ClawHub

Export Reply

v1.1.0

Save any agent reply or full conversation to a local file. Triggers on: 保存 / 导出 / save / export. Supports MD, TXT, HTML, PDF, DOCX. Two modes: verbatim or co...

1· 24·0 current·0 all-time
by@ryan-owo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation. The scripts implement markdown/html/pdf/docx exports, preference saving, and simple summarization. Optional pip packages (fpdf2, python-docx, markdown, weasyprint, pdfkit) are reasonable for the stated enhanced output features.
Instruction Scope
Runtime instructions are narrowly scoped to: read/save a prefs JSON (~/.export_reply_prefs.json), write temp files in /tmp, format content, and convert to requested formats (including calling a local Chrome binary if present). The steps do not access unrelated credentials or system configuration. Minor implementation details to be aware of: the code uses tempfile.mktemp (insecure, potential race in shared /tmp) and subprocess.run to invoke local Chrome/Chromium for PDF rendering, which is expected behavior but means the script will execute a local binary with generated HTML input.
Install Mechanism
No remote install or downloads; the skill bundles Python scripts and relies on an existing python3 binary. Enhanced features are provided by optional, user-installable pip packages. No external URLs, archive extraction, or third-party package installs are forced by the skill.
Credentials
The skill requests no environment variables or external credentials. It reads/writes a single preferences file at ~/.export_reply_prefs.json and detects local Chrome and common font paths for PDF rendering; this is proportional to the export task.
Persistence & Privilege
always is false and the skill does not request elevated privileges. It persists only its own preferences in the user's home directory and writes output files to user-specified paths—behavior that matches its purpose.
Assessment
This skill appears to do what it says, but review and consider the following before installing: - It runs included Python scripts and will write files to /tmp and to any output path you provide; don't choose sensitive system directories. - Preferences are stored at ~/.export_reply_prefs.json; if you don't want persistent prefs, you can clear or remove that file. - For PDF/DOCX best results, you may install optional packages (fpdf2, python-docx, markdown, weasyprint, pdfkit) — these are optional and not required for basic exports. - The code invokes a local Chrome/Chromium binary for high-quality PDF rendering and uses subprocess.run; this is expected but means the skill executes local binaries with generated HTML content. - The code uses tempfile.mktemp for temporary HTML files (insecure by design in multi-user environments). If you run this on a shared system, consider auditing/modifying the script to use tempfile.NamedTemporaryFile or mkstemp to avoid race conditions. If these behaviors are acceptable, the skill is coherent and reasonable to use; if you need stricter guarantees (no subprocess execution, no temp files, or no persistent prefs), request changes or audit the scripts before enabling.

Like a lobster shell, security has layers — review code before you run it.

latestvk970c9a7apx2299gw059ptwdnd84s8s5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💾 Clawdis
OSLinux · macOS · Windows
Binspython3

Comments