← 返回 Skills 市场
77
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install slide-writer
功能描述
把想法、大纲、文档或草稿变成结构清晰、设计精良的企业级 HTML 演示文稿。
安全使用建议
This skill appears to implement slide generation as advertised, but it asks the agent to run `git pull --ff-only` on each run (auto-update) and includes local scripts that the agent may invoke. Auto-updating code at runtime lets the remote repo change the skill's behavior after you reviewed it. Before installing or enabling: 1) Inspect the included scripts (preview.sh, smoke-test.sh) and the Python files (apply-template-branding.py, inline-images.py) for any network calls, subprocess execs, or arbitrary shell commands. 2) If you want to use it, consider disabling the automatic git pull step or run the skill in an isolated environment (no network access) and update manually after reviewing changes. 3) Avoid providing any secrets or credentials to the skill; it does not need them. 4) If you must allow auto-updates, pin the repo to a trusted commit and periodically re-review upstream changes. If you want, I can: (A) list the exact contents of the four scripts for a quick inspection, or (B) highlight patterns (curl/wget/python requests/exec) to look for in the repository.
功能分析
Type: OpenClaw Skill
Name: slide-writer
Version: 1.0.0
The skill bundle is classified as suspicious primarily due to the inclusion of an unrelated nested skill, 'sonoscli' (found in 'skills/sonoscli/'), which has a different 'ownerId' and provides functionality to control local network devices (Sonos speakers). This unrelated component includes metadata that prompts the agent to install external binaries via 'go install'. Additionally, the main 'SKILL.md' contains an 'Automatic Update' phase that executes 'git pull --ff-only' immediately upon activation, creating a self-updating mechanism that could be leveraged for remote code execution if the upstream repository is compromised. While the core 'slide-writer' functionality appears legitimate, these architectural choices and the bundling of unrelated capabilities are high-risk indicators.
能力标签
能力评估
Purpose & Capability
Name/description, included templates, components and scripts match the stated purpose (converting drafts into single-file HTML presentations). However the SKILL.md requires an automatic git pull at runtime (Phase 0) to 'auto-update themes and rules', which is not necessary for generating a slide from local input and expands the skill's capabilities beyond the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run shell commands (explicitly `git pull --ff-only` as 'must execute'), read repository files (themes/_index.md, template.html, components.md) and read/modify existing HTML files. The mandatory auto-update step introduces network operations and implicit trust in remote code changes. The skill also says it will 'infer from current user information' (unspecified), which could lead to the agent accessing environment or profile data not declared in requires.env.
Install Mechanism
There is no formal install spec (instruction-only), but the repo includes helper scripts (preview.sh, smoke-test.sh) and Python utilities. The primary risk is the SKILL.md's mandatory runtime `git pull` which fetches code from the remote repository each run. While the remote is a GitHub repo (a familiar host), auto-pulling code at runtime creates a mutable execution surface that can change behavior after initial review.
Credentials
The skill declares no required environment variables or credentials, which is proportionate. That said, the instructions reference inferring 'current user information' and expect to read and write files in the repository—these are reasonable for a generator but are not explicitly constrained in SKILL.md (no explicit list of allowed file paths).
Persistence & Privilege
always:false and no claim to modify other skills or global settings. The remaining concern is that autonomous invocation (platform default) combined with the SKILL.md auto-update behavior increases the blast radius: if the repo changes remotely, an autonomously-invoked skill can run newly-pulled code.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install slide-writer - 安装完成后,直接呼叫该 Skill 的名称或使用
/slide-writer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Slide-Writer.
- Transform ideas, outlines, drafts, or meeting notes into well-structured, enterprise-grade HTML presentations.
- Automatically detects company/brand for theme matching, with 14 built-in company templates.
- Refines content for clarity, compresses long text to key points, and ensures each slide fits 100vh with no scrollbars.
- Generates a single standalone .html file with all CSS/JS inlined—zero dependencies.
- Supports two modes: creating new presentations (from outline or theme) and enhancing existing HTML slides.
- Built-in rules for content structure, design consistency, and component use to optimize clarity and impact.
元数据
常见问题
Slide Writer 是什么?
把想法、大纲、文档或草稿变成结构清晰、设计精良的企业级 HTML 演示文稿。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 77 次。
如何安装 Slide Writer?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install slide-writer」即可一键安装,无需额外配置。
Slide Writer 是免费的吗?
是的,Slide Writer 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Slide Writer 支持哪些平台?
Slide Writer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Slide Writer?
由 FeeiCN(@feeicn)开发并维护,当前版本 v1.0.0。
推荐 Skills