← 返回 Skills 市场
260
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install moss-last30days
功能描述
Research any topic from the last 30 days on Reddit + X + Web, synthesize findings, and write copy-paste-ready prompts. Use when the user wants recent social/...
安全使用建议
What to consider before installing: 1) Review the bundled Python files yourself (or have someone you trust) before running; the package contains executable code that will make network calls. 2) The skill will create ~/.config/last30days/.env and ~/.cache/last30days if you follow SKILL.md — these will store API keys and cached results. Only add OPENAI_API_KEY/XAI_API_KEY if you trust the source. 3) The SKILL.md contains a detected prompt-injection pattern and strong directives about agent behavior; treat those as suspicious and inspect the full SKILL.md (truncated parts) to understand what it asks the model to do. 4) If you want to try it, run it in an isolated environment (container or throwaway account) without real API keys first (use --mock or fixtures) to observe behavior. 5) If you need higher assurance, ask the publisher for provenance (homepage, owner contact) or prefer a skill with an explicit registry declaration of required env vars.
功能分析
Type: OpenClaw Skill
Name: moss-last30days
Version: 1.0.0
The 'last30days' skill bundle is a research tool designed to synthesize recent data from Reddit, X (Twitter), and the web. The code logic in 'scripts/last30days.py' and its supporting libraries ('lib/openai_reddit.py', 'lib/xai_x.py') correctly implements the stated functionality using legitimate API endpoints for OpenAI and xAI. Security analysis shows standard configuration management in '~/.config/last30days/.env' with appropriate file permissions (chmod 600), and no evidence of data exfiltration, unauthorized execution, or malicious prompt injection was found. The 'promo' messages and 'gpt-5' model references appear to be harmless marketing or future-proofing by the developer.
能力评估
Purpose & Capability
Name/description (research last 30 days on Reddit/X/Web) align with the included code: modules search Reddit via OpenAI Responses API, X via xAI, and perform web search. However registry metadata lists no required env vars while SKILL.md and code clearly expect optional OPENAI_API_KEY and XAI_API_KEY and several model-policy vars; that's an inconsistency in declarations (not necessarily malicious, but confusing).
Instruction Scope
SKILL.md directs running the bundled Python script which will make network calls and may create ~/.config/last30days/.env and cache files. The SKILL.md contains strong, directive language about how the agent should behave (e.g., 'Do NOT output "Sources:" list', 'Use TaskOutput to get the script results', and the pre-scan found a prompt-injection pattern 'you-are-now'). Presence of prompt-injection-like phrases in runtime instructions is a red flag because it could attempt to manipulate model behavior during synthesis.
Install Mechanism
No install spec (instruction-only) — low installer risk. But the skill includes 17+ Python files that will be executed if the script is run; code is present in the bundle despite lack of install instructions. This means arbitrary code will run locally when the user follows SKILL.md; users should review the code before executing.
Credentials
Requested credentials (OPENAI_API_KEY, XAI_API_KEY and optional model policy/pin envs) are proportionate to the stated functionality (calling OpenAI/xAI endpoints). However the registry declared no required env vars while SKILL.md instructs optional key setup and code reads ~/.config/last30days/.env — the mismatch could lead to surprises. The skill stores API keys in a local file if user follows SKILL.md; consider implications before adding secrets.
Persistence & Privilege
always:false and no global agent-modification behavior. The skill writes cache and config under the user's home (~/.cache/last30days and ~/.config/last30days) and caches selected model info; this is expected but gives it persistent local presence. It does network calls to third-party APIs (OpenAI/xAI/Reddit). No evidence it modifies other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install moss-last30days - 安装完成后,直接呼叫该 Skill 的名称或使用
/moss-last30days触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
last30days 1.0.0 – Initial Release
- Launches a research skill for surfacing recent discussions, recommendations, and news from Reddit, X, and the web about any topic from the last 30 days.
- Automatically parses user intent: topic, target tool, and research query type (Recommendations, News, Prompting, or General).
- Works in three modes depending on API keys: full (Reddit + X + Web), partial (Reddit- or X-only + Web), and web-only (no keys required).
- Synthesizes findings by prioritizing Reddit/X (with engagement data) and supplements with broader web results.
- Provides setup instructions for optional API keys, but works out of the box without them.
- Ensures output lists actionable, copy-paste-ready insights or prompt examples tailored to recent trends.
元数据
常见问题
Moss Last30Days 是什么?
Research any topic from the last 30 days on Reddit + X + Web, synthesize findings, and write copy-paste-ready prompts. Use when the user wants recent social/... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 260 次。
如何安装 Moss Last30Days?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install moss-last30days」即可一键安装,无需额外配置。
Moss Last30Days 是免费的吗?
是的,Moss Last30Days 完全免费(开源免费),可自由下载、安装和使用。
Moss Last30Days 支持哪些平台?
Moss Last30Days 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Moss Last30Days?
由 jiangwzh(@jiangwzh)开发并维护,当前版本 v1.0.0。
推荐 Skills