QRCode — 技能工具

Name: QRCode — 技能工具
Rating: 1 (2 reviews)
Author: HeXavi8

HeXavi8

QRCode — 技能工具

v1.0.1

[自动翻译] Generate styled QR codes (SVG/PNG/JPG) from user input. Supports custom module color, background, dot shape and eye shape, and many output options.

2· 844·5 当前·5 累计

by @hexavi8 (HeXavi8)·MIT-0

代码生成开发工具自动化

下载技能包

License

MIT-0

最后更新

2026/2/26

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

high confidence

The skill is internally consistent with its stated purpose (generating styled QR codes), requests no credentials, and includes reasonable input/output protections; minor metadata/installation notes and the normal npm/native build risk are the only concerns.

评估建议

This skill appears to do what it says: generate QR codes. Before installing/running: 1) Ensure Node is available on the agent host (SKILL.md expects 'node'); 2) Be aware 'npm install' will fetch qrcode and sharp from the npm registry—sharp may require native build tools or download prebuilt binaries (network access and build tools may be needed); 3) Confirm how WORKSPACE_ROOT is resolved in your environment (the script computes it as three directories up from the script location); outputs are st...

详细分析 ▾

✓ 用途与能力

Name/description match the code and dependencies (Node + qrcode + sharp). The included script implements QR generation and styling. Minor inconsistency: registry 'Requirements' reported no required binaries, while SKILL.md metadata correctly lists node and packages; this is an administrative mismatch but doesn't indicate malicious behavior.

✓ 指令范围

Runtime instructions are scoped to generating and displaying QR image files, saving outputs to the workspace root, and offering regeneration. The SKILL.md does not instruct reading unrelated files, exfiltrating data, or accessing credentials. The agent is told to display generated files (expected).

ℹ 安装机制

No formal install spec in registry, but package.json exists and SKILL.md tells the user to run 'npm install'. Dependencies are from npm (qrcode, sharp). This is expected for the functionality, but sharp is a native module that may download prebuilt binaries or build from source during npm install—this is normal but increases install-time surface (network access, native build tools).

✓ 凭证需求

The skill declares no environment variables, no credentials, and the code does not access external secrets. All required inputs are passed as command-line options. No disproportionate credential or config access was requested.

✓ 持久化与权限

Skill does not request always:true and does not persist or modify other skills. It writes only to sanitized filenames in the resolved workspace root and includes defenses against symlink/TOCTOU attacks.

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv1.0.12026/2/23

Enhance security and validation in QR code generation script.

● 无害

安装命令点击复制

官方npx clawhub@latest install qrcode

镜像加速npx clawhub@latest install qrcode --registry https://cn.clawhub-mirror.com

技能文档

Generate customizable QR codes from text or URLs. Supports multiple formats (SVG/PNG/JPG) with styling options.

Agent Instructions

After generating QR codes, you MUST:

Display the generated file using appropriate markdown syntax:

- For images (PNG/JPG): !QR Code - For SVG: Display as image or provide download link

Confirm the file path and format to the user
Offer to regenerate with different styling if needed

Quick Start

# Basic usage (auto-generated filename) node {baseDir}/scripts/generate.mjs "Hello World" # Custom styled QR code node {baseDir}/scripts/generate.mjs "https://example.com" -o myqr.svg --dot circle --eye rounded --color "#2563eb" # High-resolution transparent PNG node {baseDir}/scripts/generate.mjs "Contact Info" --format png --size 2048 --transparent

# Print-quality JPEG node {baseDir}/scripts/generate.mjs "https://example.com" --format jpg -o qr.jpg --size 2048 --quality 95

Options

Output

-o, --out - Output filename (workspace root only). Default: qrcode__.
--format - Output format (default: svg)

Dimensions

--size - Base pixel size (default: 1024, max: 10000)
--scale - Resolution multiplier (default: 1, max: 10)
--margin - Quiet zone size (default: 4, max: 100)

Styling

--dot - Data module shape (default: square)
--eye - Finder pattern style (default: square)
--color <#RRGGBB> - Foreground color (default: #000000)
--background <#RRGGBB> - Background color (default: #ffffff)
--transparent - Transparent background (PNG only, ignored for SVG/JPG)

