← 返回 Skills 市场
piaoleaf

文件上传,本地文件转网络路径

作者 piaoleaf · GitHub ↗ · v1.0.2 · MIT-0
cross-platform ⚠ suspicious
124
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install file-uploader
功能描述
将本地文件(图片、文档、视频等)上传到 tiaowulan.com.cn 并返回网络访问路径。触发场景:(1) 用户说"上传文件"、"上传图片"、"上传文档",(2) 需要将本地文件转换为网络 URL,(3) 用户提供文件并要求生成可直接网页引用的链接。
使用说明 (SKILL.md)

name file-uploader description 将本地文件(图片、文档、视频等)上传至阿里云 OSS 并返回可直接访问的网络 URL。

触发场景: 1、用户说 “上传文件”“上传图片”“上传文档” 2、需要将本地文件转换为网络 URL 3、用户提供文件并要求生成可直接网页引用的链接

配置方式 需要配置 JWT Token 和 Device-ID: JWT Token:登录 https://www.szmpy.com 获取 Device-ID:由管理员分配

支持文件类型 图片:jpg、jpeg、png、gif、webp、svg、bmp文档:pdf、doc、docx、xls、xlsx、ppt、pptx视频:mp4、avi、mov、mkv、webm音频:mp3、wav、flac、aac压缩包:zip、rar、tar、gz

安全限制 文件大小最大 4MB 仅允许白名单内文件类型 凭证仅保存在本地用户目录,权限 600 所有错误信息脱敏,不暴露服务端细节

实现逻辑(curl) #!/bin/bash CONFIG="$HOME/.file-uploader.json" UPLOAD_URL="https://xcx.szmpy.com/api/image/uploadfile"

if [ "$1" = "config" ]; then shift jq -n
--arg token "$2"
--arg device "$4"
'{jwt_token: $token, device_id: $device}' > "$CONFIG" chmod 600 "$CONFIG" echo "配置已保存" exit 0 fi

FILE="$1"

if [ ! -f "$CONFIG" ]; then echo "未配置,请先执行 file-uploader config --token ... --device-id ..." exit 1 fi

JWT=$(jq -r .jwt_token "$CONFIG") DEVICE=$(jq -r .device_id "$CONFIG")

if [ ! -f "$FILE" ]; then echo "文件不存在" exit 1 fi

EXT="${FILE##*.}" EXT=$(echo "$EXT" | tr A-Z a-z) ALLOWED="jpg,jpeg,png,gif,webp,svg,bmp,pdf,doc,docx,xls,xlsx,ppt,pptx,mp4,avi,mov,mkv,webm,mp3,wav,flac,aac,zip,rar,tar,gz"

if ! echo "$ALLOWED" | grep -qw "$EXT"; then echo "不支持的文件类型" exit 1 fi

SIZE=$(stat -c%s "$FILE" 2>/dev/null || stat -f%z "$FILE") if [ "$SIZE" -gt $((10010241024) ]; then echo "文件超过大小限制" exit 1 fi

RESP=$(curl -s -X POST
-H "Authorization: Bearer $JWT"
-H "Device-ID: $DEVICE"
-F "file=@$FILE"
--connect-timeout 10
--max-time 60
"$UPLOAD_URL")

URL=$(echo "$RESP" | grep -Eo 'https?://[^"]+' | head -n 1)

if [ -n "$URL" ]; then echo "SUCCESS" echo "URL: $URL" echo "{"code":1,"url":"$URL"}" else echo "UPLOAD FAILED" echo "{"code":0,"url":null}" exit 1 fi

输出格式 成功:code=1,msg=url

安全使用建议
Do not install blindly. Before using: (1) verify which domain/service you intend to upload to — the registry header and SKILL.md disagree (tiaowulan.com.cn vs szmpy.com/xcx.szmpy.com). Confirm the correct, trusted endpoint. (2) Expect the script to need jq, curl and standard Unix tools even though the metadata doesn't list them — install those tools or inspect the script first. (3) Test with a non-sensitive small file to confirm actual file size limits and behavior (SKILL.md claims 4MB but the script's check appears to use ~100MB and contains a syntax bug). (4) Understand that giving the JWT to this tool allows the remote service to receive your files — don't provide credentials or sensitive files unless you trust the destination. (5) If you need this skill, request the author correct the metadata (correct domain, list required binaries, fix size-check and parsing bugs) or provide a signed/official source so you can verify authenticity.
能力评估
Purpose & Capability
The top-level description (in the registry header) says upload to tiaowulan.com.cn, while the SKILL.md implements uploads to xcx.szmpy.com and references logging in at szmpy.com and '阿里云 OSS' — these mismatched endpoints/domains suggest the metadata and runtime instructions are inconsistent. A legitimate uploader should consistently declare which service it targets.
Instruction Scope
The SKILL.md runtime instructions are narrowly scoped to: read a local config in $HOME, validate a single file, and POST it to an external API. That is coherent with an uploader. However: (1) the script expects jq, curl, stat, grep but the skill metadata declares no required binaries; (2) the script has logic/typo problems (contradictory stated max size '4MB' vs code checking ~100MB and a likely syntax error in the size check), and (3) it extracts the first URL from the response by a broad grep which could accidentally return unrelated URLs. These are functional problems and increase risk of unexpected behavior.
Install Mechanism
No install spec and no code files beyond SKILL.md (instruction-only). This minimizes install-time risk — nothing is downloaded or written by an installer. The only persistent artifact is the user-created config file under $HOME if the user runs the config command.
Credentials
The skill does not request environment variables or system-wide credentials; it asks the user to store a JWT and Device-ID locally in $HOME/.file-uploader.json (chmod 600). Storing the JWT locally is plausible for this use, but the skill's metadata should have declared required tools and the need for these credentials. Verify you trust the remote service before giving it any JWT, since that token grants upload capability to the remote endpoint.
Persistence & Privilege
always:false and no installation/install scripts are present. The skill does write a local config file only if the user runs the provided config command, which is within expected behavior for this kind of utility.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install file-uploader
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /file-uploader 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
将本地文件(图片、文档、视频等)上传至阿里云 OSS 并返回可直接访问的网络 URL。
v1.0.1
**Summary:** Updated to upload files to Aliyun OSS with enhanced security and stricter limits. - Changed upload destination from tiaowulan.com.cn to Aliyun OSS (阿里云 OSS). - Added security limits: file size capped at 4MB, only whitelisted file types allowed, and credentials stored securely (600 permission). - Error messages now generic and sanitized, hiding server-side details. - Updated configuration instructions and supported file type list. - Provided sample Bash script for upload implementation using curl.
v1.0.0
将本地文件上传到 szmpy.com 并返回阿里云 OSS 网络路径。支持图片、文档、视频等多种文件格式。
元数据
Slug file-uploader
版本 1.0.2
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

文件上传,本地文件转网络路径 是什么?

将本地文件(图片、文档、视频等)上传到 tiaowulan.com.cn 并返回网络访问路径。触发场景:(1) 用户说"上传文件"、"上传图片"、"上传文档",(2) 需要将本地文件转换为网络 URL,(3) 用户提供文件并要求生成可直接网页引用的链接。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 124 次。

如何安装 文件上传,本地文件转网络路径?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install file-uploader」即可一键安装,无需额外配置。

文件上传,本地文件转网络路径 是免费的吗?

是的,文件上传,本地文件转网络路径 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

文件上传,本地文件转网络路径 支持哪些平台?

文件上传,本地文件转网络路径 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 文件上传,本地文件转网络路径?

由 piaoleaf(@piaoleaf)开发并维护,当前版本 v1.0.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论