← Back to Skills Marketplace
piaoleaf

文件上传,本地文件转网络路径

by piaoleaf · GitHub ↗ · v1.0.2 · MIT-0
cross-platform ⚠ suspicious
124
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install file-uploader
Description
将本地文件(图片、文档、视频等)上传到 tiaowulan.com.cn 并返回网络访问路径。触发场景:(1) 用户说"上传文件"、"上传图片"、"上传文档",(2) 需要将本地文件转换为网络 URL,(3) 用户提供文件并要求生成可直接网页引用的链接。
README (SKILL.md)

name file-uploader description 将本地文件(图片、文档、视频等)上传至阿里云 OSS 并返回可直接访问的网络 URL。

触发场景: 1、用户说 “上传文件”“上传图片”“上传文档” 2、需要将本地文件转换为网络 URL 3、用户提供文件并要求生成可直接网页引用的链接

配置方式 需要配置 JWT Token 和 Device-ID: JWT Token:登录 https://www.szmpy.com 获取 Device-ID:由管理员分配

支持文件类型 图片:jpg、jpeg、png、gif、webp、svg、bmp文档:pdf、doc、docx、xls、xlsx、ppt、pptx视频:mp4、avi、mov、mkv、webm音频:mp3、wav、flac、aac压缩包:zip、rar、tar、gz

安全限制 文件大小最大 4MB 仅允许白名单内文件类型 凭证仅保存在本地用户目录,权限 600 所有错误信息脱敏,不暴露服务端细节

实现逻辑(curl) #!/bin/bash CONFIG="$HOME/.file-uploader.json" UPLOAD_URL="https://xcx.szmpy.com/api/image/uploadfile"

if [ "$1" = "config" ]; then shift jq -n
--arg token "$2"
--arg device "$4"
'{jwt_token: $token, device_id: $device}' > "$CONFIG" chmod 600 "$CONFIG" echo "配置已保存" exit 0 fi

FILE="$1"

if [ ! -f "$CONFIG" ]; then echo "未配置,请先执行 file-uploader config --token ... --device-id ..." exit 1 fi

JWT=$(jq -r .jwt_token "$CONFIG") DEVICE=$(jq -r .device_id "$CONFIG")

if [ ! -f "$FILE" ]; then echo "文件不存在" exit 1 fi

EXT="${FILE##*.}" EXT=$(echo "$EXT" | tr A-Z a-z) ALLOWED="jpg,jpeg,png,gif,webp,svg,bmp,pdf,doc,docx,xls,xlsx,ppt,pptx,mp4,avi,mov,mkv,webm,mp3,wav,flac,aac,zip,rar,tar,gz"

if ! echo "$ALLOWED" | grep -qw "$EXT"; then echo "不支持的文件类型" exit 1 fi

SIZE=$(stat -c%s "$FILE" 2>/dev/null || stat -f%z "$FILE") if [ "$SIZE" -gt $((10010241024) ]; then echo "文件超过大小限制" exit 1 fi

RESP=$(curl -s -X POST
-H "Authorization: Bearer $JWT"
-H "Device-ID: $DEVICE"
-F "file=@$FILE"
--connect-timeout 10
--max-time 60
"$UPLOAD_URL")

URL=$(echo "$RESP" | grep -Eo 'https?://[^"]+' | head -n 1)

if [ -n "$URL" ]; then echo "SUCCESS" echo "URL: $URL" echo "{"code":1,"url":"$URL"}" else echo "UPLOAD FAILED" echo "{"code":0,"url":null}" exit 1 fi

