← Back to Skills Marketplace
447
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install cpa-codex-auth-sweep-cliproxy
Description
通过 CLI Proxy Management API 拉取 Codex 认证文件并高并发探活扫描。适用于「扫号」「清死号」「清理 Codex 401」场景;仅在用户明确确认后可删除 401。执行前必须提供 base_url 与 management_key。安全限制:默认仅允许 https://chatgpt....
README (SKILL.md)
技能说明
此技能用于:
- 通过 CLI Proxy Management API 的认证文件接口 获取授权(
/v0/management/auth-files) - 使用 管理端 API Call 能力(
/v0/management/api-call+auth_index + $TOKEN$)探测每个 Codex 授权状态(对齐 CLI Proxy 的刷新/代理链路) - 识别 401/失效凭证并在用户明确要求时清理
交互要求(必须)
在每次准备执行扫描前,必须先主动向用户询问并确认:
base_url(CLI Proxy 管理端地址)management_key(管理密钥)
如果用户未提供这两个参数,禁止开始扫描;应先提示用户补全。
安全提示(必须阅读)
本技能通过管理 API 的 api-call 发起探测,请求头中使用 Authorization: Bearer $TOKEN$。这意味着 管理端会把真实 token 转发到 probe-url 指向的主机。
因此必须遵守:
- 默认仅允许
https://chatgpt.com/...作为探测目标。 - 扫描前必须向用户确认
probe-url(若用户改过)。 - 若要使用非白名单主机,必须得到用户明确授权,并显式传
--allow-unsafe-probe-host。 - 禁止默认使用
--insecure;仅在内网排障且用户明确授权时,才可同时传--insecure --allow-insecure-tls。
执行入口
python3 \x3CSKILL目录>/scripts/cliproxy_scanner.py \
--base-url "\x3CCLI_PROXY_BASE_URL>" \
--management-key "\x3CMANAGEMENT_KEY>" \
--output-json
常见用法:
# 只扫描,不删除
python3 \x3CSKILL目录>/scripts/cliproxy_scanner.py \
--base-url "\x3CCLI_PROXY_BASE_URL>" \
--management-key "\x3CMANAGEMENT_KEY>" \
--output-json
# 扫描 + 删除 401(需要明确删除意图)
python3 \x3CSKILL目录>/scripts/cliproxy_scanner.py \
--base-url "\x3CCLI_PROXY_BASE_URL>" \
--management-key "\x3CMANAGEMENT_KEY>" \
--output-json --delete-401 --yes
必要环境变量(Required)
CLIPROXY_BASE_URL:CLI Proxy API 管理端地址(例:http://localhost:8317)CLIPROXY_MANAGEMENT_KEY:管理密钥(Management Key,主凭据 / primary credential)
两者缺一不可。
可选:
CLIPROXY_AUTH_FILES_ENDPOINT:认证文件列表接口(默认:/v0/management/auth-files)CLIPROXY_API_CALL_ENDPOINT:管理 API Call 接口(默认:/v0/management/api-call)CLIPROXY_AUTH_DELETE_ENDPOINT:认证文件删除接口(默认:/v0/management/auth-files,通过?name=删除)CODEX_PROBE_URL:Codex 探活 URL(默认:https://chatgpt.com/backend-api/codex/responses)CLIPROXY_ALLOWED_PROBE_HOSTS:允许的 probe host 白名单(默认:chatgpt.com)SCAN_WORKERS:并发数(默认:80)
判定口径(已对齐)
- 失效:HTTP 401 / invalid auth / revoked
- 额度为 0:仅指周限额为 0(weekly/week/周限额 等语义 + quota/limit exhausted)
- 同时输出管理端视角指标:
management_quota_exhausted(来自/auth-files的unavailable + status_message(quota)) - 网络错误、超时、解析错误:不归类为失效或周限额 0
执行纪律
- 用户只说“看看/扫一下”时:只扫描,不删除。
- 只有在用户明确表达“删掉/清理/扬了”等意图时,才允许
--delete-401。 - 汇报优先给出汇总统计(total / ok / 401 / exceeded / error)。
- 执行时必须开启
--progress并持续反馈进度:- 开始执行
- 已获取 auth file 总数
- 校验过程中按
--progress-every(默认 10)输出“第 N 条 / 共 M 条”直到完成
Usage Guidance
This skill appears to do what it says (list auth-files, probe via management api-call, optionally delete 401s), but there are two things to be careful about before installing or running it:
1) Metadata mismatch: The skill package/registry did NOT declare the required environment variables or primary credential, while SKILL.md and the script require CLIPROXY_BASE_URL (base_url) and CLIPROXY_MANAGEMENT_KEY (management_key). Treat the management key as highly sensitive — verify the installer will prompt for it or that you provide it securely.
2) Token forwarding risk: The management `api-call` mechanism will cause the real token to be forwarded to whatever probe-url you supply. The script defaults to https://chatgpt.com and enforces an HTTPS + host allowlist, but allows bypass via --allow-unsafe-probe-host and --insecure (the latter requires a second flag). Do not use those unsafe flags unless you fully understand and control the probe host and network.
Practical steps:
- Review the included script locally before running.
- Run in read-only mode first (scan-only) and inspect the JSON output; do NOT pass --delete-401 or --yes until you are certain.
