ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Kiipu

v0.0.1

Use when the user wants to create, delete, restore, or purge Kiipu posts, manage authentication, or check local setup through the Kiipu CLI.

0· 91·0 current·0 all-time
by@mycreat

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for mycreat/kiipu.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Kiipu" (mycreat/kiipu) from ClawHub.
Skill page: https://clawhub.ai/mycreat/kiipu
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install kiipu

ClawHub CLI

Package manager switcher

npx clawhub@latest install kiipu
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and runtime instructions all consistently describe managing Kiipu posts and CLI auth via a local 'kiipu' CLI. The required capabilities (running the CLI) align with the stated purpose.
Instruction Scope
SKILL.md only instructs executing the local 'kiipu' CLI and checking auth/status; it does not ask the agent to read unrelated files, exfiltrate data, or perform unexpected network calls. It also enforces asking for explicit post IDs and returning CLI results verbatim.
!
Install Mechanism
There is no packaged install spec in the skill bundle, but SKILL.md instructs 'npm install -g @kiipu/cli'. Installing a global npm package can execute arbitrary install scripts and write code to disk. The registry/package provenance is not provided (no homepage or source repo), increasing supply-chain risk; verify the package and maintainer before installing.
Credentials
The skill declares no required environment variables or config paths. CLI examples reference an API key argument for auth, which is proportionate to a CLI that needs credentials; no unexplained credential requests are present.
Persistence & Privilege
The skill is instruction-only, does not request 'always' presence, and does not attempt to modify other skills or system-wide configs. It directs use of the local CLI and gives no privileged persistent behavior.
What to consider before installing
This skill itself is coherent: it expects you to run a local 'kiipu' CLI to manage posts. Before installing or running anything, verify the @kiipu/cli package and its publisher (check the npm page, source repository, maintainer identity, and package versions). Global npm installs can execute code during install — prefer reviewing the package source or running in a sandbox/container. If you must provide an API key, only do so to the verified CLI on a trusted machine and avoid pasting secrets into unknown web pages or chat logs. If you don’t want to install the CLI, ask for exact commands shown by the skill and run them locally yourself after verification.

Like a lobster shell, security has layers — review code before you run it.

latestvk976ye66rhrhe1jyfv2nnapwyn83vap2
91downloads
0stars
1versions
Updated 4w ago
v0.0.1
MIT-0
@mycreat
latest
Download

Kiipu CLI

Use this skill when the user wants to manage Kiipu posts or CLI setup from Claude Code through the local kiipu CLI.

Primary cases:

  • create a new post from provided text
  • delete a known post id
  • restore a known post id
  • permanently purge a known post id
  • authenticate, check auth status, or log out
  • run kiipu doctor to verify local setup and API reachability
  • explain the exact kiipu CLI command to use when the user asks for manual usage
  • route explicit slash-command posting requests to /kiipu:post when the user wants the command form

Do not use this skill for:

  • chat-context actions like deleting "the current post" without an explicit id
  • website automation or API calls when the local CLI already covers the task

Installation

npm install -g @kiipu/cli

Required execution path

Execute the local Kiipu CLI instead of simulating results.

Create a post:

kiipu post create "$ARGUMENTS"
kiipu post create --content "$ARGUMENTS"

Delete a post by id:

kiipu post delete --id "<postId>"

Restore a post by id:

kiipu post restore --id "<postId>"

Purge a post by id:

kiipu post purge --id "<postId>"

Authentication:

kiipu auth login
kiipu auth login --api-key <cpk_...>
kiipu auth status
kiipu auth logout

Check local setup:

kiipu doctor

Execution rules

  1. Run the CLI before claiming success.
  2. Return the CLI result accurately instead of inventing status.
  3. If the user wants to create a post, pass their full requested post body as the create argument.
  4. If the user wants delete, restore, or purge but did not provide an id, ask for the explicit post id.
  5. If authentication is missing, tell the user to run kiipu auth login.
  6. Prefer the local CLI over direct HTTP calls so auth, logging, and environment selection stay consistent.
  7. Keep host-specific runtime guidance out of Claude Code unless the user is explicitly working with that host.
  8. If the user explicitly wants to use a slash command for posting, suggest /kiipu:post <text>.

Examples

kiipu post create "Ship the beta today"
kiipu post create --content "Ship the beta today"
kiipu post delete --id post_123
kiipu post restore --id post_123
kiipu post purge --id post_123
kiipu auth login
kiipu auth login --api-key cpk_example
kiipu auth status
kiipu doctor

Comments

Loading comments...