← 返回 Skills 市场

CS Relogin

Name: CS Relogin
Author: anjun

作者 Ajun · GitHub ↗ · v1.1.2

cross-platform ⚠ suspicious

391

总下载

当前安装

版本数

在 OpenClaw 中安装

/install cs-relogin

功能描述

Fast OpenAI Codex account switch for OpenClaw via the local cs command. Use when user sends `cs relogin`, asks to re-login or switch ChatGPT Codex account, o...

使用说明 (SKILL.md)

CS Relogin Skill

Use this skill to perform OpenAI Codex account switching without openclaw onboard.

Hard rules

Always execute cs directly, never call openclaw onboard for this task.
Keep flow non-interactive.
If user provided a callback URL/code, do completion step immediately.

Workflow

If user input is exactly cs relogin:
- Run:
```
cs relogin
```
- Return the login URL from command output.
- Ask user to finish browser auth and paste callback URL.
If user input contains callback URL/code:
- Run:
```
cs relogin "\x3Ccallback-url-or-code>"
```
- Return key result lines:
  - relogin completed status
  - gateway restart status
  - active profile/account summary
If user asks status/debug:
- Run:
```
cs relogin status
cs status
```
- Summarize pending state and active account.

Output format

Keep response concise and actionable.
Include exact next command when another step is needed.
Never expose full tokens/secrets.
On command failure, include raw cs stderr first (do not guess the reason).

Acknowledgement rule (MUST)

Every successful action must have an explicit acknowledgement (回执) to the user.
Minimum acknowledgement content:
- what was executed (e.g. cs relogin, cs relogin \x3Ccallback>, cs status)
- whether it succeeded
- current state summary (pending relogin / active account)
If command output is missing or tool callback is flaky, immediately run:
```
cs relogin status
cs status
```
then send acknowledgement based on those results.
Never end silently after command execution.

安全使用建议

This skill is coherent: it simply automates calls to your local `cs` CLI to switch/relogin Codex accounts. Before using it, ensure you trust the local `cs` binary and the environment where the agent runs. Do not paste full callback URLs or tokens into chat unless you understand they may be used as command arguments (these can appear in process lists or stderr). If you're uncomfortable, run `cs relogin` and the callback completion manually in a terminal instead of via the agent. If the agent reports raw stderr on failure, inspect it locally before sharing to avoid accidental secret disclosure.

功能分析

Type: OpenClaw Skill Name: cs-relogin Version: 1.1.2 The skill is suspicious due to a critical shell injection vulnerability. In `SKILL.md`, Workflow step 2 instructs the AI agent to directly embed user-provided input (`<callback-url-or-code>`) into a `bash` command string (`cs relogin "<callback-url-or-code>"`). Without explicit sanitization or robust quoting by the agent or the underlying `Bash` tool, a malicious user could inject arbitrary shell commands, potentially leading to Remote Code Execution (RCE). This is a significant vulnerability, not evidence of intentional malice.

能力评估

✓ Purpose & Capability

Name/description match the runtime instructions: the skill only tells the agent to run the local `cs` command for relogin, status, and callback completion. It declares no unrelated env vars, binaries, or installs.

ℹ Instruction Scope

Instructions are narrowly scoped to invoking `cs relogin`, `cs relogin "<callback>"`, and `cs status`. However, the skill explicitly instructs the agent to include raw cs stderr on failures and to accept/paste callback URLs. Those actions are necessary for relogin but can expose sensitive tokens if the callback URL or stderr contain secrets; the SKILL.md does include a rule to never expose full tokens, but returning raw stderr may still leak sensitive data in some cases.

✓ Install Mechanism

Instruction-only skill with no install steps and no code files — nothing is written to disk by the skill itself.

ℹ Credentials

The skill requests no environment variables or credentials, and only uses the local `cs` CLI. This is proportionate. Caveat: completing OAuth requires pasting a callback URL (which can contain tokens) as a command argument; placing secrets on the command line or returning raw stderr can expose them to local process listings or chat outputs.

✓ Persistence & Privilege

`always` is false and there is no requested permanent presence or modification of other skills or global config. The skill runs only on explicit invocation or normal autonomous invocation rules.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install cs-relogin
安装完成后，直接呼叫该 Skill 的名称或使用 /cs-relogin 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.2

compliance hardening: no automatic proxy fallback; proxy only via explicit CHATGPTSWITCH_PROXY; docs updated

v1.1.1

self-contained scripts; write requires --apply; restart opt-in; installer pinned to v1.1.1

元数据

Slug cs-relogin

版本 1.1.2

许可证 —

累计安装 0

当前安装数 0

历史版本数 2

常见问题

CS Relogin 是什么？

Fast OpenAI Codex account switch for OpenClaw via the local cs command. Use when user sends `cs relogin`, asks to re-login or switch ChatGPT Codex account, o... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 391 次。

如何安装 CS Relogin？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install cs-relogin」即可一键安装，无需额外配置。

CS Relogin 是免费的吗？

是的，CS Relogin 完全免费（开源免费），可自由下载、安装和使用。

CS Relogin 支持哪些平台？

CS Relogin 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 CS Relogin？

由 Ajun（@anjun）开发并维护，当前版本 v1.1.2。