← 返回 Skills 市场
newpaper
作者
caoxinran102-sys
· GitHub ↗
· v1.0.0
· MIT-0
65
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install newpaper-skill
功能描述
将学术论文 PDF 自动转换为 PowerPoint 海报(PPTX)和 HTML 文件。支持 UniAPI、MiniMax 等 OpenAI 兼容 API。
安全使用建议
Before running this skill, review and reduce risk: 1) Inspect the GitHub repository (https://github.com/caoxinran102-sys/Paper2Poster) manually — do not blindly run the clone+install steps. 2) Do NOT clone into your current working directory with '.', instead clone into a dedicated empty folder so existing files cannot be overwritten. 3) Run the code in an isolated environment (container/VM) or at minimum a dedicated conda environment to contain side effects. 4) Review requirements.txt and repository code for any network/exfiltration behavior before pip installing; prefer pinned, audited dependencies. 5) Use least-privilege API keys (create a dedicated key with limited scope/quotas) and avoid storing long-lived secrets in plaintext; consider using ephemeral or restricted keys and remove .env after use. 6) If you are unsure about the repo's trustworthiness, run the pipeline on a local, offline model or skip running remote code entirely. These steps will materially lower the risk of accidental data exposure or system modification.
功能分析
Type: OpenClaw Skill
Name: newpaper-skill
Version: 1.0.0
The skill bundle instructs the agent to clone a repository from a personal GitHub account (caoxinran102-sys/Paper2Poster) rather than the official organization repository (Paper2Poster/Paper2Poster) mentioned in the README. It explicitly directs the agent to solicit sensitive credentials (OPENAI_API_KEY) from the user and store them in a .env file before executing arbitrary Python code from the cloned repository. This pattern of using a non-official fork to handle user secrets and execute code is a high-risk indicator of a potential supply chain attack, although no explicit exfiltration logic is present in the provided files.
能力标签
能力评估
Purpose & Capability
The skill claims to convert PDFs to posters and the SKILL.md drives a known Paper2Poster GitHub repository which plausibly implements that functionality. However, the skill metadata declares no required environment variables or credentials while the instructions explicitly ask the user to provide OPENAI_API_KEY and OPENAI_BASE_URL — an inconsistency between declared requirements and runtime behavior.
Instruction Scope
The runtime instructions tell the agent to: git clone https://github.com/caoxinran102-sys/Paper2Poster.git into the current directory (using '.'), create/activate a conda env, pip install -r requirements.txt, create a .env with the user's API key/base URL, and run a pipeline that will process the user-provided PDF. Cloning into '.' can overwrite files in the current working directory; pip installing repository dependencies executes arbitrary third‑party code. The instructions also place sensitive secrets (.env) into the project folder. There is no step to inspect the cloned code before execution.
Install Mechanism
Although the skill bundle itself is instruction-only (no install spec), the instructions perform an explicit remote fetch (git clone from a GitHub repo) and then run pip install. Downloading and executing code from a third‑party GitHub repo and installing its dependencies is a higher-risk install pattern. The GitHub host is a known service (better than a random IP), but cloning directly into the current directory and auto-installing dependencies without review increases risk.
Credentials
The only runtime secrets requested are OPENAI_API_KEY and OPENAI_BASE_URL, which are reasonable for interacting with OpenAI-compatible APIs. However, the registry metadata declared no required env vars or primary credential, creating a mismatch. The instructions also instruct writing these credentials into a .env file in the project folder—this is normal for API usage but has privacy/secret-storage implications and should be handled carefully.
Persistence & Privilege
The skill is not marked always:true and does not request elevated platform privileges. It does, however, write files to disk (clone repo, create .env) and create a conda environment. Those are expected for this functionality but mean the skill will alter your filesystem and environment; the instructions do not request permanent platform-level changes beyond those local modifications.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install newpaper-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/newpaper-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
paper2poster v1.0.0 – Initial release
- Converts academic paper PDFs into PowerPoint posters (PPTX) and HTML files using OpenAI-compatible APIs (e.g., UniAPI, MiniMax).
- Guides users through environment checks, dependency installation, and key configuration.
- Supports error handling and automatic retries for common API and pipeline failures.
- Simple usage: provide a paper PDF (and optional logo); receive poster files as output.
元数据
常见问题
newpaper 是什么?
将学术论文 PDF 自动转换为 PowerPoint 海报(PPTX)和 HTML 文件。支持 UniAPI、MiniMax 等 OpenAI 兼容 API。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 65 次。
如何安装 newpaper?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install newpaper-skill」即可一键安装,无需额外配置。
newpaper 是免费的吗?
是的,newpaper 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
newpaper 支持哪些平台?
newpaper 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 newpaper?
由 caoxinran102-sys(@caoxinran102-sys)开发并维护,当前版本 v1.0.0。
推荐 Skills