Description

Use when the user wants to call, test, or integrate the HTMLPix HTML-to-image API — including auth setup, signed URL minting, image rendering, template CRUD,...

README (SKILL.md)

HTMLPix API Skill

Name: HTMLPix API
Author: jymaa

Use the API contracts below when generating code, curl commands, SDK wrappers, or troubleshooting responses.

Base URL and Auth

API Base URL: https://api.htmlpix.com
Private endpoints require: Authorization: Bearer \x3CAPI_KEY>
API keys are prefixed hpx_ and managed at https://htmlpix.com/api-keys
Do not call private endpoints from browser client code; mint URLs on the backend.

Authentication Flow

Every private request goes through this pipeline:

Extract Authorization: Bearer \x3Ckey> header
Hash the key with SHA-256, look up by hash in the apiKeys table
Verify key status is active (otherwise 403 KEY_INACTIVE)
Query the user's subscription status from quotas table
Subscription must be active, trialing, or canceled with time remaining

Error Codes

Status	Code	Meaning
`401`	`MISSING_API_KEY`	No `Authorization: Bearer` header
`401`	`INVALID_API_KEY`	Key not found
`403`	`KEY_INACTIVE`	Key revoked or disabled
`402`	`NO_SUBSCRIPTION`	No quota record found
`402`	`SUBSCRIPTION_INACTIVE`	Subscription expired or past_due
`429`	`QUOTA_EXCEEDED`	Monthly mint quota exhausted

Endpoint Contracts

POST `/v1/url` (private)

Mint one signed image URL. The server resolves template variables, executes the template JSX, uploads the rendered VNode to Cloudflare R2/KV, and returns a signed URL pointing to the Cloudflare Worker that renders the final image.

Request JSON:

Field	Type	Required	Constraints
`templateId`	string	yes	max 128 chars
`width`	integer	no	1–4096, defaults to template value or 1200
`height`	integer	no	1–4096, defaults to template value or 630
`format`	string	no	`png`, `jpeg`, or `webp` — defaults to template value or `webp`
`quality`	integer	no	0–100, defaults to template value
`devicePixelRatio`	number	no	positive number, defaults to template value or 1
`tv`	string	no	max 128 chars, cache-busting version tag — defaults to template `updatedAt`
`variables`	object	no	max 64 keys, key max 64 chars, each value max 4000 chars serialized. Values can be string, number, boolean, null, array, or nested object.

Response 200:

{ "url": "https://image.htmlpix.com/v1/image?...&sig=...", "expiresAt": 1710345600000 }

Operational limits:

Body size max: 32 KB
Rate: 120 mint requests per 60s per API key
Concurrency: 4 in-flight per user
URLs expire after ~5 years by default

POST `/v1/urls` (private)

Mint multiple signed image URLs in one request.

Request JSON:

{ "items": [ /* each item has same shape as POST /v1/url */ ] }

items.length must be 1–25

Response 200:

{ "urls": [{ "templateId": "...", "url": "...", "expiresAt": 1710345600000 }] }

Operational limits:

Body size max: 256 KB

GET `/v1/image` (public, signed — served by Cloudflare Worker)

Requests to api.htmlpix.com/v1/image are 301-redirected to the Cloudflare Worker at image.htmlpix.com/v1/image. The Worker renders the image from VNode data stored in R2/KV.

Required query params:

Param	Description
`templateId`	Template identifier
`uid`	User ID that minted the URL
`exp`	Expiry timestamp (unix ms)
`sig`	HMAC signature — invalidated if any param changes

Optional query params:

Param	Default	Description
`width`	1200	Image width
`height`	630	Image height
`format`	`webp`	`png`, `jpeg`, or `webp`
`quality`	—	0–100
`dpr`	—	Device pixel ratio
`tv`	—	Cache version tag
`rv`	—	Render version
`v_\x3Cname>`	—	Template variables as `v_title=Hello`

Behavior:

403 URL_EXPIRED — URL past expiry
403 INVALID_SIGNATURE — params modified after signing
Returns image bytes with immutable caching headers and ETag
Supports 304 Not Modified via If-None-Match

Important: treat minted URLs as opaque. If any query value changes, signature validation fails.

GET `/v1/templates` (private)

List templates visible to the authenticated user.

Query params:

Param	Default	Values
`scope`	`all`	`all`, `mine`, `starter`

Response 200:

{ "templates": [ /* template objects */ ] }

POST `/v1/templates` (private)

Create a custom template. Templates are defined by a single code field containing JSX/TSX source code. The server compiles, validates, and extracts variables automatically.

