← 返回 Skills 市场
ibrahimelnemr

Wordpress OAuth

作者 Ibrahim El Nemr · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
200
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install wordpress-oauth
功能描述
Start and complete WordPress.com OAuth and publish posts through the WordPress.com REST API. Use when you need to generate an authorization URL, exchange cal...
安全使用建议
This skill appears to do what it claims: run an OAuth flow against WordPress.com and publish posts. Before installing or using it, consider: 1) The skill will create oauth_state.json and credentials.json in the skill directory containing sensitive tokens and client secrets—keep that directory private and back up/remove credentials when no longer needed. 2) Supply client_id/secret/redirect/site via CLI flags or secure shell environment variables (examples use shell expansion). 3) The script attempts to set restrictive file permissions but may not succeed on all OSes—verify the files are not world-readable. 4) Review the full Python file (the repository includes the code) yourself if you need higher assurance (the provided snippet is consistent, but the file was truncated in the listing). 5) If you plan to allow autonomous agent invocation, be aware the agent could call publish-post using stored credentials—limit that capability if you don't want unattended publishing.
功能分析
Type: OpenClaw Skill Name: wordpress-oauth Version: 1.0.0 The wordpress-oauth skill implements a standard OAuth 2.0 flow and post-publishing functionality for WordPress.com. The Python script (wp_oauth_skill.py) follows security best practices by using the secrets module for CSRF state generation, validating state during token exchange, and enforcing restrictive file permissions (0o600) on the local credentials store. All network activity is directed to official WordPress API endpoints, and there is no evidence of data exfiltration or malicious execution.
能力评估
Purpose & Capability
Name/description (WordPress OAuth + publish) match the code and instructions. The script only contacts wordpress.com OAuth and REST endpoints and writes local state/credentials; no unrelated services, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the user to run the included Python script and to supply client id/secret/redirect/site via flags or shell variables. The instructions and script operate only on files inside the skill directory (oauth_state.json, credentials.json) and the WordPress API. Minor mismatch: SKILL.md references env vars by name (e.g., WPCOM_CLIENT_ID), but the script reads values from CLI flags (examples use shell variable expansion, which is fine).
Install Mechanism
No install spec; the skill is delivered as source (one Python file and SKILL.md). No third-party downloads, package installers, or archive extraction are used.
Credentials
The skill does not declare required environment variables in the registry metadata, but it expects client ID/secret/redirect/site to be provided at runtime (via flags or shell-expanded env vars). Requesting client secret and storing an access_token is appropriate for OAuth; storing credentials.json locally is expected but is sensitive and should be protected.
Persistence & Privilege
always is false and the skill stores state/credentials only in its own directory. It does not modify other skills or system-wide configuration. The skill can be invoked autonomously by the agent (platform default), which is normal for skills of this type.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install wordpress-oauth
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /wordpress-oauth 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of wordpress-oauth skill. - Enables human-in-the-loop OAuth flow for WordPress.com and Jetpack-connected sites. - Supports generating authorization URLs, exchanging callback codes for access tokens, and validating tokens. - Allows publishing draft or published posts through the WordPress.com REST API. - Stores OAuth state and credentials securely within the skill directory. - Provides CLI commands for each step: begin-oauth, exchange-token, token-info, and publish-post.
元数据
Slug wordpress-oauth
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Wordpress OAuth 是什么?

Start and complete WordPress.com OAuth and publish posts through the WordPress.com REST API. Use when you need to generate an authorization URL, exchange cal... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 200 次。

如何安装 Wordpress OAuth?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install wordpress-oauth」即可一键安装,无需额外配置。

Wordpress OAuth 是免费的吗?

是的,Wordpress OAuth 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Wordpress OAuth 支持哪些平台?

Wordpress OAuth 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Wordpress OAuth?

由 Ibrahim El Nemr(@ibrahimelnemr)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论