← 返回 Skills 市场
Scanblitz
作者
whotookmylogin
· GitHub ↗
· v1.0.0
· MIT-0
51
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install scanblitz
功能描述
Create dynamic, trackable QR codes and inspect scan analytics with the ScanBlitz API. Use when a user wants QR codes whose destinations can change later, QR...
使用说明 (SKILL.md)
ScanBlitz — Dynamic QR Codes and Scan Analytics
ScanBlitz creates dynamic QR codes and short links that track scans. Use it when an agent needs to create a QR code, update the destination later, or check scan analytics such as device, country, referrer, and daily trends.
When to Use
Use this skill when the user asks to:
- Create a QR code for a URL and track scans.
- Make a dynamic QR code whose destination can be changed later.
- Create QR links for campaigns, flyers, packages, events, or landing pages.
- Check how many times a QR code was scanned.
- Pull scan analytics by device, country, city, referrer, or date.
- Update, deactivate, or delete an existing ScanBlitz QR code.
- Generate QR codes programmatically from an agent or automation.
Do not use this skill for:
- Static QR images that do not need tracking or redirect updates.
- Reading or decoding QR codes from images.
- Barcode generation.
- Anything that should avoid third-party network calls.
Setup
Option A: Use an existing ScanBlitz API key
Set the key in OpenClaw's environment file:
mkdir -p ~/.openclaw
printf '\
SCANBLITZ_API_KEY=%s\
' 'sb_api_your_key_here' >> ~/.openclaw/.env
If your installation uses a custom state directory, put it in $OPENCLAW_STATE_DIR/.env instead.
Option B: Self-register by email
Agents can request a verification code and receive an API key without a browser.
curl -s -X POST 'https://kylpeyhiqtdonlqqguty.supabase.co/functions/v1/agent-register' \
-H 'Content-Type: application/json' \
-d '{"email":"[email protected]","agent_name":"OpenClaw Agent"}'
Check that inbox for the 6-digit code, then verify:
curl -s -X POST 'https://kylpeyhiqtdonlqqguty.supabase.co/functions/v1/agent-register/verify' \
-H 'Content-Type: application/json' \
-d '{"email":"[email protected]","code":"123456"}'
Save the returned api_key as SCANBLITZ_API_KEY. The key is only shown once.
Optional MCP server
ScanBlitz also provides an MCP server:
{
"mcpServers": {
"scanblitz": {
"command": "npx",
"args": ["-y", "@scanblitz/mcp-server"],
"env": { "SCANBLITZ_API_KEY": "sb_api_..." }
}
}
}
Auth and Base URLs
Recommended API keys use the sb_api_ prefix and the public enterprise API:
SCANBLITZ_API_BASE="${SCANBLITZ_API_BASE:-https://scanblitz.com/api/enterprise}"
AUTH_HEADER="Authorization: Bearer $SCANBLITZ_API_KEY"
Older partner keys may start with sbz_partner_. If you have one, use the partner API and X-Partner-Key header:
SCANBLITZ_API_BASE="https://kylpeyhiqtdonlqqguty.supabase.co/functions/v1/partner-api"
AUTH_HEADER="X-Partner-Key: $SCANBLITZ_API_KEY"
Always include a source header so traffic is classified correctly:
SOURCE_HEADER="X-Source-Type: agent"
Create a Dynamic QR Code
curl -s -X POST "$SCANBLITZ_API_BASE/qr-codes" \
-H "Content-Type: application/json" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER" \
-d '{
"name": "Product Launch",
"destination_url": "https://example.com/launch"
}'
Expected response shape:
{
"success": true,
"data": {
"id": "uuid",
"short_id": "xK7mQ3",
"name": "Product Launch",
"destination_url": "https://example.com/launch",
"scan_count": 0,
"is_active": true
}
}
Save both:
id: needed for enterprise API update/delete/analytics endpoints.short_id: useful for public redirect links likehttps://scanblitz.com/qr/xK7mQ3.
