← 返回 Skills 市场
1morebuild

BYR CLI Skill

作者 Haitian · GitHub ↗ · v0.1.2
cross-platform ⚠ suspicious
718
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install byr-cli
功能描述
Use BYR CLI for auth, search, detail inspection, and safe torrent download planning with JSON envelopes.
使用说明 (SKILL.md)

BYR CLI Skill

When To Use

Use this skill when a task needs any BYR operation via CLI:

  • authenticate/check auth state
  • search torrents with filters
  • browse latest torrents with filters
  • inspect torrent details
  • plan or execute torrent downloads
  • fetch BYR metadata and user info
  • run local diagnostics before live calls

Boundaries

  • Work only through the byr binary.
  • Prefer --json for machine-readable output.
  • Do not infer missing IDs/paths or silently mutate files.
  • Keep read-only commands non-destructive.

Auth Notes

  • Support both cookie formats in auth import-cookie:
    • uid=...; pass=...
    • session_id=...; auth_token=... (optional refresh_token=...)
  • Browser import:
    • chrome (macOS path/decrypt flow)
    • safari best effort with manual fallback
  • Always check status before live operations:
    • byr auth status --verify --json

Commands (JSON First)

Read-only:

  • byr check --json
  • byr whoami --json
  • byr doctor [--verify] --json
  • byr browse [--limit \x3Cn>] [--category \x3Calias|id>] [--incldead \x3Calias|id>] [--spstate \x3Calias|id>] [--bookmarked \x3Calias|id>] [--page \x3Cn>] --json
  • byr search --query "\x3Ctext>" --limit \x3Cn> --json
  • byr search --imdb \x3Ctt-id> [--category \x3Calias|id>] [--spstate \x3Calias|id>] --json
  • byr get --id \x3Ctorrent-id> --json
  • byr user info --json
  • byr meta categories --json
  • byr meta levels --json
  • byr auth status [--verify] --json
  • byr auth import-cookie --cookie "\x3Ccookie-header>" --json
  • byr auth import-cookie --from-browser \x3Cchrome|safari> [--profile \x3Cname>] --json
  • byr auth logout --json

Write side effect:

  • Dry run first: byr download --id \x3Ctorrent-id> --output \x3Cpath> --dry-run --json
  • Actual write: byr download --id \x3Ctorrent-id> --output \x3Cpath> --json

Search/Browse Semantics

  • search and browse return paged list data.
  • JSON fields:
    • matchedTotal: estimated total hits inferred from BYR pagination range blocks.
    • returned: number of items returned in current payload.
    • total: backward-compatible alias of returned.
  • If --page is omitted, list commands auto-fetch subsequent pages until --limit is reached.
  • If --page is provided, only that page is fetched.

Side-Effect Policy

Before non-dry-run download:

  1. verify --id and --output are explicit
  2. run dry-run and inspect sourceUrl/fileName
  3. confirm intent for the output path

If parameters are missing, ask for explicit values.

Error handling

  • Surface error.code and error.message.
  • For E_ARG_*: request corrected flags/arguments.
  • For E_AUTH_*: re-auth guidance (auth import-cookie or credential refresh).
  • For E_NOT_FOUND_*: request different query/torrent ID.
  • For E_UPSTREAM_*: suggest retry and capture command/context.

Response Style

  • Keep result summaries short.
  • Include key fields for search/get: id, title, size, seeders, leechers.
  • For list commands include both matchedTotal and returned when present.
  • Include key fields for download: outputPath, sourceUrl, dryRun, bytesWritten.
安全使用建议
This skill appears to be a thin wrapper around a third‑party 'byr' CLI. Before installing or using it: (1) verify the Homebrew tap and npm package authors and inspect their source repository if possible; (2) prefer the dry-run download flow and require explicit output paths before writing files; (3) be cautious with the 'auth import-cookie --from-browser' flow — importing browser cookies grants access to session tokens and should only be done if you trust the CLI source; consider using a manual cookie string instead or re-authenticating through safer means; (4) run 'byr doctor' and inspect output locally before allowing any write/download actions; and (5) consider the legal/organizational policy implications of torrent usage. If you need higher assurance, request the upstream source code or a reproducible build of the 'byr' binary before installing.
功能分析
Type: OpenClaw Skill Name: byr-cli Version: 0.1.2 The skill is classified as suspicious primarily due to the `byr auth import-cookie --from-browser` command described in `SKILL.md`. This command allows the `byr` CLI to access sensitive browser authentication cookies (from Chrome/Safari), which is a high-risk capability. While the skill's instructions frame this as a legitimate method for authenticating the `byr` CLI and include safeguards for other operations (e.g., dry-run for downloads), exposing a command that can read browser credentials, even for its stated purpose, presents a significant security vulnerability if the `byr` binary itself is compromised or if the agent is later prompted to misuse this capability for exfiltration. There is no clear evidence of intentional malicious behavior (e.g., instructions for data exfiltration or persistence) from the skill's instructions themselves, but the inherent risk of this capability makes it suspicious.
能力评估
Purpose & Capability
Name/description match the behavior: the skill delegates all work to a 'byr' CLI and declares Homebrew/npm install options that create the 'byr' binary. Requiring a local 'byr' binary is coherent for a CLI wrapper.
Instruction Scope
SKILL.md explicitly documents browser cookie import flows (chrome macOS path/decrypt flow, safari best-effort) which implies reading/decrypting local browser profiles or cookies. The skill text does not declare or constrain access to those local files; because this is instruction-only, the actual access would be performed by the installed 'byr' binary but the instructions encourage actions that touch sensitive local secrets (browser session tokens).
Install Mechanism
Installers are a Homebrew formula from a third-party tap (1MoreBuild/tap) and an npm package (byr-pt-cli). These are reasonable fallback mechanisms but both are third‑party sources (not a widely-recognized official repo linked in the skill). This raises moderate supply-chain risk — verify the tap/package source before installing.
Credentials
The skill requests no environment variables or credentials, which is proportionate. However, the documented browser cookie import is effectively a request to access local sensitive secrets (cookies/session tokens) that is not represented in 'requires' or config path metadata.
Persistence & Privilege
always is false and the skill is instruction-only; it does not request permanent agent presence or modifications to other skills or system-wide settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install byr-cli
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /byr-cli 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.2
Prefer Homebrew install metadata with npm fallback for BYR CLI skill
v0.1.1
Expanded command coverage and list metadata guidance (matchedTotal/returned, browse/check/whoami/doctor)
元数据
Slug byr-cli
版本 0.1.2
许可证
累计安装 0
当前安装数 0
历史版本数 2
常见问题

BYR CLI Skill 是什么?

Use BYR CLI for auth, search, detail inspection, and safe torrent download planning with JSON envelopes. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 718 次。

如何安装 BYR CLI Skill?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install byr-cli」即可一键安装,无需额外配置。

BYR CLI Skill 是免费的吗?

是的,BYR CLI Skill 完全免费(开源免费),可自由下载、安装和使用。

BYR CLI Skill 支持哪些平台?

BYR CLI Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 BYR CLI Skill?

由 Haitian(@1morebuild)开发并维护,当前版本 v0.1.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论