← Back to Skills Marketplace

Aitun Skill

Name: Aitun Skill
Author: ctz168

by SamAI.cc · GitHub ↗ · v3.0.0 · MIT-0

cross-platform ⚠ suspicious

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install aitun-skill

Description

Expose local web pages and HTTP services to the public internet via secure tunnels. Perfect for AI agents that build websites locally and need to share them...

README (SKILL.md)

AiTun Tunnel - Expose Local Web Pages to the Public Internet

When to Use

Use this skill when:

You've built a web page, dashboard, or web app locally and need to share it publicly
You need to test a local HTTP service from an external device
You want to demo a locally-running application to someone
You need a public webhook endpoint for an external service to call
You want to expose a local API for integration testing
You built a website for a user and they want to see it in their browser

Do NOT use this skill when:

The content only needs to be viewed locally
The user asks for a file download (use file sharing instead)

Instructions

Step 1: Install aitun

pip install aitun

Or if already installed, verify:

which aitun || pip show aitun

Step 2: Start the local web service

Ensure the local web service is running on a port. For static HTML files:

# Serve a directory with a built HTML page
python3 -m http.server 8080 --directory /path/to/html/dir

For other frameworks, start their dev server:

Next.js: npm run dev -- -p 3000
Flask: flask run --port 5000
Any HTTP service on any port

Step 3: Create a tunnel

Option A: Free instant tunnel (no sign-up, 24-hour limit)

Free tunnels use proxy address mode (path-based routing). No subdomain is assigned — the public URL uses the format aitun.cc/\x3Ctunnel-code>. Simply run without a token:

aitun -p 8080 &
AITUN_PID=$!
sleep 3

The output will contain the public URL, e.g.:

https://aitun.cc/abc123

Option B: Custom subdomain (requires Google sign-in at aitun.cc)

Registered users can create custom subdomains with two domain levels:

Standard domain: myapp.t.aitun.cc (up to 5 subdomains)
Short domain: myapp.aitun.cc (up to 2 subdomains)

# Check availability
curl -s https://aitun.cc/aitun-api/subdomain/check/myapp

# Register via website: https://aitun.cc
# Then use your token:
aitun -p 8080 -k YOUR_TOKEN

Step 4: Share the public URL

Tell the user their website is now publicly accessible:

Your website is now live at: https://aitun.cc/abc123

This free tunnel expires in 24 hours.
For a permanent subdomain (e.g., myapp.aitun.cc), register at https://aitun.cc

Step 5: Clean up

When done, stop the tunnel:

kill $AITUN_PID 2>/dev/null

CLI Reference

The aitun command (installed via pip install aitun) accepts these flags:

Flag	Description
`-p PORT`	Local service port (default: 8080)
`-k TOKEN`	Auth token for registered subdomain (omit for free tunnel)
`-s SERVER`	Server address (default: aitun.cc:6639)
`--host HOST`	Local service address (default: localhost)
`--tcp-ports PORTS`	TCP forwarding ports, comma-separated (e.g., `22,3306`; requires `-k`)
`--p2p`	Enable P2P direct connection (default: enabled)
`--no-p2p`	Disable P2P, force server relay mode
`--daemon`	Run as background daemon
`--stop`	Stop running daemon

Common Mistakes to Avoid

Do NOT use -l flag — it does not exist. Use -p for the local port.
Do NOT use --free flag — free tunnel is the default when no -k token is provided.
Do NOT use --subdomain flag — subdomain is configured on the server after authentication, not via CLI.
Do NOT use aitun-connect — this command does not exist in the pip package.
The command is aitun (not aitun-client) after pip install aitun.
Always use -p to specify the local port. The default is 8080 if omitted.

API Reference

Check subdomain availability

GET https://aitun.cc/aitun-api/subdomain/check/{name}
Response: { "available": true, "name": "...", "url": "https://name.t.aitun.cc" }

Google OAuth login

POST https://aitun.cc/aitun-api/auth/google
Body: { "access_token": "\x3Cgoogle-access-token>" }
Response: { "user": { ..., "token": "\x3Cjwt-token>" } }

Register subdomain (requires auth)

POST https://aitun.cc/aitun-api/subdomain/register
Headers: Authorization: Bearer \x3Ctoken>
Body: { "name": "myapp", "domain_base": "t.aitun.cc" }

Notes

Free tunnels use proxy address mode (path-based URL like aitun.cc/abc123), NOT subdomains
Free tunnels expire after 24 hours, auto-renewed on restart
Registered subdomains remain active for 30 days of inactivity; use heartbeat to renew
Standard domain subdomains (xxx.t.aitun.cc): up to 5 per user
Short domain subdomains (xxx.aitun.cc): up to 2 per user
All traffic is encrypted end-to-end
Reserved subdomains (www, api, admin, test, etc.) cannot be registered

Usage Guidance

Install only if you are comfortable reviewing each tunnel before it is opened. Use it for intentional, temporary HTTP previews, avoid forwarding SSH, databases, admin dashboards, debug servers, or unauthenticated apps, and close the tunnel immediately after use.

Capability Tags

requires-oauth-tokenrequires-sensitive-credentials

Capability Assessment

⚠ Purpose & Capability

Publishing a local web app is coherent with the stated purpose, but the documented generic TCP forwarding capability is broader than HTTP sharing and could expose sensitive services such as admin tools, databases, or SSH-like endpoints.

⚠ Instruction Scope

The supplied evidence indicates the skill instructs agents to create public tunnels without enough required checks that the specific service is intended for public access, authenticated, and safe to share.

ℹ Install Mechanism

VirusTotal telemetry is clean and no hidden or deceptive installer behavior was supplied, but install metadata was not enough to offset the runtime exposure concerns.

⚠ Credentials

Making localhost services externally reachable is high-impact; it is proportionate for a user-requested web preview only when limited to the intended HTTP app and confirmed by the user.

ℹ Persistence & Privilege

No credential theft, destructive action, or unbounded persistence is evidenced, but public tunnels should be treated as temporary access and shut down when no longer needed.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install aitun-skill
After installation, invoke the skill by name or use /aitun-skill
Provide required inputs per the skill's parameter spec and get structured output

Version History

v3.0.0

aitun-tunnel 3.0.0 - Comprehensive documentation rewrite with clear usage instructions, CLI flags, and guidance for both instant and custom subdomain tunnels. - Detailed step-by-step setup process, including installation, usage examples, and clean-up commands. - Explicit list of common mistakes and pitfalls to help users avoid misconfiguration. - Provided concise API reference for automation and subdomain management. - Clarified distinction between free tunnel and registered subdomain modes, including usage limits and expiration details.

Metadata

Slug aitun-skill

Version 3.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Aitun Skill?

Expose local web pages and HTTP services to the public internet via secure tunnels. Perfect for AI agents that build websites locally and need to share them... It is an AI Agent Skill for Claude Code / OpenClaw, with 27 downloads so far.

How do I install Aitun Skill?

Run "/install aitun-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Aitun Skill free?

Yes, Aitun Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Aitun Skill support?

Aitun Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Aitun Skill?

It is built and maintained by SamAI.cc (@ctz168); the current version is v3.0.0.

More Skills