← 返回 Skills 市场
374
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install evc-team-relay
功能描述
Read and write Obsidian notes stored in EVC Team Relay collaborative vault. Use when agent needs to: read note content from a shared Obsidian vault, create o...
使用说明 (SKILL.md)
EVC Team Relay
REST API skill for reading and writing collaborative Obsidian vault documents via EVC Team Relay.
Environment variables
| Variable | Required | Description |
|---|---|---|
RELAY_CP_URL |
yes | Control plane URL, e.g. https://cp.tr.entire.vc |
RELAY_EMAIL |
yes | User email for authentication |
RELAY_PASSWORD |
yes | User password |
RELAY_TOKEN |
no | JWT token (set via export RELAY_TOKEN=$(scripts/auth.sh)) |
Quick start
# 1. Authenticate — get a JWT token (stored in env var, not visible in ps)
export RELAY_TOKEN=$(scripts/auth.sh)
# 2. List shares to find available documents
scripts/list-shares.sh
# 3. Read a file from a folder share BY PATH (most common)
scripts/read-file.sh \x3Cfolder_share_id> "Marketing/plan.md"
# 4. Create or update a file in a folder share
scripts/upsert-file.sh \x3Cfolder_share_id> "note.md" "# Content"
# 5. List all files in a folder share
scripts/list-files.sh \x3Cfolder_share_id>
# 6. Delete a file from a folder share
scripts/delete-file.sh \x3Cfolder_share_id> "old-note.md"
# 7. Read a doc share (single document, share_id = doc_id)
scripts/read.sh \x3Cshare_id>
# 8. Write to a doc share
scripts/write.sh \x3Cshare_id> \x3Cshare_id> "# Updated content"
All scripts accept the token via RELAY_TOKEN env var (preferred) or as the first CLI argument (backward-compatible).
Two kinds of shares
| Doc share | Folder share | |
|---|---|---|
| Contains | Single document | Multiple files |
| doc_id | Same as share_id | Each file has its own doc_id (in folder metadata) |
| Read | read.sh \x3Cshare_id> |
read-file.sh \x3Cshare_id> "path/to/file.md" |
| Write | write.sh \x3Cshare_id> \x3Cshare_id> \x3Ccontent> |
upsert-file.sh \x3Cshare_id> "path" \x3Ccontent> |
| Delete | N/A | delete-file.sh \x3Cshare_id> "path" |
Most shares are folder shares. Use read-file.sh and upsert-file.sh — they handle path resolution automatically.
Warning:
write.shdoes NOT work for folder shares — it writes content but does not register the file in folder metadata, so Obsidian will never see it. The script detects folder shares and refuses with an error.
Scripts reference
| Script | Purpose | Args |
|---|---|---|
auth.sh |
Get JWT token | — |
list-shares.sh |
List all shares | [kind] [owned_only] |
list-files.sh |
List files in folder share | \x3Cshare_id> |
read-file.sh |
Read file by path (folder share) | \x3Cshare_id> \x3Cfile_path> |
read.sh |
Read by doc_id (low-level) | \x3Cshare_id> [doc_id] |
upsert-file.sh |
Create/update file (folder share) | \x3Cshare_id> \x3Cfile_path> \x3Ccontent> |
write.sh |
Write by doc_id (doc shares only) | \x3Cshare_id> \x3Cdoc_id> \x3Ccontent> |
delete-file.sh |
Delete file from folder share | \x3Cshare_id> \x3Cfile_path> |
create-file.sh |
Create new file (low-level) | \x3Cshare_id> \x3Cfile_path> \x3Ccontent> |
Bold = recommended for most use cases. All scripts use RELAY_TOKEN env var (or accept token as first arg).
Authentication
All API calls require a Bearer JWT token. Get one via login:
curl -s -X POST "$RELAY_CP_URL/v1/auth/login" \
-H "Content-Type: application/json" \
-d '{"email": "'$RELAY_EMAIL'", "password": "'$RELAY_PASSWORD'"}' \
| jq -r '.access_token'
Response:
{
"access_token": "eyJ...",
"refresh_token": "...",
"token_type": "bearer",
"expires_in": 3600
}
Use the access_token as Authorization: Bearer \x3Ctoken> header on all subsequent requests.
