cli-creator
$
npx mdskill add openai/skills/cli-creatorBuild durable, composable CLIs from API docs or existing scripts.
- Generates persistent command-line tools for any repository or personal use.
- Integrates with OpenAPI specs, SDKs, curl examples, and internal scripts.
- Validates existing commands before scaffolding new tool installations.
- Delivers stable JSON output and manages authentication for every tool.
SKILL.md
.github/skills/cli-creatorView on GitHub ↗
--- name: cli-creator description: Build a composable CLI for Codex from API docs, an OpenAPI spec, existing curl examples, an SDK, a web app, an admin tool, or a local script. Use when the user wants Codex to create a command-line tool that can run from any repo, expose composable read/write commands, return stable JSON, manage auth, and pair with a companion skill. --- # CLI Creator Create a real CLI that future Codex threads can run by command name from any working directory. This skill is for durable tools, not one-off scripts. If a short script in the current repo solves the task, write the script there instead. ## Start Name the target tool, its source, and the first real jobs it should do: - Source: API docs, OpenAPI JSON, SDK docs, curl examples, browser app, existing internal script, article, or working shell history. - Jobs: literal reads/writes such as `list drafts`, `download failed job logs`, `search messages`, `upload media`, `read queue schedule`. - Install name: a short binary name such as `ci-logs`, `slack-cli`, `sentry-cli`, or `buildkite-logs`. Prefer a new folder under `~/code/clis/<tool-name>` when the user wants a personal tool and has not named a repo. Before scaffolding, check whether the proposed command already exists: ```bash command -v <tool-name> || true ``` If it exists, choose a clearer install name or ask the user. ## Choose the Runtime Before choosing, inspect the user's machine and source material: ```bash command -v cargo rustc node pnpm npm python3 uv || true ``` Then choose the least surprising toolchain: - Default to **Rust** for a durable CLI Codex should run from any repo: one fast binary, strong argument parsing, good JSON handling, easy copy/install into `~/.local/bin`. - Use **TypeScript/Node** when the official SDK, auth helper, browser automation library, or existing repo tooling is the reason the CLI can be better. - Use **Python** when the source is data science, local file transforms, notebooks, SQLite/CSV/JSON analysis, or Python-heavy admin tooling that can still be installed as a durable command. Do not pick a language that adds setup friction unless it materially improves the CLI. If the best language is not installed, either install the missing toolchain with the user's approval or choose the next-best installed option. State the choice in one sentence before scaffolding, including the reason and the installed toolchain you found. ## Command Contract Sketch the command surface in chat before coding. Include the binary name, discovery commands, resolve or ID-lookup commands, read commands, write commands, raw escape hatch, auth/config choice, and PATH/install command. When designing the command surface, read [references/agent-cli-patterns.md](references/agent-cli-patterns.md) for the expected composable CLI shape. Build toward this surface: - `tool-name --help` shows every major capability. - `tool-name --json doctor` verifies config, auth, version, endpoint reachability, and missing setup. - `tool-name init ...` stores local config when env-only auth is painful. - Discovery commands find accounts, projects, workspaces, teams, queues, channels, repos, dashboards, or other top-level containers. - Resolve commands turn names, URLs, slugs, permalinks, customer input, or build links into stable IDs so future commands do not repeat broad searches. - Read commands fetch exact objects and list/search collections. Paginated lists support a bounded `--limit`, cursor, offset, or clearly documented default. - Write commands do one named action each: create, update, delete, upload, schedule, retry, comment, draft. They accept the narrowest stable resource ID, support `--dry-run`, `draft`, or `preview` first when the service allows it, and do not hide writes inside broad commands such as `fix`, `debug`, or `auto`. - `--json` returns stable machine-readable output. - A raw escape hatch exists: `request`, `tool-call`, `api`, or the nearest honest name. Do not expose only a generic `request` command. Give Codex high-level verbs for the repeated jobs. Document the JSON policy in the CLI README or equivalent: API pass-through versus CLI envelope, success shape, error shape, and one example for each command family. Under `--json`, errors must be machine-readable and must not contain credentials. ## Auth and Config Support the boring paths first, in this precedence order: 1. Environment variable using the service's standard name, such as `GITHUB_TOKEN`. 2. User config under `~/.