← 返回 Skills 市场
Website Pickpocket
作者
zhenyangze
· GitHub ↗
· v0.1.0
· MIT-0
347
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install website-pickpocket-skill
功能描述
网站扒手 - 完美复刻任意网站的工具。支持静态/动态页面抓取、资源下载、多框架输出(原生HTML/React/Vue/Angular)。触发场景:(1) 抓取网站生成静态副本 (2) 将网站转换为React/Vue项目 (3) 离线浏览网站 (4) 网站备份迁移
安全使用建议
This SKILL.md describes a powerful website-cloning tool but is only documentation — it provides no code, binaries, or trusted homepage. Before installing or running anything based on it: (1) verify the upstream project and install from an official release (the skill provides no install/source); (2) do not paste real session cookies, passwords, or secrets into configs unless you fully trust the code and install environment; (3) be aware of legal and terms-of-service issues when cloning sites and of rate limits/reputational risk; (4) expect to install heavy dependencies (Playwright and browser binaries, image libs) and ensure they come from trusted package sources; (5) if you want the agent to run this automatically, prefer a vetted packaged implementation rather than following these instructions verbatim. Because provenance is missing and required installs are non-trivial, treat this skill with caution.
功能分析
Type: OpenClaw Skill
Name: website-pickpocket-skill
Version: 0.1.0
The 'website-pickpocket' skill (SKILL.md) describes a tool designed to 'perfectly replicate' any website into local projects or frameworks like React and Vue. While its stated purpose includes backup and migration, the tool's name and features—such as session/cookie cloning, anti-bot bypass, and deep recursive crawling—are high-risk capabilities frequently used for phishing and intellectual property theft. There is no explicit evidence of the tool attacking the host environment or exfiltrating user secrets, but its core functionality is highly conducive to malicious use.
能力评估
Purpose & Capability
The SKILL.md consistently describes a website-cloning tool (static/dynamic scraping, framework outputs). However, the documented capabilities depend on significant third-party components (Playwright, Cheerio, Sharp, etc.) and browser binaries; the skill does not declare required binaries, environment variables, or provide an install mechanism. That omission is common for instruction-only skills but is a material mismatch between capability and what's provided.
Instruction Scope
Instructions are concrete (CLI flags, config file schema, workflow) and stay within the stated purpose. They do reference handling login/session data (cookies, localStorage), custom wait selectors, proxies, and user-agent spoofing — all expected for a scraper but also capable of accessing or transmitting sensitive session information if users supply it. The SKILL.md does not instruct the agent to access arbitrary system files or hidden credentials, but it does rely on user-provided session data.
Install Mechanism
No install spec is provided (instruction-only). Given the listed tech stack (Playwright requires browser installs; Sharp may need native libs), running the described tool would require installing multiple packages and browser binaries. The absence of guidance or a trustworthy upstream source/homepage increases risk: the agent/user might be asked to run or fetch unknown binaries to realize functionality.
Credentials
The skill requests no environment variables or credentials in metadata, which is proportional. However, the runtime docs encourage supplying session cookies/localStorage values in config. Those are sensitive and should only be supplied deliberately; the skill does not explain secure handling or storage of those values.
Persistence & Privilege
The skill is not forced-always and does not request persistent privileges. It is user-invocable and can be invoked autonomously by the agent (default behavior), but there is no additional persistent system presence requested.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install website-pickpocket-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/website-pickpocket-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
website-pickpocket-skill 0.1.0 – Initial Release
- New tool for cloning any website, supporting both static and dynamic page scraping.
- Outputs site replicas in multiple frameworks: native HTML, React, Vue, Angular, Svelte, with resource localization.
- Command-line and interactive modes for flexible usage.
- Advanced configuration options: crawl depth, concurrency, resource types, image optimization, login/session preservation, and URL filtering.
- Automatic code generation for popular frameworks, with project structures matching React/Vue/Angular/Svelte conventions.
- Includes troubleshooting, workflows, and template configuration files for rapid start.
元数据
常见问题
Website Pickpocket 是什么?
网站扒手 - 完美复刻任意网站的工具。支持静态/动态页面抓取、资源下载、多框架输出(原生HTML/React/Vue/Angular)。触发场景:(1) 抓取网站生成静态副本 (2) 将网站转换为React/Vue项目 (3) 离线浏览网站 (4) 网站备份迁移. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 347 次。
如何安装 Website Pickpocket?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install website-pickpocket-skill」即可一键安装,无需额外配置。
Website Pickpocket 是免费的吗?
是的,Website Pickpocket 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Website Pickpocket 支持哪些平台?
Website Pickpocket 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Website Pickpocket?
由 zhenyangze(@zhenyangze)开发并维护,当前版本 v0.1.0。
推荐 Skills