ClawHub

Favicondl · 任意网站 Favicon 下载工具

v1.0.4

通过命令行下载任意网站 favicon,支持多种尺寸与格式,无依赖。Using favicondl.com API to download favicon for any domain via CLI.

0· 104·0 current·0 all-time
by@sweesama
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the included bash script and SKILL.md: both call favicondl.com to download favicons. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions stay within the stated purpose (construct API URL, curl the endpoint, save file). The install instructions recommend downloading a script from a GitHub raw URL; that's common but worth noting because it directs users to execute remotely hosted code.
Install Mechanism
There is no formal install spec in the bundle (instruction-only), and the bundle includes the bash script. SKILL.md suggests installing by curl-ing a raw.githubusercontent.com URL. Using raw GitHub downloads to install scripts is common but carries the usual risk of executing remote code — prefer reviewing the included favicondl.sh before running.
Credentials
No environment variables, credentials, or special config paths are requested; this is proportional for a simple network-fetching tool. The tool does make network requests to favicondl.com and follows redirects to the target site's assets (expected behavior).
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills or system-wide configs. It only provides a small user-run script.
Assessment
This skill appears to be what it claims: a tiny CLI that downloads favicons via favicondl.com. Before installing or running scripts fetched from the internet, review the included favicondl.sh (it is bundled) to ensure it matches expectations. Prefer using the bundled file rather than blindly curl|sh from raw.githubusercontent.com. Note that requests to favicondl.com will reveal the domains you query to that service, and the script follows 302 redirects so the final downloaded file comes from the redirected URL — avoid saving to sensitive paths and don’t run as root. If you need higher assurance, inspect the upstream GitHub repo (https://github.com/sweesama/favicondl.com) and verify the script's integrity.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d4dewaw8wjbkmh91zf43f8983garr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments