← 返回 Skills 市场
OpenStoryline Use
作者
Anlittledy
· GitHub ↗
· v0.0.5
· MIT-0
695
总下载
0
收藏
1
当前安装
5
版本数
在 OpenClaw 中安装
/install openstoryline-use
功能描述
Use this skill when OpenStoryline is already installed and the user wants to start the local MCP/Web services, create or continue a session, send editing ins...
安全使用建议
Before installing or invoking this skill: 1) Understand the difference between the bridge script and the Feishu helper — bridge_openstoryline.py is coherent for local session management; feishu_file_sender.py is an extra tool that will read ~/.openclaw/openclaw.json and can upload local files to Feishu. 2) If you do not use Feishu, avoid running feishu_file_sender.py; inspect its code and your ~/.openclaw/openclaw.json for sensitive keys. 3) Be mindful that SKILL.md asks you to place LLM/VLM api_key values into config.toml — those are sensitive keys; only put keys you trust and prefer to store in a controlled location. 4) Prefer running the skill in a sandbox or with limited network permissions if you are concerned about accidental uploads. 5) If you need this skill to send outputs externally, explicitly confirm with the skill author/maintainer which channel is used and where credentials are stored; absence of such declarations in the metadata is the reason for this 'suspicious' rating. 6) If you want a firmer assessment, provide the skill author/homepage or confirm whether feishu_file_sender.py is intended to be part of normal operation; that will change confidence.
功能分析
Type: OpenClaw Skill
Name: openstoryline-use
Version: 0.0.5
The skill bundle contains a script, 'feishu_file_sender.py', which programmatically accesses the sensitive OpenClaw global configuration file (~/.openclaw/openclaw.json) to extract Feishu API credentials (appId and appSecret). It then uses these credentials to upload local files to external Feishu endpoints (open.feishu.cn). While this behavior is documented in 'SKILL.md' as a feature for sending rendered videos to a user's mobile device, the programmatic access to master configuration files and the capability to exfiltrate arbitrary local files to an external messaging platform represent high-risk operations that could be repurposed for data exfiltration.
能力评估
Purpose & Capability
The skill's SKILL.md and scripts bridge_openstoryline.py align with the described purpose (starting local MCP/Web services, creating sessions, sending chat prompts). However, the repository also contains scripts/feishu_file_sender.py which implements uploading local files to Feishu by reading ~/.openclaw/openclaw.json and calling external Feishu APIs. The Feishu-related capability is not mentioned in the skill description or SKILL.md and is not declared as a required credential — this is an unexplained extra capability.
Instruction Scope
SKILL.md stays largely within the claimed scope: editing config.toml, launching servers bound to 127.0.0.1, creating and reusing session_id, and verifying outputs. It explicitly warns not to expose services to LAN and to keep services long-running. It instructs how to populate LLM/VLM keys in config.toml (sensitive but relevant). It does not instruct reading ~/.openclaw/openclaw.json or using Feishu, though the included feishu_file_sender.py would do exactly that if executed.
Install Mechanism
This is an instruction-only skill with no install spec (no packages downloaded or archives extracted). That minimizes installation risk. The included scripts are local files; nothing in the manifest attempts to pull arbitrary remote code during install.
Credentials
SKILL.md requires populating LLM and VLM settings (base_url, api_key, model) in config.toml — these are proportional to the skill's function. But feishu_file_sender.py accesses ~/.openclaw/openclaw.json to find Feishu app secrets or account bindings and can use env vars OPENCLAW_CHAT_ID / OPENCLAW_RECEIVE_ID / FEISHU_CHAT_ID. Those accesses are not declared in the registry metadata or SKILL.md, and they grant the ability to upload local files to an external service (Feishu), which is a sensitive capability that should have been explicitly declared and justified.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide changes. It reads the user's home config file (~/.openclaw/openclaw.json) only via the Feishu helper script (if invoked). It does not modify other skills' configs or require privileged system changes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openstoryline-use - 安装完成后,直接呼叫该 Skill 的名称或使用
/openstoryline-use触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.0.5
- Added new file scripts/feishu_file_sender.py to support integration or file-sending features.
- No changes to workflow, documentation, or usage instructions.
- No breaking changes; existing functionality remains unchanged.
v0.0.4
- Added a note: If startup issues might relate to installation, refer to the installation skill openstoryline-install.
- Clarified that MCP Server startup may take several minutes; emphasized not to kill the process prematurely.
- Updated bridge 脚本命令参数名 from skill-baseDir to skills-root for greater clarity and single style.
- Improved OpenClaw usage notes to prevent premature process termination and better log monitoring.
- General documentation wording refinements for better workflow clarity and user guidance.
v0.0.3
- Improved skill script location: now refers to the bridge script within the current skill directory for better compatibility.
- Updated usage instructions: bash command examples now use `{skill-baseDir}` for the bridge script path, not a fixed user path.
- Clarified that locating the skill directory is required before using internal scripts.
- The brideg script now accept tool.start and tool.end
v0.0.2
add a new way for video uploading.
v0.0.1
Initial release of openstoryline-use.
- Enables starting and managing local OpenStoryline MCP/Web services on an already-installed instance.
- Supports session creation, multi-turn editing, and sending natural language video editing requests (including Chinese).
- Guides configuration of essential fields and verifies video output for each session.
- Provides a full, repeatable workflow: from config and service start to session continuation and output validation.
- Explicitly excludes installation and dependency management steps; focuses purely on usage and editing tasks.
- Returns key info after each task: session_id, output video path, and status of any re-edited outputs.
元数据
常见问题
OpenStoryline Use 是什么?
Use this skill when OpenStoryline is already installed and the user wants to start the local MCP/Web services, create or continue a session, send editing ins... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 695 次。
如何安装 OpenStoryline Use?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openstoryline-use」即可一键安装,无需额外配置。
OpenStoryline Use 是免费的吗?
是的,OpenStoryline Use 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenStoryline Use 支持哪些平台?
OpenStoryline Use 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenStoryline Use?
由 Anlittledy(@anlittledy)开发并维护,当前版本 v0.0.5。
推荐 Skills