ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pretext Reporter Bao

v0.1.0

文本测量和Canvas布局报告工具 - 基于Pretext库,支持多语言文本测量、行布局计算、可视化报告生成

0· 83·0 current·0 all-time
byBillionB@baojun-billion

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for baojun-billion/pretext-reporter-bao.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Pretext Reporter Bao" (baojun-billion/pretext-reporter-bao) from ClawHub.
Skill page: https://clawhub.ai/baojun-billion/pretext-reporter-bao
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pretext-reporter-bao

ClawHub CLI

Package manager switcher

npx clawhub@latest install pretext-reporter-bao
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, SKILL.md API examples, and the bundled code (dist/ and pretext/) all align: the package implements text measurement, layout, flow layout, Markdown/JSON reporting and Canvas-report metadata. The SKILL.md states Pretext isn't on npm and instructs cloning from GitHub, yet the package already contains a full pretext/ subtree—this is a minor packaging inconsistency but not a security mismatch.
Instruction Scope
Runtime instructions only show use of the pretext APIs, measurement and report-generation functions, and local Canvas reporting. The SKILL.md does not instruct reading unrelated system files or exporting secrets. However, an automated scan detected unicode-control-chars inside SKILL.md (see scan_findings_in_context) which can be used to hide or obfuscate text; review the raw SKILL.md for unexpected invisible characters before trusting it.
Install Mechanism
This is instruction-only in the registry (no install spec), but the skill package includes built files and a vendored pretext/ directory. The SKILL.md suggests cloning GitHub, but you likely don't need to as sources are bundled—there's no remote binary download or extractor in the install spec, so install risk is low. Still, verify the bundled code origin if you rely on authenticity.
Credentials
The skill requires no environment variables, no credentials, and no config paths. That is proportionate to the described functionality (local measurement and reporting).
Persistence & Privilege
Skill flags are default (always: false, user-invocable true, autonomous invocation allowed). The skill does not request elevated or permanent platform privileges; nothing in the package modifies other skills or global agent config.
Scan Findings in Context
[unicode-control-chars] unexpected: Scanner found unicode control characters inside SKILL.md. Such characters are not required for a measurement/reporting skill and can be used to hide text or manipulate rendered instructions. This is likely harmless but should be inspected: view SKILL.md as raw bytes/hex or in a hex-capable editor to confirm no hidden directives.
Assessment
The package appears to do what it claims: text measurement, layout, and report generation using the Pretext code that is bundled. Before installing: 1) Inspect SKILL.md and README raw content for invisible/control characters (the scanner flagged unicode-control-chars). 2) Verify the author/repository (package.json points to a GitHub URL) and confirm you trust that source. 3) If you want to avoid surprises, run the package in a sandbox or isolated environment and examine network activity during tests — this skill should not need network calls at runtime. 4) Note the repo includes large corpora/text files; check for any copyrighted or sensitive data you don't want bundled. 5) If you were following SKILL.md instructions to git-clone the upstream Pretext repo, know that the pretext/ sources are already vendored in the package; reconcile which source you prefer and prefer official upstream releases where possible.
pretext/scripts/accuracy-check.ts:196
Shell command execution detected (child_process).
pretext/scripts/browser-automation.ts:33
Shell command execution detected (child_process).
pretext/scripts/corpus-sweep.ts:247
Shell command execution detected (child_process).
pretext/scripts/gatsby-check.ts:5
Shell command execution detected (child_process).
pretext/scripts/gatsby-sweep.ts:5
Shell command execution detected (child_process).
pretext/scripts/accuracy-check.ts:70
Environment variable access combined with network send.
pretext/scripts/browser-automation.ts:123
Environment variable access combined with network send.
!
pretext/scripts/browser-automation.ts:2
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk974kfcjqpgggm2crrn2c1rd4n846s6d
83downloads
0stars
1versions
Updated 3w ago
v0.1.0
MIT-0
BillionB@baojun-billion
latest
Download

Pretext Reporter

基于 Pretext 库的文本测量和布局报告工具,支持多语言(包括表情符号、BIDI、CJK)、Canvas 可视化输出。

主要功能

文本测量

  • 快速测量文本高度和宽度
  • 支持所有语言(中文、日文、韩文、阿拉伯语、希伯来语等)
  • 表情符号和混合文本支持
  • 避免DOM布局回流,纯算术计算

行布局计算

  • 自动换行计算
  • 支持固定宽度和行高
  • 流式布局支持(可变宽度)
  • Shrink Wrap - 找到最窄的适配容器

报告生成

  • 文本统计(字符数、行数)
  • 布局信息(高度、宽度)
  • 多种输出格式(Markdown、JSON)
  • Canvas 可视化(PNG 导出)