Request JSON:

Field	Type	Required	Constraints
`name`	string	yes	max 120 chars
`description`	string	no	max 2000 chars
`code`	string	yes	max 180,000 chars — JSX/TSX template source

Legacy fields jsx, variables, googleFonts, width, height, format are rejected with error code LEGACY_TEMPLATE_PAYLOAD. Use code only.

Response 201:

{ "templateId": "abc123..." }

Error responses:

400 COMPILE_ERROR — JSX compilation or validation failed
400 LEGACY_TEMPLATE_PAYLOAD — sent a deprecated field

GET `/v1/templates/:templateId` (private)

Fetch one template visible to the caller.

Response 200:

{ "template": { /* template object */ } }

404 TEMPLATE_NOT_FOUND if not visible to caller

PATCH `/v1/templates/:templateId` (private)

Update template fields. At least one field required.

Request JSON:

Field	Type	Required	Constraints
`name`	string	no	max 120 chars
`description`	string	no	max 2000 chars
`code`	string	no	max 180,000 chars — JSX/TSX template source

Legacy fields jsx, variables, googleFonts, width, height, format are rejected.

Response 200:

{ "templateId": "abc123..." }

Error responses:

400 EMPTY_UPDATE — no updatable field provided
400 COMPILE_ERROR — JSX compilation failed
404 TEMPLATE_NOT_FOUND — template doesn't exist or not owned by caller

POST `/v1/templates/generate` (private)

AI-assisted template generation. Always uses batch format.

Request JSON:

{
  "items": [
    { "prompt": "A social card with bold title and gradient background", "width": 1200, "height": 630 }
  ]
}

Field	Type	Required	Constraints
`items`	array	yes	1–5 items
`items[].prompt`	string	yes	max 2000 chars
`items[].width`	integer	no	1–4096, default 1200
`items[].height`	integer	no	1–4096, default 630

Response 200:

{
  "results": [
    { "ok": true, "result": { /* generated template data */ } },
    { "ok": false, "error": "error message" }
  ]
}

Each item settles independently — some may succeed while others fail.

Error responses:

429 QUOTA_EXCEEDED — AI generation quota hit
402 SUBSCRIPTION_REQUIRED — paid plan needed
422 PARSE_FAILED — AI output couldn't be parsed
502 AI_NOT_CONFIGURED — AI provider not set up
502 GENERATION_FAILED — generic AI failure

Safe Integration Pattern

Keep API key server-side only.
Mint with POST /v1/url or /v1/urls on your backend.
Store/embed the returned url directly (meta tags, email HTML, social cards, etc.).
Do not re-sign or mutate query params client-side.
Handle 402, 429, and 503 with retries/fallback messaging.

Minimal Examples

# Mint a single image URL
curl -X POST https://api.htmlpix.com/v1/url \
  -H "Authorization: Bearer $HTMLPIX_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "templateId": "tmpl_123",
    "variables": { "title": "Launch Day" },
    "width": 1200,
    "height": 630,
    "format": "png"
  }'

# List your templates
curl -X GET "https://api.htmlpix.com/v1/templates?scope=mine" \
  -H "Authorization: Bearer $HTMLPIX_API_KEY"

# Create a template from code
curl -X POST https://api.htmlpix.com/v1/templates \
  -H "Authorization: Bearer $HTMLPIX_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "My Social Card",
    "code": "export default function Template({ title }) {\
  return \x3Cdiv style={{ fontSize: 48 }}>{title}\x3C/div>\
}"
  }'

# AI-generate a template
curl -X POST https://api.htmlpix.com/v1/templates/generate \
  -H "Authorization: Bearer $HTMLPIX_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "items": [{ "prompt": "Minimalist blog post OG image with title and author" }]
  }'

If the user asks for an endpoint not listed above, say it is not present in the current server route table and avoid inventing routes.

Usage Guidance

This skill is essentially documentation for the HTMLPix API and appears coherent and low-risk. Before using it: (1) verify the API base URL and endpoint details against official HTMLPix docs (skill source/homepage is unknown), (2) never paste your real API keys into chat—keep keys in your app environment and use the skill to generate example code or server-side integration patterns, and (3) be cautious if the agent generates runnable code that embeds credentials; replace placeholders with secure environment-variable access in production.

