← 返回 Skills 市场
harperbot

台灣即時停車查詢

作者 Harperbot · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
371
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-parking-query
功能描述
傳送定位點或 Google Maps 網址,查詢附近台灣停車場即時空位,附 Apple Maps / Google Maps 一鍵導航連結。支援 Telegram、LINE、iMessage。
安全使用建议
This skill is internally consistent: it needs only TDX credentials to call the official TDX APIs and the code matches the documentation. Before installing, do these quick checks: (1) Only supply TDX_CLIENT_ID and TDX_CLIENT_SECRET (do not reuse other secrets). (2) Inspect and trust the GitHub repo referenced by update.sh (https://github.com/Harperbot/openclaw-parking-query) before running update.sh or enabling any automated update cron jobs — the script will download and overwrite the skill files. (3) Note that resolving Google short URLs performs an HTTP HEAD with redirects (normal for expanding short map links), so if you pass unfamiliar external URLs be aware the skill will follow redirects to whatever upstream target is returned. If you are comfortable trusting the GitHub source and the TDX service, the skill appears safe to use.
功能分析
Type: OpenClaw Skill Name: openclaw-parking-query Version: 1.0.0 The `skill.yml` file contains a shell injection vulnerability (Remote Code Execution risk) in the `run` command definition. The user-controlled `url` parameter, typed as a string, is directly interpolated into a shell command: `--url "${url}"`. While double-quoted, this can still be exploited by an attacker using command substitution (e.g., `"$(id)"`) to execute arbitrary commands on the host running the OpenClaw agent. This is a critical vulnerability, but it represents a flaw allowing attacks rather than clear evidence of intentional malicious behavior by the skill's author.
能力评估
Purpose & Capability
The skill queries TDX (Transport Data eXchange) for static car-park data and availability and therefore legitimately asks for TDX_CLIENT_ID and TDX_CLIENT_SECRET. The behavior (parsing Google Maps URLs, calling TDX APIs, returning map links) matches the name/description.
Instruction Scope
SKILL.md restricts runtime actions to: set TDX credentials, install requests, copy the skill into the OpenClaw skills directory, and run the included Python script. The Python code only reads the provided coordinates or resolves a Google Maps URL, calls TDX endpoints, caches a token under ~/.openclaw/, and prints results. It does not attempt to read unrelated system files or exfiltrate other environment variables.
Install Mechanism
There is no formal install spec (instruction-only), which minimizes automatic disk actions. The repo includes update.sh that downloads parking_query.py and skill.yml from a GitHub URL (https://github.com/Harperbot/openclaw-parking-query/raw/main/...). Pulling code from GitHub raw is common but still an external fetch — if you enable automated updates or run update.sh, you should trust that remote repository. requirements.txt only lists requests (standard).
Credentials
The only required secrets are TDX_CLIENT_ID and TDX_CLIENT_SECRET, which are necessary for the TDX API. No other credentials, system config paths, or unrelated environment variables are requested. The token cache is stored under ~/.openclaw/.tdx_token_cache (within OpenClaw path) — expected for caching.
Persistence & Privilege
The skill is not always-enabled and does not request elevated privileges. It writes a token cache under ~/.openclaw/ (its own area) and contains an update helper that can overwrite its own files if run — that is normal for self-updating skills but worth noting before enabling automated cron updates.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install openclaw-parking-query
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /openclaw-parking-query 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release:全台 TDX 即時停車,支援 Telegram/LINE/iMessage,附導航連結
元数据
Slug openclaw-parking-query
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

台灣即時停車查詢 是什么?

傳送定位點或 Google Maps 網址,查詢附近台灣停車場即時空位,附 Apple Maps / Google Maps 一鍵導航連結。支援 Telegram、LINE、iMessage。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 371 次。

如何安装 台灣即時停車查詢?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-parking-query」即可一键安装,无需额外配置。

台灣即時停車查詢 是免费的吗?

是的,台灣即時停車查詢 完全免费(开源免费),可自由下载、安装和使用。

台灣即時停車查詢 支持哪些平台?

台灣即時停車查詢 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 台灣即時停車查詢?

由 Harperbot(@harperbot)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论