← 返回 Skills 市场
137
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install normieclaw-daily-briefing
功能描述
Stop spending your mornings hunting for news, trends, and updates across a dozen tabs. The Supercharged Daily Briefing turns OpenClaw into a production-grade...
安全使用建议
This package appears coherent with its stated purpose, but take these simple precautions before installing:
- Inspect and (if you can) run the included setup validation: ./scripts/briefing-scheduler.sh --check. Note: the scheduler script has a broken/strange find_skill_root implementation — review/fix it before wide use.
- Ensure your environment has the expected utilities (bash shell, python3, grep, cp, chmod). The metadata didn't list python3 but the script invokes it.
- SKILL.md asks the agent to fetch external HTTP(S) sources. Confirm your agent's web_fetch/web_search implementations behave as you expect and that you only approve sources you trust.
- The skill stores data locally (data/ and config/). If you plan to enable the optional dashboard or sync to Supabase/Postgres, review those components separately — they may require externally hosted services.
- The pre-scan flagged a prompt-injection string; this skill includes explicit defenses against injection, but remain cautious: avoid installing in environments with sensitive host-local services exposed (the skill explicitly blocks localhost/private IPs when fetching, but it's good to verify your agent enforces that).
If you want higher assurance, run the setup steps in an isolated workspace, confirm file permissions, and manually fix the small script bug before enabling scheduled runs.
功能分析
Type: OpenClaw Skill
Name: normieclaw-daily-briefing
Version: 1.0.3
The Supercharged Daily Briefing skill is a well-structured news aggregation system with a strong emphasis on security. The SKILL.md file contains explicit and robust prompt-injection defenses, instructing the agent to treat all external content as untrusted data and strictly blocking access to localhost or private network ranges. The included shell script (scripts/briefing-scheduler.sh) and setup instructions (SETUP-PROMPT.md) are limited to local environment validation and file management, utilizing appropriate permission hardening (chmod 600/700) without any evidence of data exfiltration, malicious execution, or unauthorized persistence.
能力评估
Purpose & Capability
The skill's name and description (discover sources, fetch feeds, synthesize briefings) match the instructions and files: SKILL.md, local JSON registries, and a scheduler script. One minor mismatch: the package metadata lists no required binaries, but scripts call python3 and standard POSIX tools (mkdir, chmod, grep, cp); that should be declared but is proportionate to the purpose.
Instruction Scope
Runtime instructions operate on local workspace files (config/, data/, scripts/) and on user-approved web URLs via web_search/web_fetch. The SKILL.md explicitly includes a prompt-injection defense and URL safety rules (only http/https, block localhost/private IPs). The setup prompt asks the agent to copy files into the workspace and set permissions — expected for installation, and the skill does not instruct reading unrelated user files or sending data to unknown endpoints.
Install Mechanism
No remote install/downloads or extracted archives are present; it's an instruction-only skill that copies provided files into the workspace. This is low risk. Note: there is no install spec but SETUP-PROMPT.md will copy scripts into place — everything stays local.
Credentials
The skill declares no environment variables, credentials, or external telemetry. Dashboard/add-on docs mention optional Supabase/Postgres if you choose to deploy a dashboard, but that is optional and not required by the core skill.
Persistence & Privilege
always:false and no requests to modify other skills or global agent settings. The setup copies files and changes permissions for its own workspace — normal for a local skill. Autonomous invocation remains allowed (platform default) but the skill does not request elevated or persistent cross-skill privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install normieclaw-daily-briefing - 安装完成后,直接呼叫该 Skill 的名称或使用
/normieclaw-daily-briefing触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
v1.0.3: Security fixes: confined scripts to skill directory, removed filesystem traversal from setup
v1.0.2
v1.0.2: MIT license, cleaned descriptions, removed cross-sell
v1.0.1
Added rich descriptions and frontmatter.
v1.0.0
Initial publish from NormieClaw.ai - Free OpenClaw skills for everyone.
元数据
常见问题
Supercharged Daily Briefing 是什么?
Stop spending your mornings hunting for news, trends, and updates across a dozen tabs. The Supercharged Daily Briefing turns OpenClaw into a production-grade... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 137 次。
如何安装 Supercharged Daily Briefing?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install normieclaw-daily-briefing」即可一键安装,无需额外配置。
Supercharged Daily Briefing 是免费的吗?
是的,Supercharged Daily Briefing 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Supercharged Daily Briefing 支持哪些平台?
Supercharged Daily Briefing 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Supercharged Daily Briefing?
由 Nollio(@nollio)开发并维护,当前版本 v1.0.3。
推荐 Skills