← 返回 Skills 市场
521
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install pension-guide
功能描述
연금/노후설계 스킬. 9개 인텐트 라우팅(National Pension~Beginner Guide), 국민연금 예상 수령액 계산 + IRP/연금저축 절세 비교 + 노후 자금 역산 시뮬레이터. 트리거: "국민연금", "예상 수령액", "연금저축", "IRP", "퇴직금", "노후 준...
安全使用建议
What to consider before installing/use:
- Do not provide sensitive personal identifiers (예: 주민등록번호) or run scripts unless you can inspect them first. The playbook shows a command that would take a 주민번호 fragment but the actual script is not included for review — that is a red flag.
- The skill references local binaries (~/.npm-global/bin/yf) and mentions enabling an API key, but no required binaries or environment variables are declared. Ask the author to list exact dependencies and any environment variables or keys needed.
- Before running any referenced script, request the script source (nps_query.sh). If the script will be run by the agent, review its contents for network calls, logging, or exfiltration of data.
- Prefer the skill to rely on official public sites for sensitive personal data (it already recommends 내연금/csa.nps.or.kr). If you need precise estimates, use the official site rather than handing PII to a third-party skill.
- Ask the publisher to: (1) provide missing scripts or remove scripts that request PII, (2) declare required binaries and environment variables, and (3) clarify connector names/syntax (SKILL.md shows odd tildes ~~, which may be a formatting error).
If the author supplies the missing script(s) and a clear explanation of when and how personal identifiers are used (and no undeclared credentials are required), this assessment could be downgraded to benign. Conversely, if the skill actually includes a script that collects or transmits resident registration numbers or requires undeclared secrets, treat it as high-risk and avoid installing.
功能分析
Type: OpenClaw Skill
Name: pension-guide
Version: 1.0.0
The skill bundle is classified as suspicious due to the presence of direct shell command execution and a commented-out instruction indicating potential handling of highly sensitive PII via a local script. The `playbook.md` file explicitly instructs the agent to execute `~/.npm-global/bin/yf quote` commands, demonstrating a direct shell execution capability which is a vulnerability (e.g., shell injection risk if inputs are not sanitized). Furthermore, `playbook.md` contains a commented-out line `# bash skills/pension-guide/scripts/nps_query.sh "[주민번호 앞자리]"`, which, even if inactive, suggests a design consideration for passing sensitive resident registration number prefixes to a local script, posing a significant PII handling risk.
能力评估
Purpose & Capability
The skill's functionality (pension estimates, IRP vs savings, retirement sim) is coherent with the provided playbook and templates. However the SKILL.md/playbook references external helpers (yahoo-finance-cli via ~/.npm-global/bin/yf, an nps_query.sh script) and mentions activating a 'key' for an API without declaring required binaries or environment variables. Those undeclared dependencies are inconsistent with the declared requirements (which list none).
Instruction Scope
Instructions include running a local script to query 국민연금 with a 주민번호 fragment: `bash skills/pension-guide/scripts/nps_query.sh "[주민번호 앞자리]"`. The repository contains only scripts/README.md — no nps_query.sh — so the instructions reference a non-existent script. Asking for or invoking resident registration numbers (PII) to query an API is sensitive. The playbook also instructs calling a user-local binary (~/.npm-global/bin/yf) and web_search; the SKILL.md gives broad discretion to contact web sources. Together this creates risk: the skill could prompt users for sensitive identifiers or run locally-provided scripts (which are not present for review).
Install Mechanism
There is no install spec (instruction-only skill), so nothing is automatically downloaded or written by the installer. This lowers installation-time risk. Note: risk remains because instructions expect local scripts/binaries that would be executed by the agent if present.
Credentials
The skill declares no required environment variables or credentials, yet the playbook and domain_config reference an official 국민연금 API and say '키 활성화 후 사용' (enable key before use). That implies API keys or credentials might be needed but are not declared. The instructions also suggest collecting sensitive user data (resident registration number pieces) for API queries. Requesting PII or undeclared API keys is disproportionate to a simple calculator/guide unless explicit, auditable credential handling is provided.
Persistence & Privilege
The skill does not request always=true and has no install hooks or config paths. It does not ask to modify other skills or system settings. Autonomous invocation is allowed by platform default, which is expected for skills and not flagged by itself.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install pension-guide - 安装完成后,直接呼叫该 Skill 的名称或使用
/pension-guide触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release — Korean-specific skill by @sw326
元数据
常见问题
한국 연금/노후 설계 是什么?
연금/노후설계 스킬. 9개 인텐트 라우팅(National Pension~Beginner Guide), 국민연금 예상 수령액 계산 + IRP/연금저축 절세 비교 + 노후 자금 역산 시뮬레이터. 트리거: "국민연금", "예상 수령액", "연금저축", "IRP", "퇴직금", "노후 준... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 521 次。
如何安装 한국 연금/노후 설계?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install pension-guide」即可一键安装,无需额外配置。
한국 연금/노후 설계 是免费的吗?
是的,한국 연금/노후 설계 完全免费(开源免费),可自由下载、安装和使用。
한국 연금/노후 설계 支持哪些平台?
한국 연금/노후 설계 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 한국 연금/노후 설계?
由 김성우(@sw326)开发并维护,当前版本 v1.0.0。
推荐 Skills