{"id":"625dd5ad-4ef8-4dc7-8742-491a24bf56e4","shortId":"ud2uNu","kind":"skill","title":"user-ask-for-report","tagline":"Generate a clean white Tailwind CDN report page from user content, optionally password-gate viewing via client-side decryption, and deploy to Originless/IPFS.","description":"# Generate Report Website with Tailwind + Originless\n\nCreate a single `index.html` report page from user-provided content, style it with Tailwind CDN (white background, subtle animations), then publish it to Originless for instant hosting.\n\nAt the start, ask whether the user wants a **single-file page** (`index.html` only) or a **multi-file site** (separate CSS/JS/images/assets).\nIf they want multiple files, use `skills/static-assets-hosting/SKILL.md` and upload a `.zip` that contains `index.html` plus all assets.\n\n## When to use\n\n- User asks for a quick hosted report or landing page from text/data\n- User wants no-build static HTML output (`index.html` only)\n- User wants instant public hosting via Originless/IPFS\n- User optionally asks for a password prompt before content is shown\n\nBefore generating the final HTML, pre-upload any images or other assets you plan to include and use the returned hosted URLs in `index.html`.\nIf the report content appears sensitive (PII, credentials, private business data, internal docs), explicitly ask the user whether they want password protection enabled.\nIf the user requests multiple local files, do not continue with this single-file flow; switch to `skills/static-assets-hosting/SKILL.md`.\n\n## Required tools / APIs\n\n- Originless endpoint (pick one):\n  - `http://localhost:3232/upload` (self-hosted)\n  - `https://filedrop.besoeasy.com/upload` (public instance)\n\nNo build tooling is required for the basic flow.\n\n## Skills\n\n### generate_index_html_report\n\nGenerate an `index.html` with Tailwind CDN and subtle animations.\n\n**Design constraints:**\n\n- White-first layout (`bg-white`, dark text)\n- Slight motion only (fade/slide on cards, soft hover)\n- Responsive, readable typography\n- No external framework build step\n\n**Starter template (`index.html`):**\n\n```html\n<!doctype html>\n<html lang=\"en\">\n  <head>\n    <meta charset=\"UTF-8\" />\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" />\n    <title>Report</title>\n    <script src=\"https://cdn.tailwindcss.com\"></script>\n    <style>\n      @keyframes fadeUp {\n        from {\n          opacity: 0;\n          transform: translateY(10px);\n        }\n        to {\n          opacity: 1;\n          transform: translateY(0);\n        }\n      }\n      .fade-up {\n        animation: fadeUp 0.45s ease-out both;\n      }\n    </style>\n  </head>\n  <body class=\"bg-white text-slate-900 antialiased\">\n    <main class=\"max-w-4xl mx-auto px-6 py-10\">\n      <header class=\"mb-8 fade-up\">\n        <h1 class=\"text-3xl sm:text-4xl font-semibold tracking-tight\">User Report</h1>\n        <p class=\"mt-2 text-slate-600\">Generated static report page</p>\n      </header>\n\n      <section class=\"grid gap-4\">\n        <article class=\"fade-up rounded-2xl border border-slate-200 bg-white p-5 shadow-sm transition hover:-translate-y-0.5 hover:shadow-md\">\n          <h2 class=\"text-lg font-medium\">Summary</h2>\n          <p class=\"mt-2 text-slate-700 leading-relaxed\">Replace with user-requested content.</p>\n        </article>\n      </section>\n    </main>\n  </body>\n</html>\n```\n\n### upload_report_to_originless\n\nUpload generated `index.html` and return hosted URL.\n\nIf the report includes images/files, upload those assets first, collect their hosted URLs/CIDs, and reference those URLs inside `index.html` before uploading the page.\n\nPrefer `curl` for uploads, since it handles `multipart/form-data` reliably out of the box.\nIf another tool/runtime is used, it must be a full `curl -F` replacement: send a real multipart body, include the file part named exactly `file`, and preserve filename/content-type behavior.\n\n**Bash:**\n\n```bash\n# Self-hosted Originless\ncurl -fsS -X POST -F \"file=@index.html\" http://localhost:3232/upload\n\n# Public Originless\ncurl -fsS -X POST -F \"file=@index.html\" https://filedrop.besoeasy.com/upload\n```\n\n**Node.js:**\n\n```javascript\nimport fs from \"node:fs\";\n\nconst file = new Blob([fs.readFileSync(\"index.html\")], { type: \"text/html\" });\nconst form = new FormData();\nform.append(\"file\", file, \"index.html\");\n\nconst endpoint = \"https://filedrop.besoeasy.com/upload\";\nconst res = await fetch(endpoint, { method: \"POST\", body: form });\nif (!res.ok) throw new Error(`Upload failed: ${res.status}`);\n\nconst out = await res.json();\nconsole.log(out.url || out.cid || out);\n```\n\n### password_gate_report_optional\n\nIf user requests a password, keep content encrypted in the HTML and only render when the correct password is entered.\n\n> Important: this is client-side access gating, not strong secret storage. Anyone with the file can still inspect code/assets.\n\n**Client-side unlock block (drop into `index.html`):**\n\n```html\n<div id=\"lock\" class=\"max-w-md mx-auto mt-16 p-6 border rounded-2xl\">\n  <h2 class=\"text-xl font-semibold\">Protected Report</h2>\n  <p class=\"text-slate-600 mt-2\">Enter password to unlock.</p>\n  <input id=\"pw\" type=\"password\" class=\"mt-4 w-full border rounded-lg px-3 py-2\" placeholder=\"Password\" />\n  <button id=\"unlock\" class=\"mt-3 px-4 py-2 rounded-lg bg-slate-900 text-white\">Unlock</button>\n  <p id=\"err\" class=\"mt-2 text-sm text-red-600 hidden\">Wrong password.</p>\n</div>\n\n<div id=\"app\" class=\"hidden\"></div>\n\n<script id=\"enc\" type=\"application/json\">\n  {\n    \"salt\": \"BASE64_SALT\",\n    \"iv\": \"BASE64_IV\",\n    \"ciphertext\": \"BASE64_CIPHERTEXT\"\n  }\n</script>\n\n<script>\n  const enc = JSON.parse(document.getElementById(\"enc\").textContent);\n\n  const b64ToBytes = (b64) => Uint8Array.from(atob(b64), (c) => c.charCodeAt(0));\n\n  async function deriveKey(password, saltBytes) {\n    const keyMaterial = await crypto.subtle.importKey(\"raw\", new TextEncoder().encode(password), \"PBKDF2\", false, [\"deriveKey\"]);\n    return crypto.subtle.deriveKey(\n      { name: \"PBKDF2\", salt: saltBytes, iterations: 100000, hash: \"SHA-256\" },\n      keyMaterial,\n      { name: \"AES-GCM\", length: 256 },\n      false,\n      [\"decrypt\"],\n    );\n  }\n\n  async function decryptHtml(password) {\n    const key = await deriveKey(password, b64ToBytes(enc.salt));\n    const plain = await crypto.subtle.decrypt({ name: \"AES-GCM\", iv: b64ToBytes(enc.iv) }, key, b64ToBytes(enc.ciphertext));\n    return new TextDecoder().decode(plain);\n  }\n\n  document.getElementById(\"unlock\").addEventListener(\"click\", async () => {\n    const pw = document.getElementById(\"pw\").value;\n    const err = document.getElementById(\"err\");\n    try {\n      const html = await decryptHtml(pw);\n      document.getElementById(\"app\").innerHTML = html;\n      document.getElementById(\"app\").classList.remove(\"hidden\");\n      