← 返回 Skills 市场
Venn Nino
作者
ninonano64
· GitHub ↗
· v1.0.0
· MIT-0
129
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install venn-nino
功能描述
Safely connects Gmail, Calendar, Drive, Atlassian (Jira/Confluence), Notion, GitHub, Salesforce, and dozens of other enterprise tools via a single MCP endpoi...
安全使用建议
Before installing: verify the GitHub repository and the maintainer (mansilladev) and inspect the code on the named branch; prefer an official release tag over an arbitrary feature branch. Understand the install will run npm/pnpm and build code, creating ~/.local/share/vennporter and ~/.local/bin/vennporter — only proceed if you trust that code. Confirm the VENN_UNIVERSAL_URL you provide points to your trusted Venn MCP endpoint (the skill will use it to access many enterprise services via OAuth). If unsure, run the install in an isolated environment or container, or ask the publisher for a signed release or official package URL. Finally, be aware OAuth/device code will produce tokens stored locally by the client — review where tokens are persisted and rotate/revoke them if you later uninstall or distrust the tool.
功能分析
Type: OpenClaw Skill
Name: venn-nino
Version: 1.0.0
The skill performs an automated installation of a third-party tool by cloning and building a specific GitHub repository fork (mansilladev/mcporter) during the setup phase (install-vennporter.sh). This 'install-and-execute' pattern introduces significant supply-chain risk and potential RCE, as it runs unvetted code from a personal repository. While the skill's stated purpose is to integrate enterprise SaaS tools via venn.ai, the combination of broad data access (Gmail, Jira, Salesforce) and the execution of external binaries warrants a suspicious classification.
能力评估
Purpose & Capability
Name/description (Venn MCP gateway for enterprise tools) align with the runtime requirements: the skill requires a VENN_UNIVERSAL_URL and a vennporter client binary, which are appropriate for a gateway/client integration.
Instruction Scope
SKILL.md confines actions to installing/using vennporter, registering the provided MCP URL, and performing OAuth/device‑code auth. It asks the agent to save the URL to openclaw.json and run local commands. It does not instruct reading unrelated system files or exfiltrating arbitrary data. Minor incoherences: metadata/version strings differ across files and the install path referenced in some places (~/.openclaw/workspace/skills/venn/...) depends on extraction location but the included script lives at scripts/install-vennporter.sh — this is a small packaging/path inconsistency to be aware of.
Install Mechanism
Although the install uses a GitHub repo (better than a random IP or pastebin), the script clones a third‑party repo (https://github.com/mansilladev/mcporter) from a feature branch (feat/device-code-grant), runs npm/pnpm install and build, and writes an executable to ~/.local/bin/vennporter which will be executed. Fetching and building arbitrary code locally is a moderate‑to‑high risk action unless you can verify the repository and maintainer; the use of a feature branch increases uncertainty about provenance and review.
Credentials
The skill only requires a single environment value VENN_UNIVERSAL_URL (a URL, not an API key). However, the OAuth/device-code flow will produce tokens that the installed client will store locally (expected for this use case). No unrelated credentials or paths are requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It will install a user‑owned binary and configuration under the user's home (~/.local), and the installed client will persist config/auth tokens locally — expected but worth noting because the installed binary can be invoked autonomously by the agent in later runs.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install venn-nino - 安装完成后,直接呼叫该 Skill 的名称或使用
/venn-nino触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of the venn-nino skill, connecting Gmail, Calendar, Drive, Atlassian, Notion, GitHub, Salesforce, and other enterprise tools via Venn MCP.
- Supports safe, OAuth-secured integration setup and authentication flows.
- Automated setup protocols guide users through environment variable configuration and dependency installation.
- Provides example prompts for discovering connected services and managing enterprise tasks.
- Includes high-efficiency workflow execution, service discovery, and structured authentication procedures.
元数据
常见问题
Venn Nino 是什么?
Safely connects Gmail, Calendar, Drive, Atlassian (Jira/Confluence), Notion, GitHub, Salesforce, and dozens of other enterprise tools via a single MCP endpoi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 129 次。
如何安装 Venn Nino?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install venn-nino」即可一键安装,无需额外配置。
Venn Nino 是免费的吗?
是的,Venn Nino 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Venn Nino 支持哪些平台?
Venn Nino 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Venn Nino?
由 ninonano64(@ninonano64)开发并维护,当前版本 v1.0.0。
推荐 Skills