Create a composable CLI from docs, specs, SDKs, apps, or scripts.
This skill is prompt/documentation-only: it requires no secrets, declares no remote endpoints, and does not directly execute code or access data by itself. Given its open-source GitHub source and strong community adoption, the overall risk is low; the main caveat is that it may guide later creation/installation of local CLIs, which is a usage-stage consideration rather than a direct risk of the material itself.
The material explicitly states that no keys or environment variables are required. The README mentions that future generated CLIs may manage auth, but this skill itself does not collect, store, or expose credentials.
No remote endpoints are declared, and the system marks it as prompt-only. While the docs discuss building CLIs from APIs/OpenAPI sources, there is no evidence that this skill itself sends user data to external services.
The README includes shell examples such as `command -v` and guides later CLI scaffolding, but the audited artifact is prompt/documentation content rather than an executable component. The material itself does not directly spawn local processes or execute code.
The docs mention creating projects under paths like `~/code/clis/<tool-name>` and generating tools for local scripts or repos, but the skill itself does not declare any file read/write, repository scanning, or system resource access permissions.
The source is the open-source openai/skills repository on GitHub with high community adoption (~22k stars), which materially lowers supply-chain risk. The missing license declaration and unknown maintenance status are minor gaps, but without other red flags they do not justify a higher rating.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "cli-creator" skill from askskill: 1. Download https://raw.githubusercontent.com/openai/skills/main/skills/.curated/cli-creator/SKILL.md 2. Save it as ~/.claude/skills/cli-creator/SKILL.md 3. Reload skills and tell me it's ready
Create a real CLI that future Codex threads can run by command name from any working directory.
This skill is for durable tools, not one-off scripts. If a short script in the current repo solves the task, write the script there instead.
Name the target tool, its source, and the first real jobs it should do:
list drafts, download failed job logs, search messages, upload media, read queue schedule.ci-logs, slack-cli, sentry-cli, or buildkite-logs.Prefer a new folder under ~/code/clis/<tool-name> when the user wants a personal tool and has not named a repo.
Before scaffolding, check whether the proposed command already exists:
command -v <tool-name> || true
If it exists, choose a clearer install name or ask the user.
Before choosing, inspect the user's machine and source material:
command -v cargo rustc node pnpm npm python3 uv || true
Then choose the least surprising toolchain:
~/.local/bin.Do not pick a language that adds setup friction unless it materially improves the CLI. If the best language is not installed, either install the missing toolchain with the user's approval or choose the next-best installed option.
State the choice in one sentence before scaffolding, including the reason and the installed toolchain you found.
Sketch the command surface in chat before coding. Include the binary name, discovery commands, resolve or ID-lookup commands, read commands, write commands, raw escape hatch, auth/config choice, and PATH/install command.
When designing the command surface, read references/agent-cli-patterns.md for the expected composable CLI shape.
Build toward this surface:
tool-name --help shows every major capability.tool-name --json doctor verifies config, auth, version, endpoint reachability, and missing setup.tool-name init ... stores local config when env-only auth is painful.--limit, cursor, offset, or clearly documented default.--dry-run, draft, or preview first when the service allows it, and do not hide writes inside broad commands such as fix, debug, or auto.--json returns stable machine-readable output.request, tool-call, api, or the nearest honest name.Do not expose only a generic request command. Give Codex high-level verbs for the repeated jobs.
Document the JSON policy in the CLI README or equivalent: API pass-through versus CLI envelope, success shape, error shape, and one example for each command family. Under --json, errors must be machine-readable and must not contain credentials.
…
Capture full-screen, window, or region screenshots at the operating system level.
Analyze a codebase for threats, abuse paths, and mitigations in Markdown.
Interact with persistent browsers and Electron apps for fast iterative UI debugging.
Migrate instruction files, skills, agents, and MCP configs into Codex files.
Analyze Git history to map security ownership and identify sensitive code bus-factor risks.
Build, review, refactor, and architect modern ASP.NET Core web applications.
Turn local AI coding history into an anonymized developer profile and poster.
Create or update skills that extend Codex with knowledge, workflows, and tools.
Use modular, validated skills and workflows to accelerate AI-assisted software development.
Configure Codex CLI settings, skills, and prompts for faster coding workflows.
Build and deploy Claude skills, commands, and prompt templates at scale
Discover curated Claude Code skills, plugins, and workflows to extend AI coding