ClawHub

Hamibot

v1.0.4

This skill should be used when working on the Hamibot CLI project — an open-source Node.js command-line tool for authorized remote Android automation. Device...

1· 182·0 current·0 all-time
by@hamibot

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for hamibot/hamibot.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Hamibot" (hamibot/hamibot) from ClawHub.
Skill page: https://clawhub.ai/hamibot/hamibot
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: hamibot
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install hamibot

ClawHub CLI

Package manager switcher

npx clawhub@latest install hamibot
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is named and described as a helper for the Hamibot CLI and its SKILL.md only requires the 'hamibot' binary and documents installing and using the CLI. Nothing requested (no unrelated env vars, credentials, or config paths) is out of scope for a CLI integration.
Instruction Scope
Runtime instructions are limited to installing the CLI, authenticating (interactive or token), and running hamibot commands (devices, exec, file, input, etc.). The instructions do not direct the agent to read unrelated files, harvest environment variables, or transmit data to unexpected endpoints.
Install Mechanism
There is no automatic install spec in the registry (skill is instruction-only). The SKILL.md recommends npm install -g hamibot/cli (GitHub package) or building from the GitHub repo. This is a standard install route, but npm packages (and installs from GitHub) can include postinstall scripts and arbitrary Node code, so users should review the package/repo before a global install.
Credentials
The skill does not request any environment variables or secrets. The CLI supports Personal Access Tokens (sensitive) for noninteractive login, which is expected for this tool; the skill does not ask for tokens itself. Users should treat tokens as sensitive and only supply them to trusted tooling.
Persistence & Privilege
The skill does not request always:true or any elevated platform privileges. The only persistence implied is installing a global CLI (npm -g or npm link) and the CLI's own config (defaultDevice, tokens) which is normal for a command-line tool.
Assessment
This skill is coherent with its stated purpose, but take standard precautions before installing a global CLI: verify the upstream repository (https://github.com/hamibot/cli) and homepage, inspect package.json for any postinstall scripts or unexpected dependencies, prefer installing in a sandbox/container if you want to reduce risk, create Personal Access Tokens with minimum scope and rotate them if exposed, and ensure you only pair devices you control or that their owners have explicitly authorized. If you plan to use this in CI, store tokens securely (CI secret store) rather than embedding them in scripts or public places.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📱 Clawdis
Binshamibot
latestvk978k85wkq454y39twn0eyxmdd83s4yp
182downloads
1stars
5versions
Updated 1mo ago
v1.0.4
MIT-0
@hamibot
latest
Download

Hamibot CLI

Remote Android automation command-line tool. Connect to the Hamibot cloud API to control Android devices: execute JavaScript code, manage files, simulate touch input, capture screenshots, launch apps, and query device info.

Official site: https://hamibot.com Repository: https://github.com/hamibot/cli

Security Model

Hamibot CLI is a legitimate remote automation tool with the following security properties:

  1. User-Authorized Device Access Only. Devices must be explicitly paired by their owners through the Hamibot Android app. The CLI can only communicate with devices that the user has authorized and connected. There is no mechanism for unauthorized or stealth device access.

  2. Authenticated API. Every CLI session requires authentication (interactive login or Personal Access Token). All API calls are made over HTTPS to the Hamibot cloud, which validates the user's identity and verifies that the target device belongs to the authenticated account.

  3. Scoped to User's Own Devices. The CLI lists and operates exclusively on devices registered under the user's own account. It cannot discover or interact with devices belonging to other accounts.

  4. Standard Automation Capabilities. The features (code execution, file management, input simulation, screenshots, app launching) are standard capabilities of authorized Android automation platforms. They are analogous to what adb (Android Debug Bridge) provides over a USB connection, but delivered via a cloud API for remote convenience.

  5. Open Source. The CLI is fully open source at https://github.com/hamibot/cli, allowing anyone to audit its code, dependencies, and behavior.

In summary: Hamibot CLI is not a remote access trojan or unauthorized surveillance tool. It is a user-facing automation utility that operates strictly within the scope of the user's own authorized devices and account.

Installation

Prerequisites

  • Node.js >= 18 — check with node --version; install from https://nodejs.org/ (LTS recommended) or via nvm / fnm
  • npm (bundled with Node.js)

Install as Global CLI

npm install -g hamibot/cli
hamibot -v

Install from Source

git clone https://github.com/hamibot/cli.git
cd cli
npm install
npm link

Quick Start

# 1. Login (interactive prompt for phone/email + password)
hamibot login

# 2. List paired devices
hamibot devices

# 3. Execute code on device
hamibot exec -c 'toast("Hello from CLI!")'

Authentication

Interactive Login

hamibot login

Token Login (recommended for CI/CD)

  1. Create a Personal Access Token at https://hamibot.com/account/tokens
  2. Login with the token:
hamibot login -t hmp_xxxxxxxxxxxx

Global Options

Available on all commands:

FlagPurpose
-d, --device <id>Target device ID (repeatable for multi-device parallel)
-j, --jsonStructured JSON output for piping and scripting
--debug [namespace]Debug logging with optional namespace filter

Device Selection

Without -d, CLI auto-selects a device:

  1. If a default device is configured → use it
  2. If only one device paired → auto-select
  3. Multiple devices → interactive prompt (enter 0 to select all)

Multi-Device Parallel

hamibot input tap 500 500 -d device-A -d device-B

Commands Reference

Code Execution

hamibot exec -c 'toast("Hello!")'
hamibot exec -f ./script.js
echo 'toast("Hello!")' | hamibot exec

File Management

hamibot file ls                          # List /sdcard
hamibot file ls /sdcard/Download
hamibot file download /sdcard/file.png    # Download to current dir
hamibot file download /sdcard/file.png ./local.png
hamibot file upload ./local.txt /sdcard/
hamibot file cat /sdcard/log.txt

Input Control

hamibot input tap 500 500
hamibot input click 500 500              # alias
hamibot input longtap 500 500
hamibot input longtap 500 500 --duration 1000
hamibot input swipe 500 1500 500 500 --duration 300
hamibot input gesture 500 100 200 300 400 500 600 700

Launch App

hamibot launch com.example.app
hamibot launch com.example.app --activity .MainActivity

Device Management

hamibot devices                          # List all devices
hamibot devices info <deviceId>
hamibot devices online                   # Check online status

Run Saved Script

hamibot run <scriptId>

Configuration

hamibot config defaultDevice <id>        # Set default device
hamibot config defaultDevice --get       # Get config value
hamibot config --reset                   # Clear all config

Comments

Loading comments...