← 返回 Skills 市场
Wordpress Auto Publish Clean
作者
rainco2008
· GitHub ↗
· v1.0.0
· MIT-0
65
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install test-wp
功能描述
Automatically publish Markdown articles to WordPress blog via REST API
安全使用建议
This package appears to do what it says (publish Markdown to WordPress), but there are important caveats: 1) The skill metadata does not declare the WordPress credentials it actually requires—expect to supply WORDPRESS_URL and either an application password or credentials (or configure config.js). 2) Review any shell scripts (scripts/setup-wordpress.sh, install-jwt-complete.sh, etc.) before running them — they may attempt changes on the target server or assume you run them on the WordPress host. 3) Do not provide site admin credentials to the skill unless you trust the code: create a dedicated user with the minimal permissions needed and prefer WordPress application passwords (not your main login password). 4) If you will run scripts on a machine you control, inspect them locally first and run npm install only after reviewing package.json. 5) If you need help assessing specific files (e.g., setup scripts or any file that touches remote endpoints), share those files and I can analyze them line-by-line.
功能分析
Type: OpenClaw Skill
Name: test-wp
Version: 1.0.0
The skill bundle contains multiple hardcoded credentials (application passwords and basic auth strings) for a specific external domain (openow.ai) and user (inkmind) across several files, including 'final-test-publish.sh', 'simple-publish-test.sh', and 'test-app-password-publish.sh'. While the core functionality of publishing Markdown to WordPress is consistent with the description, the inclusion of active credentials and an excessive amount of diagnostic and testing scripts targeting a specific live site is a significant security risk and highly irregular for a generic skill. It appears to be a raw development environment dump rather than a curated production skill.
能力标签
能力评估
Purpose & Capability
The name/description match the included files: numerous Node scripts perform REST API publishes, media uploads, category/tag management, JWT and app-password flows. That capability is coherent with the stated purpose. However, the skill metadata declares no required env vars or primary credential while the code and README clearly expect WordPress credentials (application password or username/password/JWT) configured in config.js or via environment variables—this mismatch is unexpected.
Instruction Scope
SKILL.md and README instruct running tests, publish scripts, and included setup scripts (e.g., scripts/setup-wordpress.sh, install-jwt-complete.sh). The instructions focus on WordPress integration and do not request unrelated system data, but they do instruct execution of bundled shell scripts and many helper scripts that could modify a WordPress host or perform network calls. The guidance to 'review full source' is good, but running setup scripts without inspection could have side effects.
Install Mechanism
There is no install spec (instruction-only), which is lower risk than fetching arbitrary remote binaries. The repository contains many scripts that would be executed locally by the user. No remote download/install steps are declared in the skill metadata itself.
Credentials
Metadata lists no required environment variables or primary credential, but the code and README expect WORDPRESS_URL, WORDPRESS_USERNAME, WORDPRESS_PASSWORD (or app password / JWT credentials) and a config.js. Requiring admin credentials for a WordPress site is appropriate for this functionality, but the metadata omission is a mismatch and could mislead users. The number of sensitive values implied (username/password, app passwords, JWT secrets) is proportionate to the task, but must be explicitly declared and handled carefully.
Persistence & Privilege
The skill does not request always: true and does not claim system-wide persistence. It writes logs and can create local files (reports, logs) but does not request elevated agent privileges. Autonomy (model invocation) is enabled by default but not unusual; it is not combined with always:true or broad undeclared credential access.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install test-wp - 安装完成后,直接呼叫该 Skill 的名称或使用
/test-wp触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of wordpress-auto-publish skill.
- Automatically publishes Markdown articles to WordPress blogs via the REST API
- Supports batch processing for multiple articles
- Manages draft and published status
- Handles categories and tags for posts
- Includes featured image upload functionality
元数据
常见问题
Wordpress Auto Publish Clean 是什么?
Automatically publish Markdown articles to WordPress blog via REST API. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 65 次。
如何安装 Wordpress Auto Publish Clean?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install test-wp」即可一键安装,无需额外配置。
Wordpress Auto Publish Clean 是免费的吗?
是的,Wordpress Auto Publish Clean 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Wordpress Auto Publish Clean 支持哪些平台?
Wordpress Auto Publish Clean 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Wordpress Auto Publish Clean?
由 rainco2008(@rainco2008)开发并维护,当前版本 v1.0.0。
推荐 Skills