NordVPN CLI Skill (Linux)
A ClawBot skill for controlling the NordVPN Linux CLI (nordvpn) to connect/disconnect, select locations, verify status, and adjust settings from automations and workflows.
Assumptions / Compatibility
- * Works with the official
nordvpn CLI (example shown: 4.3.1 [snap]). - Requires the NordVPN daemon running (usually
nordvpnd) and sufficient permissions. - Some commands may require elevated privileges depending on distro + install method (snap vs deb).
Installation
Option A: Snap (common on Ubuntu)
CODEBLOCK0
Option B: Distro package / repo (varies)
If you installed via Nord’s repo or a package manager, just verify:
CODEBLOCK1
Verify daemon is running
CODEBLOCK2
Authentication / Login
NordVPN CLI typically requires logging in once per machine/user session.
CODEBLOCK3
If the environment is headless, the CLI will guide you through the login flow (often via a browser link / code). After login, confirm:
CODEBLOCK4
ClawBot guidance: treat login as a manual prerequisite unless you explicitly automate the browser-based login flow.
Quick Reference
Status
CODEBLOCK5
Connect (best available)
CODEBLOCK6
Connect to a country / city / group
CODEBLOCK7
Disconnect
CODEBLOCK8
List locations
CODEBLOCK9
Settings (read + change)
CODEBLOCK10
Allowlist (bypass VPN for certain traffic)
CODEBLOCK11
Skill Design
What this skill should do well
- 1. Idempotent connection actions
* If already connected to the requested target, do nothing (or return “already connected”).
* If connected elsewhere, optionally disconnect then connect to target.
- 2. Reliable verification
* After connect/disconnect, always run nordvpn status and parse the result.
- 3. Safe fallbacks
* If a requested city/country/group is invalid, provide closest alternatives by listing:
* nordvpn countries
* nordvpn cities <country>
* nordvpn groups
- 4. Human-in-the-loop login
* If nordvpn reports not logged in, return a structured response instructing to run nordvpn login.
Recommended “actions” (API surface)
Implement these as the skill’s callable intents/tools:
- *
status() → returns parsed connection status - INLINECODE10� → connects to best available
- INLINECODE11
- INLINECODE12� (optionally with
country for disambiguation) - INLINECODE14
- INLINECODE15
- INLINECODE16
- INLINECODE17
- INLINECODE18
- INLINECODE19
- INLINECODE20
- INLINECODE21
- INLINECODE22
Suggested Implementation Pattern (CLI orchestration)
1) Always start with status
CODEBLOCK12
Parse fields commonly returned by the CLI, such as:
- * Connection state (Connected/Disconnected)
- Current server / country / city
- IP, protocol, technology
2) Connect flow
Goal: connect to a target (country/city/group) with verification.
Pseudo-logic:
- * Run �INLINECODE23
- If disconnected → connect directly
- If connected to different target →
nordvpn disconnect then connect - Run
nordvpn status again and confirm connected
Commands:
CODEBLOCK13
3) Disconnect flow
CODEBLOCK14
4) Resolve targets safely
If user asks for a city:
- * Prefer
nordvpn cities <country> when country is known - Otherwise attempt connect; if it fails, list countries and search-like suggestions.
CODEBLOCK15
Common Errors & Handling
Not logged in
Symptoms:
- * CLI complains about authentication/account/login.
Handling:
- * Return: “Login required. Run
nordvpn login and repeat.” - Optionally: run
nordvpn account to confirm.
Daemon not running / permission denied
Symptoms:
- * Can’t connect, service errors, permission errors.
Handling:
- * Check
systemctl status nordvpnd (systemd installs) - Confirm snap service health (snap installs vary)
- Ensure user belongs to the right group (some installs use a
nordvpn group):
CODEBLOCK16
Invalid location/group
Symptoms:
- * “Unknown country/city/group” or connect fails immediately.