document.getElementById(\"lock\").classList.add(\"hidden\");\n      err.classList.add(\"hidden\");\n    } catch {\n      err.classList.remove(\"hidden\");\n    }\n  });\n</script>\n```\n\n**Generate encrypted payload (Node.js helper):**\n\n```javascript\nimport { randomBytes, pbkdf2Sync, createCipheriv } from \"node:crypto\";\n\nconst password = process.argv[2];\nconst reportHtml = \"<section><h1>Secret report</h1><p>Private content</p></section>\";\n\nif (!password) throw new Error(\"Usage: node encrypt.js <password>\");\n\nconst salt = randomBytes(16);\nconst iv = randomBytes(12);\nconst key = pbkdf2Sync(password, salt, 100000, 32, \"sha256\");\n\nconst cipher = createCipheriv(\"aes-256-gcm\", key, iv);\nconst ciphertext = Buffer.concat([cipher.update(reportHtml, \"utf8\"), cipher.final()]);\nconst tag = cipher.getAuthTag();\n\nconst packed = Buffer.concat([ciphertext, tag]);\nconsole.log(\n  JSON.stringify(\n    {\n      salt: salt.toString(\"base64\"),\n      iv: iv.toString(\"base64\"),\n      ciphertext: packed.toString(\"base64\"),\n    },\n    null,\n    2,\n  ),\n);\n```\n\nNote: Web Crypto `AES-GCM` expects ciphertext with auth tag appended. The helper above packs `ciphertext || tag` to match browser decryption.\n\n## Agent prompt\n\n```text\nYou are generating a single static report website as index.html.\n\nRequirements:\n0) First ask if the deliverable must be a single `index.html` or a multi-file website.\n  - If multi-file: use `skills/static-assets-hosting/SKILL.md` and package `index.html` + all assets into a `.zip` for upload.\n  - If single-file: continue below.\n1) Use Tailwind via CDN only (no build step).\n2) Keep design white-background, clean typography, subtle card hover and fade-up animations.\n3) Render exactly the user-requested report content in semantic sections.\n4) Pre-upload any images or other assets you include, then reference their hosted URLs in the HTML.\n5) If content appears sensitive/private, ask the user if they want password protection before publishing.\n6) Save as index.html.\n7) Prefer uploading index.html with curl `-F` multipart/form-data to Originless using:\n   - http://localhost:3232/upload (if local instance exists), else\n   - https://filedrop.besoeasy.com/upload.\n8) If curl is unavailable and another tool is used, implement a full multipart/form-data equivalent of curl `-F \"file=@index.html\"` (same field name `file`, filename, and content-type handling).\n9) Return upload response with URL/CID.\n10) If user asks for password protection, embed encrypted payload + browser-side unlock form; only render content after successful password decryption.\n11) Clearly state that password mode is client-side gating and not equivalent to server-side access control.\n```\n\n## Best practices\n\n- Keep animation minimal to preserve readability and avoid motion-heavy UX\n- Prefer semantic headings and short sections for report scanning\n- Upload assets first so final report links are stable and publicly resolvable\n- Validate upload response and retry between available Originless endpoints if needed\n- For sensitive reports, encrypt content before upload and share password out-of-band\n\n## Troubleshooting\n\n- Upload failed (`4xx/5xx`): retry with the available Originless endpoint (`localhost` or `filedrop`)\n- Blank page after unlock: verify encrypted payload base64 and AES-GCM packing\n- Wrong password always fails: ensure identical PBKDF2 settings (`100000`, `SHA-256`, 32-byte key)\n\n## See also\n\n- [anonymous-file-upload.md](anonymous-file-upload.md) — Originless endpoints and pinning\n\n---\n\n## Powered by Originless\n\nThis skill uses **Originless** for decentralized, anonymous file hosting via IPFS.