openclaw 网盘下载
OpenClaw

技能详情(站内镜像,无评论)

首页 > 技能库 > SharePoint by altf1be

Secure SharePoint file operations and Office document intelligence via Microsoft Graph API — certificate auth, Sites.Selected, read/write Word (mammoth), Exc...

媒体与内容

作者:Abdelkrim from Brussels @Abdelkrim

许可证:MIT-0

MIT-0 ·免费使用、修改和重新分发。无需归因。

版本:v2.0.0

统计:⭐ 1 · 162 · 0 current installs · 0 all-time installs

1

安装量(当前) 0

🛡 VirusTotal :良性 · OpenClaw :良性

Package:abdelkrim/sharepoint-by-altf1be

安全扫描(ClawHub)

  • VirusTotal :良性
  • OpenClaw :良性

OpenClaw 评估

The skill's code, runtime instructions, and required environment variables are coherent with a SharePoint/Microsoft Graph file-operation tool that uses certificate-based auth; nothing in the package suggests intentional misdirection or unrelated credential access.

目的

Name/description match the provided files and instructions: the script implements SharePoint file listing, read, upload, search, mkdir, delete and extracts text from Office files using the listed libraries. Required env vars (tenant id, client id, cert path, site id) are what a certificate-based Graph client needs.

说明范围

SKILL.md instructs creating an Entra app, setting env vars, running npm install, and executing the CLI script — all consistent with the code. One minor mismatch: README/SKILL.md advertise 'AI-powered' features (summaries, action-item extraction, presentation generation) but the included script appears only to extract and output text, not to perform LLM calls or transformation itself. This is likely because the skill provides text extraction fo…

安装机制

There is no automatic download-from-URL installer; the repo includes source, package.json and package-lock.json and SKILL.md instructs running npm install. Dependencies are standard, well-known npm packages. No extract-from-arbitrary-URL or remote binary downloads are used.

证书

Requested env vars (SP_TENANT_ID, SP_CLIENT_ID, SP_CERT_PATH, SP_SITE_ID) are appropriate and limited to SharePoint/Graph usage. The certificate path and optional SP_CERT_PASSWORD are necessarily sensitive and required for certificate auth. Minor note: platform metadata marks SP_TENANT_ID as the primaryEnv; tenant ID is not a secret and marking it as primary is unusual but not harmful.

持久

Skill does not request always:true and does not modify other skills or global configs. It runs as a normal user CLI tool and reads local certificate files when needed.

综合结论

This package appears to do what it says: it helps you operate on a single SharePoint site using certificate-based Microsoft Graph auth and extracts text from Office files for downstream AI processing. Before installing, verify the repository/source is trusted (check the GitHub link), keep the certificate file secure (do not commit it), and grant the app only the minimum Sites.Selected permissions and site-level access required. Note that the s…

安装(复制给龙虾 AI)

将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。

请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「SharePoint by altf1be」。简介:Secure SharePoint file operations and Office document intelligence via Microsof…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/abdelkrim/sharepoint-by-altf1be/SKILL.md
(来源:yingzhi8.cn 技能库)

SKILL.md

打开原始 SKILL.md(GitHub raw)

---
name: sharepoint-by-altf1be
description: "Secure SharePoint file operations and Office document intelligence via Microsoft Graph API — certificate auth, Sites.Selected, read/write Word (mammoth), Excel (exceljs), PowerPoint (jszip), PDF (pdf-parse)."
homepage: https://github.com/ALT-F1-OpenClaw/openclaw-skill-sharepoint
metadata:
  {"openclaw": {"emoji": "📁", "requires": {"env": ["SP_TENANT_ID", "SP_CLIENT_ID", "SP_CERT_PATH", "SP_SITE_ID"]}, "primaryEnv": "SP_TENANT_ID"}}
---

# SharePoint by @altf1be

Interact with SharePoint document libraries via Microsoft Graph API using certificate-based authentication.

## Setup

1. Create an Entra app with `Sites.Selected` permission and certificate auth
2. Grant site-level write access via Microsoft Graph PowerShell
3. Set environment variables (or create `.env` in `{baseDir}`):

```
SP_TENANT_ID=your-azure-tenant-id
SP_CLIENT_ID=your-app-client-id
SP_CERT_PATH=/path/to/certificate.pem
SP_SITE_ID=your-sharepoint-site-id
SP_DRIVE_ID=optional-specific-drive-id
```

4. Install dependencies: `cd {baseDir} && npm install`

## Commands

### File operations

```bash
# Show site and drive info
node {baseDir}/scripts/sharepoint.mjs info

# List files in library root
node {baseDir}/scripts/sharepoint.mjs list

# List files in a subfolder
node {baseDir}/scripts/sharepoint.mjs list --path "Meeting Notes/2026"

# Read file content (extracts text from Office formats)
node {baseDir}/scripts/sharepoint.mjs read --path "Report.docx"

# Upload a file
node {baseDir}/scripts/sharepoint.mjs upload --local ./report.docx --remote "Reports/Q1-2026.docx"

# Search for files
node {baseDir}/scripts/sharepoint.mjs search --query "quarterly review"

# Create folder
node {baseDir}/scripts/sharepoint.mjs mkdir --path "Meeting Notes/2026"

# Delete (requires --confirm flag)
node {baseDir}/scripts/sharepoint.mjs delete --path "Drafts/old-file.txt" --confirm
```

### Coauthoring (checkout/checkin)

```bash
# Safe edit: checkout → upload modified file → checkin (recommended)
node {baseDir}/scripts/sharepoint.mjs edit --path "Report.docx" --local ./modified.docx --comment "Updated summary"

# Check out a file (lock for exclusive editing)
node {baseDir}/scripts/sharepoint.mjs checkout --path "Report.docx"

# Check in a file (unlock + publish)
node {baseDir}/scripts/sharepoint.mjs checkin --path "Report.docx" --comment "Reviewed and approved"

# Get an edit link to open in Office Online
node {baseDir}/scripts/sharepoint.mjs edit-link --path "Report.docx"
```

## Supported Office formats

The `read` command extracts text content from:
- `.docx` → full text extraction via mammoth
- `.xlsx` → sheet names + cell data via exceljs
- `.pptx` → slide text extraction via jszip
- `.pdf` → text extraction via pdf-parse
- `.txt` / `.md` → raw content

Output is plain text suitable for AI processing (summarization, reformatting, action item extraction).

## Dependencies

- `@azure/identity` — certificate-based Azure AD authentication
- `@microsoft/microsoft-graph-client` — Microsoft Graph API client
- `mammoth` — Word document text extraction
- `exceljs` — Excel spreadsheet parsing
- `jszip` — PowerPoint XML extraction
- `pdf-parse` — PDF text extraction
- `commander` — CLI framework
- `dotenv` — environment variable loading

## Security

- Certificate auth only (no client secrets, no passwords)
- `Sites.Selected` permission (access limited to one SharePoint site)
- Path traversal prevention: `../` is rejected
- Delete requires explicit `--confirm` flag
- No tokens or secrets printed to stdout
- File size limit: configurable max (default 50MB)

## Full setup guide

For complete setup from scratch (Entra app, certificate, Sites.Selected, Key Vault):
See the [GitHub repository](https://github.com/ALT-F1-OpenClaw/openclaw-skill-sharepoint) README.

## Author

Abdelkrim BOUJRAF — [ALT-F1 SRL](https://www.alt-f1.be), Brussels 🇧🇪
X: [@altf1be](https://x.com/altf1be)