Add OpenClaw skills, platform kit, and template docs

Made-with: Cursor

api-key-vault/.github/workflows/release_skill.yaml

@@ -0,0 +1,11 @@
+name: 技能自动化发布
+on:
+  push:
+    tags: ["v*"]
+
+jobs:
+  release:
+    uses: admin/jiangchang-platform-kit/.github/workflows/reusable-release-skill.yaml@main
+    with:
+      artifact_platform: windows
+      pyarmor_platform: windows.x86_64

api-key-vault/SKILL.md

@@ -0,0 +1,54 @@
+---
+name: API Key管理
+description: API Key统一管理工具。用于存储、读取、更新、删除各种第三方平台的API Key。当需要获取任何平台的API Key时调用本Skill。
+version: 1.0.0
+author: 深圳匠厂科技有限公司
+metadata:
+  openclaw:
+    slug: api-key-vault
+    emoji: "🔐"
+    category: "通用"
+allowed-tools:
+  - bash
+---
+
+# API Key 管理vault
+
+## 用途
+
+统一管理所有第三方平台的API Key，供其他Skill调用。
+Key存储在本地 `.env` 文件中，不上传任何服务器。
+
+## 使用方式
+
+### 读取一个Key
+```bash
+python3 {baseDir}/scripts/vault.py get 17track
+```
+
+### 写入/更新一个Key
+```bash
+python3 {baseDir}/scripts/vault.py set 17track YOUR_API_KEY_HERE
+```
+
+### 列出所有已存储的Key名称
+```bash
+python3 {baseDir}/scripts/vault.py list
+```
+
+### 删除一个Key
+```bash
+python3 {baseDir}/scripts/vault.py delete 17track
+```
+
+## 返回格式
+
+- get成功：直接返回Key的值，无多余内容
+- get失败：返回 `ERROR:KEY_NOT_FOUND`
+- set/delete/list：返回操作结果说明
+
+## 注意事项
+
+- Key名称统一用小写+连字符，例如 `17track`、`ups-api`、`fedex-oauth`
+- `.env` 文件位于 `api-key-vault/` 根目录，不要手动编辑格式
+- 任何Skill需要Key时，调用本Skill的get命令获取，不要硬编码