<tool-name>/config.toml` or another simple documented path. 3. `--api-key` or a tool-specific token flag only for explicit one-off tests. Prefer env/config for normal use because flags can leak into shell history or process listings. Never print full tokens. `doctor --json` should say whether a token is available, the auth source category (`flag`, `env`, `config`, provider default, or missing), and what setup step is missing. If the CLI can run without network or auth, make that explicit in `doctor --json`: report fixture/offline mode, whether fixture data was found, and whether auth is not required for that mode. For internal web apps sourced from DevTools curls, create sanitized endpoint notes before implementing: resource name, method/path, required headers, auth mechanism, CSRF behavior, request body, response ID fields, pagination, errors, and one redacted sample response. Never commit copied cookies, bearer tokens, customer secrets, or full production payloads. Use screenshots to infer workflow, UI vocabulary, fields, and confirmation points. Do not treat screenshots as API evidence unless they are paired with a network request, export, docs page, or fixture. ## Build Workflow 1. Read the source just enough to inventory resources, auth, pagination, IDs, media/file flows, rate limits, and dangerous write actions. If the docs expose OpenAPI, download or inspect it before naming commands. 2. Sketch the command list in chat. Keep names short and shell-friendly. 3. Scaffold the CLI with a README or equivalent repo-facing instructions. 4. Implement `doctor`, discovery, resolve, read commands, one narrow draft or dry-run write path if requested, and the raw escape hatch. 5. Install the CLI on PATH so `tool-name ...` works outside the source folder. 6. Smoke test from another repo or `/tmp`, not only with `cargo run` or package-manager wrappers. Run `command -v <tool-name>`, `<tool-name> --help`, and `<tool-name> --json doctor`. 7. Run format, typecheck/build, unit tests for request builders, pagination/request-body builders, no-auth `doctor`, help output, and at least one fixture, dry-run, or live read-only API call. If a live write is needed for confidence, ask first and make it reversible or draft-only. When the source is an existing script or shell history, split the working invocation into real phases: setup, discovery, download/export, transform/index, draft, upload, poll, live write. Preserve the flags, paths, and environment variables the user already relies on, then wrap the repeatable phases with stable IDs, bounded JSON, and file outputs. For raw escape hatches, support read-only calls first. Do not run raw non-GET/HEAD requests against a live service unless the user asked for that specific write. For media, artifact, or presigned upload flows, test each phase separately: create upload, transfer bytes, poll/read processing status, then attach or reference the resulting ID. For fixture-backed prototypes, keep fixtures in a predictable project path and make the CLI locate them after installation. Smoke-test from `/tmp` to catch binaries that only work inside the source folder. For log-oriented CLIs, keep deterministic snippet extraction separate from model interpretation. Prefer a command that emits filenames, line numbers or byte ranges, matched rules, and short excerpts. ## Rust Defaults When building in Rust, use established crates instead of custom parsers: - `clap` for commands and help - `reqwest` for HTTP - `serde` / `serde_json` for payloads - `toml` for small config files - `anyhow` for CLI-shaped error context Add a `Makefile` target such as `make install-local` that builds release and installs the binary into `~/.local/bin`. ## TypeScript/Node Defaults When building in TypeScript/Node, keep the CLI installable as a normal command: - `commander` or `cac` for commands and help - native `fetch`, the official SDK, or the user's existing HTTP helper for API calls - `zod` only where external payload validation prevents real breakage - `package.json` `bin` entry for the installed command - `tsup`, `tsx`, or `tsc` using the repo's existing convention Add an install path such as `pnpm install`, `pnpm build`, and `pnpm link --global`, or a `Makefile` target that installs a small wrapper into `~/.local/bin`. ## Python Defaults When building in Python, prefer boring standard-library pieces unless the workflow needs more: - `argparse` for commands and help, or `typer` when subcommands would otherwise get messy - `urllib.request` / `urllib.parse`, `requests`, or `httpx` for HTTP, matching what is already installed or already used nearby - `json`, `csv`, `sqlite3`, `pathlib`, and `subprocess` for local files, exports, databases, and existing scripts - `pyproject.toml` console script or a small executable wrapper for the installed command - `uv` or a virtualenv only when dependencies are actually needed Add a `Makefile` target such as `make install-local` that installs the command on PATH and document whether it depends on `uv`, a virtualenv, or only system Python. ## Companion Skill After the CLI works, create or update a small skill for it. Use `$skill-creator` when it is available. Use `$CODEX_HOME/skills/<tool-name>/SKILL.md` for a personal companion skill unless the user names a repo-local `.codex/skills/...` path or another skill repo. Write the companion skill in the order a future Codex thread should use the CLI, not as a tour of every feature. Explain: - How to verify the installed command exists. - Which command to run first. - How auth is configured. - Which discovery command finds the common ID. - The safe read path. - The intended draft/write path. - The raw escape hatch. - What not to do without explicit user approval. - Three copy-pasteable command examples. Keep API reference details in the CLI docs or a skill reference file. Keep the skill focused on ordering, safety, and examples future Codex threads should actually run.
