📦 AgentBooks — AI财务管家
v0.1.5专为AI代理设计的财务管理工具,可实时追踪大模型推理费用、登记已确认收入、统一管理多服务商加密钱包,并自动计算财务健康度,让AI也能拥有清晰账本。
0· 488·0 当前·0 累计
by 下载技能包
最后更新
2026/4/22
安全扫描
OpenClaw
安全
medium confidenceNULL
评估建议
This skill is coherent with its purpose but relies on fetching and running an external npm package at runtime—treat that as the primary risk. Before installing/invoking: (1) review the referenced GitHub repo and npm package owners/versions; prefer a pinned version and verify package integrity (checksums or signed releases); (2) run the CLI first in a sandbox/container and monitor outbound network activity; (3) set AGENTBOOKS_DATA_PATH to a dedicated, non-shared directory; (4) do not connect real...详细分析 ▾
✓ 用途与能力
Name/description (track costs, record income, manage wallets, compute Financial Health Score) match the SKILL.md content. The listed optional env vars and CLI commands (agentbooks guard, record-cost, record-income, wallet-connect, status, financial-health) are directly relevant to the described functionality and nothing unrelated is requested.
ℹ 指令范围
The runtime instructions tell the agent to run the third‑party CLI (agentbooks) and to use commands that will access a data directory, connect to wallet providers, and call out to external providers. The SKILL.md explicitly warns to sandbox and not to supply private keys; it does not instruct reading unrelated system files or secrets. It does assume access to runner token counts or the ability to call the runner's economy-hook if available. Overall the scope stays within a financial bookkeeping domain but enables networked wallet/provider operations.
⚠ 安装机制
There is no bundled code; the skill instructs the agent to install or npx an npm package from the public registry (agentbooks). Downloading and executing an unbundled npm package at runtime (especially via npx which fetches on each invocation) is a supply-chain risk: the package could contain arbitrary JS executed on the host. The skill does warn to review the repo before running, but the registry entry itself provides no install artifact or pinned integrity check.
ℹ 凭证需求
No required env vars are declared; only optional ones (AGENTBOOKS_AGENT_ID, AGENTBOOKS_DATA_PATH, AGENTBOOKS_PROVIDER, LLM_MODEL) that are reasonable for this tool. Wallet/provider credentials are necessarily part of the wallet-connect flow but the SKILL.md explicitly states it does not handle credential storage and delegates sensitive operations to the CLI. Requiring provider credentials would be expected for wallet management; the skill itself does not request unrelated secrets.
✓ 持久化与权限
always:false and normal autonomous invocation are set (platform defaults). The skill does not request forced permanent inclusion or modify other skills. Note: allowing the agent to autonomously invoke a CLI that can connect to external providers increases operational risk if you permit the agent to run commands without human oversight, but that is a platform-level policy decision rather than an inconsistency in this skill.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.52026/2/26
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install agent-books
镜像加速npx clawhub@latest install agent-books --registry https://cn.longxiaskill.com