← 返回 Skills 市场
109
总下载
0
收藏
1
当前安装
3
版本数
在 OpenClaw 中安装
/install officecli-financial-model
功能描述
Use this skill when the user wants to build a financial model, 3-statement model, DCF valuation, cap table, scenario analysis, or financial projections in Ex...
安全使用建议
This skill otherwise looks coherent for its stated purpose, but before installing or running it consider: 1) Do NOT blindly run the curl | bash or PowerShell irm -> install.ps1 commands. Inspect the repository and the install.sh script yourself (or link to a signed release). 2) Prefer installing officecli via a vetted package (official package manager or a GitHub release asset with checksum/signature) and verify hashes. 3) If you must try this skill, run the installation in an isolated environment (VM/container) or on a non-sensitive machine first. 4) Ask the publisher for an install manifest, signed release, or to include a proper install spec in the registry so you can review what will be written/executed. 5) If you cannot verify the install script, decline installation — the modeling instructions themselves are useful but rely on an external binary that must be trusted.
功能分析
Type: OpenClaw Skill
Name: officecli-financial-model
Version: 1.0.2
The skill bundle includes a mandatory 'BEFORE YOU START' section in `SKILL.md` that instructs the AI agent to download and execute a shell script from a remote GitHub repository (`https://raw.githubusercontent.com/iOfficeAI/OfficeCli/main/install.sh`) every time the skill is triggered. This `curl | bash` pattern (and its PowerShell equivalent) is a high-risk behavior that enables remote code execution and poses a significant supply chain risk. While the detailed financial modeling logic in `creating.md` appears legitimate and aligned with the stated purpose, the requirement for automated remote script execution without user intervention is a major security concern.
能力评估
Purpose & Capability
The name, description, and detailed build steps align with creating formula-driven, multi-sheet financial models. The instructions consistently use an external CLI (officecli) for batch operations, which explains the dependency on that tool. Minor mismatch: the registry entry declares no install spec, yet the SKILL.md requires installing an external binary at runtime.
Instruction Scope
SKILL.md instructs the agent to run shell/PowerShell commands that will fetch and execute a remote install script (curl raw.githubusercontent.com ... | bash and a PowerShell irm alternative). That action downloads and runs code from the network without checksum or signature verification. Other than that, the instructions stay within modeling scope (creating sheets, formulas, validations) and do not request unrelated files, environmental secrets, or data exfiltration.
Install Mechanism
There is no declared install spec, but the runtime instructions direct fetching and executing an installer from a GitHub raw URL (raw.githubusercontent.com) and use the GitHub releases API to check versions. While GitHub is a common host, executing an arbitrary install.sh from a remote repo without integrity checks or pinned release artifacts is high-risk. The script would run with user privileges and could install persistent binaries.
Credentials
The skill requires no credentials, no config paths, and no special environment variables. The SKILL.md references only transient env values (e.g., $env:TEMP, /tmp) and local workbook paths, which are reasonable for an Excel-building tool. No secret exfiltration or unrelated credential access is requested.
Persistence & Privilege
Metadata does not request always-on or elevated privileges. However, the instructions encourage installing a persistent external CLI (officecli) on the host; installing that binary gives the skill (or an operator) the ability to run that tool later. If you allow the install, you are granting persistent executable presence on the system, increasing blast radius if the binary is malicious or compromised.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install officecli-financial-model - 安装完成后,直接呼叫该 Skill 的名称或使用
/officecli-financial-model触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Added a new file: creating.md.
- No changes to existing functionality or documentation content.
- Version bump to 1.0.2.
v1.0.1
## officecli-financial-model v1.0.1
- Removed the sample file `creating.md`.
- Minor update to installation instructions in the "BEFORE YOU START" section (more robust scripted download and cleanup).
- No changes to functionality or core modeling behavior.
v1.0.0
Initial release of the officecli-financial-model skill.
- Generates full financial models in Excel, including Income Statement, Balance Sheet, Cash Flow Statement, and optional sheets for DCF valuation, cap table, scenarios, and more.
- Follows a strict “assumptions-first” architecture: all inputs are on one sheet and referenced by formulas throughout the model.
- Implements color coding conventions for inputs, formulas, and cross-sheet references.
- Enforces formula-driven sheet interconnectivity; all statement numbers are formulas.
- Includes error checking: balance verification, cash reconciliation, and formula error scans.
- Provides detailed workflow, usage guidelines, warnings, and quick reference for building robust financial models.
元数据
常见问题
officecli-financial-model 是什么?
Use this skill when the user wants to build a financial model, 3-statement model, DCF valuation, cap table, scenario analysis, or financial projections in Ex... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 109 次。
如何安装 officecli-financial-model?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install officecli-financial-model」即可一键安装,无需额外配置。
officecli-financial-model 是免费的吗?
是的,officecli-financial-model 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
officecli-financial-model 支持哪些平台?
officecli-financial-model 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 officecli-financial-model?
由 瓦砾(@iceyliu)开发并维护,当前版本 v1.0.2。
推荐 Skills