3232

v1.0.0

Manage AI agent skills using the @tiktok-fe/skills CLI (binary: ai-skills). Use when the user asks to find, search, install, add, remove, update, publish, li...

⭐ 0· 185·0 current·0 all-time

bynanki@nanki-nn

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for nanki-nn/323.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "3232" (nanki-nn/323) from ClawHub.
Skill page: https://clawhub.ai/nanki-nn/323
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install 323

ClawHub CLI

Package manager switcher

npx clawhub@latest install 323

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

Name/description (manage AI agent skills via the ai-skills CLI) aligns with the provided SKILL.md and command documentation. The files describe discovery, install, list, remove, publish, update, etc., which fit the stated purpose.

ℹ

Instruction Scope

The runtime instructions instruct the agent to invoke the external ai-skills CLI for finding, adding, removing, publishing, and scanning skills. That CLI scans multiple project/global agent directories (e.g., ~/.cursor, .claude, project subfolders) and reads SKILL.md files — which is expected for a skill manager but means the agent will access many local paths. The SKILL.md also advises using non-interactive flags and to run login/publish commands which may read or upload local skill directories.

Install Mechanism

There is no packaged install in the skill bundle; instead the instructions tell agents to run `npm install -g @tiktok-fe/skills` or `npx @tiktok-fe/skills`. That causes remote code to be installed and executed from the npm registry. Even if the package is legitimate, asking an agent to globally install and run a third‑party package increases risk (arbitrary code execution, persistent binary on host).

✓

Credentials

The skill declares no required environment variables or credentials. The text references auth for publishing (browser SSO via `ai-skills login`), and a telemetry env var (DISABLE_TELEMETRY) which is plausible and proportionate for a CLI that interacts with a registry.

✓

Persistence & Privilege

The skill is instruction-only and not marked always:true. It does not request persistent platform privileges or modify other skills' configs in the provided docs. However, the CLI it recommends can write files (install skills to agent directories) and publish to registries if invoked.

What to consider before installing

This skill is coherent with its stated purpose, but exercise caution before letting an agent run it autonomously. Key points to consider: - Installing and running `@tiktok-fe/skills` via `npm install -g` or `npx` will download and execute third‑party code on the host — review the npm package and its source repository first. - The CLI scans many project and home directories and can copy/symlink or remove files across agent directories; ensure you trust the tool before granting it filesystem access. - `ai-skills publish` will read and upload a skill directory to a registry; don't run publish on directories that contain secrets or unrelated proprietary files. - `ai-skills login` uses SSO and may result in credentials or session tokens being created; understand the registry and its access controls before authenticating from an automated agent. - If you proceed: run the CLI in a sandboxed environment, prefer `npx` (transient) over global install, audit the package source, and consider disabling telemetry (set DISABLE_TELEMETRY) and avoiding publish operations from agents.

Like a lobster shell, security has layers — review code before you run it.

latestvk978mf45fbhj2kyxsxvbdr1ha5833ev6

185downloads

0stars

1versions

Updated 1h ago

v1.0.0

MIT-0

AI Skills CLI

@tiktok-fe/skills (ai-skills) discovers, installs, and manages AI agent skills across 30+ platforms.

npm install -g @tiktok-fe/skills
# or: npx @tiktok-fe/skills [command]

Pure Mode (Required)

The CLI defaults to interactive CLI mode with colors, spinners, arrow-key navigation, and confirmation prompts. This WILL hang/block when called by an AI agent. Always use --pure to switch to non-interactive plain-text mode.

