← 返回 Skills 市场
139
总下载
0
收藏
0
当前安装
9
版本数
在 OpenClaw 中安装
/install osnk-trainer
功能描述
Pelatih OSNK - Bank soal OSK/OSNK/SNK/Bebras (2006-2025) dengan latihan cerdas, speed run, performance tracking, dan mentoring lengkap.
安全使用建议
This package appears to be a legitimate offline OSNK/Bébras question trainer with local markdown banks and local JSON state — but before installing or enabling autonomous invocation you should: 1) Inspect run.sh yourself (open the file) to confirm it contains only safe parsing, file reads/writes, and at most harmless HTTPS GETs to the documented GitHub raw URL; look specifically for no eval/exec of downloaded content, no use of curl/wget|--output to execute archives, and no exfiltration logic. 2) If you cannot review the script, run the skill in an isolated sandbox or VM and monitor network traffic and filesystem writes. 3) If you allow the GitHub fallback, verify the exact repository URL (raw.githubusercontent.com/jrrqd/osnk-question-bank) and ensure you trust that upstream content; consider blocking network access if you want fully local-only operation. 4) Check that writing to $OPENCLAW_WORKSPACE/memory (or ./memory) fits your privacy requirements and that you are comfortable storing practice data locally. 5) Because source/homepage are unknown, prefer manual review and sandboxing; if you need higher assurance, ask the author for the run.sh source (or for a signed release) and verify it matches the packaged script.
功能分析
Type: OpenClaw Skill
Name: osnk-trainer
Version: 1.0.8
The skill bundle is a legitimate educational tool designed for training students for the Indonesian Informatics Olympiad (OSNK). The main execution script, `run.sh`, functions as a command router that retrieves competition questions from local markdown files or a specific GitHub repository (github.com/jrrqd/osnk-question-bank) and manages user statistics in local JSON files. While the script uses `curl` to fetch remote content, it treats the data as text for display purposes and does not employ dangerous patterns like `eval` or piping remote content to a shell. No evidence of prompt injection, data exfiltration, or malicious persistence was found across the documentation or the extensive question bank files.
能力标签
能力评估
Purpose & Capability
The name/description (OSNK trainer) match the packaged content: many local .md question banks, a simple bash runtime, and JSON state files. There are no declared env vars, binaries, or unrelated credentials requested, which is proportional to an offline quiz trainer.
Instruction Scope
SKILL.md describes only local operations (reading .md files, writing JSON into memory/) which is consistent — but it also documents an optional GitHub fallback (raw.githubusercontent.com) used when local files are missing. The provided package includes a SECURITY.md that describes run.sh behavior, but the actual run.sh source was not included in the review text here (only its presence/size is listed). Because the runtime behavior (parsing commands, fetching fallbacks) is implemented by run.sh, not seeing its contents prevents verification that it truly never executes arbitrary code, never uses eval, and only performs safe GET requests.
Install Mechanism
There is no install spec (instruction-only skill plus an included run.sh). That is low-risk compared to remote installers. No archives or third-party package installs are declared. However, the included executable script (run.sh) would be executed at runtime — its contents should be reviewed before running.
Credentials
The skill declares no required env vars or credentials and stores data under $OPENCLAW_WORKSPACE/memory or ./memory — this is proportional. Note: SKILL.md/SECURITY.md reference $OPENCLAW_WORKSPACE and an optional outbound HTTPS fallback to raw.githubusercontent.com/jrrqd/osnk-question-bank; network access is reasonable for a fallback but it is an external endpoint and should be trusted/verified before allowing the skill to fetch from it.
Persistence & Privilege
always is false and the skill stores only JSON under the workspace memory directory. It does not request system-wide privileges. SECURITY.md mentions no sudo or system modifications. There is a minor oddity: SECURITY.md points to a local path under a developer's home and an npm-global path which suggests typical dev install locations, but not elevated privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install osnk-trainer - 安装完成后,直接呼叫该 Skill 的名称或使用
/osnk-trainer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.8
Added SECURITY.md compliance doc, fixed OSK 2014 #4 & OSK 2015 #2, updated to 780+ question bank
v1.0.7
v1.0.7: Include 33 question bank files (700+ questions) in package
v1.0.6
Fix: Use master branch for question bank URL
v1.0.5
osnk-trainer 1.0.5
- Update to run.sh script.
- No user-facing changes to documentation or features.
- SKILL.md remains unchanged from version 1.0.1.
v1.0.4
Fix: hapus karakter cina yang tidak sengaja
v1.0.3
Fix: dokumentasi path dan environment variable di SKILL.md, fix hardcoded path di run.sh
v1.0.2
Fix typo: Bebras (bukan Bebas), fix URL TLX TOKI (tlx.toki.id), tambah kolabor
v1.0.1
Tambah disclaimer: kunci jawaban belum tentu benar, perlu validasi ulang
v1.0.0
Initial release dengan 770+ soal OSK/OSNK dari TLX TOKI
元数据
常见问题
OSNK Trainer 是什么?
Pelatih OSNK - Bank soal OSK/OSNK/SNK/Bebras (2006-2025) dengan latihan cerdas, speed run, performance tracking, dan mentoring lengkap. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 139 次。
如何安装 OSNK Trainer?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install osnk-trainer」即可一键安装,无需额外配置。
OSNK Trainer 是免费的吗?
是的,OSNK Trainer 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OSNK Trainer 支持哪些平台?
OSNK Trainer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OSNK Trainer?
由 jrrqd(@jrrqd)开发并维护,当前版本 v1.0.8。
推荐 Skills