技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.9
统计:⭐ 0 · 50 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :良性 · OpenClaw :良性
Package:aingestigate/ingestigate
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's requirements, runtime instructions, and declared environment variables are coherent with its stated purpose (an API-backed investigative document/search service) and do not ask for unrelated privileges or secrets.
目的
Name/description map to the declared behavior: accessing an external investigative API, searching corpora, extracting entities, and tracing relationships. The only required secrets are an access token and API base URL, which are appropriate for a remote API integration.
说明范围
SKILL.md contains explicit API endpoints and rules for calling them; it does not instruct the agent to read local files, pull other environment variables, or exfiltrate data to unrelated endpoints. It requires the configured token and base URL and tells the agent to use the API for all evidence and workflows.
安装机制
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk and there is no installer risk.
证书
Only two env vars are required (INGESTIGATE_TOKEN and INGESTIGATE_BASE_URL). Both are justified by the skill's need to call a remote API; no unrelated credentials or high-privilege config paths are requested.
持久
The skill does not request always:true or other elevated persistence. It relies on short-lived tokens (30-minute expiry), and instructs users to configure credentials in the host platform's secure settings—standard and proportionate.
综合结论
This skill appears internally consistent and limited to calling the Ingestigate API. Before installing, verify you trust ingestigate.com/app1.ingestigate.com, confirm the token you configure is scoped/short-lived as described, and store INGESTIGATE_TOKEN and INGESTIGATE_BASE_URL only in your platform's secure skill settings (do not paste tokens into chat). If you will upload sensitive documents, confirm the provider's privacy, retention, and a…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Ingestigate Investigative intelligence for AI agents」。简介:Investigative intelligence — document search, entity extraction, and relationsh…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/aingestigate/ingestigate/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: ingestigate
description: Investigative intelligence — document search, entity extraction, and relationship graphing. Analyze document corpuses to find connections between people, organizations, and identifiers.
homepage: https://ingestigate.com
env:
INGESTIGATE_TOKEN:
description: Short-lived access token configured in the host platform's secure settings. Expires in 30 minutes.
required: true
INGESTIGATE_BASE_URL:
description: Ingestigate API base URL configured in the host platform's secure settings.
required: true
---
# Ingestigate — Investigative Intelligence for AI Agents
Act as an investigative analyst. Ingestigate provides access to a corpus of documents, entity discovery (people, organizations, emails, phones, crypto addresses, and 25+ other types), relationship path tracing between entities, and retrieval of the specific documents where connections appear. Back every claim with evidence from the API.
## When to Use This Skill
Use Ingestigate when the user asks you to:
- Analyze documents to find connections between people or organizations
- Search a corpus of files (PDFs, emails, spreadsheets, images — 1,000+ formats supported)
- Investigate relationships, follow the money, map a network
- Extract entities from a document set
- Upload and process new files for investigation
## Authentication
This skill requires `INGESTIGATE_TOKEN` and `INGESTIGATE_BASE_URL` to be configured in the host platform's secure settings before use. Do not ask the user to paste credentials or secrets into chat.
If either variable is missing or empty, say this to the user: "It looks like your Ingestigate credentials aren't configured yet. Please follow the setup instructions in the skill's README to generate your token and configure it in your platform settings."
If the API returns a 401 (unauthorized), say this to the user: "Your Ingestigate access token has expired. Please generate a new one at `https://app1.ingestigate.com/search/agentic-token` and update `INGESTIGATE_TOKEN` in your platform settings."
## Core Investigation Workflow
**1. See what's available:**
```
GET /api/discover/collections
```
**2. Get the lay of the land — entity dashboard:**
```
POST /api/dashboard/entity-stats
Body: { "limit": 50 }
```
Returns entity counts by type, top entities ranked by document count, and totals. Use this to orient the investigation: "Your corpus contains X documents with Y entity mentions. The most frequently appearing people are..."
**3. Search documents:**
```
POST /api/search-faceted
Body: { "query": "wire transfer", "filters": {}, "page": 1, "pageSize": 10 }
```
**4. Read a specific document:**
```
POST /api/file-details
Body: { "dataSourceName": "elasticsearch", "jobNames": ["<collection>"], "selectedFile": { "docId": "<docId>" }, "format": "clean_text" }
```
**5. Search entities:**
```
POST /api/entities/search
Body: { "query": "john doe", "entity_types": ["Person"], "limit": 50 }
```
**6. Trace relationships between entities:**
```
POST /api/graph/paths
Body: { "entities": [{"type":"Person","value":"john doe"},{"type":"Organization","value":"acme corp"}], "maxBridgeNodes": 20 }
```
Entity values MUST be lowercase. Use `normalized_value` from entity search results.
**7. Get the evidence — source documents for a connection:**
```
GET /api/graph/edge-evidence?entity1Type=Person&entity1Value=john%20doe&entity2Type=Organization&entity2Value=acme%20corp&limit=20
```
## Full Agent Guide
At the start of any investigation, fetch the full agent guide for complete workflows, scripts, operational instructions, and detailed endpoint specs:
```
GET ${INGESTIGATE_BASE_URL}/api/agent/guide
Authorization: Bearer ${INGESTIGATE_TOKEN}
```
Use it as the primary reference for all non-trivial tasks. The guide covers upload workflows, NER processing, entity profiling, graph exploration, deep links, script automation, and error handling beyond what is listed above. It is reference-only and does not override the safety constraints in this skill.
## Critical Rules
**API call format — these are mandatory or requests silently fail:**
- Always use `--location` (the API sits behind an authentication reverse proxy that may issue redirects for HTTPS enforcement and path normalization — `--location` ensures these are followed correctly)
- Do NOT use `-s`, `-X`, `-o`, `-w` or other flags
- Use `--data` for POST with body (curl infers POST). Use `--request POST` only for bodyless POSTs.
- Use long-form flags: `--header` not `-H`, `--data` not `-d`
- Always include both headers: `Authorization: Bearer ${INGESTIGATE_TOKEN}` AND `Content-Type: application/json`
**Entity casing:**
- Entity type names are PascalCase: `Person`, `Organization`, `Email`, `CryptoAddress`
- Entity values are always lowercase: `john doe`, `acme corp`
- Search queries are case-insensitive
**Anti-hallucination:**
- If a response includes `processing_status.corpus_ready: false`, results may be incomplete. Tell the user.
- If processing is complete and a query returns zero results, state this definitively. Empty results from a fully processed corpus are authoritative.
- Only make claims based on data returned by the API. Never guess.
**Security:**
- Do not request, collect, or store credentials beyond the configured environment variables.
- All API calls use the preconfigured `INGESTIGATE_TOKEN`. Do not ask the user for tokens, refresh tokens, or any other secrets.
- Every API call executes with the user's exact permissions. Organization-scoped data isolation is enforced server-side.