Kimi Code CLI
WarnAudited by ClawScan on May 10, 2026.
Overview
This is mostly a Kimi coding-CLI wrapper, but an included helper builds shell commands from unescaped user input, which could turn task text or paths into unintended local commands if used.
Install only if you trust the Kimi CLI and are comfortable sending coding tasks to it. Use a separate working directory, review file diffs, stop background sessions when finished, and avoid using the included command-generation helper with untrusted task text unless it is fixed to quote inputs safely.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If task text or a path contains quotes or shell metacharacters, running the generated command could execute unintended local commands.
The helper inserts user-controlled task text and cwd directly into a shell/OpenClaw command string without escaping or argument separation.
cmd = f'''bash pty:true workdir:{workdir} timeout:{timeout} command:"kimi '{task}'"'''Do not run generated commands blindly. The helper should use safe argument construction, shlex-style quoting, strict cwd validation, and a visible approval step before execution.
Kimi may change many files in the selected project directory.
The skill intentionally delegates file creation and modification to an external CLI through OpenClaw exec, which is central to its coding purpose but high-impact.
Kimi CLI:按指令在指定目录里创建/修改文件、生成脚本/项目、给出执行步骤
Use a clean or version-controlled working directory, review diffs, and avoid pointing it at unrelated private files.
Prompts, code context, and generated work may be processed under the user's Kimi account.
The skill expects the local Kimi CLI to be logged in, implying use of a Kimi account/session even though registry metadata declares no primary credential.
已登录:`kimi /login`
Use an appropriate Kimi account, understand what data the CLI sends to Kimi, and avoid submitting secrets or sensitive code unless acceptable.
Users must trust that the locally installed kimi-cli package is legitimate and safe.
The skill relies on an external pip-installed CLI, but the registry has no install spec, pinned version, homepage, or provenance details.
Kimi Code CLI 已安装:`pip install kimi-cli`
Install kimi-cli from an official source, verify package provenance, and consider pinning a known-good version.
A Kimi process may keep running after the initial request until it is explicitly stopped.
The skill supports background interactive sessions. The documentation includes process kill instructions, and no automatic startup implementation is present in the supplied files.
bash pty:true workdir:~/project background:true command:"kimi"
Monitor background sessions and use the documented kill command when the task is done.