← 返回 Skills 市场
625
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install capture-website
功能描述
Capture website screenshots from the command line. Use when user wants to take screenshots of any URL (Twitter, news sites, webpages) and send them via Disco...
使用说明 (SKILL.md)
Capture Website Screenshot
Take screenshots of any website and send to user.
Quick Start
capture-website \x3CURL> --output=/home/aaronz/.openclaw/workspace/screenshot.png
Common Options
| Option | 说明 | 示例 |
|---|---|---|
--output |
输出文件路径 | --output=/tmp/screenshot.png |
--full-page |
截取完整页面 | --full-page |
--width |
页面宽度 | --width=1280 |
--height |
页面高度 | --height=800 |
--type |
图片格式 | --type=png 或 --type=jpeg |
--delay |
加载后等待秒数 | --delay=2 |
--wait-for-element |
等待元素出现 | --wait-for-element=.content |
--dark-mode |
暗色模式 | --dark-mode |
--emulate-device |
模拟设备 | --emulate-device="iPhone X" |
Workflow
- Run capture-website command with URL
- Save to workspace folder:
/home/aaronz/.openclaw/workspace/ - Send via message tool with filePath
Example
capture-website https://x.com/elonmusk/status/2026052687423562228 \
--output=/home/aaronz/.openclaw/workspace/tweet.png \
--width=1280 \
--height=800
Then send the file to user via Discord.
Notes
- Requires:
npm install -g capture-website-cli - Default timeout: 60 seconds
- If screenshot fails, try adding
--delay=2for slow-loading pages
安全使用建议
This skill is plausible for taking screenshots, but it has gaps and assumptions you should address before installing or allowing it to run: 1) The SKILL.md requires 'npm install -g capture-website-cli' but the skill metadata doesn't declare node/npm—confirm that installing a global npm package is acceptable and verify the package source (review the npm package and its maintainer). 2) The instructions use a hard-coded path (/home/aaronz/.openclaw/workspace/) — ensure the skill will use a sandboxed or canonical workspace path rather than assuming another user's home directory. 3) The README mentions sending via Discord/Feishu but doesn't declare or request tokens; confirm what messaging tool the agent will actually use and how credentials are provided/secured to avoid unintended data exfiltration. 4) Be aware a screenshot tool will fetch arbitrary URLs; if your agent can access internal networks, this could be used to capture internal pages (SSRF-like data exposure). 5) Prefer an explicit install spec (or containerized runtime) and explicit required binaries/permissions in the skill metadata. If you rely on this skill, ask the author to: add required binaries (node/npm), include an install specification or trusted source for the CLI, remove hard-coded paths in favor of workspace variables, and declare any message-sending credentials and their intended use. If you cannot verify the CLI package or these changes, treat execution as higher risk.
功能分析
Type: OpenClaw Skill
Name: capture-website
Version: 1.0.0
The skill is classified as suspicious due to two main factors found in `SKILL.md`. First, it instructs the agent to perform a global npm package installation (`npm install -g capture-website-cli`), which introduces a supply chain risk by executing arbitrary code from a public registry. Second, the skill executes a shell command (`capture-website <URL>`) with a user-provided URL, creating a potential shell injection vulnerability if the agent does not adequately sanitize the input URL before execution. While these actions are plausibly needed for the skill's stated purpose, they represent significant risky capabilities and vulnerabilities, respectively, without clear evidence of intentional malicious exploitation by the skill itself.
能力评估
Purpose & Capability
The stated purpose (capture website screenshots) aligns with the SKILL.md which instructs using capture-website-cli. However the skill metadata lists no required binaries or env vars even though the instructions explicitly require npm and a globally installed npm package. Also the description mentions sending via Discord/Feishu but no messaging credentials or APIs are declared.
Instruction Scope
Runtime instructions tell the agent to run arbitrary capture-website commands and write files to a hard-coded path (/home/aaronz/.openclaw/workspace/). The flow also says 'Send via message tool with filePath' but provides no detail about which tool, how credentials are acquired, or where data is transmitted. The ability to fetch arbitrary URLs (normal for a screenshot tool) means the agent could access internal network resources if allowed—this should be explicit. The hard-coded username/path is concerning because it may not exist for other users and could reveal or assume a specific environment.
Install Mechanism
There is no install spec in registry metadata, but SKILL.md requires 'npm install -g capture-website-cli'. That implies relying on npm and global installs from the public registry. The skill should have declared required binaries (node/npm) and an install spec or trusted source; absent that, the installer behavior is unspecified and the global npm install may be undesirable or unsafe.
Credentials
The skill declares no environment variables or credentials, yet the README mentions sending screenshots via Discord/Feishu — operations that typically require API tokens. The omission is disproportionate: either the skill should not perform sending, or it should declare required credentials and explain how they are used. Current instructions assume the agent has some messaging capability without specifying its access model.
Persistence & Privilege
The skill does not request always:true or elevated presence. It's instruction-only and has no install spec in metadata, so it does not request persistent system-wide changes in the registry data. Autonomous invocation remains enabled by default, which is standard and not itself a new concern here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install capture-website - 安装完成后,直接呼叫该 Skill 的名称或使用
/capture-website触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of capture-website skill:
- Capture website screenshots directly from the command line.
- Supports popular options like full-page capture, device emulation, dark mode, and delays.
- Saves screenshots to a local workspace directory for further sharing.
- Integrates with services like Discord and Feishu to send screenshots.
- Requires capture-website-cli to be installed globally via npm.
元数据
常见问题
Capture Website 是什么?
Capture website screenshots from the command line. Use when user wants to take screenshots of any URL (Twitter, news sites, webpages) and send them via Disco... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 625 次。
如何安装 Capture Website?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install capture-website」即可一键安装,无需额外配置。
Capture Website 是免费的吗?
是的,Capture Website 完全免费(开源免费),可自由下载、安装和使用。
Capture Website 支持哪些平台?
Capture Website 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Capture Website?
由 Aaron(@silencezx007)开发并维护,当前版本 v1.0.0。
推荐 Skills