← Back to Skills Marketplace
opencli
by
chensu1234
· GitHub ↗
· v1.0.0
· MIT-0
156
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install opencli-hub
Description
Universal CLI for browser automation and website command-line access, supporting commands for Bilibili, Twitter, Reddit, GitHub, and more with automation fea...
Usage Guidance
This skill behaves like a thin wrapper around a separate, preinstalled 'opencli' binary and expects access to your Chrome session and to install external CLIs on demand. Before installing or enabling it: (1) verify the provenance of the opencli binary (source URL, maintainers, and checksums); (2) avoid granting access to your browser profile/cookies unless you fully trust the binary—consider using an isolated browser profile or VM; (3) refuse or inspect any automatic installer runs (know what URLs/executables will be fetched); (4) demand explicit install instructions or source code/homepage from the publisher; and (5) if you need the functionality but want lower risk, run opencli inside a sandboxed container with no access to your main Chrome profile. Providing the skill's source, release URLs, and checksum would raise confidence; lacking that, treat it with caution.
Capability Analysis
Type: OpenClaw Skill
Name: opencli-hub
Version: 1.0.0
The skill bundle provides a CLI interface ('opencli') for browser automation and interaction with authenticated web accounts (Twitter, Bilibili, Reddit), which inherently involves high-risk access to user session data. Significant red flags include a hardcoded local path ('/Users/c/.openclaw/opencli') in SKILL.md and the claim that the tool 'automatically' installs external CLI binaries (e.g., Docker, GitHub CLI), which presents a potential supply chain or remote code execution risk. While no explicit exfiltration logic is visible in the provided markdown, the combination of broad system access and automated binary installation is highly risky.
Capability Assessment
Purpose & Capability
The stated purpose (CLI for browser automation and site-specific commands) aligns with the instructions, but the SKILL.md asserts an installed binary path (/Users/c/.openclaw/opencli) and a daemon without providing an install spec or any provenance. That is an inconsistency: an instruction-only skill claims an installed artifact it does not itself provide.
Instruction Scope
Runtime instructions refer to 'cookie/intercept mode' and require Chrome to be logged in to access user-specific pages. That implies the agent will need to read or connect to the user's browser session (cookies, profile, or debugging port). The doc also says opencli will 'automatically try to install' missing external CLIs — giving the agent permission to execute installers or download tools. Both raise data-exfiltration and arbitrary-execution risks not constrained by the SKILL.md.
Install Mechanism
There is no install spec in the skill (instruction-only), so the skill itself writes nothing. However, the instructions rely on a preinstalled binary and describe auto-install behavior for external CLIs; those runtime installs (performed by the opencli binary or by the agent invoking installers) are outside the skill package and could fetch arbitrary code. The skill provides no trusted URLs, checksums, or guidance on what gets installed.
Credentials
The skill declares no required env vars or creds, yet its functionality depends on access to logged-in browser state (cookies/session). Access to Chrome profile data or enabling a remote debugging port is sensitive and not declared. The automatic installation of other CLIs could also demand elevated privileges or network access that the skill does not enumerate.
Persistence & Privilege
always:false and model invocation are normal. The SKILL.md references a daemon and an installed path, implying a background component and persistent installation, but the skill package has no install or persistence declarations. This mismatch is suspicious but not proof of malicious intent.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install opencli-hub - After installation, invoke the skill by name or use
/opencli-hub - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Universal CLI Hub for 70+ websites with browser automation support
Metadata
Frequently Asked Questions
What is opencli?
Universal CLI for browser automation and website command-line access, supporting commands for Bilibili, Twitter, Reddit, GitHub, and more with automation fea... It is an AI Agent Skill for Claude Code / OpenClaw, with 156 downloads so far.
How do I install opencli?
Run "/install opencli-hub" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is opencli free?
Yes, opencli is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does opencli support?
opencli is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created opencli?
It is built and maintained by chensu1234 (@chensu1234); the current version is v1.0.0.
More Skills