← 返回 Skills 市场
Outlit Cli
作者
Rafael Thayto
· GitHub ↗
· v0.1.0
390
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install outlit-cli
功能描述
Use when running Outlit CLI commands, setting up Outlit for AI agents, authenticating with Outlit, querying customer data from the terminal, or troubleshooti...
安全使用建议
This skill appears to be a documentation/instruction wrapper for the Outlit CLI and is not obviously malicious, but there are transparency gaps. Before installing or using it: 1) Verify the npm package @outlit/cli and its maintainer (review package source, release/tag, and recent activity). 2) Treat API keys as sensitive: prefer a scoped/ephemeral key, store it in env var only for CI, and avoid pasting long-lived keys into unknown systems. 3) Inspect what `outlit setup` and `outlit doctor` will change — run them in a controlled environment (container/VM) first to see what files/configs are modified. 4) If you must run queries (outlit sql / customers list), ensure the key has the minimum scope needed and consider limiting access to production data. 5) Ask the publisher/owner to update registry metadata to declare the OUTLIT_API_KEY and the credentials.json path so permission requests are visible at install time.
功能分析
Type: OpenClaw Skill
Name: outlit-cli
Version: 0.1.0
The skill bundle describes an `outlit-cli` tool with powerful capabilities, including arbitrary SQL query execution via `outlit sql '<query>'` and direct handling of API keys, which are high-risk functionalities. While these are presented as legitimate features for customer intelligence and authentication, they represent significant potential attack vectors if the underlying CLI has vulnerabilities (e.g., SQL injection) or if the AI agent is prompted to misuse these capabilities. The `SKILL.md` also instructs `npm i -g @outlit/cli`, introducing a supply chain risk. There is no clear evidence of intentional malicious behavior within the `SKILL.md` itself, but the exposed capabilities are inherently risky.
能力评估
Purpose & Capability
The name/description and SKILL.md consistently describe a CLI helper for the Outlit product (auth, customer queries, SQL, and agent setup). That purpose justifies the CLI commands and the need for an API key. However, the SKILL metadata declares no required environment variables or config paths while the SKILL.md explicitly documents OUTLIT_API_KEY and ~/.config/outlit/credentials.json — a mismatch worth noting.
Instruction Scope
The runtime instructions are narrowly focused on running the Outlit CLI and using its commands (including SQL queries against analytics). They explicitly describe where credentials are read/written (flag, env var, credentials.json). This scope is coherent with the stated purpose, but running SQL and listing customer data is inherently sensitive — the skill instructs interacting with potentially sensitive customer data, which is expected for this tool but requires caution.
Install Mechanism
There is no registry install spec; SKILL.md tells users to run `npm i -g @outlit/cli`. That is a typical installation route for a CLI. Because the registry does not provide an install artifact or pin a release, users should treat a global npm install as executing third-party code and verify the npm package and maintainer before installing.
Credentials
The SKILL.md requires/uses an API key (OUTLIT_API_KEY / `--api-key`) and a credentials file (~/.config/outlit/credentials.json), yet the skill metadata lists no required env vars or config paths. This omission reduces transparency. The key format (`ok_...`) and SQL access indicate the skill will be able to access sensitive customer data when authorized — the required secrets are logical for the feature, but the registry should have declared them.
Persistence & Privilege
The CLI exposes `outlit setup` which 'auto-detects and configures AI agents' and lists agent targets (including `openclaw`). That implies the CLI may modify agent configuration or integration settings. The skill metadata does not declare any config-path modifications. This capability is reasonable for a setup tool, but because it may change agent configs and potentially add credentials/integrations, users should verify exactly what `outlit setup` modifies before running it.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install outlit-cli - 安装完成后,直接呼叫该 Skill 的名称或使用
/outlit-cli触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release of outlit-cli – customer intelligence from the terminal.
- Provides a full-featured CLI to authenticate, fetch, and analyze customer data from Outlit.
- Supports AI agent setup and management (`outlit setup`, `outlit setup <agent>`), CLI troubleshooting, and SQL analytics.
- Rich command set for listing, querying, and searching customers, users, revenues, and events.
- Flexible authentication via command line, environment variable, or credentials file.
- Automatic pretty or JSON output based on terminal/piping context.
- Extensive filtering, pagination, and data querying options.
元数据
常见问题
Outlit Cli 是什么?
Use when running Outlit CLI commands, setting up Outlit for AI agents, authenticating with Outlit, querying customer data from the terminal, or troubleshooti... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 390 次。
如何安装 Outlit Cli?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install outlit-cli」即可一键安装,无需额外配置。
Outlit Cli 是免费的吗?
是的,Outlit Cli 完全免费(开源免费),可自由下载、安装和使用。
Outlit Cli 支持哪些平台?
Outlit Cli 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Outlit Cli?
由 Rafael Thayto(@rafa-thayto)开发并维护,当前版本 v0.1.0。
推荐 Skills