Wiki Js V3

v1.0.1

All-encompassing Wiki.js Administration – GraphQL + REST API wrapper with full coverage. Pages, Assets, Search, Tags, Tree, History, Versioning, Rendering. R...

⭐ 0· 103·0 current·0 all-time

by@nyhx1101

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for nyhx1101/wiki-js-v3.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Wiki Js V3" (nyhx1101/wiki-js-v3) from ClawHub.
Skill page: https://clawhub.ai/nyhx1101/wiki-js-v3
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Config paths to check: wikijs
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install wiki-js-v3

ClawHub CLI

Package manager switcher

npx clawhub@latest install wiki-js-v3

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

Name/description describe a Wiki.js administration client and the included bin/wiki.js implements GraphQL, REST upload, pages/assets/tags operations that match that purpose. Minor inconsistency: registry metadata lists no required env vars while SKILL.md and the code require WIKIJS_URL and WIKIJS_TOKEN.

✓

Instruction Scope

SKILL.md instructs using environment variables, optionally creating a CLI symlink, and reading files for uploads/upserts — all expected for a CLI admin client. It does not instruct reading unrelated system files or exfiltrating data to third-party endpoints.

ℹ

Install Mechanism

The registry has no formal install spec; SKILL.md lists npm packages (graphql-request, form-data, node-fetch) but no automated installer. This is not harmful, but means the runtime dependencies must be installed by the user or platform; verify the environment provides them.

✓

Credentials

The skill requires a Wiki.js URL and API token (WIKIJS_URL, WIKIJS_TOKEN) which are appropriate and necessary. The code enforces a token and uses it only for requests to the wiki endpoints. Required config path 'wikijs' is plausible. Ensure you use a key with minimum needed permissions (prefer read-only if you won't write).

✓

Persistence & Privilege

No 'always: true' or elevated privileges requested. Optional instructions create a symlink in ~/.local/bin and chmod the bundled script — expected for providing a CLI wrapper and under user control.

Assessment

This skill appears to do what it says: a Wiki.js admin CLI that needs WIKIJS_URL and WIKIJS_TOKEN and will read files you give it (for uploads or @file upserts). Before installing: (1) only provide an API key scoped to the minimum permissions needed (avoid a full-admin key if you only need read/write on a subset); (2) review the full bin/wiki.js for any use of child_process.spawn or external commands (the script imports spawn — confirm what it's used for, e.g., PDF rendering may invoke external binaries); (3) be aware the SKILL.md asks you to create a symlink in ~/.local/bin (this modifies your user PATH); (4) install or verify the listed npm dependencies in a controlled environment; and (5) if you want stricter assurance, ask the maintainer for a signed release or a provenance explanation because the registry metadata omitted the required env vars. Overall this looks coherent for its purpose but validate API key scope and review the rest of the script before use.

✗

bin/wiki.js:46

Environment variable access combined with network send.

bin/wiki.js:766

File read combined with network send (possible exfiltration).

Patterns worth reviewing

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Configwikijs

latestvk97dnsbm9p957c2zad33yhps6x83m51b

103downloads

0stars

2versions

Updated 1mo ago

v1.0.1

MIT-0

Wiki.js V3 Skill – All-Encompassing Wiki Administration

Ersetzt: wiki-js-v2 (nur Pages + Assets)

🎯 Features

Feature	V2	V3
Pages (CRUD)	✅	✅
Assets (Upload/List)	✅	✅
Move/Copy Pages	❌	✅
Page History	❌	✅
Version Restore	❌	✅
Render (HTML/PDF)	❌	✅
Search (Full-Text + Tags)	❌	✅
Page Tree/Hierarchy	❌	✅
Tags (CRUD)	❌	✅
Asset Folders	✅	✅
Asset Delete	❌	✅
Multi-Locale	✅	✅
Retry + Backoff	✅	✅
Path-First + ID	✅	✅

📦 Installation

# Skill bereits installiert unter:
~/.openclaw/workspace/skills/wiki-js-v3/

# CLI-Wrapper (optional, für direkten Terminal-Zugriff):
chmod +x ~/.openclaw/workspace/skills/wiki-js-v3/bin/wiki.js
ln -s ~/.openclaw/workspace/skills/wiki-js-v3/bin/wiki.js ~/.local/bin/wiki

Environment:

export WIKIJS_URL="https://your-wiki.example.com"
export WIKIJS_TOKEN="your_api_key_here"
export WIKIJS_LOCALE="de"  # Optional, default: de

🔧 API Coverage

GraphQL Operations

Category	Operations
Pages	`single`, `singleByPath`, `list`, `create`, `update`, `delete`, `move`, `render`, `history`, `restoreVersion`
Search	`search(query, limit)`
Tags	`list`, `create`, `delete`
Assets	`list`, `createFolder`, `delete`

REST Operations

Endpoint	Use Case
`POST /u`	File upload (multipart/form-data)
`GET /f/:hash/:filename`	Static asset serving

📝 CLI Reference

Pages

# Create or update (idempotent)
wiki upsert docs/setup "Setup Guide" @content.md "setup,wiki"
wiki upsert docs/api "API Reference" "## Overview\n..." "api,docs"