api-key-vault/release.ps1

@@ -0,0 +1,220 @@
+<#
+.SYNOPSIS
+  One-command release script for skill repos.
+
+.DESCRIPTION
+  - Optional auto-commit
+  - Push current branch
+  - Auto-increment semantic tag (vX.Y.Z)
+  - Create & push tag
+  - Fail fast on unsafe states
+
+.EXAMPLES
+  # Safe mode (recommended): requires clean working tree
+  .\release.ps1
+
+  # Auto commit tracked/untracked changes then release
+  .\release.ps1 -AutoCommit -CommitMessage "chore: update skill config"
+
+  # Dry run (show what would happen)
+  .\release.ps1 -DryRun
+
+  # Custom tag prefix
+  .\release.ps1 -Prefix "v" -Message "正式发布"
+
+.NOTES
+  Requires: git, PowerShell 5+
+#>
+
+[CmdletBinding()]
+param(
+  [string]$Prefix = "v",
+  [string]$Message = "正式发布",
+  [switch]$AutoCommit,
+  [switch]$RequireClean,
+  [string]$CommitMessage,
+  [switch]$DryRun
+)
+
+Set-StrictMode -Version Latest
+$ErrorActionPreference = "Stop"
+
+$scriptDir = Split-Path -Parent $MyInvocation.MyCommand.Path
+$sharedScript = Join-Path $scriptDir "..\jiangchang-platform-kit\tools\release.ps1"
+$sharedScript = [System.IO.Path]::GetFullPath($sharedScript)
+if (Test-Path $sharedScript) {
+  & $sharedScript @PSBoundParameters
+  exit $LASTEXITCODE
+}
+
+function Invoke-Git {
+  param([Parameter(Mandatory = $true)][string]$Args)
+  Write-Host ">> git $Args" -ForegroundColor DarkGray
+  & cmd /c "git $Args"
+  if ($LASTEXITCODE -ne 0) {
+    throw "git command failed: git $Args"
+  }
+}
+
+function Get-GitOutput {
+  param([Parameter(Mandatory = $true)][string]$Args)
+  $output = & cmd /c "git $Args" 2>$null
+  if ($LASTEXITCODE -ne 0) {
+    throw "git command failed: git $Args"
+  }
+  return @($output)
+}
+
+function Test-Repo {
+  & git rev-parse --is-inside-work-tree *> $null
+  return ($LASTEXITCODE -eq 0)
+}
+
+function Get-CurrentBranch {
+  $b = (Get-GitOutput "branch --show-current" | Select-Object -First 1).Trim()
+  return $b
+}
+
+function Get-StatusPorcelain {
+  $lines = @(Get-GitOutput "status --porcelain")
+  return $lines
+}
+
+function Parse-SemVerTag {
+  param(
+    [string]$Tag,
+    [string]$TagPrefix
+  )
+  $escaped = [regex]::Escape($TagPrefix)
+  $m = [regex]::Match($Tag, "^${escaped}(\d+)\.(\d+)\.(\d+)$")
+  if (-not $m.Success) { return $null }
+
+  return [pscustomobject]@{
+    Raw   = $Tag
+    Major = [int]$m.Groups[1].Value
+    Minor = [int]$m.Groups[2].Value
+    Patch = [int]$m.Groups[3].Value
+  }
+}
+
+function Get-NextTag {
+  param([string]$TagPrefix)
+
+  $tags = Get-GitOutput "tag --list"
+  $parsed = @()
+
+  foreach ($t in $tags) {
+    $t = $t.Trim()
+    if (-not $t) { continue }
+    $obj = Parse-SemVerTag -Tag $t -TagPrefix $TagPrefix
+    if ($null -ne $obj) { $parsed += $obj }
+  }
+
+  if ($parsed.Count -eq 0) {
+    return "${TagPrefix}1.0.1"
+  }
+
+  $latest = $parsed | Sort-Object Major, Minor, Patch | Select-Object -Last 1
+  return "$TagPrefix$($latest.Major).$($latest.Minor).$([int]$latest.Patch + 1)"
+}
+
+function Ensure-CleanOrAutoCommit {
+  param(
+    [switch]$DoAutoCommit,
+    [switch]$NeedClean,
+    [switch]$IsDryRun,
+    [string]$Msg
+  )
+
+  $status = @(Get-StatusPorcelain)
+  if ($status.Length -eq 0) { return }
+
+  if ($NeedClean) {
+    Write-Host "Working tree is not clean and -RequireClean is enabled." -ForegroundColor Yellow
+    & git status --short
+    throw "Abort: dirty working tree."
+  }
+
+  # 默认一键发布：有改动就自动提交；也可用 -AutoCommit 显式开启
+  $commitMsg = $Msg
+  if ([string]::IsNullOrWhiteSpace($commitMsg)) {
+    $commitMsg = "chore: auto release commit ($(Get-Date -Format 'yyyy-MM-dd HH:mm:ss'))"
+  }
+
+  if (-not $DoAutoCommit) {
+    Write-Host "Detected uncommitted changes, auto-committing before release..." -ForegroundColor Yellow
+  }
+
+  if ($IsDryRun) {
+    Write-Host "[DryRun] Would run: git add -A" -ForegroundColor Yellow
+    Write-Host "[DryRun] Would run: git commit -m `"$commitMsg`"" -ForegroundColor Yellow
+    return
+  }
+
+  Invoke-Git "add -A"
+  Invoke-Git "commit -m `"$commitMsg`""
+}
+
+try {
+  Write-Host "=== Release Script Start ===" -ForegroundColor Cyan
+
+  if (-not (Test-Repo)) {
+    throw "Current directory is not a git repository."
+  }
+
+  $branch = Get-CurrentBranch
+  if ([string]::IsNullOrWhiteSpace($branch)) {
+    throw "Unable to determine current branch."
+  }
+
+  if ($branch -notin @("main", "master")) {
+    throw "Current branch is '$branch'. Release is only allowed from main/master."
+  }
+
+  Invoke-Git "fetch --tags --prune origin"
+
+  Ensure-CleanOrAutoCommit -DoAutoCommit:$AutoCommit -NeedClean:$RequireClean -IsDryRun:$DryRun -Msg $CommitMessage
+
+  $upstream = (& git rev-parse --abbrev-ref --symbolic-full-name "@{u}" 2>$null)
+  $hasUpstream = ($LASTEXITCODE -eq 0)
+
+  if ($DryRun) {
+    if ($hasUpstream) {
+      Write-Host "[DryRun] Would run: git push" -ForegroundColor Yellow
+    } else {
+      Write-Host "[DryRun] Would run: git push -u origin $branch" -ForegroundColor Yellow
+    }
+  } else {
+    if ($hasUpstream) {
+      Invoke-Git "push"
+    } else {
+      Invoke-Git "push -u origin $branch"
+    }
+  }
+
+  $nextTag = Get-NextTag -TagPrefix $Prefix
+  Write-Host "Next tag: $nextTag" -ForegroundColor Green
+
+  $existing = @(Get-GitOutput "tag --list `"$nextTag`"")
+  if ($existing.Length -gt 0) {
+    throw "Tag already exists: $nextTag"
+  }
+
+  if ($DryRun) {
+    Write-Host "[DryRun] Would run: git tag -a $nextTag -m `"$Message`"" -ForegroundColor Yellow
+    Write-Host "[DryRun] Would run: git push origin $nextTag" -ForegroundColor Yellow
+    Write-Host "=== DryRun Complete ===" -ForegroundColor Cyan
+    exit 0
+  }
+
+  Invoke-Git "tag -a $nextTag -m `"$Message`""
+  Invoke-Git "push origin $nextTag"
+
+  Write-Host "Release success: $nextTag" -ForegroundColor Green
+  Write-Host "=== Release Script Done ===" -ForegroundColor Cyan
+  exit 0
+}
+catch {
+  Write-Host "Release failed: $($_.Exception.Message)" -ForegroundColor Red
+  exit 1
+}

