← Back to Skills Marketplace
yuzengbaao

OpenCLI Universal CLI Hub

by zengbao yu · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
153
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install opencli-yuzengbao
Description
OpenCLI — 通用 CLI Hub,将任何网站、Electron 应用或本地工具转化为命令行接口。66+ 内置命令,支持 Bilibili/Twitter/Reddit/Xiaohongshu/GitHub 等。复用 Chrome 登录态,零 LLM 成本,确定性输出。
Usage Guidance
This skill is coherent with its purpose but uses sensitive capabilities. Before installing: (1) review the npm package source code and author (@jackwener) and prefer reproducible release artifacts or pinned versions; (2) verify the Browser Bridge extension release artifacts (release URL, checksums) and inspect requested extension permissions; (3) consider running the CLI and extension inside an isolated environment (VM/container) or test account, not against your primary Chrome profile or important accounts; (4) confirm what the local daemon exposes (which endpoints, whether it listens only on localhost, and whether it accepts remote requests); (5) avoid granting it access to accounts with high privileges until you can audit network traffic and code; (6) if you need to proceed, track how to uninstall the npm package and remove the extension/daemon. These steps reduce risk of credentials or sensitive browsing data being exfiltrated.
Capability Analysis
Type: OpenClaw Skill Name: opencli-yuzengbao Version: 1.0.0 The opencli skill installs a global NPM package (@jackwener/opencli) and requires the manual installation of a 'Browser Bridge' Chrome extension from a ZIP file to 'reuse Chrome login state.' This architecture is designed to allow CLI access to authenticated web sessions (Bilibili, Twitter, GitHub, etc.), which is a high-risk capability that could be used for data exfiltration. While the documentation in SKILL.md describes it as a productivity tool for API discovery and CLI automation, the requirement to bypass the Chrome Web Store and the inherent access to sensitive session data via a local daemon (localhost:19825) warrant a suspicious classification.
Capability Assessment
Purpose & Capability
Name/description match the behavior: converting websites/Electron apps/local tools to CLI reasonably requires Node, a daemon, and a browser bridge. Requiring node and asking to install opencli via npm is proportionate to the stated purpose. However the description's claim of "Zero risk, Reuse Chrome login" downplays the real security implications of reusing browser auth and installing a browser extension.
Instruction Scope
The SKILL.md instructs installing a global npm package, loading a Browser Bridge extension into Chrome, reusing Chrome login state, using browser_navigate/browser_network_requests/browser_evaluate and intercept techniques, and running a local daemon (port 19825). Those steps expose browser cookies/auth and local services to the tool and to any code the npm package and extension execute. The skill does not explicitly constrain or document how credentials/cookies are handled, what is sent externally, or which endpoints the extension/daemon will contact — leaving room for exfiltration or overbroad data access.
Install Mechanism
No formal install spec in registry, but SKILL.md directs: npm install -g @jackwener/opencli@latest (public npm). Installing a global npm package and a browser extension is common for a CLI+bridge, but both run arbitrary code on the host and get privileged access (global binaries, extension privileges). The SKILL.md also says to download an extension from GitHub Releases (reasonable host) but provides no release URL or checksum to verify integrity.
Credentials
The skill declares no environment variables, but the runtime instructions require access to Chrome login/cookies and local daemon endpoints. Accessing browser authentication and cookies is sensitive and not represented in requires.env or required config paths. The SKILL.md also implies intercepting requests and using credentials:'include' — operations that can access and transmit sensitive tokens/headers.
Persistence & Privilege
The flow installs a global binary, a browser extension, and runs a local daemon — all persistent artifacts. While always:false (not force-enabled), the installed components have lasting presence and privileges (browser extension can persist and a daemon can listen on localhost). The skill does not document least-privilege, opt-in boundaries, or how to uninstall/limit access.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install opencli-yuzengbao
  3. After installation, invoke the skill by name or use /opencli-yuzengbao
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of opencli-yuzengbao (version 1.0.0) - Provides a universal CLI hub to turn any website, Electron app, or local tool into a CLI command - Includes 66+ built-in commands with support for popular sites like Bilibili, Twitter, Reddit, Xiaohongshu, and GitHub - Utilizes Chrome login session for authenticated actions; zero LLM cost and deterministic output - Supports multiple output formats (JSON, CSV, YAML, Markdown) and command-line integration for AI agents and CLI registration - Offers quickstart guides, troubleshooting steps, and adapter creation instructions for developers
Metadata
Slug opencli-yuzengbao
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is OpenCLI Universal CLI Hub?

OpenCLI — 通用 CLI Hub,将任何网站、Electron 应用或本地工具转化为命令行接口。66+ 内置命令,支持 Bilibili/Twitter/Reddit/Xiaohongshu/GitHub 等。复用 Chrome 登录态,零 LLM 成本,确定性输出。 It is an AI Agent Skill for Claude Code / OpenClaw, with 153 downloads so far.

How do I install OpenCLI Universal CLI Hub?

Run "/install opencli-yuzengbao" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenCLI Universal CLI Hub free?

Yes, OpenCLI Universal CLI Hub is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does OpenCLI Universal CLI Hub support?

OpenCLI Universal CLI Hub is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenCLI Universal CLI Hub?

It is built and maintained by zengbao yu (@yuzengbaao); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments