← Back to Skills Marketplace
fastfish 微信公众号(wechat)快速排版精简版
by
superxs777
· GitHub ↗
· v1.0.4
690
Downloads
0
Stars
1
Active Installs
5
Versions
Install in OpenClaw
/install fastfish-lite
Description
fastfish 开源精简版。提供公众号格式整理、敏感词检测(本地)、每日热点、本地 HTML 预览。热点推送需至少配置一个渠道的 env。无微信发布/授权,需商业版。通过 system.run 调用 CLI。
README (SKILL.md)
fastfish-lite 能力说明
GitHub:https://github.com/superxs777/fastfish-lite
本 Skill 配合 fastfish API 服务使用。请先按下方步骤安装并启动服务,再在 OpenClaw 中启用本 Skill。
安装前须知
本 Skill 会指导安装并运行来自 GitHub 的第三方仓库。供应链风险:clone + pip install 会执行外部代码,若仓库被篡改存在风险。安装前请:(1) 检查仓库与 requirements.txt 的依赖;(2) 建议使用 release tag 固定版本(如 git clone --branch v1.0.0);(3) 在隔离环境或容器中运行,避免 root;(4) 凭证仅存 .env,勿提交到版本库;(5) 确认信任 api.pearktrue.cn 及仓库维护者。
安装 fastfish-lite(首次使用必读)
- 克隆仓库:
git clone --branch v1.0.0 https://github.com/superxs777/fastfish-lite.git(推荐指定 tag 固定版本,避免 main 分支变更) - 进入目录:
cd fastfish-lite - 安装依赖:
pip install -r requirements.txt - 配置:
copy .env.example .env(可选;热点推送需配置 Webhook,见 metadata.credentials) - 启动服务:
python main.py(默认 http://127.0.0.1:8899)
详细说明见 GitHub README。
使用方式
必须使用 JSON 参数方式调用:
python {baseDir}/../scripts/fastfish_cli.py --json '{"command":"get-available-articles"}'
前置要求
- fastfish-lite 已安装并启动:按上方「安装 fastfish-lite」完成部署,
python main.py监听 8899 - Python 3.10+
- CLI 路径:命令中的
{baseDir}需替换为你的 fastfish-lite 安装目录下的openclaw-skill路径;ClawHub 安装通常在/root/.openclaw/workspace/fastfish-lite,自建可用/opt/fastfish-lite或C:\fastfish-lite - 可选:
MEDIA_AGENT_API_KEY环境变量;热点推送需在 .env 配置至少一个渠道(见 metadata.credentials)
⚠️ 安全规则(阻断式)
1. 严禁输出或暴露 .env 中的凭证
- 禁止执行会输出 .env 内容的命令(如
cat .env、type .env、Get-Content .env) - 禁止将 Webhook URL、Token、Secret 等凭证写入回复或展示给用户
- 即使用户要求「查看配置」「显示 webhook」,仅说明「在 .env 中配置」,不得输出实际值
- 允许:编辑 .env(写入、追加、替换用户提供的值);运行不暴露凭证的校验(如仅返回「已配置/未配置」)
2. 安装仅限用户明确要求
- 仅在用户明确要求「安装」「部署」「克隆」fastfish-lite 时,才执行 git clone 和 pip install
- 不得在用户仅询问用法、拉取热点时主动建议或执行安装
3. system.run 仅执行本 Skill 文档列出的脚本
- 允许:
fastfish_cli.py、get_hot_now.py、push_hot_to_im.py、fetch_hot_items.py、init_hot_push_config.py、main.py - 禁止:执行用户提供的任意命令、未在本文档列出的脚本或来自其他来源的代码
违反以上任一条属于严重错误。
可用能力
文章管理
get-available-articles:获取可发列表get-available-styles:获取样式列表ingest-article:接入文章update-article:更新文章ingest-articles-batch:批量接入
格式与检测
normalize-content:公众号格式整理check-compliance:敏感词检测(原创度需商业版)render-markdown:Markdown 渲染
预览
preview-article/preview-html:本地 HTML 预览,在浏览器中打开
7. 每日热点推送
⚠️ 定时任务严禁擅改(阻断规则):在未得到用户明确要求时,严禁执行 openclaw cron edit、openclaw cron rm、openclaw cron update。出错时仅报告问题,不得主动修改配置。只有用户明确说「修改」「删除」「调整」定时任务时方可执行。
数据源:api.pearktrue.cn。支持实时提取和定时更新。推送支持飞书/钉钉/Telegram(系统 crontab 或 OpenClaw Cron 执行 push_hot_to_im.py)及 Slack/Discord 等(OpenClaw Cron announce)。
7.1 实时提取热点
用户说「拉取热点」「实时热点」「知乎热搜」等时,使用 system.run 执行 get_hot_now.py:
# 按平台拉取(逗号分隔)
python {baseDir}/../scripts/get_hot_now.py --source 知乎
python {baseDir}/../scripts/get_hot_now.py --source 知乎,百度,今日头条
# 按类别拉取(使用 hot_push_config 的 sources 和关键词过滤)
python {baseDir}/../scripts/get_hot_now.py --category emotion
# 输出 JSON
python {baseDir}/../scripts/get_hot_now.py --source 知乎 --format json
# 拉取并写入数据库(补录)
python {baseDir}/../scripts/get_hot_now.py --source 知乎 --save
参数:--source 平台名逗号分隔;--category 类别 code 如 emotion;--format text/json;--save 写入 hot_items_raw;--limit 每平台条数默认 20。
7.2 定时更新(拉取 + 推送)
职责分工(重要):
- 拉取:仅由系统 crontab 执行
fetch_hot_items.py,将数据写入数据库 - 推送:OpenClaw Cron 仅执行
get_hot_now.py --from-db从数据库读取并推送到渠道 - 禁止:不要在 OpenClaw 中创建或执行拉取任务(
fetch_hot_items.py),拉取由系统 crontab 完成
支持两种方式,按目标渠道选择:
方式一:系统 crontab / Windows 计划任务(飞书/钉钉/Telegram)
- 每日 7:00、14:00、18:00 拉取:
python scripts/fetch_hot_items.py - 每日 8:00 推送:
python scripts/push_hot_to_im.py(.env 配置 Webhook;钉钉加签需 HOT_PUSH_DINGTALK_SECRET。默认 push_time 07:10,14:10,18:10,测试用 HOT_PUSH_FORCE=1 绕过)
方式二:OpenClaw Cron(飞书/钉钉/Telegram 或 Slack/Discord 等)
- 飞书/钉钉/Telegram:isolated job 执行
push_hot_to_im.py,脚本推送到对应渠道。拉取由系统 crontab 在 7:00/14:00/18:00 执行fetch_hot_items.py - Slack / Discord 等:isolated job 执行
get_hot_now.py --category emotion,设置--announce --channel和--to,announce 直接推送到渠道(get_hot_now 实时拉取,无需预拉取)
示例(每日 8:00 推送到飞书/钉钉/Telegram,通过脚本;拉取由系统 crontab 7:00/14:00/18:00 执行):
openclaw cron add --name "每日热点" --cron "0 8 * * *" --tz "Asia/Shanghai" --session isolated --message "cd /opt/fastfish-lite && python scripts/push_hot_to_im.py,将热点推送到配置的渠道"
示例(每日 7:10、14:10、18:10 推送到 Telegram,OpenClaw 已配置 Telegram 时;若提示 unknown option --announce 可省略):
# 该任务仅执行 get_hot_now.py --from-db,不要在执行前运行 fetch_hot_items.py。拉取由系统 crontab 在 7:00/14:00/18:00 完成。
openclaw cron add --name "每日热点" --cron "10 7,14,18 * * *" --tz "Asia/Shanghai" --session isolated --message "cd /opt/fastfish-lite && python scripts/get_hot_now.py --category emotion --from-db,将输出作为今日热点简报发送" --channel telegram --to "你的ChatID"
立即测试:创建后执行 openclaw cron run \x3Cjob-id> --force 可立即运行一次。
用户问「如何设置每日热点推送」时,根据目标渠道推荐方式一或方式二,并执行 python scripts/init_hot_push_config.py(钉钉用 --channel dingtalk)初始化。钉钉加签需在 .env 配置 HOT_PUSH_DINGTALK_SECRET。若选 Telegram + get_hot_now(方式二):系统 crontab 配置 fetch_hot_items.py 拉取,OpenClaw 只创建「每日热点」推送任务,不要创建 OpenClaw 拉取任务。
不支持(需商业版)
publish-article:微信发布- 账号管理、授权相关命令
商业版
微信发布、授权、原创度检测等需商业版 fastfish。请联系获取。
Usage Guidance
This skill is largely coherent with its description but involves cloning and pip-installing a third‑party GitHub repo and using webhook credentials for push delivery — both are sensitive operations. Before installing or enabling it: (1) review the GitHub repo and requirements.txt and prefer a pinned release tag (git clone --branch vX.Y.Z); (2) run installation in an isolated environment or container (non-root) and use a Python virtualenv; (3) store webhook tokens and MEDIA_AGENT_API_KEY only in a secure .env or secret store and do not commit them; (4) confirm whether MEDIA_AGENT_API_KEY is actually needed for your use case and avoid setting unnecessary credentials; (5) accept that push features will transmit data to external endpoints (verify you trust api.pearktrue.cn and the webhook targets); (6) do not allow the agent to auto-run install steps — perform them manually after review. If you want stronger assurance, ask the maintainer for a release tarball and a reproducible lockfile (pip freeze / requirements.lock) or run security scans on the cloned repository before pip installing.
