← Back to Skills Marketplace
plsreadme
by
FacundoLucci
· GitHub ↗
· v0.4.0
775
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install plsreadme
Description
Share markdown files and text as clean, readable web links via plsreadme.com. Use when someone asks to share a document, README, PRD, proposal, notes, or any markdown as a shareable link. Also triggers for "create a preview link", "share this as a page", or "make this readable". Requires the plsreadme MCP server (npx plsreadme-mcp).
Usage Guidance
This skill does what it promises (publish markdown as public links) but exercise caution before installing or running it:
- Verify the service and npm package: there is no homepage or repo in the skill metadata, and the README suggests running 'npx -y plsreadme-mcp' (npx will download and execute code from the npm registry). Inspect the package/source on npm or GitHub before running npx.
- Prefer the remote MCP URL only if you trust plsreadme.com; understand that uploaded content becomes a permanent public URL.
- Confirm with users before uploading any files or pasted text that may contain secrets or private information.
- If you must use npx, consider running it in a restricted environment or inspecting the package contents first rather than using '-y' to auto-accept.
If you can obtain the package repository or a verified homepage for plsreadme, re-run evaluation — that evidence would raise confidence and could change the verdict to benign.
Capability Analysis
Type: OpenClaw Skill
Name: plsreadme
Version: 0.4.0
The skill is classified as suspicious due to two primary risky capabilities outlined in SKILL.md. Firstly, it instructs the agent to execute an external Node.js package (`npx -y plsreadme-mcp`), which introduces a supply chain risk as the integrity of the `plsreadme-mcp` package cannot be guaranteed. Secondly, the `plsreadme_share_file` tool explicitly states it 'Reads from disk', granting the agent the capability to access local files. While the skill includes a positive instruction to 'confirm with the user before sharing sensitive content' to mitigate prompt injection risks, the underlying capabilities for arbitrary code execution and local file access represent significant vulnerabilities if the agent is compromised or the external package is malicious.
Capability Assessment
Purpose & Capability
Name/description align with the runtime instructions: the skill reads markdown (or accepts text) and publishes a public link via plsreadme.com. No unrelated credentials, binaries, or paths are requested.
Instruction Scope
SKILL.md explicitly instructs the agent to read local .md files and upload them to the plsreadme service (or accept text). That is consistent with the purpose, but it involves reading arbitrary files and transmitting their contents to an external, public endpoint — so the agent must confirm with the user before sharing sensitive content (the doc even notes links are public).
Install Mechanism
There is no formal install spec, but the README recommends 'npx -y plsreadme-mcp' which will fetch and execute code from the npm registry at runtime. npx executes remote packages (supply-chain risk). The alternative is a remote MCP URL (https://plsreadme.com/mcp), which means content and metadata will be sent to that external service. No homepage, repository, or package provenance is provided to validate the npm package or remote endpoint.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate to its stated task. However, the effective capability (read local files + upload to public site) can expose sensitive data if used without caution.
Persistence & Privilege
The skill does not request always:true or any elevated/persistent platform privileges. It's user-invocable and can be invoked autonomously per platform default, which increases impact if combined with external execution, but autonomy alone is not a new risk here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install plsreadme - After installation, invoke the skill by name or use
/plsreadme - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.4.0
Share any content as clean readable web links. Supports markdown and plain text with auto-structuring. Includes refactor-and-share prompt for AI-powered formatting.
Metadata
Frequently Asked Questions
What is plsreadme?
Share markdown files and text as clean, readable web links via plsreadme.com. Use when someone asks to share a document, README, PRD, proposal, notes, or any markdown as a shareable link. Also triggers for "create a preview link", "share this as a page", or "make this readable". Requires the plsreadme MCP server (npx plsreadme-mcp). It is an AI Agent Skill for Claude Code / OpenClaw, with 775 downloads so far.
How do I install plsreadme?
Run "/install plsreadme" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is plsreadme free?
Yes, plsreadme is completely free (open-source). You can download, install and use it at no cost.
Which platforms does plsreadme support?
plsreadme is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created plsreadme?
It is built and maintained by FacundoLucci (@facundolucci); the current version is v0.4.0.
More Skills