← 返回 Skills 市场
Weekly Report (OpenClaw)
作者
kaillera999
· GitHub ↗
· v1.0.0
306
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install weekly-report-openclaw
功能描述
自动化工作周报生成系统。支持自动登录周报系统、获取团队周报数据、使用 AI 进行内容提炼总结、生成格式化的 Word 文档。 触发场景:(1) 用户要求生成周报 (2) 用户询问本周/上周工作总结 (3) 用户提到"周报"、"weekly report"、"工作总结" (4) 用户需要汇总团队成员工作内容
安全使用建议
This skill largely does what it says, but take precautions before installing or running it:
- Inspect scripts/setup.sh before running; it uses remote installers (curl|sh / PowerShell) which can execute arbitrary code. Prefer manual, vetted installation of dependencies.
- Verify and, if needed, change the configured base_url and API IDs: defaults point to a specific IP (http://120.210.237.117:7006) and app/worksheet/view IDs — supplying your corporate credentials without confirming the endpoint could leak access to that host.
- Be aware the login routine intercepts network requests and saves the authorization header and cookies to .token_cache. Run the tool in an isolated environment (VM or container) if you must provide real credentials, and delete cache files after use.
- If you don't trust the hard-coded defaults, pass an explicit config file (--config) that points to your own instance or remove the default values.
- Consider creating a limited-permission service account for the report system and a dedicated LLM API key rather than using a full-privilege personal credential.
If you want, I can: (1) summarize exactly what setup.sh does, (2) list the external domains the scripts download from, or (3) produce a checklist of safe install steps (run in VM, inspect files, run in offline mode) to reduce risk.
功能分析
Type: OpenClaw Skill
Name: weekly-report-openclaw
Version: 1.0.0
The skill bundle is a well-structured automation tool designed to generate weekly reports by fetching data from a specific internal system (hosted at 120.210.237.117), summarizing it via LLM (DeepSeek/OpenAI), and producing Word documents. It utilizes Playwright in `lib/login.py` and `lib/fetcher.py` for browser-based authentication and data extraction, which is consistent with its stated purpose of automating interactions with a report system. No evidence of malicious intent, unauthorized data exfiltration, or prompt injection was found; the code follows modern Python practices and uses standard dependencies.
能力评估
Purpose & Capability
The code implements the stated purpose (login, fetch reports, summarize with an LLM, generate a Word doc). Requesting a site username/password and an LLM API key is consistent with the feature set. However, registry metadata earlier listed no required env vars while SKILL.md and the code clearly require WEEKLY_REPORT_USERNAME, WEEKLY_REPORT_PASSWORD, and DEEPSEEK_API_KEY — this metadata mismatch is unexpected and should be resolved.
Instruction Scope
Login code uses Playwright to observe network requests and capture an authorization header (it looks for a substring like 'md_pss_id'), and it restores cookies and intercepts API responses to extract data. Capturing network requests and saving tokens/cookies is invasive by design (to obtain auth), but it also means the skill can capture any authorization headers visible in that browser session. The SKILL.md instructs running a setup script and provides commands that will install tooling and run Playwright; these steps expand the runtime scope beyond simple API calls.
Install Mechanism
There is no platform-level install spec in the registry, but SKILL.md requires running scripts/setup.sh (and provides curl|sh / powershell install snippets). The manual instructions include piping installers from external URLs (e.g., astral.sh for 'uv') and running Playwright installer commands. Running curl | sh / remote PowerShell and installing browser runtimes is higher risk: it downloads and executes code from external hosts outside the skill bundle. Review scripts/setup.sh before running and prefer installing dependencies from trusted package managers.
Credentials
The environment variables requested by the skill (WEEKLY_REPORT_USERNAME, WEEKLY_REPORT_PASSWORD, DEEPSEEK_API_KEY) are plausible for logging into a report system and calling an LLM. However, the default configuration contains a hard-coded base_url that points to an IP (http://120.210.237.117:7006/hap) and embedded worksheet/app/view IDs. That means credentials you supply will be used to access that specific host by default — verify this is the intended target before providing sensitive credentials. Also the registry metadata omitted environment requirements, which is inconsistent.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills. It caches tokens and data in local files (.token_cache, .data_cache) in the working directory — expected for this tool but note persisted tokens/cookies are stored on disk. No system-wide configuration changes are requested by the code.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install weekly-report-openclaw - 安装完成后,直接呼叫该 Skill 的名称或使用
/weekly-report-openclaw触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: automated weekly report generation with AI summarization, Playwright browser automation, and Word document output
元数据
常见问题
Weekly Report (OpenClaw) 是什么?
自动化工作周报生成系统。支持自动登录周报系统、获取团队周报数据、使用 AI 进行内容提炼总结、生成格式化的 Word 文档。 触发场景:(1) 用户要求生成周报 (2) 用户询问本周/上周工作总结 (3) 用户提到"周报"、"weekly report"、"工作总结" (4) 用户需要汇总团队成员工作内容. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 306 次。
如何安装 Weekly Report (OpenClaw)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install weekly-report-openclaw」即可一键安装,无需额外配置。
Weekly Report (OpenClaw) 是免费的吗?
是的,Weekly Report (OpenClaw) 完全免费(开源免费),可自由下载、安装和使用。
Weekly Report (OpenClaw) 支持哪些平台?
Weekly Report (OpenClaw) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Weekly Report (OpenClaw)?
由 kaillera999(@kaillera999)开发并维护,当前版本 v1.0.0。
推荐 Skills