ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Boss Cli

v1.0.0

BOSS直聘 CLI 工具,支持职位搜索、求职申请管理、聊天、发送招呼等功能。通过逆向 BOSS直聘 API 实现,支持多城市、多筛选条件。当用户需要搜索 BOSS直聘 上的职位、查看公司信息、管理求职申请、联系 HR 时触发。

0· 133·1 current·1 all-time
by@aitowerofbabel-lang

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for aitowerofbabel-lang/boss-cli.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Boss Cli" (aitowerofbabel-lang/boss-cli) from ClawHub.
Skill page: https://clawhub.ai/aitowerofbabel-lang/boss-cli
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install boss-cli

ClawHub CLI

Package manager switcher

npx clawhub@latest install boss-cli
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a CLI client for BOSS直聘 and the CLI commands shown align with that purpose. However the package to install (kabi-boss-cli) has no source/homepage declared in the metadata, so provenance is missing.
!
Instruction Scope
Runtime instructions tell the agent to run 'pip install kabi-boss-cli' and to use 'boss login' which 'auto-detects browser Cookie'. That implies the CLI will access local browser cookie stores or other local state — behavior not declared in the skill metadata and potentially sensitive.
!
Install Mechanism
No install spec included in the skill metadata; the SKILL.md instructs installing a PyPI package of unclear origin. Installing arbitrary packages from PyPI is a supply-chain risk unless the package and source are verified.
!
Credentials
requires.env is empty but the instructions implicitly require access to browser cookies or local authentication state. Sensitive local credentials/config access is not declared or justified in the metadata.
Persistence & Privilege
always is false and there is no indication the skill demands persistent or platform-wide privileges or automatic inclusion. It does not request modification of other skills/configs.
What to consider before installing
This skill appears to be a wrapper around a third‑party CLI but lacks source/provenance and implicitly asks the agent to install and use a package that may read your browser cookies. Before installing, verify the package 'kabi-boss-cli' on PyPI/GitHub (author, source code, recent activity, issues). If you proceed: (1) run the install in an isolated environment (VM/container) or inspect the package source first; (2) avoid giving it access to your main browser profile — use a disposable browser/profile if cookie-based login is needed; (3) prefer official clients or documented APIs when possible; (4) do not run these commands if you cannot review the package code or trust its publisher. Because the skill can instruct the agent to run installs and logins, treat it as higher-risk until provenance is confirmed.

Like a lobster shell, security has layers — review code before you run it.

latestvk973jh3nds39dt3hv6yjb5j71x83qbsg
133downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@aitowerofbabel-lang
latest
Download

BOSS直聘 CLI (boss-cli)

安装

pip install kabi-boss-cli
# 或
uv tool install kabi-boss-cli

认证

# 自动检测浏览器 Cookie(推荐)
boss login

# 指定浏览器
boss login --cookie-source chrome

# QR 码登录
boss login --qrcode

核心命令

搜索职位

# 基础搜索
boss search "Python" -c 北京

# 按薪资筛选
boss search "后端" --salary 20-40K

# 按经验/学历/行业/公司规模筛选
boss search "AI" --exp 3-5 --degree 本科 --industry 人工智能 --scale 1000-9999

# 分页
boss search "产品经理" -c 上海 -p 2

查看与管理

# 展示上次搜索结果(简略索引)
boss show 3

# 查看完整详情
boss detail <securityId>

# 导出结果
boss export "Python" -n 50 -o jobs.csv
boss export "Python" --format json -o jobs.json

求职助手

# 查看推荐职位
boss recommend

# 查看已投递的职位
boss applied

# 查看面试邀请
boss interviews

# 查看浏览历史
boss history

# 查看个人中心
boss me --json

联系 HR

# 发送招呼
boss greet <securityId>

# 批量招呼(搜索结果前10人)
boss batch-greet "Python" -n 10

# 预览(不实际发送)
boss batch-greet "Python" --dry-run

工具

# 查看支持的城市列表
boss cities

# 查看版本
boss -v

# 调试模式(显示请求详情)
boss -v search "Python"

JSON 输出

所有命令支持 --json 参数,返回结构化 JSON:

{
  "ok": true,
  "schema_version": "1",
  "data": { ... }
}

故障排除

  • 认证失败: 运行 boss logout && boss login 重新登录
  • 搜索无结果: 检查城市过滤条件,部分关键词是城市专属的,用 boss cities 确认支持的城市
  • rate limit (code=9): 自动退避等待,重试即可

Comments

Loading comments...