Poetize Blog Automation
v1.0.3专为开源版 awesome-poetize-open 设计的 POETIZE 博客自动化技能。通过 `/api/api/*` 接口完成文章发布、更新、隐藏、分类标签维护、主题切换、数据分析和 SEO 运维。Use only when the task explicitly targets a POETIZE si...
⭐ 0· 114·0 current·0 all-time
by@leapya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the bundle: scripts call POETIZE admin API endpoints under POETIZE_BASE_URL and use POETIZE_API_KEY. Requested binaries (python) and the single install step (brew python) are appropriate for the included Python scripts.
Instruction Scope
SKILL.md and scripts limit actions to POETIZE API operations (create/update/hide articles, upload resources, analytics, SEO). The runtime intentionally reads local Markdown and image files for uploads and requires formation of brief JSON files before mutating actions — this is expected behavior but means the skill will read local workspace files (images, markdown, brief JSON).
Install Mechanism
Install spec only offers a Homebrew python formula (standard, low risk). No arbitrary downloads or extracted archives are used.
Credentials
Only two runtime values are required: POETIZE_BASE_URL and POETIZE_API_KEY (primaryEnv). Both are justified by the stated purpose; no unrelated secrets or system config paths are requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. Note: the bundled agent interface enables implicit invocation (allow_implicit_invocation), which increases when the agent may call the skill without an explicit user prompt — this is a behavioral property of the agent config, not a mismatch with the skill's purpose.
Assessment
This skill appears to do what it claims: operate an awesome-poetize-open blog via its admin API. Before installing, confirm the POETIZE_BASE_URL points to the intended host and supply an API key with the minimal required privileges. Inspect any local brief JSON and Markdown you give the skill (the scripts will read local files and upload images), and run the provided read-only smoke test first. If you plan to run in shared or production OpenClaw, consider sandboxing the skill's environment or scoping the API key, and rotate the key after testing. If you want to reduce risk further, review publish_post.py/manage_blog.py for the exact request shapes you’ll allow and test in a staging blog instance.Like a lobster shell, security has layers — review code before you run it.
latestvk97e8hpknkzt8qhxqzyhrf41th83dfm0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
✍️ Clawdis
Any binpython, python3
EnvPOETIZE_BASE_URL, POETIZE_API_KEY
Primary envPOETIZE_API_KEY
Install
Install Python 3 (brew)
Bins: python3
brew install python