ClawHub

Structured PDF Export

v1.2.0

将结构化内容(表格、对比清单、数据可视化)转换为美化 PDF 并发送。在准备输出竖线表格时自动触发:创建 HTML → 启动本地服务器 → 打开浏览器 → 转成 PDF → 发送 + 清理临时文件。文件名用中文描述性表述。**依赖条件**:OpenClaw 浏览器工具、Message 工具、Python HTTP...

0· 136·0 current·0 all-time
by@huchiyv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (generate local PDFs from structured content) matches the provided artifacts: SKILL.md describes starting a local http.server, using the OpenClaw browser to render/pdf, and sending the resulting local file via message.send. No unrelated credentials, remote downloads, or unexpected binaries are requested.
Instruction Scope
Instructions stay within the PDF-export workflow (create HTML, serve locally, open with browser tool, produce local PDF, copy to workspace, send, cleanup). They explicitly require manual verification to avoid sending sensitive data and warn about multi-user process/port issues. This manual-verification requirement is a functional limitation (not a covert behavior) but increases operational risk if users skip checks.
Install Mechanism
Instruction-only skill with one helper script included; no install spec, no external downloads, and no packages are installed automatically. Risk from install mechanism is low.
Credentials
No secret environment variables or credentials are required. The skill uses a workspace path (OPENCLAW_WORKSPACE or $HOME fallback) and requires write permissions there. This is proportionate to the stated functionality.
Persistence & Privilege
Skill does not request permanent/always-on inclusion. It assumes the platform's browser and message tools; because autonomous invocation is allowed by default, the agent could start a local server and open the browser without interactive confirmation—this is expected behavior but users should be aware of it when granting invocation rights.
Assessment
This skill appears coherent and performs only local PDF generation. Before installing or running it: (1) Use it only on a single-user or trusted system (the workflow cannot safely isolate processes on multi-user hosts). (2) Manually verify that the generated HTML/PDF contain no secrets (API keys, tokens, PII) before sending. (3) Ensure the configured port is free or use a randomized/user-specific port to avoid disrupting other services. (4) Confirm that your OpenClaw browser and message tools actually operate locally and do not upload files to external services. (5) Review the included script (scripts/generate_table_pdf.py) if you have any doubt—there are no hidden network calls, but it writes to your workspace and creates a local http.server. (6) Be cautious granting autonomous invocation if you do not want the agent to start local servers or open the browser without an explicit prompt.

Like a lobster shell, security has layers — review code before you run it.

latestvk9704ev2rmhpnmr5x4yb1hb0h5833db2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments