← Back to Skills Marketplace
Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture.
by
Juguangyuan
· GitHub ↗
· v1.0.2
6847
Downloads
0
Stars
43
Active Installs
3
Versions
Install in OpenClaw
/install report-generator
Description
Generates a structured report HTML based on a specific template. Invoke when user wants to create a report, slide, or summary card from raw content.
Usage Guidance
Install only if you will use it with trusted report content or can update it to HTML-escape all user-supplied fields before rendering. Be aware it creates local HTML files and asks the agent to open them in a browser for screenshots.
Capability Analysis
Type: OpenClaw Skill
Name: report-generator
Version: 1.0.2
The skill is suspicious due to a critical Cross-Site Scripting (XSS) vulnerability in `scripts/generate.py`. The script directly embeds user-provided data into an HTML template without any HTML escaping, allowing arbitrary JavaScript injection into the generated report. The `SKILL.md` then explicitly instructs the OpenClaw agent to open this locally generated HTML file using its `browser` tool (`file://<html_path>`). This creates a self-XSS vulnerability where the agent could execute malicious JavaScript from the report, potentially leading to local file access, network requests, or further agent manipulation if the browser tool is not adequately sandboxed.
Capability Assessment
Purpose & Capability
The purpose is coherent: it turns structured report content into a local HTML report and screenshot. The main risk comes from how it renders user-provided content, not from a hidden unrelated capability.
Instruction Scope
SKILL.md tells the agent to run a Python script, then open the generated file with file:// for screenshot capture. scripts/generate.py inserts report fields directly into HTML without escaping, so untrusted input could inject active HTML or JavaScript before the browser step.
Install Mechanism
No package installation, remote bootstrap, credential setup, or privileged install behavior is present in the artifacts.
Credentials
Writing an HTML report is proportionate to the purpose, but automatically rendering unescaped local HTML in a browser broadens the environment exposure beyond simple report formatting.
Persistence & Privilege
The skill leaves generated HTML files in the requested output directory, but shows no background persistence, privilege escalation, credential access, network exfiltration, or destructive behavior.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install report-generator - After installation, invoke the skill by name or use
/report-generator - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- No changes detected in this version.
- SKILL.md contents remain the same.
v1.0.1
- Updated report template style description from "述职材料" to "clean, minimal business template style (Light & Concise)".
- No functional or usage changes; documentation was clarified for improved readability.
v1.0.0
- Initial release of the report-generator skill.
- Generates structured, stylish HTML reports using the "文娟述职素材" template.
- Organizes reports into a goal, four detailed quadrants (with titles, subtitles, slogans, bullet lists), and a summary.
- Provides clear instructions to convert the HTML output into an image using the browser tool.
- Includes example data structure for easy adoption.
Metadata
Frequently Asked Questions
What is Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture.?
Generates a structured report HTML based on a specific template. Invoke when user wants to create a report, slide, or summary card from raw content. It is an AI Agent Skill for Claude Code / OpenClaw, with 6847 downloads so far.
How do I install Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture.?
Run "/install report-generator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture. free?
Yes, Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture. is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture. support?
Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture. is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Generate responsive HTML pages suitable for reporting, supporting resizing and screenshot capture.?
It is built and maintained by Juguangyuan (@juguangyuan520-dotcom); the current version is v1.0.2.
More Skills