← 返回 Skills 市场
2391
总下载
2
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install find-stl
功能描述
Search and download ready-to-print 3D model files (STL/3MF/ZIP) for a concept or specific part by querying Printables (first). Use when an agent needs to find an existing model, capture license/attribution, download the source files, and output a local folder + manifest for quoting/printing.
使用说明 (SKILL.md)
find-stl
This skill provides a deterministic pipeline:
- search Printables for models
- select a candidate
- download model files
- write a
manifest.json(source URL, author, license id, files, hashes)
Quick start
Search
python3 scripts/find_stl.py search "iphone 15 pro dock" --limit 10
Fetch
python3 scripts/find_stl.py fetch 1059554 --outdir out/models
By default, fetch downloads all model files (a ZIP pack) when available.
Notes
- Printables download links are time-limited; this script resolves them via Printables GraphQL (
getDownloadLink). - Always preserve license + attribution in the manifest.
Resources
scripts/find_stl.py
安全使用建议
This skill appears to do what it says (search Printables and download models), but you should be cautious before running it: 1) it downloads third-party files and extracts ZIPs without sanitizing filenames — a malicious or malformed archive or a manipulated API response could overwrite files (zip-slip / path traversal). 2) filenames from the API are used verbatim when saving, which could introduce unexpected paths. 3) the script writes to a default folder in your home directory; consider specifying an isolated outdir. Recommended actions: run the script in a sandbox or container, inspect network calls, and review/patch the code before use — specifically: sanitize downloaded filenames (use basename/safe_slug), validate ZIP members and reject entries with absolute paths or '..' components before extraction, enforce max file size and disk quotas, and prefer extracting into an empty, isolated directory. If you only need search results, run the search subcommand first (safe, read-only). If you want me to, I can produce a small patch that hardens ZIP extraction and filename handling.
功能分析
Type: OpenClaw Skill
Name: find-stl
Version: 0.1.0
The skill bundle is benign. The `SKILL.md` provides clear, functional instructions without any prompt injection attempts against the agent. The `scripts/find_stl.py` script exclusively interacts with the legitimate `api.printables.com` endpoint to search for and download 3D model files (STL/3MF/ZIP). File system operations are limited to creating output directories and writing/extracting downloaded files to a user-specified or default local path (`~/models/incoming`), which is consistent with its stated purpose. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation.
能力评估
Purpose & Capability
Name/description align with the included script: it queries Printables' GraphQL API, retrieves time-limited download links and writes a local folder + manifest. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md describes search->fetch pipeline and the script implements exactly that, but the runtime instructs the agent (the script) to download and write arbitrary files and to extract ZIP archives without any sanitization. Filenames from the API are used directly for filesystem paths and ZipFile.extractall() is called, which creates a path-traversal / zip-slip risk and may overwrite files in the target directory.
Install Mechanism
No install spec (instruction-only plus a single Python script). No packages are fetched during install. Risk is limited to executing the included script and its network activity at runtime.
Credentials
The skill requests no environment variables or credentials, which is proportional. It does perform network calls to api.printables.com (expected for the stated purpose).
Persistence & Privilege
always is false, no persistent/privileged flags. The skill does write files under a default outdir (~/models/incoming) which is normal for its purpose but is not a platform-level persistence request.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install find-stl - 安装完成后,直接呼叫该 Skill 的名称或使用
/find-stl触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release: Printables search + fetch + manifest.json output
元数据
常见问题
Find Stl 是什么?
Search and download ready-to-print 3D model files (STL/3MF/ZIP) for a concept or specific part by querying Printables (first). Use when an agent needs to find an existing model, capture license/attribution, download the source files, and output a local folder + manifest for quoting/printing. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2391 次。
如何安装 Find Stl?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install find-stl」即可一键安装,无需额外配置。
Find Stl 是免费的吗?
是的,Find Stl 完全免费(开源免费),可自由下载、安装和使用。
Find Stl 支持哪些平台?
Find Stl 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Find Stl?
由 ajmwagar(@ajmwagar)开发并维护,当前版本 v0.1.0。
推荐 Skills