Agent Reach Setup
v1.0.0提供Agent Reach 1.3.0的完整安装与配置流程,支持7个核心渠道和常见问题诊断,适用于OpenClaw和Claude Code环境。
⭐ 0· 557·7 current·8 all-time
byHaloha@pyh-pan
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the files and instructions: the package installs an 'agent-reach' Python tool and configures channels. However the skill relies on several external CLIs and services (mcporter, yt-dlp, xreach, agent-reach itself, mcporter endpoints) that are not declared as required binaries in the metadata. The SKILL.md and examples assume these tools are present or will be installed, which is a gap between declared requirements and actual runtime needs.
Instruction Scope
Runtime instructions and install.sh run pip install from a GitHub archive, invoke agent-reach install/doctor, and run mcporter config add. They also show examples that accept/provide credentials (proxy with user:pass, twitter cookies) and call many external CLIs (yt-dlp, xreach, curl). The install script and SKILL.md instruct actions that can change the environment and may require secrets, but the skill metadata does not declare those binaries or secret inputs. Using --break-system-packages broadens the scope of changes (it can override system package protection).
Install Mechanism
There is no formal install spec in the registry; instead an included install.sh performs pip install pointing at a GitHub archive URL (https://github.com/Panniantong/agent-reach/archive/main.zip). Installing arbitrary code from a GitHub archive is common but inherently risky if the upstream is not trusted. The script also uses --break-system-packages, which can force package modifications in managed environments and is a potentially dangerous flag. The GitHub archive URL itself is a known host (GitHub) — better than a personal server — but the registry provides no homepage or verified source, so users must trust the referenced repository separately.
Credentials
The skill declares no required environment variables or credentials, which aligns with metadata. However examples and instructions show optional use of credentials (proxy URL with user:pass, 'twitter-cookies' pasted string) and the skill config references external APIs (https://mcp.exa.ai/mcp and multiple localhost endpoints). Those are optional but the metadata does not surface them; users should be aware they may need to provide sensitive values during setup or runtime.
Persistence & Privilege
The skill is not 'always' enabled, does not request system-wide configuration changes beyond installing packages and writing to user-home paths defined in config.json. It does not declare modifications to other skills or system agent settings. Autonomous invocation is allowed by default (normal), but that combined with installing external code increases the attack surface.
What to consider before installing
This skill appears to do what it says (install and configure Agent Reach) but it installs a Python package directly from a GitHub archive and uses --break-system-packages, which can override system package protections. Before running it: 1) Verify the upstream repository (https://github.com/Panniantong/agent-reach) and inspect its code/release history; 2) Prefer installing in an isolated environment (virtualenv, venv, or container) rather than system Python; avoid running pip with --break-system-packages on a managed system; 3) Don't run install.sh as root; review the install.sh contents (it is short) and the upstream package for any network callbacks or credential collection; 4) Be aware the skill expects other CLIs (yt-dlp, xreach, mcporter) and may ask you to paste cookies or proxy credentials — only provide secrets you trust the upstream to need; 5) If you cannot verify the upstream source, consider manual installation steps from the upstream repo or decline installation. If you want higher assurance, ask the publisher for a provenance link (official homepage or release tag) and for signed releases or checksums.Like a lobster shell, security has layers — review code before you run it.
agent-reachconfigurationinstallationlatestopenclawtools
Agent Reach 完整安装与配置解决方案
概述
本技能包提供Agent Reach的完整安装和配置流程,基于实际部署经验,包含问题诊断和解决方案。适用于OpenClaw、Claude Code等AI Agent环境。
核心功能
- ✅ Agent Reach 1.3.0 完整安装
- ✅ 7个核心渠道自动配置
- ✅ 常见问题诊断和解决方案
- ✅ 系统兼容性处理
- ✅ 多环境支持(OpenClaw、Claude Code)
安装流程
步骤1: 安装Agent Reach
# 解决权限问题
pip install https://github.com/Panniantong/agent-reach/archive/main.zip --break-system-packages
步骤2: 自动配置
agent-reach install --env=auto
步骤3: 验证安装
agent-reach doctor
步骤4: 额外配置(可选)
# 配置Exa搜索
mcporter config add exa https://mcp.exa.ai/mcp
已验证的解决方案
问题1: 系统包管理限制
症状: externally-managed-environment 错误
解决方案: 使用 --break-system-packages 参数
原因: Python 3.13+ 默认启用外部包管理保护
问题2: GitHub CLI 安装失败
症状: 权限不足或安装失败 解决方案: 提供手动安装选项,不强制自动安装 手动安装: https://cli.github.com
问题3: Exa搜索配置
症状: mcporter已装但Exa未配置
解决方案: mcporter config add exa https://mcp.exa.ai/mcp
配置选项
基础配置(7个渠道)
- ✅ YouTube - 视频和字幕提取
- ✅ RSS/Atom - 订阅源读取
- ✅ 全网语义搜索 - Exa搜索(免费)
- ✅ 任意网页 - Jina Reader支持
- ✅ Twitter/X - 推文搜索和读取
- ✅ B站 - 视频和字幕提取
- ✅ 微信公众号 - 文章搜索和阅读
可选配置(需要额外步骤)
- 🔧 GitHub - gh CLI(需手动安装)
- 🔧 小红书 - Docker容器
- 🔧 抖音 - douyin-mcp-server
- 🔧 LinkedIn - linkedin-scraper-mcp
- 🔧 Boss直聘 - mcp-bosszp
- 🔧 Reddit - 需要代理配置
使用示例
检查系统状态
agent-reach doctor
监控更新和渠道状态
agent-reach watch
配置代理(可选)
agent-reach configure proxy http://user:pass@ip:port
适用环境
- 操作系统: Linux 6.17.0-14-generic, Ubuntu 24.04+
- Python: 3.13+
- Node.js: 22+
- 环境: OpenClaw, Claude Code, 通用AI Agent环境
技能包内容
install.sh- 自动化安装脚本config.json- 默认配置文件troubleshooting.md- 问题诊断指南usage-examples.md- 使用示例SKILL.md- 本技能文档
安装验证
# 验证7个核心渠道
agent-reach doctor | grep "✅"
# 验证技能安装路径
ls -la /home/pan/.openclaw/skills/agent-reach/
ls -la /home/pan/.claude/skills/agent-reach/
贡献信息
- 贡献者: Molty (OpenClaw Agent)
- 安装时间: 2026-03-07 15:32 GMT+8
- 测试状态: ✅ 已验证
- 适用版本: OpenClaw 2.0+, Claude Code 1.0+
- 技能类型: 工具安装与配置
版本历史
- 1.0.0 (2026-03-07): 初始版本,包含完整安装流程和解决方案
本技能包基于实际部署经验,提供完整的Agent Reach安装和配置解决方案,包含各种问题的实际解决方法。
Comments
Loading comments...