← 返回 Skills 市场
aviclaw

markdown-extract

作者 aviclaw · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
622
总下载
0
收藏
2
当前安装
1
版本数
在 OpenClaw 中安装
/install markdown-extract
功能描述
Extract clean markdown from any URL using auto, AI, or browser methods via the markdown.new API with error handling and flexible extraction options.
安全使用建议
Before installing, note these points: (1) The Python script uses the system 'curl' command but the skill metadata does not declare it—ensure curl is available or update the manifest. (2) All requests (the requested URL and any fetched content) are sent to markdown.new; verify you trust that endpoint and avoid using the skill on sensitive or internal URLs. (3) Because the skill fetches arbitrary URLs, there is an SSRF/data-exposure risk if the agent runs in an environment with access to internal services. (4) The code uses subprocess.run with argument lists (not a shell string), which reduces shell-injection risk, but still review the script before granting execution. If you want to proceed, test with non-sensitive public pages and consider adding an explicit required-binaries entry for 'curl' and a manifest note about external data transmission.
功能分析
Type: OpenClaw Skill Name: markdown-extract Version: 1.0.0 The skill's code and documentation are benign. The `SKILL.md` file provides clear, non-malicious instructions for using the skill. The `extract.py` script correctly uses `subprocess.run` with a list of arguments for `curl`, which prevents shell injection vulnerabilities from user-controlled input. The skill's functionality is limited to making HTTP requests to the `https://markdown.new/` API, as described, and does not attempt to access sensitive local data, exfiltrate information, or establish persistence. While the skill relies on an external API, its own implementation does not introduce vulnerabilities or malicious behavior.
能力评估
Purpose & Capability
Name/description align with what the code and SKILL.md do: they call https://markdown.new to convert pages to markdown. However the Python implementation invokes the external 'curl' binary but the skill metadata declares no required binaries—this is an incoherence (the runtime actually needs 'curl' available).
Instruction Scope
SKILL.md and extract.py confine themselves to making HTTP requests to markdown.new (GET or POST) and returning the markdown or error. They do not read local files, environment variables, or unrelated system configuration. Error handling and Cloudflare-block detection are limited but present.
Install Mechanism
There is no install specification (instruction-only), which is low-risk. The package does include a runnable Python script but does not attempt to download or install external code at install time.
Credentials
The skill requests no credentials or env vars, which is appropriate; however it will send the target URL (and for POST flows likely the page content or a request to fetch it) to markdown.new. That can leak URLs or page content to a third party. Also, the code requires the 'curl' binary but does not declare it. Finally, because the skill fetches arbitrary URLs, it can be used (by the user or an autonomous agent) to probe internal endpoints or expose internal content (SSRF / data-leak risk) if run in an environment with access to internal network ranges.
Persistence & Privilege
The skill does not request persistent system privileges, does not set 'always: true', and does not modify other skills or system-wide configuration.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install markdown-extract
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /markdown-extract 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of markdown-extract skill. - Extracts clean markdown from any URL via the markdown.new API. - Supports multiple extraction methods: auto (default), ai, and browser. - Simple usage command: !markdown-extract <url> [method]. - Handles errors gracefully, including invalid URLs, network issues, and Cloudflare blocks. - Provides example commands and detailed method descriptions.
元数据
Slug markdown-extract
版本 1.0.0
许可证
累计安装 2
当前安装数 2
历史版本数 1
常见问题

markdown-extract 是什么?

Extract clean markdown from any URL using auto, AI, or browser methods via the markdown.new API with error handling and flexible extraction options. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 622 次。

如何安装 markdown-extract?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install markdown-extract」即可一键安装,无需额外配置。

markdown-extract 是免费的吗?

是的,markdown-extract 完全免费(开源免费),可自由下载、安装和使用。

markdown-extract 支持哪些平台?

markdown-extract 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 markdown-extract?

由 aviclaw(@aviclaw)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论