oauth-coder-bridge

The skill appears to do what it says (route OpenClaw Anthropic-format calls to a local oauth-coder → claude CLI chain) and its files/instructions align with that purpose, but there are small metadata mismatches and some sensitive local token usage you should understand before installing.

This skill is functionally coherent with its description, but review these points before installing: - Ensure you trust and have oauth-coder and the claude CLI installed and authenticated locally (run 'claude login' yourself). The bridge will use those local OAuth tokens to answer requests — this gives OpenClaw access to use your authenticated CLI session. - Back up ~/.openclaw/openclaw.json before running the setup script: scripts/update-openclaw-config.py will modify that file and add a 'claude-cli' provider. Confirm the exact changes match your expectations. - Inspect the included scripts (oauth-coder-bridge.py, setup.sh, update-openclaw-config.py) yourself. The bridge runs oauth-coder as a subprocess (subprocess.run) and will execute whatever the oauth-coder binary does — trust in that binary is required. - Be aware prompts/responses may be written to a log file if you set OAUTH_CODER_BRIDGE_LOG_FILE; by default logging goes to stderr. If you are handling sensitive prompts, avoid enabling persistent logging or ensure log file permissions are secure. - The registry metadata omits the required oauth-coder dependency and environment variables documented in SKILL.md; treat that as an authoring oversight and verify prerequisites before install. If you are uncertain about trusting the oauth-coder/claude CLI or do not want OpenClaw to be able to use your local OAuth session, do not install or run the bridge.