If using the older partner API, create with the base URL directly:
curl -s -X POST "$SCANBLITZ_API_BASE" \
-H "Content-Type: application/json" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER" \
-d '{
"name": "Product Launch",
"destination_url": "https://example.com/launch",
"partner_ref": "openclaw:product-launch"
}'
List QR Codes
curl -s "$SCANBLITZ_API_BASE/qr-codes?page=1&limit=50&sort_by=created_at&sort_order=desc" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER"
Useful filters:
search=launchactive=truesort_by=scan_countsort_order=desc
Get One QR Code
Enterprise API:
QR_ID="uuid-from-create-or-list"
curl -s "$SCANBLITZ_API_BASE/qr-codes/$QR_ID" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER"
Older partner API:
SHORT_ID="xK7mQ3"
curl -s "$SCANBLITZ_API_BASE/$SHORT_ID" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER"
Update a QR Destination
Enterprise API:
QR_ID="uuid-from-create-or-list"
curl -s -X PUT "$SCANBLITZ_API_BASE/qr-codes/$QR_ID" \
-H "Content-Type: application/json" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER" \
-d '{
"destination_url": "https://example.com/new-page",
"name": "Updated Launch QR"
}'
Older partner API:
SHORT_ID="xK7mQ3"
curl -s -X PUT "$SCANBLITZ_API_BASE/$SHORT_ID" \
-H "Content-Type: application/json" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER" \
-d '{
"destination_url": "https://example.com/new-page",
"name": "Updated Launch QR"
}'
Get Scan Analytics
Enterprise API:
QR_ID="uuid-from-create-or-list"
curl -s "$SCANBLITZ_API_BASE/qr-codes/$QR_ID/analytics?group_by=day" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER"
Older partner API:
SHORT_ID="xK7mQ3"
curl -s "$SCANBLITZ_API_BASE/analytics/$SHORT_ID" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER"
Analytics may include:
- total scans
- device type
- browser and OS
- country and city
- referrer
- UTM parameters
- daily, weekly, or monthly trends
Delete or Deactivate
Enterprise API permanently deletes the QR code:
QR_ID="uuid-from-create-or-list"
curl -s -X DELETE "$SCANBLITZ_API_BASE/qr-codes/$QR_ID" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER"
If you only want to pause a QR code, update it instead:
curl -s -X PUT "$SCANBLITZ_API_BASE/qr-codes/$QR_ID" \
-H "Content-Type: application/json" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER" \
-d '{"is_active": false}'
Older partner API soft-deletes/deactivates by short ID:
SHORT_ID="xK7mQ3"
curl -s -X DELETE "$SCANBLITZ_API_BASE/$SHORT_ID" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER"
Bulk Create
Bulk create is available on paid plans.
curl -s -X POST "$SCANBLITZ_API_BASE/qr-codes/bulk" \
-H "Content-Type: application/json" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER" \
-d '{
"qr_codes": [
{"name":"Store #1","destination_url":"https://example.com/store/1"},
{"name":"Store #2","destination_url":"https://example.com/store/2"}
]
}'
Health Check
For older partner API keys:
curl -s 'https://kylpeyhiqtdonlqqguty.supabase.co/functions/v1/partner-api/health' \
-H "X-Partner-Key: $SCANBLITZ_API_KEY" \
-H "$SOURCE_HEADER"
For enterprise keys, use a lightweight authenticated call:
curl -s "$SCANBLITZ_API_BASE/usage" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER"
Generate a Printable QR Image
ScanBlitz creates the trackable link. To render a PNG, encode the ScanBlitz scan URL, not the final destination URL.
SCAN_URL="https://scanblitz.com/qr/xK7mQ3"
ENCODED=$(python3 - \x3C\x3C'PY'
from urllib.parse import quote
import os
print(quote(os.environ["SCAN_URL"], safe=""))
PY
)
curl -fsSL "https://api.qrserver.com/v1/create-qr-code/?size=1024x1024&ecc=H&format=png&data=$ENCODED" \
-o scanblitz-qr.png
If you do not have Python available, paste the SCAN_URL into any trusted QR generator.