使用场景

  1. 虚拟列表高度计算 - 精确计算项目容器高度
  2. 动态UI布局 - 预先测量文本防止布局偏移
  3. Canvas/SVG渲染 - 文本渲染到Canvas或SVG
  4. 开发时验证 - 测试按钮标签是否溢出
  5. 文本编辑器 - 实现自定义文本编辑和测量

核心优势

  • 性能优异 - prepare 约19ms,layout 约0.09ms(500个文本批次)
  • 无DOM依赖 - 纯算术计算,不触发浏览器回流
  • 精确测量 - 使用浏览器字体引擎作为基准
  • 全面支持 - 所有语言、表情符号、混合BIDI

API 对接

使用 Pretext 的核心 API:

// 用例1:简单测量
import { prepare, layout } from '@chenglou/pretext'

const prepared = prepare('你好世界 🚀', '16px Inter')
const { height, lineCount } = layout(prepared, 320, 24)

// 用例2:行级控制
import { prepareWithSegments, layoutWithLines } from '@chenglou/pretext'

const prepared = prepareWithSegments('你好世界 🚀', '16px Inter')
const { lines } = layoutWithLines(prepared, 320, 24)

// 用例3:流式布局
import { layoutNextLine } from '@chenglou/pretext'

let cursor = { segmentIndex: 0, graphemeIndex: 0 }
let y = 0

while (true) {
  const width = y < image.bottom ? 300 : 320
  const line = layoutNextLine(prepared, cursor, width)
  if (line === null) break
  
  ctx.fillText(line.text, 0, y)
  cursor = line.end
  y += 24
}

使用方法

基础用法

// 测量文本
import { measureText } from '@claw/skills/pretext-reporter-bao'

const result = await measureText('你好世界 🚀', {
  font: '16px Inter',
  maxWidth: 320,
  lineHeight: 24
})

console.log(result)
// {
//   text: '你好世界 🚀',
//   characterCount: 5,
//   lineCount: 1,
//   height: 24,
//   lines: [{ text: '你好世界 🚀', width: 87.5 }]
// }

生成Canvas报告

// 生成Canvas可视化
import { generateCanvasReport } from '@claw/skills/pretext-reporter-bao'

const canvas = await generateCanvasReport('你好世界 🚀', {
  font: '16px Inter',
  maxWidth: 320,
  lineHeight: 24,
  backgroundColor: '#ffffff',
  textColor: '#000000'
})

// 保存或使用Canvas
const png = canvas.toDataURL('image/png')

流式布局

// 流式布局(支持图片环绕等)
import { createFlowLayout } from '@claw/skills/pretext-reporter-bao'

const layout = createFlowLayout('你好世界 🚀', {
  font: '16px Inter',
  lineHeight: 24
})

// 逐行布局
let line
while ((line = layout.nextLine(320)) !== null) {
  console.log(line.text, line.width)
}

配置选项

选项类型默认值说明
fontstring'16px Inter'字体(与CSS font属性格式一致)
maxWidthnumber320最大宽度(像素)
lineHeightnumber24行高(像素)
whiteSpace'normal' | 'pre-wrap''normal'空白处理方式
backgroundColorstring'#ffffff'Canvas背景色
textColorstring'#000000'Canvas文字颜色

输出格式

Markdown报告

# 文本测量报告

## 基本信息
- 文本:你好世界 🚀
- 字符数:5
- 行数:1
- 字体:16px Inter

## 布局信息
- 最大宽度:320px
- 计算高度:24px
- 行高:24px

## 行详情
| 行号 | 文本 | 宽度 |
|------|------|------|
| 1 | 你好世界 🚀 | 87.5px |

JSON报告

{
  "text": "你好世界 🚀",
  "font": "16px Inter",
  "config": {
    "maxWidth": 320,
    "lineHeight": 24,
    "whiteSpace": "normal"
  },
  "stats": {
    "characterCount": 5,
    "lineCount": 1,
    "height": 24
  },
  "lines": [
    {
      "index": 0,
      "text": "你好世界 🚀",
      "width": 87.5,
      "start": { "segmentIndex": 0, "graphemeIndex": 0 },
      "end": { "segmentIndex": 0, "graphemeIndex": 5 }
    }
  ]
}

性能基准

操作时间说明
prepare()~19ms500个文本批次(一次性分析)
layout()~0.09ms热路径(纯算术计算)
layoutWithLines()~0.12ms包含行信息返回

依赖

  • @chenglou/pretext - 核心文本测量库(需手动安装)

安装说明

前置步骤:Pretext 还未发布到 npm,需要手动安装:

# 方式1:从 GitHub 克隆
git clone https://github.com/chenglou/pretext.git
cd pretext
npm install
npm link  # 全局链接

# 方式2:在项目中本地引用
# 将 pretext 目录复制到 node_modules/@chenglou/pretext

然后安装本 Skill:

cd skills/pretext-reporter-bao
npm install

参考资料

Comments

Loading comments...