Quality

--ec - Error correction: Low/Medium/Quality/High (default: M)

- L (~7%): Clean environments, maximum data capacity - M (~15%): General use, balanced capacity/reliability - Q (~25%): Styled QR codes, moderate damage tolerance - H (~30%): Logo embedding, heavy styling, outdoor use

--quality <1-100> - JPEG compression quality (default: 80)

File Handling

Security-enforced workspace root output:

All files saved to workspace root directory only
Path components stripped: -o ../path/file.svg → workspace/file.svg
Auto-generated filenames include sanitized text and timestamp
Maximum text length: 4096 characters

Installation

cd {baseDir}
npm install

Dependencies: qrcode (matrix generation), sharp (image conversion)

Platform notes: macOS requires Xcode Command Line Tools. See sharp docs for other platforms.

Examples

WiFi QR Code

node {baseDir}/scripts/generate.mjs "WIFI:S:MyNetwork;T:WPA;P:password123;;" --format png -o wifi.png --size 1024

Styled Business Card

node {baseDir}/scripts/generate.mjs "BEGIN:VCARD
VERSION:3.0
FN:John Doe
TEL:+1234567890
EMAIL:john@example.com
END:VCARD" --dot circle --eye rounded --color "#1e40af" --background "#eff6ff" -o contact.svg

High-Resolution Print

node {baseDir}/scripts/generate.mjs "https://example.com" --format jpg --size 4096 --quality 95 --ec H -o print.jpg

Transparent Logo Overlay

node {baseDir}/scripts/generate.mjs "https://example.com" --format png --size 2048 --transparent --margin 2 -o overlay.png

Logo Embedding (Requires High Error Correction)

# Use --ec H when QR code will have logo overlay (covers ~20-30% of center)
node {baseDir}/scripts/generate.mjs "https://example.com" --format png --size 2048 --ec H -o logo-base.png

Security Features

✅ Path traversal protection - All outputs forced to workspace root
✅ Symlink attack prevention - Atomic writes with verification
✅ Input validation - Length limits (4096 chars), character whitelisting
✅ Filename sanitization - Dangerous characters stripped from filenames
✅ Resource limits - Max size/scale to prevent DoS attacks

Troubleshooting

Issue	Solution
`npm install` fails	Install build tools:`xcode-select --install` (macOS) or see sharp install guide
QR code won't scan	Increase `--size`, use higher error correction (`--ec H`), or simplify styling
Colors not working	Use hex format `#RRGGBB` (e.g., `#FF5733`), not RGB or color names
File too large	Reduce `--size`, `--scale`, or increase `--quality` for JPG
Permission denied	Check workspace directory write permissions

Error Correction Levels Explained

Error correction allows QR codes to remain scannable even when partially damaged or obscured:

Level	Recovery Capacity	Data Capacity	Use Case
`L`	~7% damage	Maximum	Clean environments, screen display, maximum data
`M`	~15% damage	High	General use (default), standard printing
`Q`	~25% damage	Medium	Styled designs (circles/rounded), possible minor damage
`H`	~30% damage	Minimum	Logo embedding, outdoor use, heavy styling, print-on-print

Key principle: Higher error correction = more damage tolerance but less data capacity.

When to use H level:

Embedding logos (covers 20-30% of center)
Circular dots or rounded eyes
Outdoor/weathered environments
Low-quality printing
Stickers that may peel/scratch

Format Comparison

Format	Transparency	Quality	File Size	Use Case
SVG	✅	Infinite	Smallest	Web, scalable graphics
PNG	✅	Lossless	Medium	Digital displays, overlays
JPG	❌	Lossy	Smallest\	Print, photos, email

\With compression

Tips

Scanning distance: Use --size 1024 for mobile (1-2m), --size 2048+ for print/posters
Styling vs. reliability: Higher --ec levels compensate for --dot circle or --eye rounded
Transparent backgrounds: Use PNG format with --transparent; JPG always uses white/specified background
File size optimization: SVG for web, JPG with --quality 80-85 for print
Data capacity: L/M/Q/H levels affect max alphanumeric capacity: ~4296/3391/2420/1852 chars (Version 40)
Logo placement: Use --ec H and leave center area clear (approximately 30% of QR code)

