurance — each with due dates.

Usage Notes

Lease expiration tracking is the highest-value query — always flag leases expiring within 6 months.
Payment status (due/overdue) is critical — flag overdue payments immediately.
Cost per acre analysis helps compare owned vs leased economics.
Landlord contact info is private — never share outside admin/manager channels.
When asked about "cash requirements" or "what do we owe", always use /api/integration/payments/all with date filtering to get the COMPLETE picture.
For financial planning questions, combine /api/integration/payments/all with /api/integration/finance/costs for the full view.
Write operations: Always use authenticated endpoints for marking payments paid or renewing leases. Preview first when doing bulk operations.
Bulk payment marking: When user says "mark all March payments paid", use the bulk-by-date endpoint rather than individual calls.

安全使用建议

Do not install or enable this skill until you validate a few things: (1) Confirm the skill's origin and trustworthiness — the repo/source is unknown. (2) Inspect ~/clawd/scripts/farmos-auth.sh and ~/.openclaw/farmos-users.json yourself to ensure they are legitimate and do not leak secrets or run unsafe commands. (3) Require the skill to declare the config paths and any credentials it needs in its metadata (e.g., config_paths for the users JSON and an explicit note that it will execute a local auth helper). (4) Enforce strict access control: only allow admins/managers to invoke the skill and disable autonomous invocation for write operations (or require explicit user confirmation for any POST/write). (5) Verify the API base (http://100.102.77.110:8009) is an expected internal endpoint; running the skill will cause network calls to that host. (6) If you must test, run the skill in an isolated/sandboxed environment and audit the commands it executes. The core issue is a metadata/instruction mismatch — the runtime asks for local file reads and script execution that are not declared, and those actions can enable destructive changes (marking payments paid, renewing leases).

功能分析

Type: OpenClaw Skill Name: farmos-land-portfolio Version: 1.0.0 The skill is classified as suspicious due to instructions in `SKILL.md` that grant the AI agent direct file system access and arbitrary command execution capabilities. Specifically, the agent is instructed to read `~/.openclaw/farmos-users.json` for access control and to execute a shell script `~/clawd/scripts/farmos-auth.sh` to obtain an authentication token. While the stated purpose for these actions (access control, authentication) is legitimate, relying on direct file system reads and shell script execution introduces significant vulnerabilities (e.g., RCE risk) that could be exploited if the agent's environment or the referenced scripts/files were compromised. There is no clear evidence of intentional malicious behavior, but these are critical security flaws.

能力评估

⚠ Purpose & Capability

The declared purpose (query/manage land, payments, lease renewals) legitimately includes read and write operations. However, the skill's instructions expect access to a local auth helper (~/clawd/scripts/farmos-auth.sh) and a role file (~/.openclaw/farmos-users.json) which are not declared in the metadata. Either those local artifacts should be declared as required config/credentials or the instructions are incomplete/opaque.

⚠ Instruction Scope

SKILL.md explicitly directs the agent to read a local file (~/.openclaw/farmos-users.json) to validate roles and to run a shell script in the user's home to obtain an admin JWT. Those are file- and execution-level actions outside the metadata's declared scope. The instructions also require using admin-level tokens to perform write operations (mark payments paid, renew leases) — potentially destructive if misused.

✓ Install Mechanism

There is no install spec and no code files, so nothing will be written to disk by an installer. This lowers installation risk. The remaining risk derives from runtime instructions that execute local scripts and call network endpoints.

⚠ Credentials

The skill requires JWTs for write actions and prescribes a local script to obtain them, but the registry lists no required environment variables, credentials, or config paths. The skill also instructs the agent to read a local role file — a capability that should be declared and permissioned. The lack of declared credentials/config paths is a proportionality mismatch.

ℹ Persistence & Privilege

The skill is not force-included (always:false) and allows user invocation; autonomous invocation is permitted by platform default. Because the skill can obtain admin JWTs and perform writes, you should consider restricting autonomous invocation or requiring explicit user confirmation before any write operation. The skill does not request persistent platform privileges in its metadata.

版本历史

v1.0.0

Initial release of farmos-land-portfolio — a skill to manage and report on farm land ownership, leases, landlords, and payment operations. - Enables querying of land parcels, lease terms/expirations, landlord contact info, and land payment status. - Strictly enforces use of complete (untruncated) data via `/all` endpoints; warns user if full data unavailable. - Supports marking payments as paid and lease renewal workflows (with preview/confirmation), using authenticated endpoints. - Comprehensive access control: only available to admin/manager roles; all other users receive clear access denied messages. - Documentation highlights key usage, data integrity rules, endpoint purposes, and examples for common queries.

元数据

Slug farmos-land-portfolio

版本 1.0.0

许可证 —

累计安装 2

当前安装数 2

历史版本数 1

常见问题