← 返回 Skills 市场
90
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install skool-all-in-one-api
功能描述
Full read AND write access to Skool communities. Use when user asks to manage Skool members (approve, reject, list pending), read or create posts, reply to c...
安全使用建议
This skill runs an external Apify actor (cristiantala~skool-all-in-one-api) to manage Skool on your behalf. Consequences to consider before installing:
- APIFY_TOKEN: This token lets the skill start actors under your Apify account. Use a dedicated, limited token and revoke it if you stop using the skill.
- Skool credentials: The documented login flow sends your Skool email/password to the remote actor (or stores cookies returned by that actor). Only provide these if you trust the actor owner and Apify; prefer giving cookies you control or avoid supplying your password when possible.
- Third‑party code: The actor runs on apify.com under someone else's account. Inspect the actor's source on Apify (if available) or contact the actor author to confirm behavior. Treat this like granting a remote service browser access to your Skool session.
- Binaries mismatch: The skill declares node + mcpc but examples use curl. You may not need to install mcpc for the curl-based flows; verify what your chosen workflow actually requires.
If you proceed, limit risk by creating a scoped APIFY token, avoid reusing your primary Skool password, and test with a non-critical Skool account or group first. If you need help verifying the actor code or alternative approaches that avoid sending passwords to a third party, ask for that review.
功能分析
Type: OpenClaw Skill
Name: skool-all-in-one-api
Version: 1.0.0
The skill provides an interface to manage Skool communities via a third-party Apify actor (cristiantala~skool-all-in-one-api). It requires the AI agent to handle sensitive credentials, including the user's Skool email and password, and execute shell commands (curl, grep, export) to interact with the Apify API. While these capabilities are aligned with the stated purpose of community automation, the practice of passing raw credentials through shell environments and to an external actor represents a high-risk pattern without built-in sanitization or secure credential management.
能力评估
Purpose & Capability
The skill's stated purpose — full read/write Skool management via Apify — matches the instructions that call an Apify actor. Requiring an APIFY_TOKEN is appropriate. However the skill also declares node + mcpc as required binaries while the provided curl-based examples never invoke mcpc; that mismatch is unexpected but not necessarily malicious.
Instruction Scope
SKILL.md tells the agent to run a remote Apify actor and (optionally) supply the user's Skool email+password to that actor (the actor performs Playwright login and returns cookies). That means sensitive Skool credentials (or session cookies) will be transmitted to and handled by a third‑party actor on apify.com. The instructions also direct storing and reusing cookies and do not describe access controls for those cookies.
Install Mechanism
Install spec uses npm to install @apify/mcpc which is a registry package — a normal, low-risk mechanism. The concern is procedural: SKILL.md examples use curl to call Apify API rather than mcpc, so installing mcpc may be unnecessary for the documented flows.
Credentials
The only required env var is APIFY_TOKEN, which is appropriate for running Apify actors. However the runtime requires user Skool credentials (email/password) in some flows — these are not listed as required env vars and will be transmitted in actor run payloads. APIFY_TOKEN grants the ability to start runs under your Apify account; if compromised or over‑privileged this could be abused. Declared binaries (node/mcpc) increase local surface despite the curl examples not using them.
Persistence & Privilege
always is false and the skill does not request permanent platform presence or system-wide config changes. Autonomous invocation is enabled by default but that is normal; the skill does not request elevated platform privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install skool-all-in-one-api - 安装完成后,直接呼叫该 Skill 的名称或使用
/skool-all-in-one-api触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: posts CRUD, nested comments, members with AI screening, events, user mentions. Cookie-based auth.
元数据
常见问题
Skool All-in-One API 是什么?
Full read AND write access to Skool communities. Use when user asks to manage Skool members (approve, reject, list pending), read or create posts, reply to c... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 90 次。
如何安装 Skool All-in-One API?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install skool-all-in-one-api」即可一键安装,无需额外配置。
Skool All-in-One API 是免费的吗?
是的,Skool All-in-One API 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Skool All-in-One API 支持哪些平台?
Skool All-in-One API 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Skool All-in-One API?
由 ctala(@ctala)开发并维护,当前版本 v1.0.0。
推荐 Skills