← 返回 Skills 市场
Opengraph Io
作者
primeobsession
· GitHub ↗
· v1.4.0
2335
总下载
6
收藏
2
当前安装
3
版本数
在 OpenClaw 中安装
/install opengraph-io-skill
功能描述
Extract web data, capture screenshots, scrape content, and generate AI images via OpenGraph.io. Use when working with URLs (unfurling, previews, metadata), capturing webpage screenshots, scraping HTML content, asking questions about webpages, or generating images (diagrams, icons, social cards, QR codes). Triggers: 'get the OG tags', 'screenshot this page', 'scrape this URL', 'generate a diagram', 'create a social card', 'what does this page say about'.
安全使用建议
This skill appears to do what it says: call OpenGraph.io APIs using your OPENGRAPH_APP_ID and curl. Before installing or configuring: 1) Verify the OpenGraph.io service and dashboard URL are correct and that you trust the provider. 2) Keep your OPENGRAPH_APP_ID secret — prefer setting it as an environment variable rather than embedding it in project files or shared configs (.vscode, repo files). 3) If you run the optional MCP helper (npx opengraph-io-mcp), review that npm package/source first because npx will execute code from npm. 4) Be aware the service provides proxy options to access geo-restricted content; using proxies may have legal/terms-of-service implications for target sites — ensure you have the right to scrape those pages. 5) If you want minimal exposure, avoid adding the key to multiple client config files and instead rely on per-host environment variables or dedicated, revocable keys. Overall the skill is internally consistent and coherent with its stated purpose.
功能分析
Type: OpenClaw Skill
Name: opengraph-io-skill
Version: 1.4.0
The skill is classified as suspicious due to its reliance on `npm` and `npx` to install and execute the `opengraph-io-mcp` package globally with the `-y` (yes to all prompts) flag, as seen in SKILL.md and references/mcp-clients.md. While this is for installing its own component, executing remote code with automatic confirmation poses a significant supply chain risk if the `opengraph-io-mcp` package itself were compromised. Additionally, the skill's API capabilities include advanced web scraping features like `full_render` and `use_proxy` (documented in references/api-reference.md and references/platform-support.md), which, while aligned with the stated purpose, represent powerful capabilities that could be misused. There is no clear evidence of intentional malicious behavior such as data exfiltration to unauthorized endpoints or prompt injection attempts to subvert the agent's core function within the provided files.
能力评估
Purpose & Capability
Name/description (unfurling, screenshots, scraping, image generation) align with the declared requirements (curl + OPENGRAPH_APP_ID) and the SKILL.md examples. No unrelated credentials, binaries, or unusual system paths are requested.
Instruction Scope
SKILL.md is explicit: use curl to call opengraph.io endpoints, create image-generation sessions, or use scrape/extract/screenshot/query endpoints. The instructions do show how to bypass geo-blocking or datacenter blocks via the service's proxy options (use_proxy/use_premium/auto_proxy) and how to integrate an optional MCP server. It does not instruct the agent to read unrelated local files or exfiltrate other secrets. However, it encourages placing OPENGRAPH_APP_ID into various client config files (Claude, VS Code, etc.), which increases where the key will be stored and thus its exposure—this is a usability trade-off rather than an incoherence.
Install Mechanism
The registry shows this is instruction-only with no bundled code, which is low risk. SKILL.md and the docs reference an optional npm MCP package (opengraph-io-mcp) to be installed via npx/npm. npx'ing an npm package runs external code at install/runtime — a normal pattern for helper tooling but a moderate supply-chain execution risk. Also there's a minor inconsistency: top-level registry metadata in the package summary claimed 'No install spec', yet SKILL.md metadata and docs include an optional npm install entry.
Credentials
Only one credential is required (OPENGRAPH_APP_ID), which is proportional to the service. The SKILL.md consistently uses app_id query parameters. The only concern is guidance that places the API key into multiple client config files (some user-editable or project-scoped), which may broaden where the secret resides — the key itself is justified, but follow best practices for secret storage.
Persistence & Privilege
The skill does not request permanent inclusion (always: false) nor claims elevated platform privileges. It recommends optional integration into other AI clients (MCP) by editing their configs; these are user-driven changes, not automatic. There's no instruction to modify other skills or system-wide agent settings autonomously.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install opengraph-io-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/opengraph-io-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.4.0
- Added documentation for platform support and troubleshooting.
- Updated API reference and SKILL.md with additional details.
- Improved user guidance and references for easier troubleshooting and compatibility checks.
v1.3.0
**Major update with expanded REST API docs, AI agent guidance, and QR code generation clarity.**
- Added a new quick decision guide and detailed REST API usage for all major endpoints.
- Documented exact API endpoints, input patterns, and shell command examples for each feature.
- Added [references/for-ai-agents.md]: comprehensive guidance for AI agents on parameter usage and API selection.
- Clarified the difference between basic QR codes and premium marketing QR code assets.
- Updated requirements: now requires `curl` (instead of `npx`), and added optional install info for MCP server.
- Improved documentation structure with clear user scenarios, tables, and setup steps.
v0.1.0
Initial release of OpenGraph.io integration: extract data, screenshot, scrape, and generate images from URLs.
- Extract OpenGraph tags, meta tags, and Twitter cards from any URL (unfurl).
- Capture webpage screenshots in multiple sizes.
- Scrape HTML content with JavaScript support and optional proxy use.
- Generate AI-powered images: diagrams, icons, social cards, QR codes, and more.
- Ask questions or request summaries about any webpage with AI.
- Free tier includes 100 extractions/screenshot/scrape actions per month and 4 image generations.
元数据
常见问题
Opengraph Io 是什么?
Extract web data, capture screenshots, scrape content, and generate AI images via OpenGraph.io. Use when working with URLs (unfurling, previews, metadata), capturing webpage screenshots, scraping HTML content, asking questions about webpages, or generating images (diagrams, icons, social cards, QR codes). Triggers: 'get the OG tags', 'screenshot this page', 'scrape this URL', 'generate a diagram', 'create a social card', 'what does this page say about'. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2335 次。
如何安装 Opengraph Io?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install opengraph-io-skill」即可一键安装,无需额外配置。
Opengraph Io 是免费的吗?
是的,Opengraph Io 完全免费(开源免费),可自由下载、安装和使用。
Opengraph Io 支持哪些平台?
Opengraph Io 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Opengraph Io?
由 primeobsession(@primeobsession)开发并维护,当前版本 v1.4.0。
推荐 Skills