When the token expires (1 hour), refresh it:
curl -s -X POST "$RELAY_CP_URL/v1/auth/refresh" \
-H "Content-Type: application/json" \
-d '{"refresh_token": "'$REFRESH_TOKEN'"}'
Listing shares
Shares are the access units — each share maps to a document or folder in the Obsidian vault.
curl -s "$RELAY_CP_URL/v1/shares" \
-H "Authorization: Bearer $TOKEN" | jq
Response (array):
[
{
"id": "a1b2c3d4-...",
"kind": "doc",
"path": "Projects/meeting-notes.md",
"visibility": "private",
"is_owner": true,
"user_role": null,
"web_published": false
},
{
"id": "e5f6g7h8-...",
"kind": "folder",
"path": "Projects/",
"visibility": "private",
"is_owner": false,
"user_role": "editor"
}
]
Key fields:
id— share UUID, used asshare_idin all operationskind—doc(single file) orfolder(directory)path— Obsidian vault-relative pathuser_role—viewer(read-only),editor(read-write), ornull(owner)
Filter options: ?kind=doc, ?owned_only=true, ?member_only=true, ?skip=0&limit=50.
Listing files in a folder share
scripts/list-files.sh \x3Cshare_id>
Response:
{
"doc_id": "e5f6g7h8-...",
"files": {
"meeting-notes.md": {"doc_id": "abc123-...", "type": "markdown"},
"project-plan.md": {"doc_id": "def456-...", "type": "markdown"}
}
}
Each key is the file's path within the folder. The doc_id field is the document identifier used for content operations. The share_id for content requests is always the folder share's ID.
Note: The API response uses
idas the field name. This is the same asdoc_id— use it whereverdoc_idis needed.
Reading files
By path (recommended for folder shares)
scripts/read-file.sh \x3Cfolder_share_id> "Marketing/plan.md"
This resolves the path to a doc_id internally and returns:
{
"doc_id": "abc123-...",
"content": "# Marketing Plan\
\
Content here...",
"format": "text",
"path": "Marketing/plan.md"
}
By doc_id (low-level)
scripts/read.sh \x3Cshare_id> [doc_id] [key]
For doc shares, omit doc_id (defaults to share_id). For folder shares, pass the file's doc_id from list-files.sh.
Writing files
Folder shares — use upsert-file.sh
# Create or update — auto-detects which operation is needed
scripts/upsert-file.sh \x3Cfolder_share_id> "note.md" "# Updated content"
# Pipe content from stdin
echo "# Content" | scripts/upsert-file.sh \x3Cfolder_share_id> "note.md" -
Response includes an operation field: "created" or "updated".
Doc shares — use write.sh
scripts/write.sh \x3Cshare_id> \x3Cshare_id> "# Updated Notes"
write.sh refuses folder shares — if you accidentally pass a folder share_id as doc_id, it detects this and exits with an error directing you to upsert-file.sh.
Common workflows
Read a specific note by path (most common)
# If you know the folder share_id:
scripts/read-file.sh \x3Cfolder_share_id> "Marketing/docs/plan.md"
# If you need to find the share first:
scripts/list-shares.sh # find the folder share
scripts/read-file.sh \x3Cshare_id> "path/to/file.md"
Create or update a file
# Always works, whether the file exists or not
scripts/upsert-file.sh \x3Cfolder_share_id> "note.md" "# Content"
Delete a file
scripts/delete-file.sh \x3Cfolder_share_id> "old-note.md"
Error codes
| Status | Meaning |
|---|---|
| 400 | Invalid share_id format |
| 401 | Missing or expired token — re-authenticate |
| 403 | Insufficient permissions (viewer trying to write, or non-member) |
| 404 | Share or file not found (check path spelling, use list-files.sh to verify) |
| 422 | Missing required field (share_id, content) |
| 502 | Relay server unavailable — retry later |
Terminology
| Term | Meaning |
|---|---|
share_id |
UUID of a share (doc or folder). Used for ACL checks in all requests. |
doc_id |
UUID of an individual document. For doc shares, equals share_id. For folder shares, each file has its own doc_id. |
id |
Same as doc_id — the API response field name. Use interchangeably. |
file_path |
Relative path within a folder share (e.g. "Marketing/plan.md"). |
References
references/api.md— full API reference with all endpoints
安全使用建议
This skill appears to do exactly what it claims: use curl/jq to call a Relay control-plane to list/read/create/update/delete Obsidian-shared documents. Before installing: (1) verify the RELAY_CP_URL is a trusted control-plane you manage or trust (don't point it at an unknown host); (2) prefer issuing and storing a short-lived RELAY_TOKEN or a limited-scope service account rather than embedding your full user password in OpenClaw config; (3) ensure the OpenClaw config file permissions are restrictive if you must store RELAY_PASSWORD; (4) review the scripts locally (they are small and readable) and test them with a non-sensitive account first; (5) be aware the auth script echoes the access token to stdout (used for env assignment) — treat that token as sensitive. These mitigations reduce credential exposure while allowing legitimate use.
