Dele Deploy
v1.0.4Deploy local HTML/frontend files to Dele (dele.fun) and get a live URL
⭐ 0· 0·0 current·0 all-time
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (deploy to Dele) aligns with the declared behavior in SKILL.md (collect files and POST them to a Dele upload endpoint). However the registry metadata at the top reports 'Required env vars: none' while the SKILL.md requires POSTME_API_KEY (and optionally POSTME_API_URL). That mismatch is an incoherence that should be resolved before trust.
Instruction Scope
SKILL.md instructs the agent to read a provided target_path (file or directory), gather all files under it, and upload them to an external API. This is consistent with the stated purpose, but it also means the agent will read arbitrary local files and transmit them to dele.fun. The SKILL.md embeds a full Python implementation and tells the user/agent to pip install 'requests' — but no code files or install spec are present in the package. The combination of: (a) an embedded implementation that is not packaged as a code file, (b) missing declared env var in registry metadata, and (c) instructions to install a dependency are incoherent and warrant caution.
Install Mechanism
There is no install specification (instruction-only skill), which is low-risk in terms of automatic downloads. However the SKILL.md tells users/agents to 'pip install requests' if needed. Because the implementation is provided only as a snippet in the markdown (no packaged code files or vetted install), an agent or operator would need to run/host the code themselves — verify how the platform will execute the tool before trusting it.
Credentials
The only secret the skill requires (per SKILL.md) is POSTME_API_KEY, which is proportionate to uploading to Dele. That said, the registry metadata failing to list that required env var is an inconsistency. The tool also accepts an 'api_key' parameter — ensure the platform will use the intended environment variable rather than asking for ad-hoc secrets.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills or system-wide settings. It only performs on-demand deployment and does not ask for persistent elevated privileges.
What to consider before installing
This skill appears to do what it says (upload local files to dele.fun) but has some red flags you should address before installing: 1) The registry metadata does not list POSTME_API_KEY even though SKILL.md requires it — ask the publisher to fix this. 2) There are no packaged code files or install spec even though a full Python implementation and a pip dependency are shown in the README; confirm how/where the implementation will run and who supplies it. 3) Understand that using the skill will cause local files under the supplied target_path to be read and uploaded to an external service — do not use it with any paths that may contain secrets or private data. 4) Verify the Dele endpoint and the publisher's identity (there is no homepage). If you can't validate these points, prefer manually deploying or using an officially published/packaged integration.Like a lobster shell, security has layers — review code before you run it.
latest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Dele Deploy Skill
Overview
This skill allows AI Agents (OpenClaw, Cursor, Claude, etc.) to automatically deploy generated HTML files or frontend project folders to Dele (https://www.dele.fun) — a static site hosting platform. It returns a live URL that can be shared with the user.
Required Environment Variables
| Variable | Description |
|---|---|
POSTME_API_KEY | Required. Your Dele API key for authentication. Get one at https://www.dele.fun/api-keys |
POSTME_API_URL | Optional. Defaults to https://www.dele.fun/api/upload |
Prerequisites
-
Dele API Key: Generate an API key at https://www.dele.fun/api-keys, then set it as an environment variable:
POSTME_API_KEY="your-secret-agent-key" -
Python Dependencies: The skill requires the
requestslibrary.pip install requests
Usage Instructions for the Agent
When a user asks you to deploy, publish, or share a web application (like an HTML file or a frontend project folder) that you have just created, you should use this skill.
- Determine the absolute path to the generated folder or file (
target_path). - Invent a suitable, URL-friendly name for the application (
app_name). It must contain only lowercase letters, numbers, and hyphens. - Call the
postme_deployskill with these parameters. - Present the resulting URL to the user.
Example
If you generated a project in /tmp/workspace/my-app, you would call the skill with:
target_path:/tmp/workspace/my-appapp_name:my-app-v1
The skill will return a success message containing the live URL, e.g., Deployment successful! URL: https://www.dele.fun/app/my-app-v1/.
Tool Definition
{
"name": "postme_deploy",
"description": "Deploy a local folder or HTML file to the Dele system to get a live web URL.",
"parameters": {
"type": "object",
"properties": {
"target_path": {
"type": "string",
"description": "The local path to the folder or HTML file you want to deploy."
},
"app_name": {
"type": "string",
"description": "A unique, URL-friendly name for the application (lowercase letters, numbers, hyphens only)."
},
"api_url": {
"type": "string",
"description": "The full URL to the Dele /api/upload endpoint. Defaults to https://www.dele.fun/api/upload"
},
"api_key": {
"type": "string",
"description": "The API key for authentication (POSTME_API_KEY)."
},
"app_desc": {
"type": "string",
"description": "A short description of what the application does."
}
},
"required": [
"target_path",
"app_name"
]
}
}
Python Implementation (postme_deploy.py)
import os
import requests
import re
from typing import Optional
def execute(
target_path: str,
app_name: str,
api_url: str = "https://www.dele.fun/api/upload",
api_key: Optional[str] = None,
app_desc: Optional[str] = None
) -> str:
"""
Deploy a local folder or HTML file to the Dele system.
"""
if not os.path.exists(target_path):
return f"Error: Target path '{target_path}' does not exist."
if not re.match(r'^[a-z0-9-]+$', app_name):
return "Error: app_name must contain only lowercase letters, numbers, and hyphens."
files_to_upload = []
if os.path.isfile(target_path):
files_to_upload.append((target_path, os.path.basename(target_path)))
elif os.path.isdir(target_path):
for root, _, files in os.walk(target_path):
for file in files:
file_path = os.path.join(root, file)
rel_path = os.path.relpath(file_path, target_path).replace(os.sep, '/')
files_to_upload.append((file_path, rel_path))
else:
return f"Error: '{target_path}' is neither a file nor a directory."
if not files_to_upload:
return "Error: No files found to upload."
multipart_data = [('appName', (None, app_name))]
if app_desc:
multipart_data.append(('appDesc', (None, app_desc)))
file_handles = []
try:
for file_path, rel_path in files_to_upload:
f = open(file_path, 'rb')
file_handles.append(f)
multipart_data.append(('files', (os.path.basename(file_path), f)))
multipart_data.append(('paths', (None, rel_path)))
headers = {}
if api_key:
headers['Authorization'] = f"Bearer {api_key}"
headers['x-agent-user'] = "openclaw-agent"
response = requests.post(api_url, files=multipart_data, headers=headers)
if response.status_code in (200, 201):
data = response.json()
base_url = api_url.replace('/api/upload', '')
return f"Deployment successful! URL: {base_url}{data.get('url', f'/app/{app_name}/')}"
else:
try:
err_msg = response.json().get('error', response.text)
except:
err_msg = response.text
return f"Deployment failed (Status {response.status_code}): {err_msg}"
except Exception as e:
return f"Error during deployment: {str(e)}"
finally:
for f in file_handles:
f.close()
Files
1 totalSelect a file
Select a file to preview.
Comments
Loading comments…