Common Use Cases

Scenario	Recommended Settings
Website URL	`--format png --size 1024 --ec M`
WiFi credentials	`--format png --size 1024 --ec M`
Business card (vCard)	`--format svg --dot circle --eye rounded --ec Q`
Print poster	`--format jpg --size 4096 --quality 95 --ec H`
Logo overlay base	`--format png --size 2048 --ec H --transparent`
Email signature	`--format png --size 512 --ec M`
Product packaging	`--format svg --ec H` (scalable for any print size)
Outdoor signage	`--format jpg --size 2048+ --ec H --quality 90`
Social media profile	`--format png --size 1024 --transparent --dot circle --ec Q`
Payment QR (high density)	`--format png --size 2048 --ec L --margin 2` (maximize capacity)

Generate customizable QR codes from text or URLs. Supports multiple formats (SVG/PNG/JPG) with styling options.

Agent Instructions

After generating QR codes, you MUST:

Display the generated file using appropriate markdown syntax:

- For images (PNG/JPG): !QR Code - For SVG: Display as image or provide download link

Confirm the file path and format to the user
Offer to regenerate with different styling if needed

Quick Start

# Basic usage (auto-generated filename) node {baseDir}/scripts/generate.mjs "Hello World" # Custom styled QR code node {baseDir}/scripts/generate.mjs "https://example.com" -o myqr.svg --dot circle --eye rounded --color "#2563eb" # High-resolution transparent PNG node {baseDir}/scripts/generate.mjs "Contact Info" --format png --size 2048 --transparent

# Print-quality JPEG node {baseDir}/scripts/generate.mjs "https://example.com" --format jpg -o qr.jpg --size 2048 --quality 95

Options

Output

-o, --out - Output filename (workspace root only). Default: qrcode__.
--format - Output format (default: svg)

Dimensions

--size - Base pixel size (default: 1024, max: 10000)
--scale - Resolution multiplier (default: 1, max: 10)
--margin - Quiet zone size (default: 4, max: 100)

Styling

--dot - Data module shape (default: square)
--eye - Finder pattern style (default: square)
--color <#RRGGBB> - Foreground color (default: #000000)
--background <#RRGGBB> - Background color (default: #ffffff)
--transparent - Transparent background (PNG only, ignored for SVG/JPG)

Quality

--ec - Error correction: Low/Medium/Quality/High (default: M)

- L (~7%): Clean environments, maximum data capacity - M (~15%): General use, balanced capacity/reliability - Q (~25%): Styled QR codes, moderate damage tolerance - H (~30%): Logo embedding, heavy styling, outdoor use

--quality <1-100> - JPEG compression quality (default: 80)

File Handling

Security-enforced workspace root output:

All files saved to workspace root directory only
Path components stripped: -o ../path/file.svg → workspace/file.svg
Auto-generated filenames include sanitized text and timestamp
Maximum text length: 4096 characters

Installation

cd {baseDir}
npm install

Dependencies: qrcode (matrix generation), sharp (image conversion)

Platform notes: macOS requires Xcode Command Line Tools. See sharp docs for other platforms.

Examples

WiFi QR Code

node {baseDir}/scripts/generate.mjs "WIFI:S:MyNetwork;T:WPA;P:password123;;" --format png -o wifi.png --size 1024

Styled Business Card

node {baseDir}/scripts/generate.mjs "BEGIN:VCARD
VERSION:3.0
FN:John Doe
TEL:+1234567890
EMAIL:john@example.com
END:VCARD" --dot circle --eye rounded --color "#1e40af" --background "#eff6ff" -o contact.svg

High-Resolution Print

node {baseDir}/scripts/generate.mjs "https://example.com" --format jpg --size 4096 --quality 95 --ec H -o print.jpg

Transparent Logo Overlay

node {baseDir}/scripts/generate.mjs "https://example.com" --format png --size 2048 --transparent --margin 2 -o overlay.png

Logo Embedding (Requires High Error Correction)

# Use --ec H when QR code will have logo overlay (covers ~20-30% of center)
node {baseDir}/scripts/generate.mjs "https://example.com" --format png --size 2048 --ec H -o logo-base.png

