← 返回 Skills 市场
brandons7

Read AI

作者 Brandon Stewart · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
92
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install readai
功能描述
Fetch and manage Read AI meeting data - summaries, transcripts, action items, and engagement metrics. Use when the user asks about meetings, meeting notes, m...
安全使用建议
This skill appears to do what it says: it queries Read AI / Limitless APIs and saves meeting data under your home directory. Before installing, consider: 1) the API key is stored in a plain file (~/.config/readai/api-key) — protect that file (SKILL.md suggests chmod 600). 2) The Limitless pull optionally calls a local 'claude' CLI when you use the --ai flag — only enable that if you trust the 'claude' binary on your system. 3) The webhook receiver defaults to localhost but can be bound to all interfaces; only bind publicly if you know what you’re doing and secure the endpoint (use a firewall, reverse proxy with TLS, or tunnel). If those caveats are acceptable, the skill is internally consistent with its purpose.
功能分析
Type: OpenClaw Skill Name: readai Version: 1.0.0 The skill bundle contains several security vulnerabilities and risky patterns that could be exploited via prompt injection. Most notably, `scripts/limitless_pull.py` is vulnerable to path traversal because it uses the command-line `date` argument to construct filesystem paths without sanitization, potentially allowing arbitrary file writes. Additionally, `scripts/readai_client.py` provides an export feature that allows writing data to arbitrary file paths via the `--output` flag, and `scripts/webhook_receiver.py` implements an unauthenticated network listener that binds to a local port. While these appear to be functional features or unintentional flaws rather than evidence of malicious intent, they represent a significant attack surface.
能力评估
Purpose & Capability
Name/description match the included client, search, lifecycle pull, and webhook receiver scripts; requested local API key file and local storage under ~/.readai are appropriate for a meeting ingest/search tool. Referencing Limitless (pendant) and Read AI APIs is consistent with the skill purpose.
Instruction Scope
Runtime instructions tell the agent to read an API key from ~/.config/readai/api-key, run the included Python scripts, and (optionally) run a webhook receiver. The scripts only access meeting data, local files under ~/.readai, and the Read AI / Limitless APIs. Minor scope notes: limitless_pull optionally invokes a local 'claude' CLI when --ai is used, and webhook_receiver can be bound to 0.0.0.0 if the user passes that flag (SKILL.md warns about this).
Install Mechanism
No install spec is provided (instruction-only); scripts run with the system Python and use the requests library. Nothing is downloaded from third-party URLs or written to system-wide locations by an installer.
Credentials
The skill does not request environment variables or cloud credentials; it expects a local API key file (~/.config/readai/api-key). The code reads READAI_TIMEZONE if present (optional). Requiring an API key (stored in a user file) is proportional to the stated purpose. Note the client also checks a fallback path (~/.config/limitless/api-key) which is reasonable for supporting 'Limitless' but is an additional location to be aware of.
Persistence & Privilege
always is false and the skill does not request permanent platform-level privileges. It writes meeting and log files only under the user's home (~/.readai, ~/.config/readai) and does not modify other skills or global agent configs. The webhook can be exposed to the network if the operator intentionally binds to 0.0.0.0.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install readai
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /readai 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release - meeting summaries, transcripts, action items, search, and webhook receiver
元数据
Slug readai
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Read AI 是什么?

Fetch and manage Read AI meeting data - summaries, transcripts, action items, and engagement metrics. Use when the user asks about meetings, meeting notes, m... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 92 次。

如何安装 Read AI?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install readai」即可一键安装,无需额外配置。

Read AI 是免费的吗?

是的,Read AI 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Read AI 支持哪些平台?

Read AI 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Read AI?

由 Brandon Stewart(@brandons7)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论