\n\n**Originless** is a lightweight, self-hostable file upload service that pins content to IPFS and returns instant public URLs — no accounts, no tracking, no storage limits.\n\n🔗 **GitHub**: [https://github.com/besoeasy/originless](https://github.com/besoeasy/originless)\n\nFeatures:\n- 🚀 Zero-config IPFS upload via HTTP multipart\n- 🔒 Anonymous, no authentication required\n- 🌐 Public gateway URLs or CID-only mode\n- 📦 Self-hostable with Docker\n- ⚡ Production-ready public instance at [filedrop.besoeasy.com](https://filedrop.besoeasy.com)","tags":["user","ask","for","report","open","skills","besoeasy","agent-skills","ai-agents","claude-code","clawdbot","clawdbot-skill"],"capabilities":["skill","source-besoeasy","skill-user-ask-for-report","topic-agent-skills","topic-ai-agents","topic-claude-code","topic-clawdbot","topic-clawdbot-skill","topic-llm-tools","topic-mcp-server","topic-openai","topic-openclaw","topic-vibe-coding","topic-vibecoding"],"categories":["open-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/besoeasy/open-skills/user-ask-for-report","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add besoeasy/open-skills","source_repo":"https://github.com/besoeasy/open-skills","install_from":"skills.sh"}},"qualityScore":"0.505","qualityRationale":"deterministic score 0.51 from registry signals: · indexed on github topic:agent-skills · 111 github stars · SKILL.md body (10,636 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-02T12:55:05.005Z","embedding":null,"createdAt":"2026-04-18T22:10:56.434Z","updatedAt":"2026-05-02T12:55:05.005Z","lastSeenAt":"2026-05-02T12:55:05.005Z","tsv":"'-256':569,946 '/besoeasy/originless](https://github.com/besoeasy/originless)':1002 '/upload':229,402,430 '/upload.':771 '0':637 '1':676 '10':808 '100000':562,944 '11':830 '12':556 '16':552 '2':534,600,685 '3':701 '32':563,947 '3232/upload':223,390,763 '4':713 '4xx/5xx':913 '5':732 '6':747 '7':751 '8':772 '9':802 'access':486,848 'account':993 'ae':568,605,933 'aes-gcm':604,932 'agent':623 'also':951 'alway':938 'anim':56,254,700,853 'anonym':967,1012 'anonymous-file-upload.md':952,953 'anoth':348,778 'anyon':492 'api':217 'appear':177,735 'append':612 'ask':3,68,109,139,187,639,737,811 'asset':104,160,318,664,721,874 'auth':610 'authent':1014 'avail':891,917 'avoid':859 'await':433,450 'background':54,690 'band':909 'base64':592,595,598,930 'bash':376,377 'basic':239 'behavior':375 'best':850 'bg':262 'bg-white':261 'blank':923 'blob':413 'block':504 'bodi':364,438 'box':346 'browser':621,819 'browser-sid':818 'buffer.concat':575,585 'build':124,233,280,683 'busi':182 'byte':948 'card':271,694 'cdn':11,52,251,680 'cid':1021 'cid-on':1020 'cipher':566 'cipher.final':579 'cipher.getauthtag':582 'cipher.update':576 'ciphertext':574,586,596,608,617 'clean':8,691 'clear':831 'client':24,484,501,838 'client-sid':23,483,500,837 'code/assets':499 'collect':320 'config':1006 'console.log':452,588 'const':410,418,426,431,448,531,535,549,553,557,565,573,580,583 'constraint':256 'contain':100 'content':16,47,145,176,299,466,540,709,734,799,825,900,984 'content-typ':798 'continu':205,674 'control':849 'correct':476 'creat':37 'createcipheriv':527,567 'credenti':180 'crypto':530,603 'css/js/images/assets':87 'curl':335,357,382,393,756,774,788 'dark':264 'data':183 'decentr':966 'decrypt':26,622,829 'deliver':642 'deploy':28 'design':255,687 'doc':185 