首页龙虾技能列表 › Openpond Cli — 技能工具

Openpond Cli — 技能工具

v0.1.1

Use the OpenPond CLI to create repos, watch deployments, and run tools without the web UI.

2· 663·1 当前·1 累计
by @glucrypto·MIT-0
下载技能包
License
MIT-0
最后更新
2026/3/1
安全扫描
VirusTotal
无害
查看报告
OpenClaw
可疑
high confidence
The skill's instructions match an OpenPond CLI but the registry metadata omits the binaries/env the CLI actually needs and the runtime steps read/modify local git config and persist credentials — plausible for the stated purpose but the omissions and credential persistence are concerning.
评估建议
This skill appears to be a normal CLI wrapper for OpenPond, but the package metadata is incomplete and the runtime steps touch sensitive local state. Before installing or allowing an agent to use it: 1) Verify the 'openpond-code' npm package source and integrity (inspect its repo, reviews, and latest release). Prefer using 'npx' or a scoped/test environment instead of a global install. 2) Use a limited-scope or disposable OPENPOND_API_KEY when testing, and rotate it afterwards. 3) Be aware the C...
详细分析 ▾
用途与能力
Name/description describe an OpenPond CLI helper. However the skill metadata declares no required binaries or env vars while the SKILL.md clearly expects npm/npx, the 'openpond' CLI, and git. The missing declared requirements is an incoherence: a CLI helper normally would declare these dependencies.
指令范围
Runtime instructions tell the agent to install/open/use the 'openpond' CLI, run git commands, read/modify .git/config (tokenize origin temporarily), and rely on ~/.openpond/cache.json for cached credentials. These actions are within the functional scope (managing repos/deployments) but they involve reading/modifying local git config and persisting API tokens — sensitive operations that the metadata did not advertise.
安装机制
This is an instruction-only skill (no install spec), so nothing is written by the registry itself. The SKILL.md instructs users/agents to run 'npm i -g openpond-code' or use 'npx'. That delegates installation to npm at runtime — lower risk from the registry, but you must vet the npm package (supply chain risk).
凭证需求
Metadata lists no required environment variables, yet SKILL.md documents optional/expected vars (OPENPOND_API_KEY, OPENPOND_BASE_URL, etc.) and shows non-interactive login via an API key. Requesting and caching API keys is reasonable for this CLI, but the omission from declared requirements reduces transparency and increases the chance of accidental credential exposure.
持久化与权限
always:false and autonomous invocation are default and acceptable. The SKILL.md does indicate persistent state: a cache file at ~/.openpond/cache.json and temporary changes to .git/config during tokenized pushes. These are expected for a CLI that authenticates and pushes code, but they do create persistent tokens and modify local repo config.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv0.1.12026/2/13

openpond-cli v0.1.1 - Initial release of OpenPond CLI workflows. - Create and manage OpenPond repositories from the command line, including interactive and non-interactive login. - Support for pushing code to repos, watching deployments, and managing tools without the web UI. - Account-level commands to list apps, run tools, view performance, and create agents. - OpenTool passthrough commands available via `npx`. - Configurable via environment variables and supports caching.

● 无害

安装命令 点击复制

官方npx clawhub@latest install openpond-cli
镜像加速npx clawhub@latest install openpond-cli --registry https://cn.clawhub-mirror.com

技能文档

Use this skill when an agent needs to create or manage OpenPond apps via the CLI, without MCP.

Quick setup

  • Install: npm i -g openpond-code (or npx --package openpond-code openpond )
  • Auth: run openpond login or set OPENPOND_API_KEY
  • Non-interactive login: openpond login --api-key opk_...

Common workflows

  • Create internal repo and attach remote:
- openpond repo create --name my-repo --path .
  • Non-interactive push (tokenized remote):
- openpond repo create --name my-repo --path . --token - git add . && git commit -m "init" - openpond repo push --path . --branch main - openpond repo push reads .git/config, temporarily tokenizes origin, and restores it after push.
  • Watch deployments:
- openpond deploy watch handle/repo --branch main
  • List and run tools:
- openpond tool list handle/repo - openpond tool run handle/repo myTool --body '{"foo":"bar"}'
  • Account-level APIs:
- openpond apps list [--handle ] [--refresh] - openpond apps tools - openpond apps performance --app-id app_123 - openpond apps agent create --prompt "Build a daily digest agent"

OpenTool passthrough

Use the CLI to run OpenTool commands via npx:

  • openpond opentool init --dir .
  • openpond opentool validate --input tools
  • openpond opentool build --input tools --output dist

Config and URLs

  • Optional env vars: OPENPOND_BASE_URL, OPENPOND_API_URL, OPENPOND_TOOL_URL, OPENPOND_API_KEY
  • Cache file: ~/.openpond/cache.json (auto-refreshes on next use)
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务