← Back to Skills Marketplace
语雀 Skill
by
feixuelingcloud
· GitHub ↗
· v1.1.0
· MIT-0
54
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install yuque-skill
Description
通过语雀开放API对语雀(Yuque)文档与知识库执行端到端自动化操作 —— 创建/读取/更新/删除文档、管理知识库目录(TOC)、调整Markdown排版(字号、颜色、标题、表格、代码块、提示框)、全文搜索及批量导入导出。任何用户提到"语雀""yuque""知识库""文档目录""TOC""语雀文档格式调整""语...
Usage Guidance
This skill is a coherent Yuque API client (scripts to list/get/create/update/delete docs, manage TOC, format Markdown, and do bulk import/export). Before installing:
- Be aware it requires your Yuque API token (YUQUE_TOKEN) or a ~/.yuque/config.json; the registry metadata does not declare this, so you must provide the token manually if using the scripts.
- Inspect scripts (they are included) — batch.py and toc.py can delete or update many documents; use dry-run options and backups (SKILL.md even recommends exporting/backing up before bulk changes).
- Consider scoping the token (minimum scopes: doc:read/doc:write/repo:read/repo:write) and use a token dedicated to the skill (not a broad org admin token).
- Note the SKILL.md's instruction to 'proactively call' the skill on any mention of Yuque: if you do not want the agent to autonomously run these scripts when users merely mention Yuque, ensure agent/plugin invocation rules prevent automatic execution or disable autonomous invocation for this skill.
If you want to proceed: set YUQUE_TOKEN in the environment (or place a properly-permissioned ~/.yuque/config.json), test with `python scripts/yuque_client.py whoami`, and for any bulk operation run with dry-run / backups first.
Capability Analysis
Type: OpenClaw Skill
Name: yuque-skill
Version: 1.1.0
The yuque-skill bundle is a legitimate and well-structured tool for automating Yuque document and repository management via the official Yuque API. The scripts (docs.py, toc.py, search.py, batch.py) provide standard CRUD and management functionality using a zero-dependency client (yuque_client.py) based on Python's standard library. Security-conscious practices are evident, such as the inclusion of a 'sanitize' function in format_helpers.py to strip dangerous HTML tags and a mandatory dry-run recommendation for batch replacements. No evidence of data exfiltration, unauthorized persistence, or malicious prompt injection was found.
Capability Tags
Capability Assessment
Purpose & Capability
The skill's name/description (Yuque client: CRUD, TOC, format helpers, batch import/export) matches the included scripts. However the skill metadata lists no required environment variables or primary credential while SKILL.md and the code clearly require a YUQUE_TOKEN (or ~/.yuque/config.json). That mismatch between declared requirements and actual needs is an incoherence that could mislead users about what secrets the skill needs.
Instruction Scope
SKILL.md instructs the agent to run the bundled Python scripts (scripts/*.py) and to proactively call the skill whenever the user mentions '语雀' even without an explicit 'use skill' phrase. The scripts legitimately read/write local files (batch export/import writes/reads Markdown files), read ~/.yuque/config.json, and perform destructive actions (toc.py remove defaults to deleting underlying docs; batch.py replace can update many docs). The scope is generally consistent with the stated purpose, but the proactive/autonomous-invocation guidance plus destructive operations raise safety concerns if triggered unexpectedly.
Install Mechanism
No install spec is present (instruction-only for Openclaw) and the code is pure Python using only the standard library (urllib). There's no external download or installer. This lowers supply-chain risk; however the skill will execute local Python scripts when invoked.
Credentials
The skill legitimately requires an API token (X-Auth-Token / YUQUE_TOKEN) and optionally a custom base_url for private deployments; the code also reads ~/.yuque/config.json. But the registry metadata declares no required env vars or primary credential. The skill asks for a sensitive secret (API token) — that is proportionate to the purpose — yet failing to declare it in metadata is a visibility/permission mismatch that may cause users to overlook the credential access.
Persistence & Privilege
Metadata flags show always:false (correct for most skills) and model invocation is allowed (normal). However SKILL.md explicitly instructs the agent to invoke the skill proactively on any mention of Yuque, which implies near-automatic invocation; this intent is not reflected in metadata (no always:true), creating an inconsistency. Combined with the ability to perform destructive writes (delete docs, update many docs), this raises the potential for unintended actions if the agent autonomously calls the skill.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install yuque-skill - After installation, invoke the skill by name or use
/yuque-skill - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
补全 Openclaw & Claude Code 双平台说明,新增 GitHub 安装和对话页面安装方式
Metadata
Frequently Asked Questions
What is 语雀 Skill?
通过语雀开放API对语雀(Yuque)文档与知识库执行端到端自动化操作 —— 创建/读取/更新/删除文档、管理知识库目录(TOC)、调整Markdown排版(字号、颜色、标题、表格、代码块、提示框)、全文搜索及批量导入导出。任何用户提到"语雀""yuque""知识库""文档目录""TOC""语雀文档格式调整""语... It is an AI Agent Skill for Claude Code / OpenClaw, with 54 downloads so far.
How do I install 语雀 Skill?
Run "/install yuque-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 语雀 Skill free?
Yes, 语雀 Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 语雀 Skill support?
语雀 Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 语雀 Skill?
It is built and maintained by feixuelingcloud (@feixuelingcloud); the current version is v1.1.0.
More Skills