'docker':1028 'drop':505 'els':768 'emb':815 'enabl':195 'encrypt':467,519,816,899,928 'encrypt.js':548 'endpoint':219,427,435,893,919,955 'ensur':940 'enter':479,511 'equival':786,843 'error':444,545 'exact':370,703 'exist':767 'expect':607 'explicit':186 'extern':278 'f':358,386,397,757,789 'fade':698 'fade-up':697 'fade/slide':269 'fail':446,912,939 'featur':1003 'fetch':434 'field':793 'file':76,84,92,202,210,367,371,387,398,411,423,424,495,652,657,673,790,795,968,979 'filedrop':922 'filedrop.besoeasy.com':228,401,429,770,1035,1036 'filedrop.besoeasy.com/upload':227,400,428 'filedrop.besoeasy.com/upload.':769 'filenam':796 'filename/content-type':374 'final':151,877 'first':259,319,638,875 'flow':211,240 'form':419,439,822 'form.append':422 'formdata':421 'framework':279 'fs':406,409 'fs.readfilesync':414 'fss':383,394 'full':356,784 'gate':20,457,487,840 'gateway':1017 'gcm':570,606,934 'generat':6,31,149,242,246,289,305,518,628 'github':999 'github.com':1001 'github.com/besoeasy/originless](https://github.com/besoeasy/originless)':1000 'handl':340,801 'head':866 'heavi':862 'helper':522,614 'host':64,113,134,169,226,309,322,380,727,969 'hostabl':978,1026 'hover':273,695 'html':126,152,244,285,470,508,731 'http':1010 'ident':941 'imag':157,718 'images/files':315 'implement':782 'import':405,480,524 'includ':164,314,365,723 'index':243 'index.html':40,78,101,128,172,248,284,306,329,388,399,415,425,507,635,647,662,750,754,791 'insid':328 'inspect':498 'instanc':231,766,1033 'instant':63,132,989 'intern':184 'ipf':971,986,1007 'iv':554,572,593 'iv.tostring':594 'javascript':404,523 'json.stringify':589 'keep':465,686,852 'key':558,571,949 'land':116 'layout':260 'lightweight':975 'limit':998 'link':879 'local':201,765 'localhost':222,389,762,920 'match':620 'method':436 'minim':854 'mode':835,1023 'motion':267,861 'motion-heavi':860 'multi':83,651,656 'multi-fil':82,650,655 'multipart':363,1011 'multipart/form-data':341,758,785 'multipl':91,200 'must':353,643 'name':369,794 'need':895 'new':412,420,443,544 'no-build':122 'node':408,529,547 'node.js':403,521 'note':601 'null':599 'one':221 'option':17,138,459 'originless':36,61,218,303,381,392,760,892,918,954,960,964,972 'originless/ipfs':30,136 'out-of-band':906 'out.cid':454 'out.url':453 'output':127 'pack':584,616,935 'packag':661 'packed.tostring':597 'page':13,42,77,117,292,333,924 'part':368 'password':19,142,193,456,464,477,512,517,532,542,560,743,813,828,834,905,937 'password-g':18 'payload':520,817,929 'pbkdf2':942 'pbkdf2sync':526,559 'pick':220 'pii':179 'pin':957,983 'plan':162 'plus':102 'post':385,396,437 'power':958 'practic':851 'pre':154,715 'pre-upload':153,714 'prefer':334,752,864 'preserv':373,856 'privat':181,539 'process.argv':533 'product':1030 'production-readi':1029 'prompt':143,624 'protect':194,509,744,814 'provid':46 'public':133,230,391,883,990,1016,1032 'publish':58,746 'quick':112 'randombyt':525,551,555 'readabl':275,857 'readi':1031 'real':362 'refer':325,725 'reliabl':342 'render':473,702,824 'replac':294,359 'report':5,12,32,41,114,175,245,286,288,291,301,313,458,510,538,632,708,871,878,898 'reporthtml':536,577 'request':199,298,462,707 'requir':215,236,636,1015 'res':432 'res.json':451 'res.ok':441 'res.status':447 'resolv':884 'respons':274,805,887 'retri':889,914 'return':168,308,803,988 'salt':550,561,590 'salt.tostring':591 'save':748 'scan':872 'secret':490,537 'section':712,869 'see':950 'self':225,379,977,1025 'self-host':224,378,976,1024 'semant':711,865 'send':360 'sensit':178,897 