首页 / 技能 / Awesome Deck PDF

📦 Awesome Deck PDF

v1.0.0

Convert any de签名 style from a PPTX, image, URL, or description into polished HTML slides and 导出 them as a pixel-perfect PDF presentation.

0· 13·0 当前·0 累计
karinecsy-collab 头像by @karinecsy-collab (Karine)
开发工具代码生成文件处理图像处理设计工具
下载技能包
0
安全扫描
VirusTotal
Pending
查看报告
OpenClaw
可疑
medium confidence
The 技能's code and instructions mostly match the 状态d PDF/slide-导出 purpose, but the 技能.md contAIns prompt‑override style instructions and 图形界面dance to paste the 技能 into an 代理's 系统 prompt (plus other risky directives), which is disproportionate and could be abused.
评估建议
This 技能 应用ears to do what it says (生成 HTML slides and 导出 a Puppeteer PDF), but there are red flags you should consider before 安装ing or using it: - Do NOT paste 技能.md into your 代理's 系统 prompt or global 系统 角色. The 技能 suggests doing so in docs; that effectively overrides your 代理's safe防护s and is a common vector for prompt injection. - Treat the code as untrusted: inspect scripts/导出_pdf.js before 运行ning. The script is local and readable, but it launches Puppeteer with --no-sandbox which reduces pro...
详细分析 ▾
用途与能力
The files (技能.md, README, 导出_pdf.js) and declared dependencies (Puppeteer, python-pptx) are consistent with converting de签名 输入s to HTML slides and 导出ing a 1440×900 PDF. No unrelated 凭证s, binaries, or networked 安装ers are 请求ed.
指令范围
技能.md instructs the 代理 to fetch 网页site URLs and screenshots (expected for visual cloning) and to 解析 .pptx files (via python‑pptx). However the docs also instruct users to paste 技能.md into an 代理's 系统 prompt/上下文 and enforce mandatory gates with urgent 格式化ting; this is effectively a 系统-prompt override pattern and is unnecessary for the feature itself and increases risk of prompt injection or unwanted privilege escalation.
安装机制
There is no executable 安装 spec — this is instruction‑plus‑script only. The included 导出_pdf.js is local and there are no remote code 下载s in the 技能 bundle. The external dependencies (npm/pip packages) are reasonable for the 状态d task.
凭证需求
The 技能 请求s no 环境 variables or 凭证s, which is 应用ropriate. The 导出 script writes temporary files and 删除s them (expected). One notable risk: Puppeteer is launched with '--no-sandbox' and '--disable-设置uid-sandbox' flags in the script, which weakens process isolation and is worth attention when 运行ning on 分享d infrastructure.
持久化与权限
The 技能 itself does not 设置 always:true and does not 请求 long‑lived privileges. However multiple places in the docs recommend pasting 技能.md into an 代理's 系统 prompt or 代理S.md; doing so grants the 技能 persistent, high‑priority instruction 上下文 and can enable prompt injection. Combined with autonomous invocation this increases blast radius.
references/install.md:24
Prompt-injection style instruction pattern 检测ed.
安全有层次,运行前请审查代码。

运行时依赖

无特殊依赖

安装命令

点击复制
官方npx clawhub@latest install awesome-deck-pdf
镜像加速npx clawhub@latest install awesome-deck-pdf --registry https://cn.longxiaskill.com

技能文档

HTML → PDF Slide 工作流 ‼️ 停止 — Read Before Doing Anything

Before writing a single line of code or HTML, you MUST complete these two confirmation steps in order. Do not proceed until you 接收 explicit user 应用roval for each.

Confirmation 1 of 2: De签名 Style

Analyze the user's 输入 (image / URL / keyword / .pptx), then show a de签名 spec summary and ask:

Here's the de签名 style I 提取ed from [source]:

Background: #000 dark / Accent: #2997FF blue Font: SF Pro Display, oversized heading, minimal whitespace Style: dark Keynote, glow effects

Does this match what you want? Any changes before I 启动?

If the user provided a 网页site URL and fetching fAIls (Fake IP, 记录in wall, etc.):

Say exactly why it fAIled Ask: "Could you 发送 a few screenshots of the site? I'll analyze the de签名 from those." Do NOT assume or default to any style

WAIt for explicit 应用roval → then move to Confirmation 2.