- Keep probe-url on the default or a trusted host and avoid --allow-unsafe-probe-host and --insecure.
- If you expect the platform to surface required credentials at install time, confirm why the registry metadata omitted them; ask the publisher or refuse install until metadata is corrected.
If you want, I can extract and display the exact places in the script that forward the token and where the allowlist/flags are enforced so you can verify them line-by-line.
Capability Analysis
Type: OpenClaw Skill
Name: cpa-codex-auth-sweep-cliproxy
Version: 1.0.3
This skill is classified as suspicious due to its inherent capability to handle and forward sensitive authentication tokens to a configurable `probe-url`. While the `SKILL.md` instructions and the `cliproxy_scanner.py` script implement robust security safeguards (e.g., enforcing HTTPS, a default `chatgpt.com` probe host whitelist, and requiring explicit user confirmation for `--allow-unsafe-probe-host` and `--insecure` flags), the underlying mechanism of forwarding real tokens to an external endpoint represents a significant risk if these safeguards are intentionally bypassed or misconfigured. There is no evidence of malicious intent, but the high-risk nature of the operation warrants a 'suspicious' classification.
Capability Assessment
Purpose & Capability
The skill's stated purpose (list auth-files, probe via management api-call, optionally delete 401s) matches the code and SKILL.md. However, the registry metadata does not declare the required environment variables or primary credential even though SKILL.md/README and the script require CLIPROXY_BASE_URL and CLIPROXY_MANAGEMENT_KEY. That metadata omission is an incoherence that can lead to missing prompts/expectations when installing or running the skill.
Instruction Scope
The SKILL.md explicitly requires asking the user for base_url and management_key and warns about probe-host safety; the script enforces HTTPS and a host allowlist (default chatgpt.com) and implements flags to override (dangerous). The instructions and code keep scope limited to the management API, but they also document and enable behavior that will forward real tokens to the probe host — an inherent credential-forwarding risk which the skill does acknowledge and attempt to mitigate.
Install Mechanism
No install spec; the skill is instruction-only with a bundled Python script. Nothing is downloaded at install time and there are no external install URLs. Risk from install mechanism is low.
Credentials
Requiring a management key and base URL is proportional to the task, but the registry metadata does not list these required env vars or a primary credential. The script will use the management key to perform management api-call requests that include a token placeholder which the management endpoint will substitute and forward to the probe-url — this is a significant credential exposure vector if the probe host is untrusted or the allowlist is bypassed.
Persistence & Privilege
The skill does not request persistent or privileged platform presence (always:false). It does not modify other skills or system-wide configuration. There is no special persistence/privilege requested.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install cpa-codex-auth-sweep-cliproxy - After installation, invoke the skill by name or use
/cpa-codex-auth-sweep-cliproxy - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
Version 1.0.3 – No code or documentation changes detected.
- No file changes were made in this release.
- Functionality and documentation remain unchanged from the previous version.
v1.0.2
v1.0.2
feat: 增加对无效认证令牌的静态匹配和进度反馈功能
- 添加了对无效令牌的静态匹配逻辑,提升了错误处理能力。
- 增加了进度反馈选项,允许用户实时查看扫描进度。
- 更新了相关文档以反映新的命令行参数和功能。
v1.0.1
- 增加安全相关限制,强制默认仅允许 https://chatgpt.com 作为探活主机,应对 credential 泄露风险。
- 新增“安全提示”说明,要求二次确认 probe-url,非白名单主机需显式授权与参数确认。
- 执行相关环境变量与并发参数说明更新,新增 `CLIPROXY_ALLOWED_PROBE_HOSTS`,并发数默认改为 80。
- 用语微调,增强对必要参数和授权流程的用户提醒。
v1.0.0
cpa-codex-auth-sweep-cliproxy v1.0.0
- Initial release of the skill for high-concurrency Codex auth scanning via CLI Proxy API.
- Supports scenarios including scanning, account cleanup, Codex 401 cleanup, and credential probing.
- Requires explicit user confirmation of base_url and management_key before each scan; scanning is blocked if not provided.
- Offers both scan-only and 401 cleanup modes, with deletion only allowed after clear user intent.
- Provides summary results and metrics aligned with management API responses.
Metadata
Frequently Asked Questions
What is cpa-codex-auth-sweep-cliproxy?
通过 CLI Proxy Management API 拉取 Codex 认证文件并高并发探活扫描。适用于「扫号」「清死号」「清理 Codex 401」场景;仅在用户明确确认后可删除 401。执行前必须提供 base_url 与 management_key。安全限制:默认仅允许 https://chatgpt.... It is an AI Agent Skill for Claude Code / OpenClaw, with 447 downloads so far.
How do I install cpa-codex-auth-sweep-cliproxy?
Run "/install cpa-codex-auth-sweep-cliproxy" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is cpa-codex-auth-sweep-cliproxy free?
Yes, cpa-codex-auth-sweep-cliproxy is completely free (open-source). You can download, install and use it at no cost.
Which platforms does cpa-codex-auth-sweep-cliproxy support?
cpa-codex-auth-sweep-cliproxy is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created cpa-codex-auth-sweep-cliproxy?
It is built and maintained by Adam.Diu (@bddiudiu); the current version is v1.0.3.
More Skills