← 返回 Skills 市场
Bird X CLI
作者
bowen31337
· GitHub ↗
· v1.0.0
· MIT-0
106
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install bird-x-cli
功能描述
Command-line tool for reading, searching, and posting Twitter content using bird/birdc with multiple authentication options.
使用说明 (SKILL.md)
bird
Use bird to read/search X and post tweets/replies.
Quick start
bird whoamibird read \x3Curl-or-id>bird thread \x3Curl-or-id>bird search "query" -n 5
Posting (confirm with user first)
bird tweet "text"bird reply \x3Cid-or-url> "text"
Auth sources
- Browser cookies (default: Firefox/Chrome)
- Sweetistics API: set
SWEETISTICS_API_KEYor use--engine sweetistics - Check sources:
bird check
安全使用建议
This skill is ambiguous and has incomplete provenance. Before installing: 1) Verify which 'bird' binary it expects — there are multiple unrelated 'bird' projects (a Twitter client vs the BIRD BGP daemon). Installing a similarly named but unintended binary could be dangerous. 2) Prefer a known upstream/homepage or source code; ask the author for the project's URL or a verified release. 3) Understand authentication: the skill may access your browser cookie store (sensitive) or accept SWEETISTICS_API_KEY; confirm whether the agent or the CLI accesses cookies and which file paths are used. 4) If you must use it, obtain the 'bird' CLI from a trusted source and run it in a sandbox first. 5) If you do not want any tool reading browser cookies, do not install this skill until its cookie-access behavior is clarified. Additional info that would raise confidence to 'benign': a clear upstream repo/homepage, documentation showing which 'bird' client is required, and an explicit declaration of optional env vars (e.g., SWEETISTICS_API_KEY) and any file paths accessed.
功能分析
Type: OpenClaw Skill
Name: bird-x-cli
Version: 1.0.0
This skill exhibits a major discrepancy between its metadata (which claims it is a CLI for the BIRD Internet Routing Daemon) and its functional instructions (which describe a Twitter/X client). It explicitly directs the agent to use browser cookies from Firefox and Chrome for authentication, which is a high-risk behavior associated with credential theft. The use of the command name 'bird', which shadows a legitimate networking utility, combined with the request for sensitive browser data and an unknown 'Sweetistics' API, suggests deceptive intent or a highly irregular configuration (SKILL.md, README.md).
能力标签
能力评估
Purpose & Capability
The skill description says it's a CLI for reading/posting on X, which is reasonable. However the SKILL.md metadata requires anyBins: ["bird", "birdc"] and gives the reason "Bird routing daemon CLI — only useful when bird/birdc is installed". 'birdc' is commonly the control client for the BIRD BGP daemon (unrelated to Twitter), so this looks like a naming/provenance mix-up. The source/homepage are unknown, increasing the risk that the declared binaries don't match the intended Twitter client.
Instruction Scope
Runtime instructions are short and only tell the agent to call the external 'bird' CLI for actions (read/search/post). They do not tell the agent to read arbitrary system files or env vars. However the skill lists 'Browser cookies (default: Firefox/Chrome)' as an auth source — that implies the CLI will access browser cookie stores (sensitive data) even though the skill's runtime instructions do not explicitly state how cookies are obtained or whether the agent itself will access them.
Install Mechanism
No install spec and no code files — instruction-only skill. This has the lowest installation risk because nothing in the skill package will be written or executed on install. The binary 'bird' must already be present on PATH for the skill to work.
Credentials
The metadata declares no required env vars, but SKILL.md documents an optional Sweetistics API via SWEETISTICS_API_KEY (not declared). It also references browser cookie access without declaring which cookie paths or permissions are needed. Missing declaration of optional credentials and unspecified access to browser storage are disproportionate and make it unclear what secrets or files the skill will touch.
Persistence & Privilege
No elevated persistence requested (always: false) and normal autonomous invocation is allowed. The skill does not request system-wide configuration changes or permanent presence.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install bird-x-cli - 安装完成后,直接呼叫该 Skill 的名称或使用
/bird-x-cli触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of bird-x-cli.
- Provides a command-line interface for interacting with Bird routing daemon (bird/birdc).
- Supports reading, searching, tweeting, and replying via the bird CLI.
- Requires bird or birdc to be installed.
- Authenticates via browser cookies or the Sweetistics API.
- Includes commands for user checks and managing different authentication sources.
元数据
常见问题
Bird X CLI 是什么?
Command-line tool for reading, searching, and posting Twitter content using bird/birdc with multiple authentication options. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 106 次。
如何安装 Bird X CLI?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install bird-x-cli」即可一键安装,无需额外配置。
Bird X CLI 是免费的吗?
是的,Bird X CLI 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Bird X CLI 支持哪些平台?
Bird X CLI 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Bird X CLI?
由 bowen31337(@bowen31337)开发并维护,当前版本 v1.0.0。
推荐 Skills