← 返回 Skills 市场
rohitr311

Maxun

作者 Rohit · GitHub ↗ · v1.0.2 · MIT-0
cross-platform ⚠ suspicious
488
总下载
1
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install maxun
功能描述
List and run Maxun web scraping robots. Use when asked to list robots, run a robot, scrape a website, or get robot results.
安全使用建议
This skill appears to do exactly what it claims: call the Maxun API to list and run scraping robots using your MAXUN_API_KEY. Before installing, confirm you trust the Maxun service and use a least-privilege API key. Be aware the included helper will source a local .env file if present (so don't keep unrelated secrets in that file for the working directory) and it sends your API key in an x-api-key header to app.maxun.dev (or a custom MAXUN_BASE_URL if set). If you need to limit exposure, create an API key scoped only for the operations the skill requires and avoid placing other sensitive credentials in the same .env or working directory.
功能分析
Type: OpenClaw Skill Name: maxun Version: 1.0.2 The skill provides a functional integration for the Maxun web scraping platform but contains a code injection vulnerability. In `scripts/maxun.sh`, the `list` command interpolates the `$LIMIT` shell variable directly into a Python script executed via `python3 -c`, allowing for arbitrary Python code execution if the argument is manipulated. While `SKILL.md` instructs the AI not to append arguments to this command, the script itself lacks input sanitization. Furthermore, the setup instructions recommend disabling execution confirmations (`ask: off`), which increases the potential impact of this vulnerability.
能力评估
Purpose & Capability
Name/description, required binary list (bash, curl, optional python3), and the single required env var (MAXUN_API_KEY) match the declared purpose of calling the Maxun SDK/API to list/run robots.
Instruction Scope
The SKILL.md instructs the agent to call exec with exact commands like 'maxun list' that will run the included shell helper; the helper makes authenticated HTTPS API calls to app.maxun.dev and prints results. Two minor points: the helper will source a local .env file if present (it can therefore read local environment files), and the script references an optional MAXUN_BASE_URL (not listed in requires.env). These are functional conveniences but worth noting because they allow the script to pick up local secrets/config from .env.
Install Mechanism
No external install or download is performed by the skill (instruction-only with an included script). No network downloads or archive extraction are present in the install metadata.
Credentials
The skill asks only for a single service-specific credential (MAXUN_API_KEY) which is appropriate for calling the Maxun API. It does read an optional MAXUN_BASE_URL and will source a local .env if present; these are reasonable but callers should be aware the script will read .env files in its working directory.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. Autonomous invocation is allowed (platform default) but not combined with any broad credential access beyond the single API key.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install maxun
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /maxun 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Support for self-hosted instances
v1.0.1
Initial release with git version control files: - Added git repository structure and versioning files - Established commit hooks and logging - No changes to the maxun skill interface or usage instructions - Internal setup only; user-facing functionality remains unchanged
v1.0.0
maxun 1.0.0 initial release - Introduces the ability to list, run, and retrieve results from Maxun web scraping robots. - Provides direct commands for all main actions: list robots, run robots, check past runs, fetch results, and abort runs. - Includes error handling for missing robots and ongoing runs. - Setup instructions are provided for cloud and self-hosted configurations.
元数据
Slug maxun
版本 1.0.2
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

Maxun 是什么?

List and run Maxun web scraping robots. Use when asked to list robots, run a robot, scrape a website, or get robot results. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 488 次。

如何安装 Maxun?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install maxun」即可一键安装,无需额外配置。

Maxun 是免费的吗?

是的,Maxun 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Maxun 支持哪些平台?

Maxun 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Maxun?

由 Rohit(@rohitr311)开发并维护,当前版本 v1.0.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论