安全扫描
OpenClaw
可疑
medium confidenceThe skill mostly does what it says (renders markdown tables to PNG) but contains unsanitized HTML insertion into a headless browser (allowing script execution / external network requests) and a hard-coded Chrome path, which are unexpected and worth caution.
评估建议
This skill appears to perform the advertised function, but review and caution are recommended before installing. Key things to consider: 1) The renderer injects unsanitized HTML into a headless browser—do not feed untrusted markdown (or markdown that may include raw HTML) because scripts or remote-resource tags could run and trigger network requests. 2) The script hard-codes a macOS Chrome path and relies on puppeteer-core (no Chromium bundled), so you must ensure a compatible Chrome/Chromium is...详细分析 ▾
ℹ 用途与能力
The code matches the stated purpose: a Node script renders markdown to HTML and screenshots it with puppeteer-core. However the project depends on puppeteer-core (which requires an existing Chrome/Chromium) but the SKILL metadata only declares 'node' as a required binary. The script also hard-codes an executablePath to a macOS Chrome binary ('/Applications/Google Chrome.app/...'), which is platform-specific and not reflected in the skill metadata (OS restriction: none).
⚠ 指令范围
The script builds an HTML document by inserting processed markdown directly into page content without escaping or sanitizing raw HTML. mdToHtml only converts some markdown constructs and will allow raw HTML lines through (formatCell does not escape '<' or '>'). That means arbitrary <script> or <img src=...> tags in input could run in the headless browser or trigger network requests. The code uses page.setContent(..., { waitUntil: 'networkidle0' }), which will wait for network activity—so external requests can occur. This broadens scope beyond simple local rendering and could be used to cause SSRF-like requests or exfiltrate data from the environment accessible to the browser process if untrusted markdown is rendered.
ℹ 安装机制
There is no install spec; the skill is instruction-only even though package.json and package-lock.json are included. The dependency is puppeteer-core (no bundled Chromium). That means an operator must provide a compatible Chrome/Chromium binary and run npm install to satisfy deps. Lack of an install step and the macOS hard-coded path may cause surprises or misconfiguration on non-mac systems.
✓ 凭证需求
The skill does not request environment variables or credentials. The absence of declared secrets is appropriate for the stated purpose. Note, however, that the headless browser will have process-level access (filesystem, network) subject to the runtime environment—this is not expressed as required config but is relevant to risk.
✓ 持久化与权限
The skill is not always-enabled and does not request elevated platform privileges or modify other skills. It does not persist configuration or request long-lived access to agent settings.
安装前注意事项
- The renderer injects unsanitized HTML into a headless browser—do not feed untrusted markdown (or markdown that may include raw HTML) because scripts or remote-resource tags could run and trigger network requests.
- The script hard-codes a macOS Chrome path and relies on puppeteer-core (no Chromium bundled), so you must ensure a compatible Chrome/Chromium is installed in a safe, sandboxed environment; on non-mac systems the path will fail.
- The script launches Chrome with --no-sandbox which reduces process isolation; run it in an isolated container or VM if you must render untrusted content. If you plan to use this skill, either (a) sanitize or escape input before rendering, (b) remove/disable execution of raw HTML, or (c) run the tool in an isolated environment and update the executablePath to a managed Chromium installation. If you want me to, I can suggest code changes to properly escape HTML or to fetch a managed Chromium binary instead of using a hard-coded path.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/23
● 可疑
安装命令 点击复制
官方npx clawhub@latest install md-table-image
镜像加速npx clawhub@latest install md-table-image --registry https://cn.clawhub-mirror.com
技能文档
Renders markdown (especially tables) into a styled PNG image.
Usage
node {baseDir}/scripts/render.mjs "markdown content" -o /path/to/output.png
Or pipe markdown in:
echo "| A | B |\n|---|---|\n| 1 | 2 |" | node {baseDir}/scripts/render.mjs -o /path/to/output.png
Options
-o: Output PNG path (default:/tmp/table.png)--title: Optional title above the table--width: Viewport width (default: 800)--dark: Dark theme
When to Use
Always use this skill when sending tables to chat. Render the table as an image and send the image instead of raw markdown.
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制