CLI Anything
v0.1.0Generate or refine agent-usable CLIs for existing software/codebases using the CLI-Anything methodology. Use when the user wants to turn a GUI app, desktop t...
⭐ 7· 2.6k·76 current·80 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the delivered artifacts: SKILL.md, two small helper scripts, and reference docs all focus on inspecting a local CLI-Anything checkout and guiding harness selection or packaging. No unrelated env vars, binaries, or offsite endpoints are requested.
Instruction Scope
Instructions direct the agent to read specific workspace paths and to verify/install harness Python packages and run CLI entrypoints (e.g., pip install -e, cli-anything-gimp). That's appropriate for this skill's purpose but gives the agent permission to install packages and execute code from the local repo; that can have side effects and should be done only with trusted code or in a sandbox.
Install Mechanism
There is no install spec (instruction-only skill) and bundled Python scripts are small and local. Nothing in the package downloads or extracts remote archives or pulls code from untrusted URLs.
Credentials
The skill requests no environment variables, credentials, or config paths beyond workspace paths it documents. The only environment impact is potentially installing Python dependencies into the execution environment, which is consistent with verifying harnesses but should be deliberate.
Persistence & Privilege
always:false and no request to modify other skills or global agent settings. The skill may be invoked autonomously by the model per platform defaults, but it does not escalate privileges or demand permanent presence.
Assessment
This skill appears to do what it claims: inspect a local CLI-Anything repo and help select, verify, or package harnesses. Before allowing it to install or run anything, consider: 1) only use it if you trust the local CLI-Anything checkout (its harnesses run code); 2) prefer running installs and CLI verifications in an isolated environment (container or VM) to avoid modifying your system Python or causing side effects; 3) review harness code (setup.py, entry points, tests) before permitting pip install -e or executing entrypoints; and 4) require explicit user confirmation before the agent publishes or pushes artifacts externally. If you want stricter safety, deny automated installation/execution and ask for a dry-run listing of commands the skill would run.Like a lobster shell, security has layers — review code before you run it.
latestvk97crpg5ra6gfmx1wymygbjjzn82rkhg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.