← 返回 Skills 市场
xueyetianya

Shipping Calc

作者 bytesagain4 · GitHub ↗ · v3.0.0 · MIT-0
cross-platform ⚠ suspicious
593
总下载
0
收藏
2
当前安装
13
版本数
在 OpenClaw 中安装
/install shipping-calc
功能描述
Calculate shipping costs with zone-based rates and duty estimates. Use when estimating shipping costs.
安全使用建议
This skill appears to do what it says: local shipping/duty calculations with a small bash script and no network or credential access. You can install/use it with low risk, but consider: (1) the script has minor bugs (track/batch echo lines won't expand variables), and (2) for safety with untrusted input the script should pass shell variables into awk with -v instead of interpolating them into the awk program. If you plan to run it on sensitive systems or feed untrusted inputs, review/patch the script first. Otherwise it's lightweight and coherent with its description.
功能分析
Type: OpenClaw Skill Name: shipping-calc Version: 3.0.0 The skill contains multiple critical command injection vulnerabilities in `scripts/script.sh`. Specifically, the `rate`, `compare`, `estimate`, and `duty` functions pass unsanitized shell arguments directly into `awk` command strings (e.g., `awk "BEGIN{...$2...}"`), which allows for arbitrary code execution if a user provides crafted input. While the script's logic aligns with its stated purpose and lacks explicit evidence of intentional malice or exfiltration, the high-risk nature of these vulnerabilities warrants a suspicious classification.
能力评估
Purpose & Capability
The name/description match the provided script and SKILL.md: the script implements rate, compare, estimate, duty, track, and batch commands and stores data under ~/.local/share/shipping-calc. Nothing in the files asks for unrelated cloud credentials, system-level access, or unrelated services.
Instruction Scope
SKILL.md instructs the agent to run the included scripts/script.sh commands only and documents the local data directory. The script does not read arbitrary system files or call external endpoints. Minor implementation issues: some commands (track, batch) use single-quoted echo strings so variables won't expand (likely a bug), and the script interpolates positional parameters directly into an awk program rather than using awk -v, which is a safer practice if untrusted input is expected.
Install Mechanism
This is an instruction-only skill with one bundled shell script and no install spec. Nothing is downloaded or installed at runtime beyond creating a local data directory in the user's HOME.
Credentials
No environment variables, credentials, or config paths are required. The script only uses $HOME to create a per-user data directory, which is reasonable for local data storage.
Persistence & Privilege
always:false and no writes to global agent configuration. The skill only creates a per-user data directory and does not modify other skills or system-wide settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install shipping-calc
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /shipping-calc 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.0.0
v3.0.0: rewrite
v2.0.1
update
v2.0.0
v2.5 standard: Use-when desc, homepage, source, security fix
v1.0.6
yaml-fix+quality
v1.0.5
yaml-fix+quality
v1.0.4
Quality upgrade
v1.0.3
Quality upgrade: custom functionality
v1.0.2
Standards compliance: unique content, no template text
v1.0.1
Quality update: docs, examples, standards compliance
v2.3.0
Quality fixes: aligned docs with implementation
v2.2.0
Enhanced descriptions for better AI triggering
v0.0.1
c
v1.0.0
Initial release of shipping-calc. - Shipping cost calculator supporting cost estimation, carrier comparison, tracking, policies, international logistics, and optimization. - Includes commands for calculating, comparing, tracking shipments, policy inquiry, international options, and optimization. - FAQ and professional advice provided for personal and business users. - Outputs results in convenient Markdown format.
元数据
Slug shipping-calc
版本 3.0.0
许可证 MIT-0
累计安装 2
当前安装数 2
历史版本数 13
常见问题

Shipping Calc 是什么?

Calculate shipping costs with zone-based rates and duty estimates. Use when estimating shipping costs. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 593 次。

如何安装 Shipping Calc?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install shipping-calc」即可一键安装,无需额外配置。

Shipping Calc 是免费的吗?

是的,Shipping Calc 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Shipping Calc 支持哪些平台?

Shipping Calc 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Shipping Calc?

由 bytesagain4(@xueyetianya)开发并维护,当前版本 v3.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论