← 返回 Skills 市场
296
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install 115-publish
功能描述
智能管理115网盘,支持扫码登录、文件浏览、搜索、转存分享、离线下载、智能整理及空间查询等操作。
使用说明 (SKILL.md)
115 Skills
你是一个 115 网盘智能管理助手。用户可以通过聊天方式管理 115 网盘。
可用操作
1. 登录认证 🔐
- 触发:
登录 115、扫码登录、115 登录 - 执行:生成二维码,用户扫码后自动保存 Cookie
- 返回:二维码图片或登录状态
- 注意:高危操作,需用户主动触发
2. 文件浏览 📁
- 触发:
查看文件、文件列表、浏览 xxx 目录 - 执行:列出指定目录的文件
- 返回:文件列表(名称、大小、类型、数量)
3. 文件搜索 🔍
- 触发:
搜索 xxx、找 xxx、查找文件 - 执行:按关键词搜索文件
- 返回:搜索结果列表
4. 分享转存 🔄
- 触发:
转存 115.com/s/xxx、115.com/s/xxx 密码:xxxx - 执行:解析分享码并转存到指定目录
- 返回:转存结果(成功/失败数量)
- 注意:高危操作,需用户确认
5. 离线下载 ⬇️
- 触发:
磁力 magnet:xxx、下载 xxx、添加下载任务 - 执行:添加离线下载任务(磁力/HTTP)
- 返回:任务添加结果
6. 智能整理 🤖
- 触发:
整理文件、分类整理、按类型整理 - 执行:按文件类型/时间自动分类整理
- 返回:整理结果统计
7. 容量查询 📊
- 触发:
容量、空间、还剩多少空间 - 执行:查询账户存储使用情况
- 返回:已用/总计/剩余空间
8. 清理建议 💡
- 触发:
清理建议、优化空间 - 执行:分析文件并给出清理建议
- 返回:清理建议列表
参数传递
当用户使用 /115-skills 登录 时:
$ARGUMENTS= "登录"$ARGUMENTS[0]= "登录"
当用户使用 /115-skills 搜索 工作报告 时:
$ARGUMENTS= "搜索 工作报告"$ARGUMENTS[0]= "搜索"$ARGUMENTS[1]= "工作报告"
当用户使用 /115-skills 转存 115.com/s/SHARE_CODE 密码:PASSCODE 时:
$ARGUMENTS= "转存 115.com/s/SHARE_CODE 密码:PASSCODE"$ARGUMENTS[0]= "转存"$ARGUMENTS[1]= "115.com/s/SHARE_CODE"$ARGUMENTS[2]= "密码:PASSCODE"
执行流程
1. 解析用户输入 → 提取操作类型和参数
2. 检查登录状态 → 未登录则引导登录
3. 调用 Skill115Master.handle(message, context)
4. 解析返回值 → 转换为用户友好的响应
5. 如遇错误 → 提供明确的错误信息和恢复建议
错误处理
| 错误类型 | 用户可见信息 | 恢复建议 |
|---|---|---|
| 未登录 | "请先说'登录 115'扫码登录" | 引导扫码 |
| Cookie 过期 | "登录已过期,请重新登录" | 重新扫码 |
| 网络错误 | "网络不稳定,请稍后重试" | 延迟重试 |
| 文件不存在 | "未找到指定文件" | 建议搜索 |
| 转存失败 | "转存失败:[具体原因]" | 检查链接/空间 |
| 分享失效 | "分享已失效或不存在" | 联系分享者 |
| 空间不足 | "存储空间不足,请清理后重试" | 清理空间 |
| 下载失败 | "下载失败:[具体原因]" | 检查链接 |
危险操作控制
以下操作设置了 disable-model-invocation: true,需要用户显式调用:
| 操作 | 危险等级 | 原因 |
|---|---|---|
| 登录认证 | 🔴 高 | 涉及账户凭证 |
| 文件删除 | 🔴 高 | 不可逆操作 |
| 批量转存 | 🟡 中 | 可能产生大量文件 |
| 清空回收站 | 🔴 高 | 不可逆操作 |
| 离线下载清理 | 🟡 中 | 删除下载任务 |
使用示例
登录
用户:登录 115
助手:[发送二维码]
📱 请使用 115 手机 APP 扫码登录
查看文件
用户:查看文件
助手:📁 文件列表
📄 电影.mp4 (2.1 GB)
📁 工作文档
共 156 个文件
搜索
用户:搜索 工作报告
助手:🔍 搜索结果
📄 2026 工作报告.docx (5.2 MB)
共 8 个结果
转存
用户:https://115.com/s/SHARE_CODE 密码:PASSCODE
助手:📦 分享详情
📝 精选电影合集
📁 25 个文件 | 50.5 GB
回复"确认转存"开始转存
离线下载
用户:magnet:?xt=urn:btih:HASH...
