ClawHub

PKU Campus Card

v1.0.0

PKU Campus Card (校园卡) CLI tool built in Rust. Use this skill when working on the campuscard crate, debugging campus card commands, adding features, or when t...

0· 135·0 current·0 all-time
by@wjsoj

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for wjsoj/pku-campuscard.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "PKU Campus Card" (wjsoj/pku-campuscard) from ClawHub.
Skill page: https://clawhub.ai/wjsoj/pku-campuscard
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pku-campuscard

ClawHub CLI

Package manager switcher

npx clawhub@latest install pku-campuscard
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The SKILL.md describes a Rust CLI for PKU campus card operations and debugging (auth flows, mobile UA, http1_only, commands, session storage). References to the keyring, environment vars, and ~/.config/info/campuscard/ are appropriate for a CLI that performs login and persists sessions. There is no unexpected cloud credential or unrelated service access requested.
Instruction Scope
The runtime instructions explicitly mention auto-login that 'reads credentials from OS keyring' and commands that persist session state; these actions are within the tool's stated purpose but involve sensitive local secrets. The instructions do not direct the agent to read unrelated system files or exfiltrate data to non-Synjones endpoints, but they do assume access to the user's keyring and environment for credential resolution.
Install Mechanism
This is an instruction-only skill with no install spec and no code files shipped in the skill bundle, so nothing is downloaded or written by the skill installer itself. That reduces install-time risk.
Credentials
No required env vars are declared, but SKILL.md documents credential resolution order: keyring → env → interactive. This is proportionate to a CLI that can auto-login, but it does mean the agent may read environment variables and the OS keyring at runtime. No unrelated secrets or multiple external service credentials are requested.
Persistence & Privilege
The skill persists session data to ~/.config/info/campuscard/, which is consistent with a CLI session cache. The skill is not marked 'always:true' and does not request system-wide modifications or other skills' configs.
Assessment
This skill appears to be what it says: a developer-focused CLI for PKU campus card operations. Before installing or using auto-login, be aware it will read credentials from your OS keyring (and may fall back to environment variables) and will store session tokens under ~/.config/info/campuscard/. Only enable auto-login if you trust the skill source and the agent; otherwise run login commands interactively and inspect or delete ~/.config/info/campuscard/ after use. Because the skill bundle contains only instructions (no shipped code), consider reviewing the actual campuscard crate source (or obtaining the binary from a trusted build) before granting the agent permission to execute login or network actions.

Like a lobster shell, security has layers — review code before you run it.

campus-cardvk97anhk4vm2x5fw63758r9mzw584grnpclivk97anhk4vm2x5fw63758r9mzw584grnplatestvk97anhk4vm2x5fw63758r9mzw584grnppkuvk97anhk4vm2x5fw63758r9mzw584grnprustvk97anhk4vm2x5fw63758r9mzw584grnp
135downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@wjsoj
campus-cardclilatestpkurust
Download

Campuscard - 北大校园卡 CLI

A CLI client for PKU's campus card system (Synjones platform at bdcard.pku.edu.cn).

Architecture

  • Crate location: crates/campuscard/
  • Auth flow: IAAA SSO (app_id="portal2017") → portal → berserker-auth → JWT
  • API: JSON REST with synjones-auth header
  • Constraints: Requires mobile UA (PKUANDROID) and http1_only() (server rejects HTTP/2)

Key Source Files

  • src/main.rs — Clap CLI with subcommands
  • src/commands.rs — Command implementations
  • src/api.rs — API client with synjones-auth header injection
  • src/display.rs — Terminal output, QR code rendering
  • src/client.rs — reqwest client with mobile UA and HTTP/1.1 enforcement

CLI Commands

CommandAliasFunction
login / logout / statusIAAA → portal → berserker → JWT
infoCard balance and details
payDisplay payment QR code in terminal
rechargeTop up card balance
billslsTransaction history (pagination, monthly filter)
statsMonthly spending statistics
otpTOTP 2FA management

Auto-Login for AI Agents

# Check session status
info-auth check

# Auto-login (reads credentials from OS keyring, no password needed)
campuscard login -p

Development Notes

  • The auth chain is the most complex: IAAA → portal → berserker-auth → JWT token
  • Must use mobile User-Agent (PKUANDROID) or requests will be rejected
  • Must use http1_only() — the Synjones server does not support HTTP/2
  • QR code for payment displayed via info_common::qr (viuer or system viewer)
  • All user-facing strings in Chinese
  • Error handling: anyhow::Result with .context("中文描述")
  • Session persisted to ~/.config/info/campuscard/
  • Credentials resolved via info_common::credential (keyring → env → interactive)

Comments

Loading comments...