输出格式 成功:code=1,msg=url

Usage Guidance
Do not install blindly. Before using: (1) verify which domain/service you intend to upload to — the registry header and SKILL.md disagree (tiaowulan.com.cn vs szmpy.com/xcx.szmpy.com). Confirm the correct, trusted endpoint. (2) Expect the script to need jq, curl and standard Unix tools even though the metadata doesn't list them — install those tools or inspect the script first. (3) Test with a non-sensitive small file to confirm actual file size limits and behavior (SKILL.md claims 4MB but the script's check appears to use ~100MB and contains a syntax bug). (4) Understand that giving the JWT to this tool allows the remote service to receive your files — don't provide credentials or sensitive files unless you trust the destination. (5) If you need this skill, request the author correct the metadata (correct domain, list required binaries, fix size-check and parsing bugs) or provide a signed/official source so you can verify authenticity.
Capability Assessment
Purpose & Capability
The top-level description (in the registry header) says upload to tiaowulan.com.cn, while the SKILL.md implements uploads to xcx.szmpy.com and references logging in at szmpy.com and '阿里云 OSS' — these mismatched endpoints/domains suggest the metadata and runtime instructions are inconsistent. A legitimate uploader should consistently declare which service it targets.
Instruction Scope
The SKILL.md runtime instructions are narrowly scoped to: read a local config in $HOME, validate a single file, and POST it to an external API. That is coherent with an uploader. However: (1) the script expects jq, curl, stat, grep but the skill metadata declares no required binaries; (2) the script has logic/typo problems (contradictory stated max size '4MB' vs code checking ~100MB and a likely syntax error in the size check), and (3) it extracts the first URL from the response by a broad grep which could accidentally return unrelated URLs. These are functional problems and increase risk of unexpected behavior.
Install Mechanism
No install spec and no code files beyond SKILL.md (instruction-only). This minimizes install-time risk — nothing is downloaded or written by an installer. The only persistent artifact is the user-created config file under $HOME if the user runs the config command.
Credentials
The skill does not request environment variables or system-wide credentials; it asks the user to store a JWT and Device-ID locally in $HOME/.file-uploader.json (chmod 600). Storing the JWT locally is plausible for this use, but the skill's metadata should have declared required tools and the need for these credentials. Verify you trust the remote service before giving it any JWT, since that token grants upload capability to the remote endpoint.
Persistence & Privilege
always:false and no installation/install scripts are present. The skill does write a local config file only if the user runs the provided config command, which is within expected behavior for this kind of utility.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install file-uploader
  3. After installation, invoke the skill by name or use /file-uploader
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
将本地文件(图片、文档、视频等)上传至阿里云 OSS 并返回可直接访问的网络 URL。
v1.0.1
**Summary:** Updated to upload files to Aliyun OSS with enhanced security and stricter limits. - Changed upload destination from tiaowulan.com.cn to Aliyun OSS (阿里云 OSS). - Added security limits: file size capped at 4MB, only whitelisted file types allowed, and credentials stored securely (600 permission). - Error messages now generic and sanitized, hiding server-side details. - Updated configuration instructions and supported file type list. - Provided sample Bash script for upload implementation using curl.
v1.0.0
将本地文件上传到 szmpy.com 并返回阿里云 OSS 网络路径。支持图片、文档、视频等多种文件格式。
Metadata
Slug file-uploader
Version 1.0.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 3
Frequently Asked Questions

What is 文件上传,本地文件转网络路径?

将本地文件(图片、文档、视频等)上传到 tiaowulan.com.cn 并返回网络访问路径。触发场景:(1) 用户说"上传文件"、"上传图片"、"上传文档",(2) 需要将本地文件转换为网络 URL,(3) 用户提供文件并要求生成可直接网页引用的链接。 It is an AI Agent Skill for Claude Code / OpenClaw, with 124 downloads so far.

How do I install 文件上传,本地文件转网络路径?

Run "/install file-uploader" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 文件上传,本地文件转网络路径 free?

Yes, 文件上传,本地文件转网络路径 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 文件上传,本地文件转网络路径 support?

文件上传,本地文件转网络路径 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 文件上传,本地文件转网络路径?

It is built and maintained by piaoleaf (@piaoleaf); the current version is v1.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments