← 返回 Skills 市场
微信支付商品券接入skill
作者
zhangpeng319
· GitHub ↗
· v1.0.2
· MIT-0
194
总下载
1
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install wechatpay-product-coupon
功能描述
微信支付商品券接入助手,提供券类型选型、API代码示例(Java/Go)、开发参数校验、接口报错排查和上线质量检查。Use when user mentions "商品券", "优惠券接入", "发券", "核销", "创建商品券", "商品券代码", "签名报错", "验签失败", "回调收不到", "Requ...
安全使用建议
This skill appears to do exactly what it claims: provide docs and Java/Go example code for WeChat product-coupon integration. Before installing or using it, consider the following: (1) Do not paste private keys, apiclient_key.pem contents, APIv3 keys, or actual certificate serial numbers into chat—example files intentionally show placeholder paths. (2) If you allow the skill to perform the optional 'project code scan', grant it file access only after confirming which directories/files it may read and never share secret key files; prefer uploading a sanitized copy or running scans locally. (3) Treat the bundled code as examples—verify against official WeChat Pay docs and your security policies before copying into production. (4) If you need the skill to modify your repository or write files, avoid doing so: SKILL.md explicitly forbids writing into user projects. (5) If you want extra assurance, review the bundled SDK utility files (signing/verify code) locally to confirm they match official implementations and that no hard-coded secrets or external endpoints appear.
功能分析
Type: OpenClaw Skill
Name: wechatpay-product-coupon
Version: 1.0.2
The skill bundle is a comprehensive integration assistant for WeChat Pay product coupons. It contains standard API implementation examples in Java and Go, along with diagnostic Python scripts (e.g., 'scripts/查询用户商品券详情_品牌.py') for troubleshooting user coupon states. The instructions in 'SKILL.md' are highly restrictive and follow security best practices by enforcing a multi-step confirmation protocol and explicitly forbidding the agent from writing to files or generating code outside of provided references. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found; all network activity is directed at official WeChat Pay endpoints (api.mch.weixin.qq.com).
能力标签
能力评估
Purpose & Capability
The skill name/description match the packaged content: integration guides, signing/verification rules, troubleshooting, and numerous Java/Go example files for both brand and partner (service provider) modes. There are no unrelated required env vars or binaries declared. References to API endpoints, signing schemes, and file-path placeholders (e.g., private key /apiclient_key.pem) are expected and appropriate for a payment SDK integration helper.
Instruction Scope
SKILL.md tightly constrains behavior: it mandates asking the user before collecting info, forbids generating new API code from scratch, forbids writing code into the user's project, and requires language/mode confirmation before showing examples. One capability—'接入质量扫描' (project code scanning)—would require reading the user's project files and possibly scanning for signing/handler logic; SKILL.md requires explicit user consent before doing that. This is reasonable, but if you allow the skill to run scans, be aware it needs file access and may request to read code (do not provide private keys).
Install Mechanism
No install spec is present (instruction-only skill with bundled example files). No remote downloads or archive extraction occur. All code and docs are included in the skill bundle. Bundling many example files is heavy but consistent with the stated purpose.
Credentials
The skill declares no required environment variables, no primary credential, and no config path access. Example code shows placeholders for merchant cert paths, APIv3 keys, and public key IDs — these are normal for payment SDK examples but should not be provided to the skill or pasted into chat. The skill does not request unrelated credentials (e.g., AWS keys) and the number of required secrets is zero.
Persistence & Privilege
always:false (no forced inclusion) and model-invocation is allowed (default). The skill does not request elevated platform privileges, nor does it declare actions that would modify other skills or global agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install wechatpay-product-coupon - 安装完成后,直接呼叫该 Skill 的名称或使用
/wechatpay-product-coupon触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
更新图片引用为md格式
v1.0.1
- 文档末尾新增“社区与反馈”区块,提供官方交流群二维码和社区交流说明。
- 其余核心能力、全局交互规范和技能能力内容未作调整。
v1.0.0
v1.0.0 初始版本,支持微信支付商品券接入指引,包含券类型选型、Java/Go 示例代码、业务知识速查、接入质量评估和接口排障。
元数据
常见问题
微信支付商品券接入skill 是什么?
微信支付商品券接入助手,提供券类型选型、API代码示例(Java/Go)、开发参数校验、接口报错排查和上线质量检查。Use when user mentions "商品券", "优惠券接入", "发券", "核销", "创建商品券", "商品券代码", "签名报错", "验签失败", "回调收不到", "Requ... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 194 次。
如何安装 微信支付商品券接入skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install wechatpay-product-coupon」即可一键安装,无需额外配置。
微信支付商品券接入skill 是免费的吗?
是的,微信支付商品券接入skill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
微信支付商品券接入skill 支持哪些平台?
微信支付商品券接入skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 微信支付商品券接入skill?
由 zhangpeng319(@zhangpeng319)开发并维护,当前版本 v1.0.2。
推荐 Skills