Seer server manager
vv0.4.0CLI for the Seer media request management API. Search movies and TV shows, create and manage media requests, manage users, track issues, and administer a sel...
⭐ 0· 247·0 current·0 all-time
byOmid Astaraki@electather
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The SKILL.md describes a CLI for managing a Seer server and declares SEER_SERVER and SEER_API_KEY (plus optional MCP tokens) — these match the stated purpose. One inconsistency: the registry metadata reported 'Required env vars: none' and 'Primary credential: none', while SKILL.md requires an API key and server URL.
Instruction Scope
Instructions are focused on installing/running the CLI and using it against a Seer instance. They reference a config file (~/.seer-cli.yaml) and environment variables relevant to the service. The Docker instructions can expose an HTTP MCP endpoint; the SKILL.md explicitly documents options that allow unauthenticated access (SEER_MCP_NO_AUTH and route-based no-header auth). That is functional for some clients but increases the risk of exposing your Seer instance or API key if misconfigured.
Install Mechanism
This is an instruction-only skill; install instructions point at GitHub releases (curl of release tarball + checksum) and a ghcr.io Docker image. These are standard, expected sources. The SKILL.md recommends verifying checksums before installing, which is good practice.
Credentials
The environment variables declared in SKILL.md (SEER_SERVER, SEER_API_KEY, optional MCP tokens) are appropriate for a Seer CLI. However, the registry metadata does not list these required env vars or a primary credential; that registry/metadata mismatch should be corrected because it affects users' ability to review required secrets before installation.
Persistence & Privilege
The skill does not request persistent/always-on inclusion and has no install spec that writes code to disk on its own. It does instruct users how to install a binary or run a container, which is normal for a CLI tool.
Assessment
This skill appears to do what it says (a CLI for a Seer server), but check these before installing: 1) SKILL.md requires SEER_SERVER and SEER_API_KEY — the registry metadata omitted those; confirm you supply them only to a trusted Seer instance. 2) Verify the GitHub repo and release artifacts (checksums) before running curl/tar/sudo mv. Prefer running the official ghcr.io container if you trust the publisher. 3) Be cautious with the Docker MCP options: enabling SEER_MCP_NO_AUTH or exposing an unsecured route can make your Seer instance accessible to others — always prefer a bearer token or network isolation. 4) Keep the API key secret (do not paste into public logs) and consider least-privilege API keys. 5) If you want additional assurance, ask the publisher for a homepage/repo link in the registry metadata and inspect the release contents and Docker image manifest yourself.Like a lobster shell, security has layers — review code before you run it.
latestvk9724wqqc9kj3xk7ger7dxzj9982y5dt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Environment variables
SEER_SERVERrequired— Full URL of your Seer instance (e.g. https://seer.example.com)SEER_API_KEYrequired— API key for authenticating with the Seer serverSEER_MCP_AUTH_TOKENoptional— Bearer token for authenticating MCP HTTP transport clients (required when running the HTTP server; omit for stdio transport)