← 返回 Skills 市场
flobo3

Skill Graphify

作者 Flo · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
292
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install skill-graphify
功能描述
Turn any folder of code, docs, papers, or images into a queryable knowledge graph. Cross-platform wrapper for graphify CLI.
安全使用建议
The wrapper/script is coherent with its stated purpose, but it will attempt to install the PyPI package 'graphifyy' at runtime. Before installing or running this skill: 1) verify the 'graphifyy' package on PyPI (owner, versions, release history) and inspect its source repository for malicious or surprising behavior; 2) prefer running the wrapper in an isolated environment (VM, container, or virtualenv) so install-time code can't affect your system; 3) consider manually installing a vetted version of the graphify package (or using a pinned version) rather than letting the wrapper run pip automatically; 4) if you cannot confirm the package provenance, do not run ensure-installed or build on sensitive directories (run it on a disposable copy of data first). If you want, I can help look up the 'graphifyy' package, its PyPI page, or search for a source repository to validate provenance.
功能分析
Type: OpenClaw Skill Name: skill-graphify Version: 1.0.0 The skill exhibits high-risk behavior by automatically installing an external Python package ('graphifyy') and executing dynamically generated Python code via 'subprocess.run' in 'graphify_wrapper.py'. While these actions are consistent with the stated purpose of building a knowledge graph, the execution pattern (using 'sys.executable -c' with f-strings) and the potential typosquatting risk of the package name ('graphifyy' vs the tool name 'graphify') create a significant attack surface for remote code execution (RCE) and supply chain compromise.
能力评估
Purpose & Capability
Name/description, README, SKILL.md, and the wrapper code all align: the script installs/uses a 'graphify' package and runs detect→extract→build→report on a target folder. The requested operations (reading files in the target folder, writing output under <target>/graphify-out/) match the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run the bundled Python wrapper to install and run graphify. Runtime instructions and the code operate only on the provided target path and the created output directory; they do not attempt to read system-wide config, credentials, or unrelated paths. The skill will read files inside the target folder and write outputs and cache files there (expected behavior).
Install Mechanism
There is no registry install spec in the skill metadata, but the wrapper (and SKILL.md) call 'pip install graphifyy' at runtime. Installing an arbitrary PyPI package executes untrusted code (install-time scripts, imports) and the package/author provenance is not provided (homepage/source unknown). This is a moderate-to-high supply-chain risk compared with a vetted release or a pinned URL to a trustworthy repo.
Credentials
The skill declares no required environment variables, no credentials, and the code does not read environment secrets. It only interacts with the filesystem under the target path and runs local Python/pip — access requested is proportionate to the stated functionality.
Persistence & Privilege
The skill is not always-enabled, does not modify other skills or global agent config, and only writes outputs/caches under the project's graphify-out directory. It does not request elevated/system privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skill-graphify
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skill-graphify 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial-release
元数据
Slug skill-graphify
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Skill Graphify 是什么?

Turn any folder of code, docs, papers, or images into a queryable knowledge graph. Cross-platform wrapper for graphify CLI. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 292 次。

如何安装 Skill Graphify?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skill-graphify」即可一键安装,无需额外配置。

Skill Graphify 是免费的吗?

是的,Skill Graphify 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Skill Graphify 支持哪些平台?

Skill Graphify 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Skill Graphify?

由 Flo(@flobo3)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论