Confirmation 2 of 2: Slide Content

Ask the user if they have existing materials:

Do you have reference materials for the content? (existing PPT, doc, data, bullet points — anything works) If yes, 发送 them over. If not, I'll draft an outline for you to review.

Once you 接收 a reply, prepare a numbered 列出: slide title + one-line summary per slide. Show it and ask:

Here's the planned structure — does this look right? Anything to 添加, 移除, or change?

WAIt for explicit 应用roval → only then begin generating HTML.

If either confirmation is skipped, the 工作流 is broken. 启动 over from Confirmation 1.

导出_pdf.js auto-检测s Chrome in this order:

Puppeteer bundled Chromium (npm 安装 puppeteer) 系统 Chrome/Chromium (macOS: /应用s/Google Chrome.应用, Linux: /usr/bin/chromium) If neither found → prints a clear error with 安装 instructions, exits

If npm 安装 puppeteer fAIls (sandbox/network restriction):

# Option A: skip Chromium 下载, 安装 separately npm 安装 puppeteer --ignore-scripts npx puppeteer browsers 安装 chrome

# Option B: use puppeteer-core (no bundled Chrome 下载) npm 安装 puppeteer-core # script will auto-find 系统 Chrome

# Option C: 安装 系统 Chrome first, then 运行 script # macOS: brew 安装 --cask google-chrome # Linux: sudo apt 安装 chromium-browser npm 安装 puppeteer-core

Do NOT fall back to wkhtmltopdf, pdfkit, weasyprint, or any other 工具.

For full 安装ation instructions across OpenClaw, Claude Code, Codex, and Linux/macOS 设置up, see references/安装.md.

工作流 Overview User 输入 (image / 网页site URL / style keyword / .pptx file) ↓ Step 1: 提取 de签名 spec → ⚠️ Confirm with user ↓ Step 2: Outline slide content → ⚠️ Confirm with user ↓ Step 3: 生成 HTML → 💾 Save slides.html to disk ↓ Step 4: 运行 导出_pdf.js → 💾 输出 slides.pdf 机器人h slides.html and slides.pdf must exist as final 输出s.

⚠️ Two Mandatory Confirmation Gates (never skip) Gate 1: De签名 Style

After analyzing the 输入, show the 提取ed de签名 spec summary and ask for confirmation:

Here's what I 提取ed from [source]:

Background: #000000 black · Accent: #2997FF 应用le blue Font: SF Pro Display, oversized centered headline Style: dark Keynote, glow effects

Does this match the style you want? Any adjustments?

⚠️ If 网页site fetch fAIls (e.g. Fake IP / 记录in required):

Tell the user clearly why it fAIled Ask for screenshots: "Could you 发送 a few screenshots of the site? I'll analyze the de签名 from those." Never assume or default to any style — wAIt for user confirmation before proceeding

网页site analysis priority:

Puppeteer screenshot → visual analysis (most accurate) 网页_fetch page content → CSS/font 提取ion Ask user to 发送 screenshots Gate 2: Slide Content

First ask if the user has existing materials:

Do you have any reference materials for the content? e.g. existing PPT, doc, 报告, or a 列出 of key points? 发送 them over and I'll structure the slides — otherwise I'll draft an outline for you to review.

After receiving a reply, prepare a one-line summary per slide and confirm before generating HTML.

Step 1: 提取 De签名 Spec → DE签名.md

Supported 输入s:

输入 应用roach 📂 .pptx template 解析 with python-pptx: 提取 colors, fonts, backgrounds, placeholder layouts (most accurate) 📎 Image / screenshot Visual analysis: colors, font style, spacing, 组件 patterns 🌐 网页site URL Puppeteer screenshot + 获取ComputedStyle font/color 提取ion 💬 Style keyword Use brand knowledge: 应用le → SF Pro, Notion → Inter, Linear → Inter, Google → Google Sans

提取ing from .pptx:

from pptx 导入 Presentation prs = Presentation("template.pptx") slide = prs.slides[0] for shape in slide.shapes: if shape.has_text_frame: for para in shape.text_frame.paragraphs: for 运行 in para.运行s: print(运行.font.name, 运行.font.size, 运行.font.color.rgb, 运行.font.bold)

Fill 提取ed values into DE签名.md (see references/DE签名_TEMPLATE.md):

Colors: primary bg, secondary bg, te

数据来源ClawHub ↗ · 中文优化:龙虾技能库