← 返回 Skills 市场
Xuanself
作者
wangxuan1992asia-svg
· GitHub ↗
· v1.0.0
· MIT-0
76
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install xuanself
功能描述
🩺 医疗器械俄罗斯市场深度调研标准工作流。专为俄罗斯 Country Manager 定制,整合多语种实时搜索(SerpAPI)、医学进展追踪、患者群体数据(IDF)、政府机构动态监控,输出章节完整、排版专业、可直接交付的 Word 报告。
安全使用建议
What to check before installing:
- Confirm the SerpAPI (and optional TGStat) API key requirement: SKILL.md and PORTING_NOTES require a SerpAPI key even though the registry metadata didn't list any required credentials. Ask the publisher to declare required credentials in the manifest.
- Do not paste API keys into a repo file in a shared location. The provided template stores keys in data/data_sources.json; consider keeping keys in environment variables or a secure store and updating the code to read them from env vars instead.
- The skill runs local Python code (word_exporter.py, run_report.py). Review/read these scripts and run them in a controlled environment (sandbox or VM) if you plan to execute them locally.
- If you already have a sibling skill named report-gama in the parent directory, the run script may import and execute code from that directory. Audit that code too, or run without report-gama installed to ensure only the bundled word_exporter is used.
- Because this skill scrapes government and health data, confirm legal/compliance obligations for collecting and storing health-related information in your jurisdiction and your company's policies.
- If you need higher assurance, ask the publisher to: (1) update manifest to declare required credentials, (2) change key handling to use environment variables or a secure secret store, and (3) provide a minimal reproducible install/run example and a checksum for the included scripts.
功能分析
Type: OpenClaw Skill
Name: xuanself
Version: 1.0.0
The xuanself skill bundle is a specialized workflow for conducting medical device market research in Russia. It utilizes SerpAPI for multi-language data gathering and the python-docx library to generate structured Word reports. Analysis of the Python scripts (word_exporter.py, run_report.py) and the agent instructions (SKILL.md) reveals no evidence of malicious intent, data exfiltration, or unauthorized system access. The code is transparently designed to fulfill its stated purpose of market analysis and professional document generation.
能力评估
Purpose & Capability
The stated purpose (Russian medical-device market research, multilingual web search, IDF data, government/tender monitoring, Word output) matches the included code and instructions: SKILL.md, PORTING_NOTES, data_sources.json and scripts implement web search and Word export. However the registry metadata lists no required env vars/credentials while the documentation and data template clearly require a SerpAPI key (and optionally TGStat). That omission is an incoherence between manifest and actual requirements.
Instruction Scope
Runtime instructions focus on web search (SerpAPI/Yandex/Google), scraping/collection of public sources (IDF, minzdrav, kremlin, zakupki, ecommerce sites) and producing a Word report. The scope stays within market-research tasks; I see no instructions that ask the agent to read unrelated local files or exfiltrate unknown secrets. The tool list (WebFetch, WebSearch, ExecuteCommand, Read/Write) is broad but consistent with a skill that fetches pages and runs local Python to generate DOCX.
Install Mechanism
No install spec is provided (instruction-only for the agent) and included Python scripts use common pip packages (python-docx, requests, bs4, etc.). No downloads from arbitrary URLs or archive extraction are present. The risk surface is typical for a code snippet that runs locally.
Credentials
The skill requires API keys (SerpAPI mandatory, TGStat optional) according to SKILL.md and PORTING_NOTES and data_sources.json; yet the registry metadata lists no required environment variables or primary credential. The skill also instructs users to edit data/data_sources.json to store keys (a file in the skill directory) rather than documenting a secure environment-variable approach. This mismatch and the practice of storing secrets in a repository file are disproportionate and risky — the manifest should declare the required credentials and the skill should document secure handling (env vars or secure vault).
Persistence & Privilege
always:false (default) and model invocation not disabled — normal for a user-invocable skill. The skill does not request special persistent privileges or modify other skills. One operational note: run_report.py attempts to import modules from a sibling 'report-gama' directory if present, meaning it can execute code from another skill directory at runtime; this is an intended integration but increases the surface to review that other skill if present.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install xuanself - 安装完成后,直接呼叫该 Skill 的名称或使用
/xuanself触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Xuanself 1.0.0 — 首个官方发布版
- 明确三大必填章节及强制数据质量标准,保障报告专业性与合规性
- 支持专业Word报告导出,内置最新版排版规范
- 附带详细文件结构说明与依赖环境列表,支持企业级落地
元数据
常见问题
Xuanself 是什么?
🩺 医疗器械俄罗斯市场深度调研标准工作流。专为俄罗斯 Country Manager 定制,整合多语种实时搜索(SerpAPI)、医学进展追踪、患者群体数据(IDF)、政府机构动态监控,输出章节完整、排版专业、可直接交付的 Word 报告。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 76 次。
如何安装 Xuanself?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install xuanself」即可一键安装,无需额外配置。
Xuanself 是免费的吗?
是的,Xuanself 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Xuanself 支持哪些平台?
Xuanself 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Xuanself?
由 wangxuan1992asia-svg(@wangxuan1992asia-svg)开发并维护,当前版本 v1.0.0。
推荐 Skills