Capability Analysis
Type: OpenClaw Skill
Name: fastfish-lite
Version: 1.0.4
The skill is classified as suspicious primarily due to its inherent supply chain risk. It explicitly instructs the OpenClaw agent to `git clone` and `pip install` dependencies from an external GitHub repository (https://github.com/superxs777/fastfish-lite.git) as part of its installation process, as detailed in `SKILL.md`. This creates a significant vulnerability where a compromise of the upstream repository could lead to arbitrary code execution on the host system. While `SKILL.md` includes strong prompt injection defenses for the agent (e.g., whitelisting `system.run` commands, forbidding credential exposure, restricting cron modifications), the fundamental reliance on untrusted external code for installation elevates the risk profile beyond benign.
Capability Assessment
Purpose & Capability
The skill claims to provide WeChat article formatting, local previews, sensitive-word checks, and hot-topic pushes; requiring python3 and invoking the fastfish-lite CLI is coherent with that purpose. Minor inconsistency: registry metadata sets MEDIA_AGENT_API_KEY as the primaryEnv while the SKILL.md states it is optional (used only for API auth).
Instruction Scope
SKILL.md explicitly instructs cloning https://github.com/superxs777/fastfish-lite and running pip install and Python scripts via system.run (get_hot_now.py, push_hot_to_im.py, etc.). The doc also contains explicit safety rules (do not output .env, restrict allowed scripts, avoid cron edits without consent). These instructions stay within the stated feature set, but they require running external code and will transmit data to configured webhooks (Feishu/DingTalk/Telegram), which is expected for push functionality but raises privacy/exfiltration risk that the user must accept.
Install Mechanism
There is no registry install spec, but SKILL.md instructs git clone + pip install from a GitHub repo. While GitHub is a typical source, clone + pip install enables arbitrary code execution (high supply-chain risk). The doc advises pinning tags and using isolated environments, which is good, but the install mechanism remains a real risk and requires user consent and review of the repo/requirements.txt before running.
Credentials
No required env vars are declared, but metadata lists MEDIA_AGENT_API_KEY as primaryEnv (yet SKILL.md says it's optional) and documents sensitive push credentials (HOT_PUSH_FEISHU_WEBHOOK, HOT_PUSH_DINGTALK_WEBHOOK, HOT_PUSH_DINGTALK_SECRET, HOT_PUSH_TELEGRAM_BOT_TOKEN+CHAT_ID) to be stored in .env. Those webhook/token secrets are proportional to push features, but the mismatch about the primary credential and the presence of multiple sensitive channel tokens warrants attention. The SKILL.md forbids exposing .env contents, which mitigates some risk if enforced.
