← 返回 Skills 市场
User Research (Cookiy AI)
作者
Chenglin Wei
· GitHub ↗
· v1.0.0
· MIT-0
71
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install user-research-cookiy
功能描述
End-to-end user research assistant — qualitative and quantitative. Use this skill whenever the user mentions user research, user interviews, discussion guide...
安全使用建议
This skill bundles a Cookiy CLI client and expects to run it with network access. Before installing: (1) be aware the included script requires curl and jq (the registry metadata doesn't list these) — ensure your agent runtime provides them; (2) the README asks to enable network egress (even suggesting 'All domains') — for safety prefer allowlisting only the Cookiy domains (s-api.cookiy.ai and cookiy.ai) rather than all domains; (3) the workflow asks you to paste/save an access token (written to ~/.cookiy/token.txt) and may send user-provided 'non-public background' text and attachments to Cookiy servers — avoid including secrets or internal-only data in study queries or attachments unless you trust the remote service and its policies; (4) if you need stronger assurance, review the bundled scripts/cookiy.sh yourself and run the client in a sandboxed environment first, or contact Cookiy to verify the published repository and release source. The main inconsistencies are undeclared runtime requirements (curl/jq/network) and broad guidance to enable network egress — treat these as signals to verify origin and limit network scope before use.
功能分析
Type: OpenClaw Skill
Name: user-research-cookiy
Version: 1.0.0
The skill bundle is a comprehensive user research assistant that integrates with the Cookiy AI platform. It includes a functional bash CLI (cookiy.sh) for API interactions and highly detailed markdown instructions for planning and synthesizing research. The code and instructions are well-structured and align with the stated purpose of providing end-to-end research capabilities, with no evidence of malicious intent, data exfiltration, or harmful prompt injection.
能力标签
能力评估
Purpose & Capability
The skill is a user-research assistant that delegates execution to an included Cookiy CLI script which talks to s-api.cookiy.ai — that integration is coherent with the stated purpose. However, registry metadata declares no required binaries or env vars while the shipped shell client clearly requires curl, jq, grep, sed and network egress. This mismatch between what the skill claims it needs and the actual script requirements is an incoherence to surface.
Instruction Scope
SKILL.md instructs the agent to run the included CLI (scripts/cookiy.sh) and to fetch an external agent intro file (https://cookiy.ai/intro-for-agent.txt). The Cookiy docs explicitly instruct enabling network egress (and even recommend a broad 'All domains' allowlist) and to include 'non-public background knowledge' in the study query/attachments. Those instructions can result in user data (including potentially sensitive internal context or base64 attachments) being transmitted to the remote Cookiy API — the skill's runtime directions broaden its scope beyond local plan generation.
Install Mechanism
No install spec (instruction-only), which limits direct disk writes from an installer. But a 37 KB shell CLI (scripts/cookiy.sh) is included and intended to be executed. The script uses curl/jq and performs network calls; it's a local client bundled with the skill rather than a third-party package download. Notably, there is no remote archive download in the manifest, lowering supply-chain risk, but the presence of an executable script requires the runtime to have appropriate binaries and network access.
Credentials
Registry metadata lists no required environment variables or credentials, but the script reads/writes a token file at ~/.cookiy/token.txt (or COOKIY_CREDENTIALS), and recognizes COOKIY_API_URL / COOKIY_SERVER_URL etc. The skill will prompt users to paste access tokens and then store them locally; it also suggests including non-public background context and attachments in API calls. The absence of declared env/credential requirements combined with the script's actual use of credentials and optional env overrides is inconsistent and worth caution.
Persistence & Privilege
always:false and no system-wide modifications. The script persists an access token to a per-user path (~/.cookiy/token.txt) which is normal for a CLI client. It does not request permanent platform-level 'always' inclusion. This behaviour is expected for a CLI-backed integration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install user-research-cookiy - 安装完成后,直接呼叫该 Skill 的名称或使用
/user-research-cookiy触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial publish — end-to-end user research skill: qualitative planning, report synthesis, and Cookiy AI integration for AI-moderated interviews and surveys.
元数据
常见问题
User Research (Cookiy AI) 是什么?
End-to-end user research assistant — qualitative and quantitative. Use this skill whenever the user mentions user research, user interviews, discussion guide... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 71 次。
如何安装 User Research (Cookiy AI)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install user-research-cookiy」即可一键安装,无需额外配置。
User Research (Cookiy AI) 是免费的吗?
是的,User Research (Cookiy AI) 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
User Research (Cookiy AI) 支持哪些平台?
User Research (Cookiy AI) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 User Research (Cookiy AI)?
由 Chenglin Wei(@chenglin97)开发并维护,当前版本 v1.0.0。
推荐 Skills