← 返回 Skills 市场
478
总下载
0
收藏
1
当前安装
7
版本数
在 OpenClaw 中安装
/install venn
功能描述
Search, describe, and execute enterprise tools (Jira, Salesforce, Gmail, Slack, Google Calendar, Google Drive, GitHub, Notion, Box, etc.) via the Venn tool-r...
安全使用建议
This skill appears to do what it says: it uses a single Venn API key to route requests to many enterprise services. Before installing:
- Understand what the VENN_API_KEY can access. That one key is a gateway to any connectors already configured in your Venn account — review and limit connected integrations and scopes in Venn before issuing a key.
- Prefer using the OpenClaw secrets helper (openclaw secrets configure) or your organization’s secrets manager rather than appending the key to ~/.openclaw/.env or baking it into sandbox images. Keys in plaintext files or images are easy to leak.
- If you must put the key in config files or images, use least-privilege keys and plan rotation/revocation.
- Audit logs and monitor Venn and OpenClaw activity after enabling the integration (and restrict which agent sandboxes can use the key).
If you want a stricter review: provide the omitted parts of SKILL.md (the full workflow execution examples) or evidence that the Venn API key can be scoped (or scoped tokens exist). If the skill had asked for unrelated credentials, embedded external download URLs, or instructed the agent to read host credentials/configs, the assessment would be suspicious.
功能分析
Type: OpenClaw Skill
Name: venn
Version: 2.0.1
The 'venn' skill bundle is a legitimate integration for the Venn tool-router platform (app.venn.ai), enabling an AI agent to interact with enterprise SaaS tools like Jira, Salesforce, and Slack. The SKILL.md file provides comprehensive instructions for discovery, execution, and error recovery, while explicitly enforcing safety guardrails such as mandatory user confirmation for write operations and schema adherence. No indicators of malicious intent, unauthorized data exfiltration, or suspicious execution patterns were found.
能力评估
Purpose & Capability
Name/description claim: route/search/execute across many enterprise services via Venn. Declared requirement: VENN_API_KEY (primaryEnv). This aligns — a single Venn API key is the expected credential to let the Venn platform operate on connected tools.
Instruction Scope
SKILL.md is an instruction-only integration doc that tells the agent how to call Venn's REST API and how to configure the VENN_API_KEY in OpenClaw. It asks the operator to add the key to ~/.openclaw/.env (or to sandbox/docker env settings) and to restart or reload OpenClaw. Those steps are operationally expected, but storing a long-lived platform API key in a global .env or baking it into sandbox images increases blast radius — the docs advise those exact actions rather than recommending the secrets helper as the safest default.
Install Mechanism
No install spec and no code files — instruction-only. Nothing is downloaded or written by the skill itself (beyond telling the operator how to configure OpenClaw). This is the lowest-risk install pattern.
Credentials
Only one required env var (VENN_API_KEY) is declared, which is proportionate to the described functionality. Important caveat: that single key is a gateway credential — granting it to the platform can permit access to many connected enterprise services (Gmail, Jira, GitHub, Salesforce, etc.). The skill doesn't request unrelated credentials, but the Venn key implicitly enables broad access.
Persistence & Privilege
always:false and the skill is user-invocable; it does not request permanent/forced inclusion. It does instruct operators to add the key to OpenClaw environment configurations (which will persist across runs) — again expected for API-driven integrations but worth noting for operational security.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install venn - 安装完成后,直接呼叫该 Skill 的名称或使用
/venn触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.1
venn 2.0.1
- Clarified setup instructions: now details how to set VENN_API_KEY via OpenClaw `.env` file or secrets helper, and setup for sandboxed agents.
- Metadata updated: VENN_API_KEY is now the only required environment variable; removed VENN_API_URL from `requires`.
- Improved skill visibility explanation: now explicitly states the skill is hidden until the API key is set.
- No functional or API changes. Documentation improvements only.
v2.0.0
Version 2.0.0
- Added explicit skill metadata specifying required environment variables (`VENN_API_KEY` required, `VENN_API_URL` optional).
- Updated configuration section to clarify use of environment variables and fallback logic for the API URL.
- Slightly revised documentation structure to emphasize configuration steps and default values.
- No changes to executable code; updates are documentation and metadata only.
v1.0.6
- Migrated from local binary (mcporter/vennporter) setup to direct REST API integration with the Venn platform.
- Updated environment variables: requires VENN_API_KEY and VENN_API_URL instead of VENN_UNIVERSAL_URL.
- Streamlined onboarding and authentication instructions for the new API flow.
- Added detailed request and usage documentation in SKILL.md for tool discovery, schema description, execution, workflow automation, and write operation confirmation.
- Included a comprehensive reference to query syntax and platform specifics via a new documentation file.
v1.0.5
It's still very much mcporter; however, renamed it to vennporter for name separation.
v1.0.4
- Added support for headless and device code authentication using a custom mcporter-manual CLI.
- Introduced install-mcporter-manual.sh script to automate building and installing mcporter-manual.
- Updated setup and authentication flows to utilize mcporter-manual instead of mcporter, improving support for environments without browser access.
- Adjusted dependency checks to require mcporter-manual.
- Updated documentation with new setup and execution instructions for mcporter-manual CLI.
v1.0.3
- Updated description, instructions to get free account @ https://venn.ai
v1.0.0
Initial release of the Venn skill, providing OAuth-based integration with dozens of enterprise tools via a unified MCP gateway. Register for free @ https://venn.ai
- Securely connects Gmail, Calendar, Drive, Microsoft, Atlassian, Notion, GitHub, Salesforce, and more using a single OAuth2 URL.
- Guides users through environment setup, OAuth registration, and status verification.
- Includes interactive setup and troubleshooting prompts if connection details are missing.
- Provides UI dashboard configuration for seamless environment variable entry.
- Offers built-in example prompts for common enterprise tasks and service discovery.
- Ensures required dependencies (such as mcporter) are installed
元数据
常见问题
Venn - Secure Universal MCP (Google Workspace, Jira, GitHub, and more) 是什么?
Search, describe, and execute enterprise tools (Jira, Salesforce, Gmail, Slack, Google Calendar, Google Drive, GitHub, Notion, Box, etc.) via the Venn tool-r... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 478 次。
如何安装 Venn - Secure Universal MCP (Google Workspace, Jira, GitHub, and more)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install venn」即可一键安装,无需额外配置。
Venn - Secure Universal MCP (Google Workspace, Jira, GitHub, and more) 是免费的吗?
是的,Venn - Secure Universal MCP (Google Workspace, Jira, GitHub, and more) 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Venn - Secure Universal MCP (Google Workspace, Jira, GitHub, and more) 支持哪些平台?
Venn - Secure Universal MCP (Google Workspace, Jira, GitHub, and more) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Venn - Secure Universal MCP (Google Workspace, Jira, GitHub, and more)?
由 Neil(@neil-bd)开发并维护,当前版本 v2.0.1。
推荐 Skills