ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cli Tool Generator

Generate production-ready CLI tool skeletons in Bash or Python with argument parsing, help docs, error handling, and shell completions in seconds.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 37 · 0 current installs · 0 all-time installs
by@zhaog100
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md and tests assume a top-level 'cligen' CLI entry point (used via `cligen create`, `cligen validate`, etc.), but the manifest does not include that executable file nor any install steps to create it. The repository/version metadata in package.json (1.0.0) differs from the registry version (1.2.1). This mismatch makes the advertised capability incoherent with the files provided.
!
Instruction Scope
Runtime instructions tell the agent to run `cligen` subcommands directly, but no install or wrapper is provided. The included scripts read local state (pwd, whoami, uname), optional env vars (CONFIG_FILE, VERSION), and contain an `install` command that copies files into /usr/local/bin — behavior that touches system paths and requires privileges. While these actions can be legitimate for a CLI generator, the SKILL.md does not document installation or privilege requirements, nor does it declare the env vars used.
Install Mechanism
There is no install spec (lowest install risk). That said, code files are present and tests expect an executable; the package appears incomplete (missing a top-level 'cligen' wrapper or install instructions). Because there's no install mechanism declared, the agent cannot reliably make the tool available on PATH as the SKILL.md assumes.
Credentials
The skill declares no required environment variables, which is consistent with registry metadata. However, the scripts reference optional env vars (CONFIG_FILE, VERSION) and check for several system binaries (git, sed, awk, curl). These are reasonable for a CLI generator, but the SKILL.md does not document them, creating a mild proportionality/documentation gap.
Persistence & Privilege
The skill does not request persistent 'always' inclusion and does not modify other skills. However, its `install` command copies files into /usr/local/bin and will require write permissions; if executed by the agent in a privileged environment it could overwrite binaries. This is not proven malicious but is a risk to be aware of.
What to consider before installing
This package looks incomplete or mispackaged: SKILL.md instructs the agent to run a `cligen` command, but there is no top-level `cligen` executable or install instructions included. Before installing or allowing the agent to run it autonomously: (1) ask the publisher for the missing CLI entrypoint or an install script, or obtain the upstream GitHub repo to verify contents and checksums; (2) inspect the `cligen` wrapper (if provided) to ensure it won't unexpectedly download or execute remote code; (3) avoid running the included tests or the `install` command as a privileged user — the install step copies to /usr/local/bin and could overwrite system files; (4) if you want to try it, run it inside a sandbox/container so any filesystem writes are isolated. If the publisher provides a proper install step or the missing entrypoint, re-evaluate then; as-is the mismatch makes the skill suspicious.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.2.1
Download zip
latestvk979ejn7vmp9kat1a0b6mzcby5830hwk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

cligen - CLI Tool Generator

Fast CLI tool scaffolding generator for Bash & Python

Overview

Generate production-ready CLI tool skeletons with proper argument parsing, help docs, error handling, and shell completions — in seconds.

Usage

For the AI Agent

When the user asks to "create a CLI tool" or "generate a command-line tool":

  1. Run cligen create with the appropriate parameters
  2. If the user specifies requirements, translate them into --commands
  3. Validate the generated tool with cligen validate
  4. Report results to the user

CLI Commands

# Generate a new CLI tool (Bash)
cligen create --name mytool --lang bash --commands "status,deploy,config" --desc "My deployment tool"

# Generate a new CLI tool (Python)
cligen create --name mytool --lang python --commands "build,test" --desc "Build tool"

# Validate an existing CLI tool
cligen validate ./mytool/

# Generate shell completions
cligen completions --shell bash --commands "build,test,deploy"

# Check development environment
cligen doctor

Options

OptionDescriptionDefault
--name NAMETool name (required)-
--desc DESCTool description""
--lang LANGLanguage: bash|pythonbash
--commands CMDsComma-separated commandshelp,version
--output DIROutput directory./<name>
--non-interactiveSkip promptsfalse

What Gets Generated

  • Main script — executable entry point with full arg parsing & dispatch
  • README.md — usage documentation
  • .gitignore — language-appropriate ignores
  • requirements.txt — (Python only) dependency file

Best Practice Checks

The validate command checks 10 criteria:

  1. Executable main script
  2. Valid shebang
  3. Strict mode (Bash: set -euo pipefail)
  4. Error handling
  5. Argument parsing
  6. Help documentation
  7. Version information
  8. README.md
  9. .gitignore
  10. Copyright header

File Structure

skills/cli-tool-generator/
├── SKILL.md              # This file
├── cligen                # CLI entry point
├── src/
│   ├── generator.sh      # Core generation logic
│   ├── preflight.sh      # Environment checks
│   ├── validator.sh      # Best practice validation
│   ├── templates/        # (reserved for future templates)
│   └── completions/      # (reserved for future completions)
├── tests/
│   └── test_all.sh       # Full test suite
└── package.json

Trigger Phrases

  • "create a CLI tool"
  • "generate a command-line tool"
  • "CLI scaffold"
  • "新建命令行工具"
  • "生成CLI工具"

📄 许可证与版权声明

MIT License Copyright (c) 2026 思捷娅科技 (SJYKJ) 免费使用、修改和重新分发时,需注明出处。 出处:GitHub: https://github.com/zhaog100/xiaomili-skills | ClawHub: https://clawhub.com | 创建者: 思捷娅科技 (SJYKJ) 商业使用授权:个人免费 | 小微¥999/年 | 中型¥4,999/年 | 大型¥19,999/年

Files

6 total
Select a file
Select a file to preview.

Comments

Loading comments…