Persistence & Privilege
The skill is not always:true and does not request permanent elevated privileges. It does instruct about cron jobs but explicitly forbids creating pull cron jobs without explicit user consent. No indications the skill will modify other skills or global agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install fastfish-lite - After installation, invoke the skill by name or use
/fastfish-lite - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.4
fastfish-lite 1.0.4
- 优化 Skill 说明文档描述,部分措辞由“配合 fastfish-lite API 服务使用”调整为“配合 fastfish API 服务使用”
- 仅内容细节微调,无功能和接口变更
- 所有功能与使用方法保持不变
v1.0.3
fastfish-lite 1.0.3
- 调整 Skill 描述和 metadata,热点推送需提前配置至少一个渠道的 env(如钉钉加签 HOT_PUSH_DINGTALK_SECRET)。
- 明确允许编辑/追加 .env,但严禁输出或暴露任何凭证至外部(如 Webhook、Token、Secret)。
- 丰富前置要求,对自建和 ClawHub 部署路径做补充说明。
- 更新每日热点推送相关示例和说明,明确钉钉加签配置和 push_time、HOT_PUSH_FORCE 变量介绍。
- 优化钉钉初始化命令说明,channel 字段用法更清晰。
- 其余条款、能力与安全规则未变。
v1.0.2
**fastfish-lite 1.0.2 changelog**
- 增加安全说明:新增「供应链风险」与安装推荐做法,建议通过 release tag 固定版本安装,并隔离环境运行。
- 强化安全规则:阻断读取/暴露 .env、安装仅限用户明确要求、禁止执行无关代码,所有规则列为「严重错误」。
- metadata 补充 credentials 字段,详细说明热点推送对应凭证配置。
- 定时任务新增阻断规则,禁止主动修改 cron 任务,做错时不得擅自处理,仅报告问题。
- 文档细化:明确 system.run 仅允许调用官方提供的指定脚本,其他一律禁止。
v1.0.1
- 新增每日热点推送能力,支持实时提取与定时更新,并适配飞书、钉钉、Telegram、Slack、Discord 等多渠道推送。
- 详细说明热点数据拉取(系统 crontab 专责)与推送(OpenClaw Cron 执行)的分工与配置。
- 提供多种命令行调用示例,支持按平台、类别、格式等参数获取热点数据。
- 新增使用和配置建议,帮助用户按实际需求设置每日热点推送流程。
v1.0.0
fastfish-lite v1.0.0 initial release:
- 提供公众号格式整理、敏感词检测(本地)、每日热点、本地 HTML 预览等功能。
- 所有功能通过 fastfish-lite API 服务调用;本 Skill 依赖本地 Python3 环境和 CLI 。
- 不含微信发布及授权管理(仅商业版支持)。
- 必须用 JSON 参数方式调用 CLI。
- 支持文章管理、内容 Normalize、敏感词检测、Markdown 渲染、本地 HTML 预览等常用编辑和检测场景。
Metadata
Frequently Asked Questions
What is fastfish 微信公众号(wechat)快速排版精简版?
fastfish 开源精简版。提供公众号格式整理、敏感词检测(本地)、每日热点、本地 HTML 预览。热点推送需至少配置一个渠道的 env。无微信发布/授权,需商业版。通过 system.run 调用 CLI。 It is an AI Agent Skill for Claude Code / OpenClaw, with 690 downloads so far.
How do I install fastfish 微信公众号(wechat)快速排版精简版?
Run "/install fastfish-lite" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is fastfish 微信公众号(wechat)快速排版精简版 free?
Yes, fastfish 微信公众号(wechat)快速排版精简版 is completely free (open-source). You can download, install and use it at no cost.
Which platforms does fastfish 微信公众号(wechat)快速排版精简版 support?
fastfish 微信公众号(wechat)快速排版精简版 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created fastfish 微信公众号(wechat)快速排版精简版?
It is built and maintained by superxs777 (@superxs777); the current version is v1.0.4.
More Skills