← 返回 Skills 市场

docsiphon Doc Corpus Operator

Name: docsiphon Doc Corpus Operator
Author: xiaojiou176

作者 Yifeng[Terry] Yu · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install docsiphon-doc-corpus-operator

功能描述

Use when an agent needs to run Docsiphon through the CLI-first path, export a small documentation subtree, and inspect the resulting audit artifacts without...

使用说明 (SKILL.md)

docsiphon Doc Corpus Operator

Use this skill when an agent needs to run the current Docsiphon CLI flow and inspect the resulting export artifacts from a repo checkout or uvx path.

Product truth

docsiphon is currently CLI-first
this packet is a host-native secondary lane
the packet teaches export and artifact inspection, not a hosted browser workflow
any future MCP-aware surface remains future secondary until it ships its own install contract, verification gate, public packet, and lane truth

Current registry truth

ClawHub: not submitted yet
OpenHands/extensions: not submitted yet

First-success flow

Follow references/INSTALL.md
Run the small scoped export in references/DEMO.md
Inspect manifest.jsonl, report.json, toc.md, and report.html
Only after the first export works, move to bigger site scopes or custom profiles

Preferred evidence order

references/INSTALL.md
references/DEMO.md
references/CAPABILITIES.md
references/TROUBLESHOOTING.md

Truth language

Good: CLI-first
Good: scoped export
Good: audit artifacts
Good: host-native secondary lane
Forbidden: hosted platform
Forbidden: listed-live without fresh host read-back
Forbidden: MCP-first

This packet is internally consistent and simply documents how to run Docsiphon via the uv/uvx CLI and inspect local export artifacts. Before running the demo: (1) review the remote GitHub repo you will execute with uvx (it will fetch and run code), (2) run the export in an isolated/sandboxed environment if you are unsure about the repo, and (3) avoid pointing the tool at private or sensitive sites unless you intend to export that content and have authorization to do so.

功能分析

Type: OpenClaw Skill Name: docsiphon-doc-corpus-operator Version: 1.0.0 The skill bundle instructs the agent to download and execute code directly from a remote GitHub repository (github.com/xiaojiou176-open/docsiphon) using the `uvx` command in `references/INSTALL.md` and `references/DEMO.md`. While this is a functional method for running CLI tools, it introduces a significant Remote Code Execution (RCE) risk by bypassing verified package registries in favor of an unverified third-party repository. There is no explicit evidence of malicious intent in the provided text, but the pattern of executing remote scripts is a high-risk behavior for an autonomous agent.

能力评估

✓ Purpose & Capability

Name/description match the contents: the packet teaches CLI-first Docsiphon usage (uvx/uv), a scoped export, and inspection of local artifacts. No unrelated credentials, binaries, or config paths are requested.

ℹ Instruction Scope

SKILL.md and references instruct running uvx to fetch and run Docsiphon and to export/inspect site content. This stays within the stated scope, but the demo example includes a third-party target URL (developerdocs.instructure.com) and the flow entails crawling external sites and producing local artifacts — users should be aware that running the demo will retrieve remote site content.

ℹ Install Mechanism

There is no install spec (instruction-only), which is low risk. However, the recommended flow runs 'uvx --from git+https://.../docsiphon.git' which fetches and executes code from a GitHub repo at runtime; fetching/executing remote code is expected for a CLI-first package but carries the usual trust risk and should be done in an isolated environment or after code review.

✓ Credentials

The packet declares no environment variables, credentials, or config paths. The lack of secrets is proportionate to the described function.

✓ Persistence & Privilege

Flags are default (not always), no persistent installation mechanism or cross-skill/system config modification is requested. Autonomous invocation is allowed by default but is not combined here with elevated privileges or credential access.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install docsiphon-doc-corpus-operator
安装完成后，直接呼叫该 Skill 的名称或使用 /docsiphon-doc-corpus-operator 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

- Initial release of docsiphon-doc-corpus-operator skill. - Enables agents to run Docsiphon via CLI, export documentation subtrees, and inspect audit artifacts. - Emphasizes CLI-first workflow rather than hosted or MCP-first product claims. - Outlines preferred evidence order and correct product terminology. - Provides clear flow for first-time use, including required references.

元数据

Slug docsiphon-doc-corpus-operator

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题