ClawHub

Lobster Cli Anything

v1.0.0

Use when the user wants OpenClaw to build, refine, test, or validate a CLI-Anything harness for a GUI application or source repository. Adapts the CLI-Anythi...

0· 37·1 current·1 all-time
by@wangxiaofei860208-source
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the SKILL.md: it builds/refines/tests CLI harnesses for a target repository or local source tree. It does not ask for unrelated credentials, binaries, or config paths.
Instruction Scope
The SKILL.md instructs the agent to acquire the source tree (local path or GitHub URL), read repository docs (e.g., ../cli-anything-plugin/HARNESS.md if present), run tests, and install locally (pip install -e .). These actions are appropriate for the stated task but give the agent permission to access local files, clone remote repos, and execute the repository's code/tests — which is expected but should be treated as running untrusted code unless the source is trusted or sandboxed.
Install Mechanism
No install spec or downloaded artifacts are defined; this is an instruction-only skill. That is the lowest-risk pattern from an install-perspective.
Credentials
The skill declares no environment variables, credentials, or config paths. The runtime instructions may require filesystem and network access to clone and run the target project, but they do not demand unrelated secrets or external service tokens.
Persistence & Privilege
The skill is not always-on and is user-invocable. It does not request permanent platform privileges or ask to modify other skills or global agent settings.
Assessment
This skill appears to do what it says: build, refine, test, and validate a CLI harness by operating on a local path or cloning a GitHub repo and running code/tests. Before using it, consider: (1) the agent will access your filesystem and may read repo files such as ../cli-anything-plugin/HARNESS.md — ensure you’re comfortable with that; (2) the agent will clone/run code and tests from the target repo (network access, subprocess execution, pip install -e .) — treat untrusted repositories as potentially unsafe and run in an isolated environment (container or ephemeral VM); (3) verify there are no sensitive files or credentials in the target repo you don’t want exposed; (4) prefer running the skill with least privileges and monitor which commands the agent executes. If you need stricter controls, review the repository contents yourself before asking the agent to run tests or installs.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a7rcjmycd5rh5ht3edy336d846cbx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments