← Back to Skills Marketplace
1387
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install wikijs
Description
Command-line tool to manage Wiki.js content, pages, assets, templates, and backups via its GraphQL API with search, update, sync, and analysis functions.
Usage Guidance
This package appears to be a genuine Wiki.js CLI: it expects a config file at ~/.config/wikijs.json containing your wiki URL and an API token and will use that token to call your Wiki.js instance. Before installing or supplying credentials, do the following: 1) Verify the upstream source — the registry metadata lacks a homepage but package.json points to a GitHub repo; confirm that repo and maintainer are trustworthy. 2) Inspect package.json and node dependencies (npm install will fetch them). 3) Review the config file contents you will place at ~/.config/wikijs.json and ensure the API token has minimal permissions needed (avoid using a full-admin token if possible). 4) Be aware the CLI will create cache (~/.cache/wikijs-cli) and may write backups to configured directories — pick safe locations. 5) If you need stronger isolation, run npm install and the CLI in a disposable environment/container or on a machine account with limited privileges. The main inconsistency is that the skill metadata did not declare the required config path/credential; if that matters for your risk posture, ask the publisher to update metadata or provide a signed, canonical upstream release link before installing.
Capability Analysis
Type: OpenClaw Skill
Name: wikijs
Version: 1.4.0
The OpenClaw AgentSkills skill bundle for Wiki.js CLI is classified as benign. All observed file system and network access capabilities are directly aligned with the stated purpose of managing Wiki.js content and assets. Crucially, the `lib/api.js` file implements robust input sanitization (`sanitizeString`, `validateId`, `validatePath`) to prevent GraphQL injection and ensure safe handling of user-supplied data. No evidence of intentional harmful behavior, such as data exfiltration to unauthorized endpoints, persistence mechanisms, or prompt injection against the AI agent, was found in the code or documentation (`SKILL.md`, `README.md`). Dependencies listed in `package.json` are standard for a Node.js CLI application.
Capability Assessment
Purpose & Capability
The package files, SKILL.md, and code implement a Wiki.js GraphQL CLI (list/create/update/delete, assets, backup/sync, etc.), which is coherent with the skill name. However the skill metadata provided no description/homepage while package.json claims a GitHub homepage — a minor mismatch in source metadata.
Instruction Scope
SKILL.md explicitly instructs installing via npm, creating a config at ~/.config/wikijs.json with url and apiToken, and using commands. Runtime instructions and code operate on that config and the Wiki.js API only; there are no instructions to read unrelated system files or send data to unexpected endpoints.
Install Mechanism
There is no platform install spec, but the repo includes package.json and SKILL.md instructs `npm install && npm link`. That is consistent with a JS CLI distributed via source. This is moderately risky compared to an instruction-only skill with no code, because running npm install pulls third-party packages onto disk — review dependencies before installing.
Credentials
Registry metadata declared no required config paths or credentials, but the code requires and reads a config file at ~/.config/wikijs.json that must contain the Wiki.js url and an apiToken. The CLI will also write cache (~/.cache/wikijs-cli) and may write backups to configured paths. The missing declaration of the config path / secret is an inconsistency that affects security decisions: the skill will have access to an API token stored on disk that was not declared in metadata.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system settings. It does write cache files and can create backups in configured directories (per SKILL.md and code), which is expected for a CLI but means it will persist data on the host filesystem under user-owned paths.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install wikijs - After installation, invoke the skill by name or use
/wikijs - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.4.0
Wiki.js Skill v1.4.0 adds a comprehensive CLI for managing Wiki.js via the GraphQL API.
- Introduces over 40 CLI commands for reading, writing, tagging, backup, versioning, and analysis of wiki content.
- Adds bulk operations, asset management, templates, spellcheck, link checking, markdown linting, and duplicate/orphan page detection.
- Supports page hierarchy display, content replacement, page cloning, and interactive shell or watch modes.
- Includes extensive configuration options for API access, output formats, rate limiting, color, debugging, and confirmations.
- Offers detailed examples and integration notes for streamlined scripting and automation.
Metadata
Frequently Asked Questions
What is Wiki.js CLI?
Command-line tool to manage Wiki.js content, pages, assets, templates, and backups via its GraphQL API with search, update, sync, and analysis functions. It is an AI Agent Skill for Claude Code / OpenClaw, with 1387 downloads so far.
How do I install Wiki.js CLI?
Run "/install wikijs" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Wiki.js CLI free?
Yes, Wiki.js CLI is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Wiki.js CLI support?
Wiki.js CLI is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Wiki.js CLI?
It is built and maintained by hopyky (@hopyky); the current version is v1.4.0.
More Skills