功能分析
Type: OpenClaw Skill
Name: evc-team-relay
Version: 1.1.2
The OpenClaw skill `evc-team-relay` is designed to interact with the EVC Team Relay API for managing Obsidian notes. All scripts (`scripts/*.sh`) use `curl` and `jq` to perform authenticated API calls to the `RELAY_CP_URL` endpoint, as described in the `SKILL.md` and `README.md` files. Input sanitization is present for URL paths (using `jq -sRr @uri` in `delete-file.sh`) and JSON payloads (using `jq --arg`), mitigating common injection risks. There is no evidence of intentional malicious behavior such as unauthorized data exfiltration, persistence mechanisms, or prompt injection attempts against the AI agent. The handling of `RELAY_EMAIL`, `RELAY_PASSWORD`, and `RELAY_TOKEN` is for the legitimate purpose of authenticating to the specified Relay service.
能力评估
Purpose & Capability
Name/description, required env vars (RELAY_CP_URL, RELAY_EMAIL, RELAY_PASSWORD), and required binaries (curl, jq) all match a small bash-based REST client for the Relay control plane. The scripts implement listing, reading, creating/updating, and deleting files via the described API — nothing unrelated is requested.
Instruction Scope
SKILL.md and the scripts limit actions to HTTP calls to the configured RELAY_CP_URL and local processing with jq/curl. They do not attempt to read arbitrary files or other system credentials. Minor issues: (1) SKILL.md shows a refresh example referencing $REFRESH_TOKEN but the provided auth.sh only prints the access token (not the refresh token), a small documentation mismatch; (2) README suggests putting RELAY_PASSWORD in the OpenClaw JSON config (plaintext storage risk) — this is outside the skill's functional scope but a user-config choice that increases exposure.
Install Mechanism
There is no network download/install step in the registry spec; the package contains bash scripts and a README. Installation is manual copying + chmod as documented. No remote, opaque downloads or extracted archives are used by the skill itself.
Credentials
The skill only requests the Relay control-plane URL, user email, and password — all necessary to obtain a short-lived JWT to operate. This is proportionate to functionality. Caveats: storing RELAY_PASSWORD in agent config (as suggested in README) risks long-lived plaintext credentials; where possible prefer short-lived tokens or a dedicated service account with limited scope.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide config. It runs on demand and uses standard environment variables. Autonomous invocation (disable-model-invocation=false) is the platform default and not a unique privilege here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install evc-team-relay - 安装完成后,直接呼叫该 Skill 的名称或使用
/evc-team-relay触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.2
- Bumped version from 1.1.1 to 1.1.2.
- Updated environment variable example for RELAY_CP_URL to use https://cp.tr.entire.vc instead of https://cp.your-domain.com in documentation.
- No changes to code or scripts; documentation update only.
v1.1.1
evc-team-relay 1.1.1
- Added `version` and `metadata` fields to SKILL.md for improved discoverability and configuration management.
- Documented support for a `RELAY_TOKEN` environment variable, allowing authentication tokens to be managed with reduced risk of leakage and cleaner CLI workflow.
- Updated script usage examples to prefer environment variable authentication and improved clarity on argument handling.
- Minor documentation enhancements and normalization for environment variable and script argument conventions.
v1.1.0
- Added detailed documentation for reading and writing Obsidian notes via EVC Team Relay.
- Outlined environment variable requirements for authentication.
- Included workflow guides for listing shares, reading/writing/updating notes, and managing files in folder shares.
- Provided example scripts and API requests for common operations.
- Documented required permissions and error codes for API usage.
- Clarified response formats and key API parameters.
元数据
常见问题
EVC Team Relay 是什么?
Read and write Obsidian notes stored in EVC Team Relay collaborative vault. Use when agent needs to: read note content from a shared Obsidian vault, create o... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 374 次。
如何安装 EVC Team Relay?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install evc-team-relay」即可一键安装,无需额外配置。
EVC Team Relay 是免费的吗?
是的,EVC Team Relay 完全免费(开源免费),可自由下载、安装和使用。
EVC Team Relay 支持哪些平台?
EVC Team Relay 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 EVC Team Relay?
由 Entire VC(@venturecrew)开发并维护,当前版本 v1.1.2。
推荐 Skills