Capability Analysis

Type: OpenClaw Skill Name: htmlpix Version: 0.1.3 The skill bundle provides documentation and instructions for interacting with the HTMLPix HTML-to-image API. It includes endpoint definitions, authentication requirements, and usage examples for rendering images from JSX templates. No malicious code, data exfiltration, or harmful prompt injection attempts were found in SKILL.md or _meta.json.

Capability Assessment

✓ Purpose & Capability

Name/description match the SKILL.md: the document is an API contract for HTMLPix HTML-to-image operations (minting signed URLs, template CRUD, rendering). The skill requests no binaries, env vars, or installs — appropriate for an instruction-only API helper.

✓ Instruction Scope

SKILL.md contains only API endpoint contracts, auth flow description, error codes, and usage guidance for generating code/curl/SDK calls. It does not instruct the agent to read unrelated files, access system config, exfiltrate data, or call unexpected external endpoints. It explicitly warns not to call private endpoints from client-side/browser code.

✓ Install Mechanism

There is no install spec (instruction-only). No downloads or extracts occur and no code is written to disk, which is lowest-risk for install mechanisms.

✓ Credentials

The manifest declares no required env vars or credentials. The SKILL.md describes the API's own Authorization header and API key format (hpx_...), which is expected for an API reference—there is no attempt to collect unrelated secrets or request platform credentials.

✓ Persistence & Privilege

always is false and the skill is user-invocable; it does not request persistent system-wide presence or attempt to modify other skills or agent config. Autonomous invocation is allowed (platform default) but the skill content is read-only API docs.

Version History

v0.1.3

**Expanded and clarified API docs with new template contract and updated auth/error details:** - Overhauled authentication and error code explanations, adding details on how API keys and subscription status are checked. - Updated template contract: templates are now defined by a single code (JSX/TSX) field; legacy fields like jsx/variables/googleFonts are rejected. - Expanded image minting endpoint (`/v1/url`) to include new options (`devicePixelRatio`), clearer field constraints, and longer URL expiry. - Documented that public image requests 301 redirect to Cloudflare Worker; clarified query params and opaqueness of signed URLs. - Updated AI template generation: always uses batch format, lists all error responses, and item-by-item status in responses. - Added structured tables for all field types, constraints, and error codes for easier reference.

v0.1.2

- Updated skill description for clarity and conciseness. - Simplified documentation by removing verbose internal validation/source details. - No functional or API contract changes introduced. - Maintained examples and endpoint guidance for safe integration.

v0.1.1

- Better context

v0.1.0

- Initial release of the `htmlpix-api` skill for integrating with the HTMLPix API. - Supports authentication, signed image URL minting, image rendering, template CRUD, and AI-assisted template generation. - Includes endpoint contracts and integration guidelines for secure server-side usage. - Provides sample curl commands and error handling recommendations.

Metadata

Slug htmlpix

Version 0.1.3

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 4

Frequently Asked Questions

What is HTMLPix API?

Use when the user wants to call, test, or integrate the HTMLPix HTML-to-image API — including auth setup, signed URL minting, image rendering, template CRUD,... It is an AI Agent Skill for Claude Code / OpenClaw, with 397 downloads so far.

How do I install HTMLPix API?

Run "/install htmlpix" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is HTMLPix API free?

Yes, HTMLPix API is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does HTMLPix API support?

HTMLPix API is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created HTMLPix API?

It is built and maintained by jyma (@jymaa); the current version is v0.1.3.

More Skills

HTMLPix API

HTMLPix API Skill

Base URL and Auth

Authentication Flow

Error Codes

Endpoint Contracts

POST /v1/url (private)

POST /v1/urls (private)

GET /v1/image (public, signed — served by Cloudflare Worker)

GET /v1/templates (private)

POST /v1/templates (private)

GET /v1/templates/:templateId (private)

PATCH /v1/templates/:templateId (private)

POST /v1/templates/generate (private)

Safe Integration Pattern

Minimal Examples

What is HTMLPix API?

How do I install HTMLPix API?

Is HTMLPix API free?

Which platforms does HTMLPix API support?

Who created HTMLPix API?

💬 Comments

POST `/v1/url` (private)

POST `/v1/urls` (private)

GET `/v1/image` (public, signed — served by Cloudflare Worker)

GET `/v1/templates` (private)

POST `/v1/templates` (private)

GET `/v1/templates/:templateId` (private)

PATCH `/v1/templates/:templateId` (private)

POST `/v1/templates/generate` (private)