Cc Helper
ReviewAudited by ClawScan on May 13, 2026.
Overview
This is a coherent Claude Code setup guide, but users should review the credential, third-party provider, and installation-command steps carefully.
Install this only if you want help configuring Claude Code with third-party API providers. Review commands before running them, use revocable API keys, verify provider URLs, and make sure any .claude/settings.local.json containing secrets is not committed or shared.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A provider API key entered into this setup can be used by Claude Code to make requests that may incur cost or expose account quota.
The skill intentionally helps users configure provider API credentials for Claude Code. This is expected for the purpose, but those tokens grant access to paid third-party API accounts.
认证方式说明:`ANTHROPIC_AUTH_TOKEN` 用于 Bearer Token 认证... `ANTHROPIC_API_KEY` 用于 x-api-key 认证
Use scoped or revocable API keys where possible, monitor provider usage, and revoke keys if they are no longer needed.
Your Claude Code prompts and potentially project content may be processed by the chosen third-party provider rather than Anthropic.
The skill routes Claude Code traffic to a selected or custom provider endpoint. This is the stated purpose, but it changes where prompts, project context, and API credentials may be sent.
用户自行提供: - `ANTHROPIC_BASE_URL` - 认证方式(`ANTHROPIC_AUTH_TOKEN` 或 `ANTHROPIC_API_KEY`) - 模型名
Choose only providers you trust, verify the base URL, and review the provider’s privacy and retention terms before using it with sensitive projects.
If this settings file is shared or committed accidentally, it could leak an API key or cause future Claude Code sessions to use an unexpected provider.
The workflow can persist provider routing and an API token in a project-local Claude settings file, which future Claude Code sessions may reuse.
在当前项目目录下创建 `.claude/settings.local.json`... "ANTHROPIC_AUTH_TOKEN": "你的API-Key"
Keep settings.local.json local, confirm it is ignored by Git, and review persistent Claude settings before working on sensitive projects.
Running these commands can install or modify software on your system.
The setup guide relies on global package installation and remote installer scripts. These are common setup steps and are user-directed, but they require trust in external package sources.
`npm install -g @anthropic-ai/claude-code` ... `/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"` ... `curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash`
Run installation commands manually, verify URLs against official documentation, and avoid copying commands you do not understand.
Running this command may log you out of Claude Code or remove saved authentication state.
Troubleshooting includes a destructive shell command to remove Claude’s saved credential file. It is scoped and explained, but it can alter authentication state.
rm -rf ~/.claude/credentials.json # 清除登录 Token
Only run credential-removal commands when you understand the effect, and consider backing up the file first.