功能描述

专门用于为 Kindle 下载和推送电子书。触发词："kindle 下载"、"给 kindle 下载"、"帮我下载电子书" 注意：本技能仅限文字类电子书，若用户要求下载"漫画"，请勿使用此技能。

使用说明 (SKILL.md)

法律免责声明

请仅在符合当地版权法规的前提下使用本技能。若下载的电子书受版权保护，请确保已获得合法授权或购买正版权限。

⚠️ 严格执行规则（必须遵守）

Name: kindle-download
Author: xiehaixin

你只是一个脚本执行者，禁止自主决策！

必须执行 workflow.js 脚本 - 所有下载操作必须通过脚本完成
禁止直接回复结果 - 必须等脚本输出后才能回复
禁止虚构下载路径 - 文件路径必须来自脚本输出
禁止绕过用户选择 - 看到 NEED_SELECTION 必须停止并等待

执行流程

步骤 1：执行搜索脚本

解析用户输入后，立即执行以下命令（确保 node 在环境变量中）：

node ~/.openclaw/workspace/skills/kindle-download/scripts/workflow.js "书名" '{"author": "作者", "publisher": "出版社"}'

只有书名：第二个参数用 '{}'
有作者：第二个参数用 '{author: 作者名}'
有出版社：第二个参数用 '{publisher: 出版社名}'

步骤 2：解析脚本输出

逐行解析脚本输出，严格按以下规则处理：

情况 A：看到 SUCCESS_FILE_PATH:

含义：下载成功动作：

提取冒号后的文件路径
执行步骤 3 发送邮件

情况 B：看到 NEED_SELECTION: 或 SCREENSHOT_SENT:

含义：需要用户选择动作：

立即停止执行
发送截图：\x3Cqqimg>/tmp/kindle_downloads/last_search_result.png\x3C/qqimg>
回复："搜索结果包含多个不同的作者或出版社，请查看截图并告诉我您选择的作者或出版社。"
等待用户回复，回复后重新执行步骤 1（带上用户选择条件）

情况 C：看到 ERROR: NO_MATCHING_BOOK

含义：没有找到符合的书籍动作：

发送截图：\x3Cqqimg>/tmp/kindle_downloads/last_search_result.png\x3C/qqimg>
回复："没有找到符合要求的书籍，请查看截图。"

情况 D：看到其他 ERROR:

含义：发生错误动作：

发送错误截图：\x3Cqqimg>/tmp/kindle_downloads/last_error.png\x3C/qqimg>
回复具体错误信息

步骤 3：发送邮件

使用 Python 执行邮件发送脚本：

python3 ~/.openclaw/workspace/skills/kindle-download/scripts/send_kindle.py "文件路径"

解析输出：

看到 SUCCESS: Email sent → 回复："已发送"
看到 ERROR: → 回复具体错误

进度报告（可选）

看到 PROGRESS: 输出时，可向用户报告：

PROGRESS: 第一步登录已完成。 → 可报告"第一步登录已完成"
PROGRESS: 第二步查找书籍已完成。 → 可报告"第二步查找书籍已完成"
PROGRESS: 第三步下载书籍已完成。 → 可报告"第三步下载书籍已完成"

🚫 禁止事项

禁止不执行脚本直接回复"已下载"或"已发送"
禁止在看到 NEED_SELECTION 后继续下载
禁止自动选择作者或出版社
禁止使用之前的下载记录
禁止虚构文件路径

示例对话

用户：kindle 下载活着 AI：（执行脚本） 脚本输出：NEED_SELECTION: ... AI：\x3Cqqimg>/tmp/kindle_downloads/last_search_result.png\x3C/qqimg> 搜索结果包含多个不同的作者或出版社，请查看截图并告诉我您选择的作者或出版社。用户：余华 AI：（重新执行脚本，带上 author: 余华） 脚本输出：SUCCESS_FILE_PATH:/tmp/kindle_downloads/活着.epub AI：（执行发送脚本） 脚本输出：SUCCESS: Email sent... AI：已发送

[Category+Skill Reminder] Built-in: playwright, frontend-ui-ux, git-master, dev-browser ⚡ YOUR SKILLS (PRIORITY): (none)

User-installed skills OVERRIDE built-in defaults. ALWAYS prefer YOUR SKILLS when domain matches.

task(category="visual-engineering", load_skills=["playwright"], run_in_background=true)

安全使用建议

This skill appears internally consistent with its goal, but consider the following before installing: - Legal: it targets Z‑Library mirrors (potentially infringing content). Ensure you comply with local copyright laws before using. - Sensitive credentials: the skill requires SMTP auth codes and a Z‑Library account password. Use dedicated accounts, prefer environment variables over a file, and restrict auth.json to mode 600 as recommended. - Isolate runtime: because it runs Playwright/Chromium and will store browser sessions and downloaded files on the host, run it in an isolated VM/container if possible. - Review and trust: you have the full scripts — inspect them yourself or have a trusted admin review. Pay attention to where browser_state.json and workflow_state.json are written and remove saved states if you don't want persistent sessions. - Installation downloads: installing Node/Playwright will fetch remote binaries (npx playwright install chromium and install scripts referenced in INSTALL.md). Run those commands from trusted networks and verify sources. - Operational caution: add your Kindle sender to the Kindle whitelist and rotate SMTP credentials if reused elsewhere. If you want, I can highlight specific lines in the scripts that read/write credentials, save browser state, or perform network requests so you know exactly where sensitive operations occur.

