← 返回 Skills 市场
amior1024

OpenAI Auth Switcher Public

作者 amior1024 · GitHub ↗ · v0.3.1-preview · MIT-0
cross-platform ⚠ suspicious
178
总下载
0
收藏
0
当前安装
9
版本数
在 OpenClaw 中安装
/install openai-auth-switcher-public
功能描述
Web-first, publishable OpenClaw skill for OpenAI OAuth account switching. Use when you need a reusable public-track workflow for first-run takeover, environm...
安全使用建议
This package is credential-adjacent and will read/write local OpenClaw auth files and manage a user-level service. Before installing: 1) Review service/app.py and any network/telemetry code (hourly_usage.py) to confirm nothing phones home or exposes tokens. 2) Inspect scripts that copy or restore auth-profiles.json (scripts/auth_file_lib.py, scripts/import_auth_file.py) to ensure import behavior is intentional and safe. 3) Run doctor.py and env_detect.py in --json mode on an isolated/test machine first. 4) Set OPENAI_AUTH_SWITCHER_PUBLIC_STATE_DIR to an external test directory (per docs) to avoid polluting the source tree. 5) Backup existing auth-profiles.json and related OpenClaw state before any import/switch operations. 6) If you do not trust the author or cannot audit the code, do not run install.sh on production hosts — prefer running in a sandbox or VM and use the packaging wrapper (package_public_skill.py) to inspect artifacts before publishing or deploying.
功能分析
Type: OpenClaw Skill Name: openai-auth-switcher-public Version: 0.3.1-preview This skill functions as an OpenAI authentication manager that can swap, backup, and monitor OAuth tokens within the OpenClaw environment. While it aligns with its stated purpose, it is classified as suspicious due to high-risk capabilities: it implements a persistent web server (service/app.py) that provides a remote/local interface for manipulating sensitive credentials, installs a systemd user service for persistence (scripts/install_web_app.py), and includes functions to import/export auth profiles from the local filesystem (service/channel_store.py). The web server is protected by basic auth and binds to localhost by default, but the inherent risk of a background service managing API tokens, combined with terminology like 'account takeover' in SKILL.md, warrants caution.
能力评估
Purpose & Capability
Name/description match the included scripts: the package contains installers, runtime discovery, import/backup/restore helpers, and a web preview—all expected for an OpenAI OAuth 'auth switcher' workflow. The presence of file-copy, backup and restore logic, port selection, generated admin credentials, and systemd user service management is coherent with the stated goals.
Instruction Scope
SKILL.md explicitly instructs the operator to run install.sh and helper scripts (doctor.py, env_detect.py, inspect_runtime.py, import-auth flows). These instructions require reading and writing local OpenClaw runtime files (auth-profiles.json, service units, runtime state). The preview API includes POST /api/import-auth that accepts an absolute path and will copy/validate the supplied auth file into the runtime location—this is functionally appropriate for first-run takeover but is high-sensitivity behavior and should be executed only after manual inspection and on trusted machines.
Install Mechanism
No external install spec or network download is present in the manifest (instruction-only in registry). The repository contains local install.sh and Python scripts that run locally; there are no obvious external fetches in the provided snippets. That lowers supply-chain risk compared to remote installers, but you must still audit included scripts because they will be executed on the host.
Credentials
The skill declares no required env vars, but the code and docs reference OPENAI_AUTH_SWITCHER_PUBLIC_STATE_DIR and other OpenClaw path overrides and will probe/copy local auth files. The scripts perform file I/O on sensitive auth-profiles.json, create backups, and rebuild token ledgers. There is also an 'hourly_usage' rollup script (local analytics) which could transmit telemetry—its network behavior is not shown and should be audited. Access to local credential-bearing files is expected for this tool, but it is inherently sensitive and the skill does not declare explicit credential requirements in metadata (so users may underestimate impact).
Persistence & Privilege
always:false and model invocation is allowed (default) — normal for skills. The install flow creates/manages a systemd user unit under ~/.config/systemd/user (the unit path is hard-coded in install.sh). The skill writes runtime files under its own runtime area by design but also writes or copies auth files into the OpenClaw runtime location and may create backups. This is coherent with its purpose but elevates its privileges on the host; run only with appropriate user consent and review.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install openai-auth-switcher-public
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /openai-auth-switcher-public 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.3.1-preview
0.3.1-preview:修复认证后页面前端请求失败问题,确认新增账号流程可用,并保留真实接管逻辑供另一台 Claw 继续实战测试。
v0.3.0-preview
0.3.0-preview:完成 public 版首页重构,新增账号通道、新增授权主流程(开始授权/完成授权)、设为当前、高级导入导出授权文件、统一版本显示与中文化状态展示,供另一台 Claw 实战测试。
v0.2.6
0.2.6:安装前仅做服务态 pre-cleanup,不删除用户持久数据;优化 systemd-user 不可用时的人话提示,并收敛安装输出噪音。
v0.2.4
0.2.4:美化 install.sh 安装输出,增加成功/警告分区展示,并在 systemd 模板缺失时自动再生模板后继续走 systemd-user。
v0.2.3
0.2.3:新增 install.sh 统一安装入口,修复跨机安装缺失 service/app.py 的打包问题,并修复 systemd 模板缺失时 install 的降级行为。
v0.2.2
0.2.2:优化 ClawHub 发布文案,突出 web-first、首次接管、dry-run 验证与清洁打包定位。
v0.2.1
0.2.1:更新嵌套 Web 页面与静态展示页 UI,切换为亮色白+淡蓝风格,增强信息层次,并补齐移动端自适应体验。
v0.2.0
0.2.0:新增 web-first 首次接管安装流,支持 9527→12138→随机端口回退,补齐 systemd-user 主路径、reinstall、stop/status、发布前验证与清洁打包规则。
v0.1.0
首个公开版本:提供环境检测、运行时检查、账号槽位管理、受控切换实验、回滚、本地 token 账本与小时日统计,并补齐公开发布所需兼容性与安全文档。 / First public release: adds environment checks, runtime inspection, slot management, controlled switch experiments, rollback helpers, local token ledger and hourly/daily usage analytics, plus compatibility and security docs for public distribution.
元数据
Slug openai-auth-switcher-public
版本 0.3.1-preview
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 9
常见问题

OpenAI Auth Switcher Public 是什么?

Web-first, publishable OpenClaw skill for OpenAI OAuth account switching. Use when you need a reusable public-track workflow for first-run takeover, environm... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 178 次。

如何安装 OpenAI Auth Switcher Public?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openai-auth-switcher-public」即可一键安装,无需额外配置。

OpenAI Auth Switcher Public 是免费的吗?

是的,OpenAI Auth Switcher Public 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

OpenAI Auth Switcher Public 支持哪些平台?

OpenAI Auth Switcher Public 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 OpenAI Auth Switcher Public?

由 amior1024(@amior1024)开发并维护,当前版本 v0.3.1-preview。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论