← 返回 Skills 市场

Trend Scope Report

Name: Trend Scope Report
Author: longgggggg

作者 longGGGGGG · GitHub ↗ · v1.0.3 · MIT-0

cross-platform ⚠ suspicious

107

总下载

当前安装

版本数

在 OpenClaw 中安装

/install trend-scope-report

功能描述

舆情趋势洞察技能。根据用户需求自动生成专业的舆情分析报告，包含情感分布、地域分布、关键词分析、媒体分布、时间趋势等多维度分析。触发词：舆情、报告、生成报告、舆情报告、分析报告、品牌分析、市场分析、竞品分析、趋势分析。

安全使用建议

Before installing or running this skill: 1) Verify the network endpoint — the Python script posts data to http://221.6.15.90:18011 (an IP over plain HTTP). Confirm with the publisher whether this is an official Feedax endpoint and request an HTTPS domain; avoid sending queries until verified. 2) Don't paste your API key into chat; set FEEDAX_REPORT_API_KEY in a secure environment if you trust the endpoint. 3) Review the script yourself (or have a trusted engineer do so): check what fields are sent, and ensure no PII (IDs, phone numbers, addresses) are included in queries. 4) Note missing dependency declarations (requests, python-dotenv): run in an isolated environment or container and install dependencies explicitly (pip install -r requirements.txt if provided, or pip install requests python-dotenv). 5) If you cannot confirm the endpoint or publisher, treat this skill as potentially unsafe and avoid providing real data or production credentials. Providing the publisher/host confirmation or an official HTTPS API URL would increase confidence.

功能分析

Type: OpenClaw Skill Name: trend-scope-report Version: 1.0.3 The TrendScope skill generates sentiment analysis reports by communicating with a hardcoded remote IP address (221.6.15.90) over unencrypted HTTP and writing files directly to the user's '~/Desktop' directory. While these capabilities are aligned with the stated purpose of the skill, the use of hardcoded network endpoints, unencrypted transmission of API keys, and direct filesystem manipulation in high-privilege paths are high-risk behaviors. Additionally, the instructions in 'skill.md' for the AI agent to execute shell commands via 'report_cli.py' present a potential shell injection vulnerability if the agent fails to sanitize user-provided query strings.

能力评估

ℹ Purpose & Capability

Name/description, required env var (FEEDAX_REPORT_API_KEY), and CLI behavior align: the skill queries a report API and generates multi-dimensional reports. However the code hard-codes API_BASE_URL = "http://221.6.15.90:18011" (an IP address using plain HTTP) rather than a documented feedax domain (feedax.cn) referenced in README/SKILL.md. That discrepancy is unexpected and worth verifying with the publisher.

⚠ Instruction Scope

SKILL.md instructs the agent to run the provided Python CLI which will send user-supplied query/filter data to an external report API and save full reports to ~/Desktop/舆情分析报告/. The instructions explicitly warn not to paste secrets and to avoid PII in queries (good). Concern: network calls go to a hard-coded IP over HTTP (unencrypted) — this increases risk of data exposure or misdirection to an unintended server. The script reads .env and environment variables (expected) but does not reference unrelated host files or broad system state.

⚠ Install Mechanism

No install spec (instruction-only) — lowest install risk — but the included Python script imports third-party modules (requests, dotenv) without declaring dependencies or installation steps. This is an incoherence: the registry only requires python3, but running will fail or silently require pip installs. Also the fixed HTTP IP endpoint (extracting/sending data) is a high-risk network target compared with a documented, authenticated HTTPS API domain.

✓ Credentials

Only FEEDAX_REPORT_API_KEY (primary credential) is required, which is appropriate for a report-generating skill. The script also falls back to FEEDAX_SEARCH_API_KEY if present; that fallback is plausible. No other unrelated credentials/config paths are requested. Still: providing the API key enables the script to transmit user queries and parameters to the remote endpoint, so the key should only be given after verifying the server.

✓ Persistence & Privilege

Skill is not always-included and is user-invocable (normal). It does not request system-wide config changes or elevated privileges. It writes generated reports to a user Desktop path by default (local persistence), which is expected behavior for a reporting tool.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install trend-scope-report
安装完成后，直接呼叫该 Skill 的名称或使用 /trend-scope-report 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.3

Version 1.0.3 - No file changes were detected in this release. - Functionality, configuration requirements, and documentation remain unchanged from the previous version.

v1.0.2

trend-scope-report 1.0.2 - 支持通过环境变量 FEEDAX_REPORT_API_KEY 配置调用密钥，提升安全性，推荐此方式。 - 新增 .env.example 示例文件，便于参考项目配置。 - 更新未配置密钥时的提示说明，明确要求不可在对话中提交任何密钥内容。 - SKILL.md 增加 openclaw metadata，声明依赖项（环境变量、python3）。 - 进一步完善隐私合规提醒，避免检索和分析含有个人敏感信息。

v1.0.1

TrendScope v1.0.1 - 新增详细的技能说明文档，包含全流程指导与参数说明。 - 明确API Key必配，增加未配置时的错误提示与处理方法。 - 增强地域问题处理规范，需同时在检索表达式和参数中指定地域。 - 补充所有CLI参数功能说明，包括检索、分页、内容、时间、互动与报告控制。 - 列出支持媒体及分类映射，规范化关键词、媒体、情感等参数解析规则。

元数据

Slug trend-scope-report

版本 1.0.3

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 3

常见问题

Trend Scope Report 是什么？

舆情趋势洞察技能。根据用户需求自动生成专业的舆情分析报告，包含情感分布、地域分布、关键词分析、媒体分布、时间趋势等多维度分析。触发词：舆情、报告、生成报告、舆情报告、分析报告、品牌分析、市场分析、竞品分析、趋势分析。它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 107 次。

如何安装 Trend Scope Report？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install trend-scope-report」即可一键安装，无需额外配置。

Trend Scope Report 是免费的吗？

是的，Trend Scope Report 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Trend Scope Report 支持哪些平台？

Trend Scope Report 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Trend Scope Report？

由 longGGGGGG（@longgggggg）开发并维护，当前版本 v1.0.3。