{ "schemaVersion": "1.0", "item": { "slug": "flask", "name": "Flask", "source": "tencent", "type": "skill", "category": "金融交易", "sourceUrl": "https://clawhub.ai/ivangdavila/flask", "canonicalUrl": "https://clawhub.ai/ivangdavila/flask", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/flask", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=flask", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/flask" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/flask", "agentPageUrl": "https://openagent3.xyz/skills/flask/agent", "manifestUrl": "https://openagent3.xyz/skills/flask/agent.json", "briefUrl": "https://openagent3.xyz/skills/flask/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Application Context", "body": "current_app only works inside request or with app.app_context() — \"working outside application context\" error\ng is per-request storage — lost after request ends, use for db connections\nBackground tasks need context — with app.app_context(): or pass data, not proxies\ncreate_app() factory pattern avoids circular imports — import current_app not app" }, { "title": "Request Context", "body": "request, session only inside request — \"working outside request context\" error\nurl_for needs context — url_for('static', filename='x', _external=True) for absolute URLs\nTest client provides context automatically — but manual context for non-request code" }, { "title": "Circular Imports", "body": "from app import app in models causes circular — use factory pattern\nImport inside function for late binding — or use current_app\nBlueprints help organize — register at factory time, not import time\nExtensions init with init_app(app) pattern — create without app, bind later" }, { "title": "Sessions and Security", "body": "SECRET_KEY required for sessions — random bytes, not weak string\nNo SECRET_KEY = unsigned cookies — anyone can forge session data\nSESSION_COOKIE_SECURE=True in production — only send over HTTPS\nSESSION_COOKIE_HTTPONLY=True — JavaScript can't access" }, { "title": "Debug Mode", "body": "debug=True in production = remote code execution — attacker can run Python\nUse FLASK_DEBUG env var — not hardcoded\nDebug PIN in logs if debug enabled — extra layer, but still dangerous" }, { "title": "Blueprints", "body": "url_prefix set at registration — app.register_blueprint(bp, url_prefix='/api')\nBlueprint routes relative to prefix — @bp.route('/users') becomes /api/users\nblueprint.before_request only for that blueprint — app.before_request for all" }, { "title": "SQLAlchemy Integration", "body": "db.session.commit() explicitly — autocommit not default\nSession scoped to request by Flask-SQLAlchemy — but background tasks need own session\nDetached object error — object from different session, refetch or merge\ndb.session.rollback() on error — or session stays in bad state" }, { "title": "Production", "body": "flask run is dev server — use Gunicorn/uWSGI in production\nthreaded=True for dev server concurrency — but still not production-ready\nStatic files through nginx — Flask serving static is slow\nPROPAGATE_EXCEPTIONS=True for proper error handling with Sentry etc." }, { "title": "Common Mistakes", "body": "return redirect('/login') vs return redirect(url_for('login')) — url_for is refactor-safe\nJSON response: return jsonify(data) — not return json.dumps(data)\nForm data in request.form — JSON body in request.json or request.get_json()\nrequest.args for query params — request.args.get('page', default=1, type=int)" } ], "body": "Application Context\ncurrent_app only works inside request or with app.app_context() — \"working outside application context\" error\ng is per-request storage — lost after request ends, use for db connections\nBackground tasks need context — with app.app_context(): or pass data, not proxies\ncreate_app() factory pattern avoids circular imports — import current_app not app\nRequest Context\nrequest, session only inside request — \"working outside request context\" error\nurl_for needs context — url_for('static', filename='x', _external=True) for absolute URLs\nTest client provides context automatically — but manual context for non-request code\nCircular Imports\nfrom app import app in models causes circular — use factory pattern\nImport inside function for late binding — or use current_app\nBlueprints help organize — register at factory time, not import time\nExtensions init with init_app(app) pattern — create without app, bind later\nSessions and Security\nSECRET_KEY required for sessions — random bytes, not weak string\nNo SECRET_KEY = unsigned cookies — anyone can forge session data\nSESSION_COOKIE_SECURE=True in production — only send over HTTPS\nSESSION_COOKIE_HTTPONLY=True — JavaScript can't access\nDebug Mode\ndebug=True in production = remote code execution — attacker can run Python\nUse FLASK_DEBUG env var — not hardcoded\nDebug PIN in logs if debug enabled — extra layer, but still dangerous\nBlueprints\nurl_prefix set at registration — app.register_blueprint(bp, url_prefix='/api')\nBlueprint routes relative to prefix — @bp.route('/users') becomes /api/users\nblueprint.before_request only for that blueprint — app.before_request for all\nSQLAlchemy Integration\ndb.session.commit() explicitly — autocommit not default\nSession scoped to request by Flask-SQLAlchemy — but background tasks need own session\nDetached object error — object from different session, refetch or merge\ndb.session.rollback() on error — or session stays in bad state\nProduction\nflask run is dev server — use Gunicorn/uWSGI in production\nthreaded=True for dev server concurrency — but still not production-ready\nStatic files through nginx — Flask serving static is slow\nPROPAGATE_EXCEPTIONS=True for proper error handling with Sentry etc.\nCommon Mistakes\nreturn redirect('/login') vs return redirect(url_for('login')) — url_for is refactor-safe\nJSON response: return jsonify(data) — not return json.dumps(data)\nForm data in request.form — JSON body in request.json or request.get_json()\nrequest.args for query params — request.args.get('page', default=1, type=int)" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/ivangdavila/flask", "publisherUrl": "https://clawhub.ai/ivangdavila/flask", "owner": "ivangdavila", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/flask", "downloadUrl": "https://openagent3.xyz/downloads/flask", "agentUrl": "https://openagent3.xyz/skills/flask/agent", "manifestUrl": "https://openagent3.xyz/skills/flask/agent.json", "briefUrl": "https://openagent3.xyz/skills/flask/agent.md" } }