ClawHub

Publish To Mdpage

v1.2.0

Turn any markdown into a shareable web page via md.page. Use when the user asks to "share this", "publish this markdown", "create a shareable link", "make th...

0· 124·0 current·0 all-time
byOr May-Paz@maypaz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the instructions: the skill posts markdown to md.page's publish API. The package.json homepage and repository point at md.page, consistent with the stated purpose.
Instruction Scope
SKILL.md instructs the agent to read local files (via a 'Read' tool) and to POST content using curl (and recommends using python3 for JSON encoding). Reading files and sending them to md.page is expected for a publish workflow, but the metadata lists no required binaries/tools even though the instructions rely on curl, bash, and python3. Also the example response's expires_at date appears inconsistent with the published timestamp (likely a typo).
Install Mechanism
This is an instruction-only skill with no install spec and no code to download or execute; no install-related risks were identified.
Credentials
No environment variables, credentials, or config paths are requested. The SKILL.md explicitly warns to scan for secrets before publishing, which is appropriate and minimizes accidental credential leakage.
Persistence & Privilege
always is false and the skill does not request persistent or cross-skill privileges. It does instruct using agent tools at runtime but does not request special platform-level privileges.
Assessment
This skill appears to do exactly what it says: POST markdown to md.page and return a shareable URL. Before installing or using it, keep these points in mind: (1) the instructions assume access to the agent's file-read capability and to curl/python3 on the execution platform — verify you are comfortable granting the agent access to files you may publish and that those binaries are available; (2) never publish secrets or credentials — the skill itself recommends scanning for secrets, so confirm any sensitive content is removed before publishing; (3) confirm you trust the external service (md.page) and its privacy/retention policy because content is sent to that third-party endpoint; (4) note the minor example typo (expires_at predates the publish date) — this is likely not harmful but indicates small documentation sloppiness. If you need stronger guarantees about retention or encryption, investigate md.page's official docs before sending private data.

Like a lobster shell, security has layers — review code before you run it.

latestvk976dfdee6q4xytewr2gjczje583z226markdownvk97cqmpbz9jnd4g3qafwgdtd7183t15epublishingvk97cqmpbz9jnd4g3qafwgdtd7183t15esharingvk97cqmpbz9jnd4g3qafwgdtd7183t15e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments