← 返回 Skills 市场
huuuwnnn-droid

Poster Forge

作者 huuuwnnn-droid · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
162
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install poster-forge
功能描述
Universal image and poster generator with Chinese/English text support. Use when asked to create posters, social media images, cover images, infographics, co...
安全使用建议
This skill appears to do what it says, but be aware it performs network operations: it downloads fonts from GitHub raw URLs and sends prompts to Pollinations.ai to generate base images, and it uses headless Chromium to render HTML templates. If you have privacy concerns about sending prompts/images to an external service, run the script in an isolated environment or use the HTML/text engines only (Chromium/PIL) which can operate offline. Also ensure you have Python 3 and Pillow installed, and that running headless Chromium with --no-sandbox is acceptable in your environment. Finally, review licensing for any fonts or third-party services if you plan commercial use.
功能分析
Type: OpenClaw Skill Name: poster-forge Version: 1.0.0 The skill is functional but contains security vulnerabilities in `scripts/generate.py`. It uses `subprocess.run` to execute `curl` for downloading external fonts and images, and it renders HTML templates using a headless Chromium browser with the `--no-sandbox` flag. Crucially, the HTML templates are constructed using f-strings that directly inject user-provided arguments (like `--title` and `--code-content`) without sanitization, which could allow for injection attacks within the browser context. While these behaviors align with the stated purpose of generating posters, the lack of input validation and the use of risky browser flags meet the criteria for a suspicious classification.
能力评估
Purpose & Capability
Name/description (poster/image generation, Chinese/English text support) align with the included files and runtime requirements. The script implements three engines (AI, HTML, text) and requires Python + Pillow, curl, and optionally Chromium — all reasonable for the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run scripts/generate.py which performs only poster-related tasks. The script downloads fonts from GitHub raw URLs, fetches images from Pollinations.ai (https://image.pollinations.ai), writes temp HTML files and screenshots, and runs headless Chromium. It does not read unrelated system files or expect other credentials. Note: it does send prompts and image requests over the network to external services.
Install Mechanism
No install spec is provided (instruction-only + one script), so nothing is written to system install locations. The script itself uses subprocess calls to curl and Chromium but does not perform any packaged installs or download arbitrary executables. Font downloads are from GitHub raw URLs (public font files).
Credentials
The skill requests no environment variables, no credentials, and no config paths. All external accesses (font raw URLs and Pollinations.ai) are consistent with generating images; there is no unexplained credential access or secret exfiltration.
Persistence & Privilege
always is false and the skill does not request permanent agent presence or modify other skills/configs. It writes temporary files (fonts in the system temp dir and temporary HTML/screenshot files) within its own runtime scope.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install poster-forge
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /poster-forge 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Universal image/poster generator. 3 engines: AI (Pollinations.ai), HTML (Chromium screenshot), PIL text. Chinese text support. Presets for Xiaohongshu/WeChat/Instagram/Twitter.
元数据
Slug poster-forge
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Poster Forge 是什么?

Universal image and poster generator with Chinese/English text support. Use when asked to create posters, social media images, cover images, infographics, co... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 162 次。

如何安装 Poster Forge?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install poster-forge」即可一键安装,无需额外配置。

Poster Forge 是免费的吗?

是的,Poster Forge 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Poster Forge 支持哪些平台?

Poster Forge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Poster Forge?

由 huuuwnnn-droid(@huuuwnnn-droid)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论