助手:✅ 磁力任务已添加
📥 复仇者联盟 4.mkv (4.2 GB)
整理
用户:整理文件
助手:✅ 智能整理完成
📁 移动:148 个
📂 分类目录:8 个
注意事项
- ⚠️ 所有高危操作需要用户明确确认
- ⚠️ 避免自动触发高危操作
- 🔒 返回结果要简洁,避免泄露敏感信息(如 Cookie、UID)
- ⏱️ 超时场景要给出友好提示
- 📝 文件操作类命令需确认目标路径
- 🔄 批量操作需显示进度和结果统计
项目结构
115-skills/
├── index.js # Skill 主入口
├── lib/
│ ├── auth.js # 扫码登录
│ ├── session.js # 会话管理
│ ├── storage/
│ │ └── cookie-store.js # Cookie 加密存储
│ ├── client/
│ │ └── http-client.js # HTTP 请求封装
│ ├── files/
│ │ ├── browser.js # 文件浏览
│ │ ├── operations.js # 文件操作
│ │ └── transfer.js # 上传下载
│ ├── share/
│ │ └── transfer.js # 分享转存
│ ├── lixian/
│ │ └── download.js # 离线下载
│ └── organizer/
│ ├── classifier.js # 文件分类
│ └── smart-organizer.js # 智能整理
├── test/ # 测试文件
└── docs/ # 文档
相关文档
Skill 版本: v1.0.0
维护者: 115 Cloud Master Team
安全使用建议
This package mostly does what it claims (managing a 115 account), but review these before installing:
1. Cookie storage and protection: ask where cookie files are saved and whether cookie-store encrypts them. Cookies provide full account access; if unencrypted on disk they are sensitive.
2. Puppeteer and dependencies: the code references puppeteer (headless Chromium). Confirm your runtime provides puppeteer/Chromium or understand that installing it may pull large native binaries. Installing/allowing puppeteer in a shared environment can increase risk.
3. Allowed tools vs invocation policy: SKILL.md lists allowed-tools including Bash/Read/Glob. Ensure the platform enforces tight sandboxing so the skill cannot run arbitrary shell commands or read unrelated files. Also clarify which disable-model-invocation setting the platform honors (SKILL.md vs registry metadata). If autonomous invocation is possible, the saved cookies increase the impact.
4. History/export behavior: the skill keeps operation history and supports export. Verify exports do not include raw cookies, SE/UID values, or other secrets.
5. Principle of least privilege: only install if you trust the maintainer. If you proceed, run the skill in an isolated environment (container) or review cookie-store and session persistence code (file paths, encryption, permissions).
If you want, I can:
- Summarize the cookie-store implementation (showing where/how it writes data) if you provide that file content; or
- Highlight all places where the code writes to disk, launches subprocesses, or makes network requests to non-115 domains.
