Zsxq 没有提供任何可翻译的内容,"Zsxq"似乎是一个缩写或代码。如果您能提供更多上下文或解释,我将很乐意帮助您翻译。
v0.1.0User知识星球用户信息:查看当前登录用户的个人资料、查询跨星球的最近发主题足迹。当用户需要查看自己的用户 ID、昵称、头像、认证状态,或查看自己最近在各星球发过的主题时使用。 翻译: 用户信息:查看当前登录用户的个人资料、查询跨星球的最近发帖记录。当用户需要查看自己的用户 ID、昵称、头像、认证状态,或查看自己最近在各星球发过的主题时使用。
0· 18·0 当前·0 累计
by 下载技能包
最后更新
2026/4/19
安全扫描
OpenClaw
可疑
medium confidence该技能的声明目的(查看当前用户个人资料和跨组足迹)与其说明相符,但存在元数据不一致和未声明对共享认证文档的依赖,需要在安装前进行审查。
评估建议
Before installing or enabling this skill: (1) Inspect the referenced ../zsxq-shared/SKILL.md to see exactly how authentication works and where credentials/tokens are stored or read from; confirm it does not instruct the agent to read unrelated files or environment variables. (2) Verify the zsxq-cli binary is trustworthy (where it comes from) and that the registry metadata correctly lists it as a requirement. (3) Confirm there are no hidden endpoints or instructions in zsxq-shared that would tran...详细分析 ▾
ℹ 用途与能力
The skill's name/description (view current user info and cross-group footprints) aligns with the instructions to call zsxq-cli user +info and +footprints. However, SKILL.md declares a required binary (zsxq-cli) in metadata while the registry metadata above lists no required binaries — this mismatch should be resolved.
ℹ 指令范围
Runtime instructions are narrow and CLI-focused (run zsxq-cli user +info / +footprints). They explicitly require the agent to READ ../zsxq-shared/SKILL.md first for authentication/error rules. Reading that shared SKILL.md is reasonable for auth guidance, but it introduces dependence on another skill's contents (and potentially on where credentials are stored). The instructions do not ask the agent to read arbitrary system files or exfiltrate data.
✓ 安装机制
This is an instruction-only skill with no install spec and no code files — it does not write code to disk or download artifacts, which is low risk. The only runtime requirement is the external CLI binary (zsxq-cli) referenced in SKILL.md.
⚠ 凭证需求
No environment variables, credentials, or config paths are declared in the registry metadata, yet the skill depends on authentication (handled via the referenced zsxq-shared/SKILL.md) and on the zsxq-cli binary. The skill does not declare where or how credentials are provided; that gap is concerning because the shared doc may reference environment variables or stored tokens not disclosed here.
✓ 持久化与权限
always is false and the skill is user-invocable. It does not request persistent system presence or attempt to modify other skills. The only elevated action is reading the shared SKILL.md for auth rules, which is within scope but should be reviewed.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.02026/4/19
zsxq-user 1.1.0 版本 - 添加了查看登录用户的个人资料(用户 ID、昵称、认证状态)和跨星球发布历史的功能。 - 引入了快捷方式:+info(查看个人资料)和 +footprints(查看所有跨星球发布的主题)。 - API 支持在星球内按昵称搜索成员。 - 工具需要 zsxq-cli 并提供内联 CLI 帮助。 - 使用本工具需要在开始前阅读共享认证和错误处理规则。
● 无害
安装命令
点击复制官方npx clawhub@latest install zsxq-user
镜像加速npx clawhub@latest install zsxq-user --registry https://cn.longxiaskill.com 镜像可用