'sensitive/private':736 'separ':86 'server':846 'server-sid':845 'servic':981 'set':943 'sha':945 'sha256':564 'share':904 'short':868 'shown':147 'side':25,485,502,820,839,847 'sinc':338 'singl':39,75,209,630,646,672 'single-fil':74,208,671 'site':85 'skill':241,962 'skill-user-ask-for-report' 'skills/static-assets-hosting/skill.md':94,214,659 'slight':266 'soft':272 'source-besoeasy' 'stabl':881 'start':67 'starter':282 'state':832 'static':125,290,631 'step':281,684 'still':497 'storag':491,997 'strong':489 'style':48 'subtl':55,253,693 'success':827 'summari':293 'switch':212 'tag':581,587,611,618 'tailwind':10,35,51,250,678 'templat':283 'text':265,625 'text/data':119 'text/html':417 'throw':442,543 'tool':216,234,779 'tool/runtime':349 'topic-agent-skills' 'topic-ai-agents' 'topic-claude-code' 'topic-clawdbot' 'topic-clawdbot-skill' 'topic-llm-tools' 'topic-mcp-server' 'topic-openai' 'topic-openclaw' 'topic-vibe-coding' 'topic-vibecoding' 'track':995 'troubleshoot':910 'type':416,800 'typographi':276,692 'unavail':776 'unlock':503,514,515,821,926 'upload':96,155,300,304,316,331,337,445,669,716,753,804,873,886,902,911,980,1008 'url':170,310,327,728,991,1018 'url/cid':807 'urls/cids':323 'usag':546 'use':93,107,166,351,658,677,761,781,963 'user':2,15,45,71,108,120,130,137,189,198,287,297,461,706,739,810 'user-ask-for-report':1 'user-provid':44 'user-request':296,705 'utf8':578 'ux':863 'valid':885 'verifi':927 'via':22,135,679,970,1009 'view':21 'want':72,90,121,131,192,742 'web':602 'websit':33,633,653 'whether':69,190 'white':9,53,258,263,689 'white-background':688 'white-first':257 'wrong':516,936 'x':384,395 'zero':1005 'zero-config':1004 'zip':98,667","prices":[{"id":"cd2b4b4f-cdd3-4a2c-9417-b8281f936903","listingId":"625dd5ad-4ef8-4dc7-8742-491a24bf56e4","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"besoeasy","category":"open-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T22:10:56.434Z"}],"sources":[{"listingId":"625dd5ad-4ef8-4dc7-8742-491a24bf56e4","source":"github","sourceId":"besoeasy/open-skills/user-ask-for-report","sourceUrl":"https://github.com/besoeasy/open-skills/tree/main/skills/user-ask-for-report","isPrimary":false,"firstSeenAt":"2026-04-18T22:10:56.434Z","lastSeenAt":"2026-05-02T12:55:05.005Z"}],"details":{"listingId":"625dd5ad-4ef8-4dc7-8742-491a24bf56e4","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"besoeasy","slug":"user-ask-for-report","github":{"repo":"besoeasy/open-skills","stars":111,"topics":["agent-skills","ai","ai-agents","claude-code","clawdbot","clawdbot-skill","llm-tools","mcp-server","openai","openclaw","vibe-coding","vibecoding"],"license":null,"html_url":"https://github.com/besoeasy/open-skills","pushed_at":"2026-03-31T13:05:30Z","description":"Battle-tested skill library for AI agents. Save 98% of API costs with ready-to-use code for crypto, PDFs, search, web scraping & more. No trial-and-error, no expensive APIs.","skill_md_sha":"472fbee613caa2d3338d34917e0e4061d98e6c9b","skill_md_path":"skills/user-ask-for-report/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/besoeasy/open-skills/tree/main/skills/user-ask-for-report"},"layout":"multi","source":"github","category":"open-skills","frontmatter":{"name":"user-ask-for-report","description":"Generate a clean white Tailwind CDN report page from user content, optionally password-gate viewing via client-side decryption, and deploy to Originless/IPFS."},"skills_sh_url":"https://skills.sh/besoeasy/open-skills/user-ask-for-report"},"updatedAt":"2026-05-02T12:55:05.005Z"}}