← 返回 Skills 市场
malek262

OpenCode CLI API Controller

作者 Malek Rsh · GitHub ↗ · v1.1.0
cross-platform ✓ 安全检测通过
653
总下载
2
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install opencode-api-control-skill
功能描述
A powerful skill to control Open Code CLI via a local web server API. Allows executing commands, managing sessions, and automating code generation remotely i...
安全使用建议
This package appears to do what it says: local orchestration of an OpenCode web server via included bash scripts. Before installing: 1) Review and trust the OpenCode server you will point to (127.0.0.1:4099) — if that server is configured with external providers (OpenAI, Anthropic, Gemini), user code or prompts may be sent to those providers; if you need strict local-only operation, ensure OpenCode is configured without external provider keys or bind the server to localhost only. 2) Inspect the scripts (they're included) to confirm the directories in config.json (projects_base_dir) are acceptable for where the skill will create/modify files. 3) Note the SKILL.md forbids directly reading project files, but the API exposes endpoints that can return file content — avoid using those endpoints if you don't want file contents transmitted. 4) Verify the package origin (registry metadata shows no source/homepage but README references a GitHub repo) — if provenance matters, fetch the code directly from the author’s repository and inspect it. 5) If you plan to use external providers, be explicit about what data may be transmitted and who can access it; otherwise keep OpenCode provider config empty or local-only.
功能分析
Type: OpenClaw Skill Name: opencode-api-control-skill Version: 1.1.0 The OpenClaw AgentSkills skill bundle is classified as benign. All network communications are strictly local, targeting `http://127.0.0.1:4099` as configured in `config.json` and demonstrated in all `scripts/*.sh` and `Reference/*.md` files. File system operations are confined to managing project directories, skill state files (`./state/`), and a local log file (`opencode_server.log`). The `SKILL.md` actively guides the agent to use the provided API and scripts, and explicitly prohibits direct file manipulation for development tasks, indicating a defensive posture against prompt injection. The use of `nohup` in `scripts/start_server.sh` is for legitimate background persistence of the local OpenCode server. There is no evidence of data exfiltration, unauthorized remote control, obfuscation, or other malicious intent.
能力评估
Purpose & Capability
Name/description match the implementation: the package contains bash helper scripts (start_server, send_message, monitor_session, get_diff, state management, provider selection) and the declared binaries (curl, jq, bash) are exactly what's needed. No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md correctly instructs the agent to use the local API and provided scripts and to avoid reading/modifying project source files directly. However the API reference in the package documents endpoints that can return file contents (e.g., /file/content, /find), and the scripts and examples can initiate provider-backed model calls. The skill's guidance forbids direct file reads, but the capability to fetch file content via the API exists — so the agent (or user-run commands) could retrieve project files if those endpoints are used. Also the repository metadata in package (source unknown/homepage none) conflicts with README which points to a GitHub repo; that mismatch is likely packaging metadata oversight but worth noting.
Install Mechanism
This is instruction-and-script-only (no remote downloads or extract steps). The SKILL.md install step only chmods scripts and warns on missing jq. No external installers, no downloaded archives or execution of remote code are present in the package.
Credentials
The skill does not request environment secrets itself. However it intentionally orchestrates OpenCode, which may be configured (outside this skill) with provider API keys; using non-local providers will cause project contents (or prompts containing sensitive content) to be transmitted to those provider services. The skill explains provider usage and selection, so this is expected behavior but important for users holding sensitive code/data.
Persistence & Privilege
always:false and default autonomous invocation are normal. The skill writes only to its own directory (state/, opencode_server.log) and to project directories defined in config.json. It does not attempt to modify other skills or global agent configuration.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install opencode-api-control-skill
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /opencode-api-control-skill 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
- Added a new script: scripts/start_server.sh for initializing the OpenCode server in a robust/backgrounded way. - Updated documentation and workflow to recommend starting the server via start_server.sh for improved reliability. - Clarified and streamlined server initialization/health-check instructions. - Added a task initiation protocol, prompting for provider and monitoring choices before starting tasks. - Improved config and metadata structure (updated author, required binaries). - Minor clarifications and best practices for workflow and monitoring.
v0.1.0
Initial release of OpenCode-CLI-Controller: remote orchestration for Open Code via local web API. - Enables command execution, session management, and automation of code generation/remotely within a local network. - Clearly defines the orchestrator role: you supervise and communicate with OpenCode, but never read/modify project files directly. - Provides detailed operational guidelines and anti-patterns to ensure all interactions occur through the API or provided scripts. - Includes best practices for server initialization, session handling, and intelligent task monitoring. - Offers examples and scripts for common workflows: verifying server health, updating providers, creating/selecting projects, managing sessions, and reporting diffs without file content access.
元数据
Slug opencode-api-control-skill
版本 1.1.0
许可证
累计安装 0
当前安装数 0
历史版本数 2
常见问题

OpenCode CLI API Controller 是什么?

A powerful skill to control Open Code CLI via a local web server API. Allows executing commands, managing sessions, and automating code generation remotely i... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 653 次。

如何安装 OpenCode CLI API Controller?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install opencode-api-control-skill」即可一键安装,无需额外配置。

OpenCode CLI API Controller 是免费的吗?

是的,OpenCode CLI API Controller 完全免费(开源免费),可自由下载、安装和使用。

OpenCode CLI API Controller 支持哪些平台?

OpenCode CLI API Controller 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 OpenCode CLI API Controller?

由 Malek Rsh(@malek262)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论