What `--pure` changes

Behavior	CLI mode (default)	Pure mode (`--pure`)
Output	ANSI colors, spinners, animations	Plain `console.log`, no escape codes
Prompts	Interactive confirmation dialogs	Skipped — operations that need confirmation silently fail
Overwrite	Asks "overwrite?" prompt	Always returns `false` — use `--force` to overwrite
Search	Real-time Ink UI with keyboard nav	Paginated text output
Scope selection	Interactive multi-select	Fails if not specified — always pass `-p`/`-g`/`-t`/`--dir`
Manage	Ink-based React terminal UI	Falls back to `list` output

Preventing hangs

Commands that block without proper flags:

# WRONG — will hang on scope selection prompt
ai-skills add my-skill --source local --pure

# CORRECT — scope specified, no prompt
ai-skills add my-skill --source local --project --pure

# WRONG — will silently skip existing skill (shouldOverwrite=false)
ai-skills add my-skill --source local --project --pure

# CORRECT — force overwrite
ai-skills add my-skill --source local --project --pure --force

# WRONG — will hang on confirmation prompt
ai-skills update --project --pure

# CORRECT — auto-confirm
ai-skills update --project --pure -y

# WRONG — will hang on clean confirmation
ai-skills clean --project --pure

# CORRECT — force clean
ai-skills clean --project --pure --force

Complete flag checklist

Every command invoked by an AI agent must include:

--pure — plain-text output, no ANSI codes, no interactive prompts
Scope flag — -p (project), -g (global), -t <dir>, or --dir <dir>
Confirmation skip — -y (for update/publish) or --force (for add/remove/clean)
--source — local, github, gitlab, codebase, wellknown

Quick Reference

Find skills

ai-skills find "query" --pure --page 1
ai-skills find react --source github --pure
ai-skills find --tag typescript --filter community --pure

Install skills

# From internal registry
ai-skills add skill-name --source local --project --pure -y

# From GitHub (specific skill)
ai-skills add owner/repo --source github --skill skill-name --project --pure -y

# All skills from a repo
ai-skills add owner/repo --source github --project --pure -y

# Force overwrite
ai-skills add skill-name --source local --project --pure --force

List / Remove / Update

ai-skills list --project --pure
ai-skills remove skill-name --project --pure --force
ai-skills update --project --pure -y
ai-skills update --list --project --pure          # check only

Auth & Config

ai-skills whoami --json
ai-skills login --pure
ai-skills config --json

Create & Publish

ai-skills init --name my-skill --template basic --pure
ai-skills publish --dir ./my-skill --pure -y
ai-skills unpublish user/skills/name --version 1.0.0 --pure --force

Other

ai-skills agents --pure                           # list supported agents
ai-skills clean --project --pure --force           # remove all skills

Output Parsing

Command	Success	Error
add	`Installed: name`	`Error:`, `Already installed:`, `No agents found`
remove	`Removed: name`	`not found`, `Cannot remove:`
update	`Updated: N, Skipped: N, Failed: N`	—
publish	`Published: name@ver`	`Not logged in`
clean	`Cleaned: N skill(s) removed`	—
login	`Login successful:`	`Login failed:`
init	`Created: /path/SKILL.md`	`Error:`

Common Workflows

Install a skill for a project

ai-skills find typescript --pure --page 1
ai-skills add typescript-config --source local --project --pure -y
ai-skills list --project --pure

Update all project skills

ai-skills update --list --project --pure
ai-skills update --project --pure -y

Publish a new skill

ai-skills whoami --json
ai-skills init --name my-skill --template basic --pure
# (edit SKILL.md)
ai-skills publish --dir ./my-skill --pure -y

Detailed References

For command-specific options, arguments, and output formats, read the corresponding file under llms/:

Topic	File
CLI overview	llms/cli-overview.txt
Commands
add (install)	llms/commands/add.txt
find (search)	llms/commands/find.txt
list	llms/commands/list.txt
remove	llms/commands/remove.txt
update	llms/commands/update.txt
init	llms/commands/init.txt
publish	llms/commands/publish.txt
unpublish	llms/commands/unpublish.txt
clean	llms/commands/clean.txt
config	llms/commands/config.txt
login	llms/commands/login.txt
whoami	llms/commands/whoami.txt
agents	llms/commands/agents.txt
manage	llms/commands/manage.txt
Guides
AI best practices	llms/guides/ai-best-practices.txt
SKILL.md format	llms/guides/skill-format.txt
Source platforms	llms/guides/source-platforms.txt
Supported agents	llms/guides/agents-list.txt

Read these files only when detailed information is needed for a specific command or topic.

Comments

Loading comments...