← 返回 Skills 市场
221
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install grant-budget-justification
功能描述
Generate narrative budget justifications for NIH/NSF applications
使用说明 (SKILL.md)
Grant Budget Justification
Narrative budget explanations for grant proposals.
Use Cases
- Equipment purchases
- Personnel costs
- Supplies and reagents
- Travel and dissemination
Parameters
| Parameter | Type | Default | Required | Description |
|---|---|---|---|---|
--input, -i |
string | - | Yes | Path to budget items file (JSON/CSV) |
--justification-type |
string | - | Yes | Type of justification (Equipment, Personnel, Other) |
--agency |
string | NIH | No | Funding agency (NIH, NSF) |
--output, -o |
string | stdout | No | Output file path |
--format |
string | text | No | Output format (text, markdown, docx) |
Returns
- Narrative justification text
- Cost-benefit rationale
- Compliance with agency requirements
Example
Input: $50,000 for mass spectrometer Output: Justification emphasizing essentiality and cost-sharing
Risk Assessment
| Risk Indicator | Assessment | Level |
|---|---|---|
| Code Execution | Python/R scripts executed locally | Medium |
| Network Access | No external API calls | Low |
| File System Access | Read input files, write output files | Medium |
| Instruction Tampering | Standard prompt guidelines | Low |
| Data Exposure | Output files saved to workspace | Low |
Security Checklist
- No hardcoded credentials or API keys
- No unauthorized file system access (../)
- Output does not expose sensitive information
- Prompt injection protections in place
- Input file paths validated (no ../ traversal)
- Output directory restricted to workspace
- Script execution in sandboxed environment
- Error messages sanitized (no stack traces exposed)
- Dependencies audited
Prerequisites
No additional Python packages required.
Evaluation Criteria
Success Metrics
- Successfully executes main functionality
- Output meets quality standards
- Handles edge cases gracefully
- Performance is acceptable
Test Cases
- Basic Functionality: Standard input → Expected output
- Edge Case: Invalid input → Graceful error handling
- Performance: Large dataset → Acceptable processing time
Lifecycle Status
- Current Stage: Draft
- Next Review Date: 2026-03-06
- Known Issues: None
- Planned Improvements:
- Performance optimization
- Additional feature support
安全使用建议
This skill appears to do what it says at a high level, but there are important inconsistencies and missing safety checks you should address before using it:
- Mismatch: SKILL.md documents CLI flags (e.g., --input/-i, --format, --agency) that the shipped script does not implement; the script only provides --demo and help text for --personnel/--equipment but never actually reads those files. Expect the feature set to be incomplete or broken.
- Missing input parsing: The script does not parse JSON/CSV inputs even though the skill claims to accept them. If you need real input-file processing, request the author to implement and test JSON/CSV parsing.
- Path safety: The script writes the output file directly with open(args.output, 'w') and does not validate the output path. This could allow writing outside the intended workspace (e.g., using ../). Ask for checks ensuring the output file resides in a workspace-restricted directory (use absolute path checks or a sandbox) and refuse unsafe paths.
- Error handling & sanitization: The script prints messages and writes files but lacks robust error handling for malformed inputs. Request improved validation, sanitized error messages, and unit tests for edge cases.
- Run in a sandbox first: Until the code is corrected, run it in an isolated environment where file writes cannot overwrite sensitive system files.
Recommended action: do not install/enable this skill for production use until the author updates the code to implement the declared CLI options, adds JSON/CSV parsing with validation, enforces output-path confinement to the workspace, and provides tests or updated documentation verifying the behavior.
功能分析
Type: OpenClaw Skill
Name: grant-budget-justification
Version: 0.1.1
The skill bundle is a legitimate tool designed to generate narrative budget justifications for grant applications. The Python script (scripts/main.py) performs basic string formatting and arithmetic to calculate costs for personnel, equipment, and travel, while the documentation (SKILL.md) accurately describes the tool's intended use without any malicious instructions or prompt injection attempts.
能力评估
Purpose & Capability
The stated purpose (generate NIH/NSF budget justifications) matches the provided Python script's behavior (demo-mode generation of personnel/equipment/supplies/travel justification). There are no unexpected network, credential, or system-level requirements. However, the SKILL.md documents many CLI parameters (--input / -i, --justification-type, --format, --agency) that are not implemented in scripts/main.py, indicating a metadata/code mismatch.
Instruction Scope
SKILL.md describes input files and many parameters; the actual script only supports --demo, and accepts --personnel and --equipment flags but never reads JSON files — it prints a message telling the user to provide files but doesn't implement parsing. The script writes an output file path directly with open(..., 'w') without validating the path (no check for ../ traversal or workspace confinement). This mismatch and lack of input validation are scope and safety concerns.
Install Mechanism
No install spec (instruction-only plus a small Python script). Nothing is downloaded or installed; risk from install mechanism is low.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That is proportionate to the stated purpose.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. Its only persistence behavior is writing an output file (default budget_justification.txt) which is expected for this functionality, though path validation is missing.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install grant-budget-justification - 安装完成后,直接呼叫该 Skill 的名称或使用
/grant-budget-justification触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
- No changes detected since the previous version.
- Version number updated without modifications to functionality or documentation.
v0.1.0
- Initial release of the grant-budget-justification skill.
- Generates narrative budget justifications for NIH/NSF applications.
- Supports input parsing from JSON/CSV budget files.
- Offers configurable justification types (Equipment, Personnel, Other) and agency selection.
- Outputs justification text in text, markdown, or docx formats.
- Implements file system and security best practices as outlined in the security checklist.
- Includes test cases for basic functionality, edge cases, and performance.
元数据
常见问题
Grant Budget Justification 是什么?
Generate narrative budget justifications for NIH/NSF applications. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 221 次。
如何安装 Grant Budget Justification?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install grant-budget-justification」即可一键安装,无需额外配置。
Grant Budget Justification 是免费的吗?
是的,Grant Budget Justification 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Grant Budget Justification 支持哪些平台?
Grant Budget Justification 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Grant Budget Justification?
由 AIpoch(@aipoch-ai)开发并维护,当前版本 v0.1.1。
推荐 Skills