← 返回
未分类 Key 中文

Gusnais Skill

Gusnais (Ruby-China/Homeland compatible) API integration with web-parity behavior and permission-consistent UX. Use when users want to connect using only CLI...
Gusnais(兼容 Ruby-China/Homeland)API 集成,Web 端行为一致,权限体验统一。适用于仅需 CLI 连接的场景。
gyuryongkim gyuryongkim 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 需要
★ 0
Stars
📥 526
下载
💾 0
安装
1
版本
#latest

概述

Gusnais Skill

Implement Gusnais API integration that mirrors web behavior and permission boundaries.

Require only two user inputs

  • CLIENT_ID
  • CLIENT_SECRET

Do not ask for base URL, OAuth paths, account IDs, scope defaults, pagination defaults, or serializer mappings unless discovery fails.

Auto-complete platform config

Use these defaults:

  • Site: https://gusnais.com
  • OAuth Authorize: /oauth/authorize
  • OAuth Token: /oauth/token
  • OAuth Revoke: /oauth/revoke
  • API Base: /api/v3

Auth flow

  1. Build authorization URL automatically.
  2. Exchange authorization code for access_token and refresh_token.
  3. Validate token with GET /api/v3/users/me.
  4. Refresh once on 401; if refresh fails, request re-auth.

Prefer Authorization header for requests:

  • Authorization: Bearer

Keep access_token query fallback for compatibility with Homeland API behavior.

Web parity contract

Match gusnais.com UX and permission behavior:

  1. Read abilities first when available
    • Resource-level actions must follow returned abilities.
  2. Dual check
    • UI check (visible/enabled) using abilities.
    • Execution check with real API call and status code handling.
  3. No privilege escalation
    • Never assume admin/mod privileges in client logic.
  4. Respect hidden/inaccessible resources
    • 404/403 semantics should stay consistent with server behavior.

Capability gating model

For each action produce:

  • visible: true|false
  • enabled: true|false
  • reason: ok|no_permission|auth_required|resource_unavailable|validation_error
  • source: abilities|server_status|policy

Endpoint behavior alignment

Use endpoint mapping in references/endpoints.md and serializer notes for normalized outputs.

Keep defaults aligned with docs:

  • offset default: 0
  • limit default: 20
  • limit range on list endpoints: 1..150 (or endpoint-specific documented max)
  • topic list default type=last_actived

For plugin domain operations (press/note/site/jobs):

  • Read plugin web-route parity and API contract in references/endpoints.md.
  • Read permission nuances in references/permission-parity.md.
  • Treat 404 on plugin API endpoints as resource_unavailable unless deployment has enabled those API routes.

Topic action safety

For POST /api/v3/topics/:id/action?type=:type (ban|excellent|unexcellent|close|open):

  • Gate by abilities if present.
  • Enforce final server response.
  • Never expose action as enabled when denied.

Error mapping

Normalize API errors without changing meaning:

  • 400 -> validation_error
  • 401 -> auth_required (refresh then retry once)
  • 403 -> no_permission
  • 404 -> resource_unavailable
  • 500 -> server_error

Return original server error text when available.

Rate limiting / retries

  • Respect Retry-After on 429.
  • Use exponential backoff with jitter for transient 5xx.
  • Avoid one-item tight loops for batch writes.

Read these references before implementation

  • references/endpoints.md
  • references/permission-parity.md

Bootstrap script

Use scripts/gusnais_bootstrap.py to initialize runtime config from CLIENT_ID and CLIENT_SECRET.

Recommended:

  • set TOKEN_STORE_PATH when exchanging code, so refreshable tokens are persisted to JSON for long-lived automation.

Plugin API client script

Use scripts/gusnais_plugin_client.py for plugin API read/write calls with:

  • auto refresh before expiry and on 401;
  • one retry after refresh;
  • normalized status reason mapping;
  • capability hint extraction from abilities;
  • action-level payload guardrails to avoid avoidable 400/500 (e.g. press create summary fallback).

Current deployment notes (2026-03-19):

  • Press API is mounted for read/write (/api/v3/press/posts*).
  • Note API is mounted for read/write (/api/v3/note/notes*).
  • Site API is mounted for sites CRUD + site_nodes list; undestroy/site_node writes are not mounted.
  • Treat any unmounted plugin API route as resource_unavailable and avoid repeated retries.

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-02 08:41 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

dev-programming

Docker Essentials

arnarsson
核心 Docker 命令和工作流程,包括容器管理、镜像操作和调试。
★ 38 📥 32,724
dev-programming

YouTube

byungkyu
使用托管OAuth集成YouTube Data API,支持搜索视频、管理播放列表、获取频道数据及评论互动,适用于用户需要时使用此技能。
★ 142 📥 42,181
dev-programming

Mcporter

steipete
使用 mcporter CLI 直接列出、配置、认证及调用 MCP 服务器/工具(支持 HTTP 或 stdio),涵盖临时服务器、配置编辑及 CLI/类型生成功能。
★ 198 📥 68,325