ClawHub

测试 skill

v1.0.3

Summarize URLs or files with the summarize CLI (web, PDFs, images, audio, YouTube).

0· 25·0 current·0 all-time
byyuangui@yinwuzhe·duplicate of @pin-alt/20206-02-10-clawhub-summarize-1-0-0
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description say it summarizes URLs/files via a CLI and the skill requires the 'summarize' binary and offers a Homebrew install for that binary — this is proportionate and expected.
Instruction Scope
SKILL.md only instructs the agent to call the summarize CLI on URLs, local files, and YouTube links, and documents optional config and provider keys. It does reference reading an optional config file (~/.summarize/config.json) and user-specified local files (which is required for the task) but does not instruct reading unrelated system files or exfiltrating data to non-standard endpoints.
Install Mechanism
Install uses a Homebrew formula (steipete/tap/summarize) which is a low-risk, common install path, but the tap appears to be a third-party user tap — verify you trust the tap/source before installing.
Credentials
The skill does not require environment variables, but SKILL.md documents optional provider keys (OPENAI_API_KEY, ANTHROPIC_API_KEY, XAI_API_KEY, GEMINI_API_KEY, FIRECRAWL_API_KEY, APIFY_API_TOKEN). These are reasonable for a summarization tool that can call external model providers, but they are sensitive credentials and you should not provide them unless you trust the CLI and its source.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide config changes or persistent elevated privileges. It only documents an optional per-user config file location.
Assessment
This skill is an instruction-only wrapper around the external 'summarize' CLI and looks internally consistent. Before installing: 1) Verify the Homebrew tap (steipete/tap) and the summarize project (e.g., confirm maintainers and source code) so you trust the binary you will run. 2) Remember that using the tool with a provider API key will send content to that provider — avoid summarizing sensitive documents unless you trust the provider and the CLI. 3) The CLI may read any local file path you provide and an optional ~/.summarize/config.json; inspect that config if present. 4) If you are unsure about the tap, consider building from source or reviewing the package contents first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aw82w52jz6m9qhfcessb2c584ktqd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧾 Clawdis
Binssummarize

Install

Install summarize (brew)
Bins: summarize
brew install steipete/tap/summarize

Comments