Response Handling
Always check for both HTTP errors and JSON errors:
response=$(curl -sS -w '\
%{http_code}' -X POST "$SCANBLITZ_API_BASE/qr-codes" \
-H "Content-Type: application/json" \
-H "$AUTH_HEADER" \
-H "$SOURCE_HEADER" \
-d '{"name":"Test","destination_url":"https://example.com"}')
body=$(printf '%s' "$response" | sed '$d')
status=$(printf '%s' "$response" | tail -n1)
printf 'HTTP %s\
%s\
' "$status" "$body"
Common issues:
401: missing or invalidSCANBLITZ_API_KEY.403: key lacks permission for that operation.404: wrong QRid/short_id, wrong base URL for the key type, or inactive/deleted code.429: rate limit exceeded.
Quick Reference
| Task | Enterprise endpoint | Partner endpoint |
|---|---|---|
| Create | POST /qr-codes |
POST / |
| List | GET /qr-codes |
Not available |
| Get | GET /qr-codes/:id |
GET /:short_id |
| Update | PUT /qr-codes/:id |
PUT /:short_id |
| Analytics | GET /qr-codes/:id/analytics |
GET /analytics/:short_id |
| Delete/deactivate | DELETE /qr-codes/:id or PUT is_active:false |
DELETE /:short_id |
| Usage/health | GET /usage |
GET /health |
Security Notes
- Never print or commit
SCANBLITZ_API_KEY. - Store credentials in environment files, shell secrets, or OpenClaw state, not in the skill folder.
- Do not create QR codes that hide malicious destinations.
- Inspect the returned
destination_urlbefore sharing or printing a QR code. - Prefer
https://scanblitz.com/qr/\x3Cshort_id>for public-facing links when available.
References
- ScanBlitz: https://scanblitz.com
- API docs: https://scanblitz.com/api-docs
- Agent reference: https://scanblitz.com/llms-full.txt
- MCP server:
npx -y @scanblitz/mcp-server
安全使用建议
This skill looks coherent for managing ScanBlitz dynamic QR codes. Before installing, make sure you trust ScanBlitz, protect the SCANBLITZ_API_KEY, confirm any update/delete operation on live QR codes, and avoid the optional MCP/npx setup unless you specifically need it and trust the package.
功能分析
Type: OpenClaw Skill
Name: scanblitz
Version: 1.0.0
The ScanBlitz skill provides legitimate functionality for managing dynamic QR codes and tracking analytics via the ScanBlitz API. It includes standard API interaction patterns using curl and a documented self-registration flow via a Supabase-hosted function. No indicators of data exfiltration, unauthorized execution, or malicious prompt injection were found in SKILL.md or _meta.json.
能力标签
能力评估
Purpose & Capability
The visible instructions match the stated purpose: creating dynamic QR codes, updating destinations, and viewing scan analytics. These capabilities are expected, but they can affect live campaigns and collect QR scan analytics.
Instruction Scope
The commands are presented as user-directed examples and there is no evidence of hidden automatic execution. Because the skill includes update, deactivate, and delete operations, users should confirm the QR ID and destination URL before mutations.
Install Mechanism
This is mainly an instruction-only skill requiring curl. The optional MCP setup uses npx with an unpinned npm package, so enabling that path adds supply-chain trust in the npm package.
Credentials
The ScanBlitz API key and external API calls are proportionate to the stated QR-code service purpose. The optional API base override should only be pointed at trusted ScanBlitz-controlled endpoints because the auth header is sent there.
Persistence & Privilege
Setup stores the API key in the OpenClaw environment file. No hidden background persistence is shown, but the key remains valid until removed or revoked.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install scanblitz - 安装完成后,直接呼叫该 Skill 的名称或使用
/scanblitz触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial marketplace release: dynamic QR creation, analytics, updates, deletion, and agent registration workflow.
元数据
常见问题
Scanblitz 是什么?
Create dynamic, trackable QR codes and inspect scan analytics with the ScanBlitz API. Use when a user wants QR codes whose destinations can change later, QR... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 51 次。
如何安装 Scanblitz?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install scanblitz」即可一键安装,无需额外配置。
Scanblitz 是免费的吗?
是的,Scanblitz 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Scanblitz 支持哪些平台?
Scanblitz 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Scanblitz?
由 whotookmylogin(@whotookmylogin)开发并维护,当前版本 v1.0.0。
推荐 Skills