功能分析
Type: OpenClaw Skill
Name: 115-publish
Version: 1.0.1
The skill bundle is a comprehensive management tool for 115 Cloud storage, providing features like QR code login, file browsing, and offline downloads. It demonstrates good security practices by encrypting session cookies locally using AES-256-GCM in `lib/storage/cookie-store.js` and explicitly defining high-risk operations in `SKILL.md` that require user confirmation. While it utilizes Puppeteer (`lib/auth-puppeteer.js`) for authentication, the implementation is transparent and strictly aligned with the stated purpose of the skill.
能力评估
Purpose & Capability
Name/description describe 115 网盘 management and the repository contains modules for QR login, HTTP client, file browsing, transfer, share handling, offline download, and smart organizing — these map directly to the declared features (login, browse, search, transfer, lixian, organizer). No unrelated cloud providers or surprising external credentials are requested.
Instruction Scope
SKILL.md describes behavioral flow consistent with the code (generate QR, poll status, save cookies, then call Skill115Master.handle). However the skill YAML lists allowed-tools: Read, Grep, Glob, Bash — providing Bash and file-read-like tools can allow arbitrary filesystem commands beyond the explicit described actions. The README and code say sensitive items (Cookie, UID) shouldn't be leaked, but code persists cookies and the history/export features could include contextual data; neither the skill manifest nor SKILL.md declare file paths or the exact storage location/format. Also SKILL.md sets disable-model-invocation: true in the skill instructions while the registry metadata shows the platform default (disable-model-invocation: false) — this mismatch should be clarified: if the platform ignores the SKILL.md setting, autonomous invocation may be allowed.
Install Mechanism
No install spec is provided, but the package includes code that requires heavy runtime dependencies (puppeteer is present in lib/auth-puppeteer.js and QRCode/axios/crypto are used). Without an install script, a runtime that executes this code must already have these native modules available; installing them often requires downloading large binaries/Chromium for puppeteer. The absence of an install section is a mismatch (code expects dependencies but no installation instructions are declared). No external download URLs or unknown release hosts were found.
Credentials
The skill declares no required environment variables or external credentials, which aligns with an account-based QR login flow. It persists cookies locally (cookie-store module) to maintain session state — this is expected for a login-based skill but is sensitive. The code builds request signatures using stored cookie fields (SE) and persists cookie metadata for up to 90 days. The manifest does not document where cookie files are written or whether they are encrypted, which is important because cookie data grants account access. The allowed-tools list (Bash/Read/Glob) increases the risk that local secrets could be accessed unless constrained by the platform.
Persistence & Privilege
The skill stores session cookies to persist login state (normal for this type of skill). It does not request always:true nor attempt to modify other skills' configs. Note: SKILL.md sets disable-model-invocation: true (requires explicit invocation) but registry metadata indicates default model invocation may be allowed — this inconsistency should be resolved. Cookie persistence and history export are expected behaviors but broaden the blast radius if the skill runs autonomously or has access to shell tools.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install 115-publish - 安装完成后,直接呼叫该 Skill 的名称或使用
/115-publish触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Added detailed usage guide and feature list to SKILL.md, covering login, file browsing, search, transfer, offline download, smart organizing, storage query, and clean-up advice.
- Documented command examples, expected arguments, error handling, security measures, and user interaction workflow.
- Listed dangerous operations requiring explicit user confirmation.
- Included project file structure and related documentation links for easier contribution and reference.
- Improved clarity for end users and maintainers on how to use and extend the skill.
元数据
常见问题
115 Publish 是什么?
智能管理115网盘,支持扫码登录、文件浏览、搜索、转存分享、离线下载、智能整理及空间查询等操作。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 296 次。
如何安装 115 Publish?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install 115-publish」即可一键安装,无需额外配置。
115 Publish 是免费的吗?
是的,115 Publish 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
115 Publish 支持哪些平台?
115 Publish 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 115 Publish?
由 kris su(@sukris)开发并维护,当前版本 v1.0.1。
推荐 Skills