# Get page content
wiki get docs/setup
wiki get 42  # by ID

# Delete page
wiki delete docs/old-page
wiki delete 42

# Move page (changes path)
wiki move docs/old docs/new

# Copy page (creates new page)
wiki copy docs/template docs/new-page

# Show page history
wiki history docs/setup

# Restore specific version
wiki restore docs/setup --version=3

# Render page
wiki render docs/setup --format=html
wiki render docs/setup --format=pdf > setup.pdf

Search

# Full-text search
wiki search "docker"

# With tag filter
wiki search "kubernetes" --tags="devops,cloud"

# Limit results
wiki search "api" --limit=50

Tree / Hierarchy

# List all pages
wiki tree

# Filter by path prefix
wiki tree --path=docs

# Control depth
wiki tree --depth=5

Assets

# List assets
wiki assets
wiki assets --folder=images
wiki assets --kind=IMAGE

# Upload file
wiki upload screenshot.png
wiki upload doc.pdf --folder=documents --name="manual.pdf"

# Delete asset
wiki asset-delete 42

# Create folder
wiki mkdir 0 images "Bilder"

Options

--pretty, -p        Human-readable output (default: JSON)
--locale, -l de     Locale override
--private           Create private page
--draft             Create unpublished page

🔄 Error Handling

Error	Handling
`413 Payload Too Large`	Throws descriptive error (chunking not auto-applied for pages)
`401 Unauthorized`	Clear token error message
`ECONNREFUSED`	Auto-retry with exponential backoff (3 attempts)
`Timeout`	30s default, configurable via `WIKIJS_TIMEOUT`

📐 Architecture

bin/wiki.js
├── GraphQL Client (query, mutation)
├── REST Upload (form-data)
├── Path Resolution (singleByPath)
├── CLI Parser (arg parsing)
└── Output Formatter (JSON / Pretty)

Dependencies:

Node.js built-in modules only
form-data for file uploads (installed on-demand)

🔐 Security

Token only via environment variable (WIKIJS_TOKEN)
No token logging
Input validation (null bytes, size limits)
Path sanitization (strips leading /)

📤 Examples

Create Documentation Page

# Write content to file
cat > /tmp/api.md << 'EOF'
# API Reference

## Authentication

All requests require a Bearer token...

## Endpoints

- `GET /api/v1/pages` - List pages
- `POST /api/v1/pages` - Create page
EOF

# Upsert to Wiki
wiki upsert docs/api "API Reference" @/tmp/api.md "api,reference" --pretty

Upload Screenshot and Embed

# Upload image
wiki upload screenshot.png --folder=images --name="api-auth-flow.png"
# Output: {"id":47,"url":"/f/a3f9b2/api-auth-flow.png",...}

# Create page with embedded image
wiki upsert docs/api-auth "API Authentication" '![Auth Flow](/f/a3f9b2/api-auth-flow.png)' "api"

Batch Update via Script

#!/bin/bash
for file in docs/*.md; do
  name=$(basename "$file" .md)
  wiki upsert "docs/$name" "$name Documentation" "@$file" "docs"
done

🆚 Migration from V2

V2 Command	V3 Command
`wiki-v2 upsert ...`	`wiki upsert ...`
`wiki-v2 get ...`	`wiki get ...`
`wiki-v2 delete ...`	`wiki delete ...`
`wiki-v2 search ...`	`wiki search ...`
`wiki-v2 upload ...`	`wiki upload ...`
`wiki-v2 assets ...`	`wiki assets ...`
`wiki-v2 mkdir ...`	`wiki mkdir ...`
–	`wiki move ...`
–	`wiki copy ...`
–	`wiki history ...`
–	`wiki restore ...`
–	`wiki render ...`
–	`wiki tree ...`
–	`wiki tags ...`
–	`wiki asset-delete ...`

🐛 Troubleshooting

Issue	Solution
`WIKIJS_TOKEN not set`	`export WIKIJS_TOKEN=...`
`Page not found`	Check path (no leading `/`)
`GraphQL Error: Unauthorized`	Token invalid or expired
`GraphQL Error: Forbidden`	API key lacks write permissions – create new key with write access in Admin UI
`Upload failed: 413`	File too large (>10MB)
`Timeout after 30s`	Increase `WIKIJS_TIMEOUT=60000`
`Cannot read properties of undefined (reading 'map')`	Fixed in V3.1 – always include `tags: []` in update mutations

⚠️ API Key Permissions

Wiki.js API keys have per-key permissions, not per-group permissions.

JWT Claim	Meaning
`api:1`	API Key ID 1 – may have different permissions than Key 2
`grp:1`	Group ID 1 – does NOT determine write access

If update returns "Forbidden":

Open Wiki.js Admin UI
Go to API Keys
Create new key with write permissions or edit existing key
Use the new key in WIKIJS_TOKEN

📚 Wiki.js API Reference

GraphQL Schema: {WIKIJS_URL}/graphql-playground
REST Upload: POST {WIKIJS_URL}/u
Static Assets: GET {WIKIJS_URL}/f/:hash/:filename

Version: 3.0 | Status: All-encompassing | Replaces: wiki-js-v2

Comments

Loading comments...