Security Features

✅ Path traversal protection - All outputs forced to workspace root
✅ Symlink attack prevention - Atomic writes with verification
✅ Input validation - Length limits (4096 chars), character whitelisting
✅ Filename sanitization - Dangerous characters stripped from filenames
✅ Resource limits - Max size/scale to prevent DoS attacks

Troubleshooting

Issue	Solution
`npm install` fails	Install build tools:`xcode-select --install` (macOS) or see sharp install guide
QR code won't scan	Increase `--size`, use higher error correction (`--ec H`), or simplify styling
Colors not working	Use hex format `#RRGGBB` (e.g., `#FF5733`), not RGB or color names
File too large	Reduce `--size`, `--scale`, or increase `--quality` for JPG
Permission denied	Check workspace directory write permissions

Error Correction Levels Explained

Error correction allows QR codes to remain scannable even when partially damaged or obscured:

Level	Recovery Capacity	Data Capacity	Use Case
`L`	~7% damage	Maximum	Clean environments, screen display, maximum data
`M`	~15% damage	High	General use (default), standard printing
`Q`	~25% damage	Medium	Styled designs (circles/rounded), possible minor damage
`H`	~30% damage	Minimum	Logo embedding, outdoor use, heavy styling, print-on-print

Key principle: Higher error correction = more damage tolerance but less data capacity.

When to use H level:

Embedding logos (covers 20-30% of center)
Circular dots or rounded eyes
Outdoor/weathered environments
Low-quality printing
Stickers that may peel/scratch

Format Comparison

Format	Transparency	Quality	File Size	Use Case
SVG	✅	Infinite	Smallest	Web, scalable graphics
PNG	✅	Lossless	Medium	Digital displays, overlays
JPG	❌	Lossy	Smallest\	Print, photos, email

\With compression

Tips

Scanning distance: Use --size 1024 for mobile (1-2m), --size 2048+ for print/posters
Styling vs. reliability: Higher --ec levels compensate for --dot circle or --eye rounded
Transparent backgrounds: Use PNG format with --transparent; JPG always uses white/specified background
File size optimization: SVG for web, JPG with --quality 80-85 for print
Data capacity: L/M/Q/H levels affect max alphanumeric capacity: ~4296/3391/2420/1852 chars (Version 40)
Logo placement: Use --ec H and leave center area clear (approximately 30% of QR code)

Common Use Cases

Scenario	Recommended Settings
Website URL	`--format png --size 1024 --ec M`
WiFi credentials	`--format png --size 1024 --ec M`
Business card (vCard)	`--format svg --dot circle --eye rounded --ec Q`
Print poster	`--format jpg --size 4096 --quality 95 --ec H`
Logo overlay base	`--format png --size 2048 --ec H --transparent`
Email signature	`--format png --size 512 --ec M`
Product packaging	`--format svg --ec H` (scalable for any print size)
Outdoor signage	`--format jpg --size 2048+ --ec H --quality 90`
Social media profile	`--format png --size 1024 --transparent --dot circle --ec Q`
Payment QR (high density)	`--format png --size 2048 --ec L --margin 2` (maximize capacity)

数据来源：ClawHub ↗ · 中文优化：龙虾技能库

OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险，如需更匹配、更安全的方案，建议联系付费定制

了解定制服务

License

运行时依赖

版本

安装命令 点击复制

技能文档

Agent Instructions

Quick Start

Options

Output

Dimensions

Styling

Quality

File Handling

Installation

Examples

WiFi QR Code

Styled Business Card

High-Resolution Print

Transparent Logo Overlay

Logo Embedding (Requires High Error Correction)

Security Features

Troubleshooting

Error Correction Levels Explained

Format Comparison

Tips

Common Use Cases

Agent Instructions

Quick Start

Options

Output

Dimensions

Styling

Quality

File Handling

Installation

Examples

WiFi QR Code

Styled Business Card

High-Resolution Print

Transparent Logo Overlay

Logo Embedding (Requires High Error Correction)

Security Features

Troubleshooting

Error Correction Levels Explained

Format Comparison

Tips

Common Use Cases

安装命令点击复制