功能分析

Type: OpenClaw Skill Name: kindle-download Version: 1.1.1 The kindle-download skill is a well-structured and security-conscious bundle for automating ebook downloads and Kindle delivery. It includes a dedicated sanitization module (scripts/sanitize.js) that implements whitelist-based input validation and path traversal protections to prevent shell injection. The scripts (workflow.js, send_kindle.py) handle sensitive credentials like SMTP authorization codes and Z-Library passwords, but they follow security best practices by prioritizing environment variables and providing clear documentation (SECURITY.md, INSTALL.md) on securing configuration files with restricted permissions.

能力评估

✓ Purpose & Capability

Name/description promise (search Z‑Library mirrors, download ebook, send to Kindle) aligns with what the skill asks for and does: Playwright automation to visit Z‑Library mirrors, a Python mailer to SMTP, and configuration for SMTP and Z‑Library credentials. Declared domains, binaries, and node/python dependencies match the described functionality.

ℹ Instruction Scope

SKILL.md explicitly instructs executing workflow.js and send_kindle.py; those scripts read credentials from environment variables or ~/.config/kindle-download/auth.json, use Playwright to interact with external mirror sites, save downloads and browser state under /tmp and user config paths, and then send via SMTP. This is coherent with purpose, but the agent will read local config files and persist browser login state/cookies — important to be aware of.

ℹ Install Mechanism

There is no manifest install spec (instruction-only in registry), which reduces automatic install risk. The included INSTALL.md instructs installing Node/Playwright and running npx playwright install chromium (which downloads a Chromium binary). Those install commands fetch remote artifacts (NodeSource, nvm install script, Playwright browser) — expected but worth noting as external downloads during setup.

ℹ Credentials

Required secrets are SMTP credentials and Z‑Library account credentials (plus optional proxy) — all directly needed for logging into Z‑Library and sending mail to the Kindle. The number and type of env vars are proportionate, but they are highly sensitive (SMTP auth codes, site passwords). The skill also reads config files as fallback; that behavior is declared in SKILL.md.

ℹ Persistence & Privilege

The skill writes/reads user-level config (~/.config/kindle-download/auth.json), stores temporary downloads and workflow/browser state under /tmp and the skill workspace, and may persist browser login state (cookie/session). always:false and it does not request elevated system privileges or modify other skills. Persistent login state is expected for this use case but increases the attack surface and should be considered.

版本历史

v1.1.1

update README.md

v1.0.9

- 添加了法律免责声明，明确要求用户遵守当地版权法规并合法使用本技能。 - 其他功能与流程保持不变。

v1.0.8

### kindle-download 1.0.8 Changelog - Added INSTALL.md with setup and installation instructions. - Enhanced SKILL.md: requirements are now more granular (explicit Node.js/Python/Playwright/Chromium/system dependencies and versions). - Credentials section now formalized—supports environment variables and fallback paths, with security recommendations. - Network and storage descriptions expanded for clarity. - No logic changes to workflow—rules and execution steps remain unchanged.

v1.0.7

kindle-download v1.0.7 - 明确增加了 requirements 字段，列出所需二进制、Node 模块、配置文件、网络和存储要求。 - 配置部分详细说明了 auth.json 和 zlibraryUrl.json 的位置与必要字段，提升易用性和环境检查能力。 - 脚本调用指令调整为 node 自动适配系统环境变量（不再强制绝对路径）。 - 上述变动有助于更清晰地部署、配置和维护该技能。

v1.0.6

Version 1.0.6 - Added SECURITY.md for security guidelines and documentation. - Added scripts/sanitize.js for additional data processing or input sanitization functionality.

v1.0.5

- Removed the bundled auth.json configuration file. - Users must ensure their own authentication file exists at ~/.config/kindle-download/auth.json.

v1.0.4

Initial release of the kindle-download skill. - Enables downloading and sending ebooks to Kindle by book name, author, publisher, or language. - Strict script execution and result parsing; fully automated workflow. - Waits for user selection when multiple matches are found. - Provides progress updates and handles all error scenarios with user feedback. - Only supports text-based ebooks; excludes comics.

v1.0.3

- Clarified that the node command can use either the full path or rely on the $PATH, depending on environment availability. - Updated instruction for the auth.json configuration file location to `~/.config/kindle-download/auth.json`.

v1.0.2

Kindle-download v1.0.2 changelog: - 文档全面重写，使执行流程和严格限制更清晰。 - 进度报告、用户选择等待、错误处理和邮件发送流程改为分步、易检索的清单样式。 - 强化了禁止事项，明确了禁止虚构或跳步操作的范围。 - 资源文件说明被简化，仅列出关键脚本和配置。

v1.0.1

代理更改为可动态选择

v1.0.0

Kindle Download Skill 1.0.0 – Initial Release - 新增 Kindle 电子书下载与推送工具，支持按书名、作者、出版社、语言进行精准搜索 - 严格执行下载与推送流程，实时汇报每一步进度 - 支持多作者/出版社筛选，自动发送搜索结果截图要求用户确认 - 错误处理详细，未找到时提供截图反馈 - 限定仅下载文字类电子书，不支持漫画

元数据

Slug kindle-download

版本 1.1.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 11

常见问题

kindle-download 是什么？

专门用于为 Kindle 下载和推送电子书。触发词："kindle 下载"、"给 kindle 下载"、"帮我下载电子书" 注意：本技能仅限文字类电子书，若用户要求下载"漫画"，请勿使用此技能。它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 236 次。

如何安装 kindle-download？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install kindle-download」即可一键安装，无需额外配置。

kindle-download 是免费的吗？

是的，kindle-download 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

kindle-download 支持哪些平台？

kindle-download 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 kindle-download？

由 xiehaixin（@xiehaixin）开发并维护，当前版本 v1.1.1。

kindle-download