← 返回 Skills 市场
Technical Eval
作者
vincentlau2046-sudo
· GitHub ↗
· v1.0.0
· MIT-0
97
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install technical-eval
功能描述
在市场全貌清楚之后,把需要对比的技术方案并排分析,输出结构化对比和推荐结论。工作流包含:技术问题定义、全景扫描、趋势雷达、深度评估、PoC验证、风险控制、选型决策、报告生成。
安全使用建议
This skill appears to implement a legitimate technical-evaluation workflow, but there are important mismatches you should address before installing or running it:
- The package metadata declares no required credentials, yet the included tavily-config.sh and README expect a TAVILY_API_KEY stored in ~/.openclaw/.env. Treat this as a required credential unless you modify the skill.
- The shell script exports every non-comment line from ~/.openclaw/.env into the environment. If that file contains other secrets (AWS keys, DB passwords, tokens), they will be injected into the skill's runtime environment. Either (a) ensure ~/.openclaw/.env contains only TAVILY_API_KEY and no other secrets, (b) modify tavily-config.sh to only read the specific variable needed in a safe way, or (c) run the skill in an isolated environment/user account.
- The skill will write reports and data to ~/.openclaw/workspace/... — confirm you are comfortable with those files being created on your machine and that file permissions are acceptable.
- Review network behavior: the workflow implies fetching data from many public domains (mlperf.org, github.com, stackoverflow.com, gartner.com, etc.). If you have network or privacy concerns, run it in a sandbox or restrict outbound access to only the sources you approve.
- If you plan to give it the TAVILY_API_KEY, prefer creating a minimal .env that contains only that key and verify tavily-config.sh (or the runtime logic) does not send that key to unknown endpoints. Consider auditing or sandboxing the skill first.
If you want, I can: (1) show a safer replacement for tavily-config.sh that only reads TAVILY_API_KEY without exporting other variables, (2) suggest a checklist to run this skill in a containerized sandbox, or (3) produce a minimal manifest update that properly declares the required env var and config paths.
能力评估
Purpose & Capability
The skill's name, description, templates, and workflow align with a technical-evaluation purpose. However, SKILL.md/README and tavily-config.sh expect a Tavily API key and a ~/.openclaw workspace for outputs despite the registry metadata claiming no required env vars or config paths — this is an incoherence between declared requirements and actual behavior.
Instruction Scope
Runtime instructions and included script instruct the agent to (a) read ~/.openclaw/.env for TAVILY_API_KEY, (b) configure a domain whitelist and fetch multi-source data from many public domains, and (c) write analysis outputs to ~/.openclaw/workspace/tech-insight/.... Reading the user's ~/.openclaw/.env is outside the declared scope and could expose unrelated secrets if that file contains them.
Install Mechanism
There is no install spec (instruction-only + small shell script and templates). No external downloads or package installs are performed by the skill itself, which is low risk from an install-mechanism perspective.
Credentials
Although registry metadata lists no required env vars, tavily-config.sh and README require TAVILY_API_KEY stored in ~/.openclaw/.env. The script exports all non-comment lines from that file into the environment (export $(grep -v '^#' $HOME/.openclaw/.env | xargs)), which will expose any other variables in that file to the skill's process — disproportionate and potentially risky if ~/.openclaw/.env holds unrelated secrets.
Persistence & Privilege
The skill does not request always:true and does not change other skills' configs. It will write generated outputs into ~/.openclaw/workspace/... (as described in SKILL.md), which is normal for a reporting skill but should be confirmed by the user (path and file writes are not declared in the metadata).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install technical-eval - 安装完成后,直接呼叫该 Skill 的名称或使用
/technical-eval触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of technical-eval: a comprehensive, professional technical evaluation workflow.
- Defines an 8-step standardized process for technology selection (需求定义, 全景扫描, 趋势雷达, 深度评估, PoC验证, 风险控制, 选型决策, 报告生成)
- Enforces strict quantification requirements for each evaluation step; qualitative content must be clearly labeled
- Integrates multi-source data collection and structured comparison matrices (支持数据来源: 官方文档、GitHub、Stack Overflow、招聘数据等)
- Provides 5 industry-specific evaluation templates (AI 基础设施、AI 软件、云原生、数据库、前端框架)
- Outputs results in a fixed directory structure with automated report and presentation (ppt) generation
- Guarantees process completeness, file existence, logical consistency, and transparency on data provenance and confidence intervals
元数据
常见问题
Technical Eval 是什么?
在市场全貌清楚之后,把需要对比的技术方案并排分析,输出结构化对比和推荐结论。工作流包含:技术问题定义、全景扫描、趋势雷达、深度评估、PoC验证、风险控制、选型决策、报告生成。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 97 次。
如何安装 Technical Eval?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install technical-eval」即可一键安装,无需额外配置。
Technical Eval 是免费的吗?
是的,Technical Eval 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Technical Eval 支持哪些平台?
Technical Eval 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Technical Eval?
由 vincentlau2046-sudo(@vincentlau2046-sudo)开发并维护,当前版本 v1.0.0。
推荐 Skills