api-key-vault/scripts/vault.py

@@ -0,0 +1,105 @@
+import sys
+import os
+
+# .env文件路径：固定在api-key-vault根目录
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+ENV_FILE = os.path.join(BASE_DIR, ".env")
+
+
+def load_keys():
+    """读取.env文件，返回dict"""
+    keys = {}
+    if not os.path.exists(ENV_FILE):
+        return keys
+    with open(ENV_FILE, "r", encoding="utf-8") as f:
+        for line in f:
+            line = line.strip()
+            if not line or line.startswith("#"):
+                continue
+            if "=" in line:
+                name, _, value = line.partition("=")
+                keys[name.strip()] = value.strip()
+    return keys
+
+
+def save_keys(keys):
+    """把dict写回.env文件"""
+    with open(ENV_FILE, "w", encoding="utf-8") as f:
+        f.write("# API Key Vault - 自动生成，请勿手动乱改\n")
+        for name, value in keys.items():
+            f.write(f"{name}={value}\n")
+
+
+def cmd_get(name):
+    keys = load_keys()
+    if name not in keys:
+        print("ERROR:KEY_NOT_FOUND")
+    else:
+        print(keys[name])
+
+
+def cmd_set(name, value):
+    keys = load_keys()
+    keys[name] = value
+    save_keys(keys)
+    print(f"✅ 已保存：{name}")
+
+
+def cmd_list():
+    keys = load_keys()
+    if not keys:
+        print("暂无已存储的Key")
+        return
+    print("已存储的Key列表：")
+    for name in keys:
+        value = keys[name]
+        # 只显示前4位和后4位，中间用*遮挡
+        masked = value[:4] + "****" + value[-4:] if len(value) > 8 else "****"
+        print(f"  · {name} = {masked}")
+
+
+def cmd_delete(name):
+    keys = load_keys()
+    if name not in keys:
+        print(f"❌ 未找到：{name}")
+    else:
+        del keys[name]
+        save_keys(keys)
+        print(f"🗑 已删除：{name}")
+
+
+if __name__ == "__main__":
+    if len(sys.argv) < 2:
+        print("用法：")
+        print("  python vault.py get <key名>")
+        print("  python vault.py set <key名> <key值>")
+        print("  python vault.py list")
+        print("  python vault.py delete <key名>")
+        sys.exit(1)
+
+    command = sys.argv[1].lower()
+
+    if command == "get":
+        if len(sys.argv) < 3:
+            print("错误：get命令需要提供key名")
+            sys.exit(1)
+        cmd_get(sys.argv[2])
+
+    elif command == "set":
+        if len(sys.argv) < 4:
+            print("错误：set命令需要提供key名和key值")
+            sys.exit(1)
+        cmd_set(sys.argv[2], sys.argv[3])
+
+    elif command == "list":
+        cmd_list()
+
+    elif command == "delete":
+        if len(sys.argv) < 3:
+            print("错误：delete命令需要提供key名")
+            sys.exit(1)
+        cmd_delete(sys.argv[2])
+
+    else:
+        print(f"错误：未知命令 {command}")
+        sys.exit(1)