jike-skill
A Python CLI/SDK and Claude Code “skill” for authenticating to the Jike (即刻) service via QR login, browsing a user’s feed, searching, posting and commenting, deleting posts/comments, viewing profiles and notifications, and exporting full posting history to Markdown (optionally downloading images).
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Likely uses HTTPS when calling external services (not confirmed in provided content). Authentication uses long-lived refresh tokens and environment variables; there is no mention of token scope granularity or least-privilege. No explicit guidance is given about secure storage (beyond ‘save refresh token’), and there’s no documented protection against token leakage in logs. Dependency surface is small (requests only per manifest), but no vulnerability/CVE status is provided.
⚡ Reliability
Best When
You want a lightweight local tool to manage a personal Jike account (especially for one-time or periodic exports) and can securely handle refresh/access tokens locally.
Avoid When
You need strict compliance guarantees, fine-grained permissions, or you cannot risk breakage due to changes in Jike’s web endpoints.
Use Cases
- • Export a Jike user’s full history to Markdown for backup/analysis
- • Automate browsing/search/posting/commenting on Jike from scripts or an agent
- • Use in Claude Code to let an AI agent interact with Jike content (within provided commands)
Not For
- • Users who want an officially supported/hosted integration rather than a reverse-engineered client
- • Teams needing first-class enterprise auth (OAuth app registration, scoped tokens, audit tooling)
- • Use cases requiring guaranteed API stability (this relies on unofficial/undocumented endpoints)
Interface
Authentication
Authentication is QR-based (no passwords). The README instructs saving access+refresh tokens in environment variables; token refresh is described as transparent to the caller.
Pricing
No pricing information provided; distribution appears to be via PyPI (MIT license).
Agent Metadata
Known Gotchas
- ⚠ Relies on reverse-engineered endpoints; behavior may change without notice
- ⚠ Token handling: agents must not leak access/refresh tokens and should treat environment variables as secrets
- ⚠ Deletion operations (delete-post/delete-comment) are destructive and may require careful guardrails
- ⚠ No documented rate-limit behavior; agents may need to throttle to avoid server-side limits
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for jike-skill.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.