More from openai/skills
- sentry"Use when the user asks to inspect Sentry issues or events, summarize recent production errors, or pull basic Sentry health data via the Sentry CLI; perform read-only queries using the `sentry` command."
- aspnet-coreBuild, review, refactor, or architect ASP.NET Core web applications using current official guidance for .NET web development. Use when working on Blazor Web Apps, Razor Pages, MVC, Minimal APIs, controller-based Web APIs, SignalR, gRPC, middleware, dependency injection, configuration, authentication, authorization, testing, performance, deployment, or ASP.NET Core upgrades.
- chatgpt-appsBuild, scaffold, refactor, and troubleshoot ChatGPT Apps SDK applications that combine an MCP server and widget UI. Use when Codex needs to design tools, register UI resources, wire the MCP Apps bridge or ChatGPT compatibility APIs, apply Apps SDK metadata or CSP or domain settings, or produce a docs-aligned project scaffold. Prefer a docs-first workflow by invoking the openai-docs skill or OpenAI developer docs MCP tools before generating code.
- cloudflare-deployDeploy applications and infrastructure to Cloudflare using Workers, Pages, and related platform services. Use when the user asks to deploy, host, publish, or set up a project on Cloudflare.
- define-goalHelp the user define a concrete, measurable goal before starting work, especially when they ask to use the goal tool, create a goal, set an objective, clarify success criteria, or turn a fuzzy intention into a quantitative outcome. Use this skill for goal creation and goal refinement only; it does not manage durable snapshots, decision logs, or long-running execution artifacts.
- figmaUse the Figma MCP server to fetch design context, screenshots, variables, and assets from Figma, and to translate Figma nodes into production code. Trigger when a task involves Figma URLs, node IDs, design-to-code implementation, or Figma MCP setup and troubleshooting.
- figma-code-connect-componentsConnects Figma design components to code components using Code Connect mapping tools. Use when user says "code connect", "connect this component to code", "map this component", "link component to code", "create code connect mapping", or wants to establish mappings between Figma designs and code implementations. For canvas writes via `use_figma`, use `figma-use`.
- figma-create-design-system-rulesGenerates custom design system rules for the user's codebase. Use when user says "create design system rules", "generate rules for my project", "set up design rules", "customize design system guidelines", or wants to establish project-specific conventions for Figma-to-code workflows. Requires Figma MCP server connection.
- figma-create-new-fileCreate a new blank Figma file. Use when the user wants to create a new Figma design or FigJam file, or when you need a new file before calling use_figma. Handles plan resolution via whoami if needed. Usage — /figma-create-new-file [editorType] [fileName] (e.g. /figma-create-new-file figjam My Whiteboard)
- figma-generate-design"Use this skill alongside figma-use when the task involves translating an application page, view, or multi-section layout into Figma. Triggers: 'write to Figma', 'create in Figma from code', 'push page to Figma', 'take this app/page and build it in Figma', 'create a screen', 'build a landing page in Figma', 'update the Figma screen to match code'. This is the preferred workflow skill whenever the user wants to build or update a full page, screen, or view in Figma from code or a description. Discovers design system components, variables, and styles via search_design_system, imports them, and assembles screens incrementally section-by-section using design system tokens instead of hardcoded values."