Handling:
- * Provide available options:
CODEBLOCK17
Practical Automation Recipes
Ensure VPN is connected (any server)
CODEBLOCK18
Reconnect to a specific country
CODEBLOCK19
Toggle killswitch (example)
CODEBLOCK20
Notes
- * Command options and setting keys can differ by NordVPN CLI version. Always rely on:
CODEBLOCK21�
- * If you need stable machine-readable output, the NordVPN CLI does not consistently provide JSON; plan to parse human-readable status text defensively (line-based key/value extraction, tolerate missing fields).
NordVPN CLI 技能 (Linux)
一个用于控制 NordVPN Linux CLI (nordvpn) 的 ClawBot 技能,可通过自动化和工作流实现连接/断开、选择位置、验证状态以及调整设置。
假设/兼容性
- * 适用于官方 nordvpn CLI(示例版本:4.3.1 [snap])。
- 需要 NordVPN 守护进程运行(通常为 nordvpnd)并具有足够的权限。
- 某些命令可能需要提升权限,具体取决于发行版和安装方式(snap 与 deb)。
安装
选项 A:Snap(Ubuntu 上常见)
bash
sudo snap install nordvpn
nordvpn --version
选项 B:发行版软件包/仓库(因系统而异)
如果您通过 Nord 的仓库或包管理器安装,只需验证:
bash
which nordvpn
nordvpn --version
验证守护进程正在运行
bash
systemd 安装通常使用
systemctl status nordvpnd --no-pager || true
snap 安装可能不会以相同方式暴露 systemd 单元
nordvpn status || true
或者可能需要像这样指定完整路径
/snap/bin/nordvpn status || true
身份验证/登录
NordVPN CLI 通常需要每台机器/用户会话登录一次。
bash
nordvpn login
如果环境是无头模式,CLI 将引导您完成登录流程(通常通过浏览器链接/代码)。登录后,确认:
bash
nordvpn account
nordvpn status
ClawBot 指导: 将登录视为手动前提条件,除非您明确自动化基于浏览器的登录流程。
快速参考
状态
bash
nordvpn status
连接(最佳可用)
bash
nordvpn connect
别名:
nordvpn c
连接到国家/城市/组
bash
国家
nordvpn connect Sweden
城市(必须存在于 nordvpn cities 中)
nordvpn connect Stockholm
组(必须存在于 nordvpn groups 中)
nordvpn connect P2P
断开连接
bash
nordvpn disconnect
别名:
nordvpn d
列出位置
bash
nordvpn countries
nordvpn cities Sweden
nordvpn groups
设置(读取和更改)
bash
nordvpn settings
示例(选项因版本而异)
nordvpn set autoconnect on
nordvpn set killswitch on
nordvpn set threatprotectionlite on # 如果支持
nordvpn set protocol nordlynx # 如果支持
允许列表(绕过 VPN 处理特定流量)
bash
查看帮助
nordvpn allowlist --help
示例(子命令因版本而异)
nordvpn allowlist add port 22
nordvpn allowlist add subnet 192.168.0.0/16
nordvpn allowlist remove port 22
技能设计
此技能应擅长的功能
- 1. 幂等连接操作
* 如果已连接到请求的目标,则不执行任何操作(或返回已连接)。
* 如果已连接到其他位置,可选择断开连接,然后连接到目标。
- 2. 可靠验证
* 连接/断开后,始终运行 nordvpn status 并解析结果。
- 3. 安全回退
* 如果请求的城市/国家/组无效,通过列出以下内容提供最接近的替代方案:
* nordvpn countries
* nordvpn cities
* nordvpn groups
- 4. 人工参与的登录
* 如果 nordvpn 报告未登录,返回结构化响应,指示运行 nordvpn login。
推荐的操作(API 接口)
将这些实现为技能的可调用意图/工具:
- * status() → 返回解析后的连接状态
- connectbest() → 连接到最佳可用服务器
- connectcountry(country)
- connectcity(city)(可选择使用 country 进行消歧)
- connectgroup(group)
- disconnect()
- listcountries()
- listcities(country)
- listgroups()
- getsettings()
- setsetting(key, value)
- allowlistadd(type, value)
- allowlist_remove(type, value)
建议的实现模式(CLI 编排)
1) 始终从状态开始
bash
nordvpn status
解析 CLI 通常返回的字段,例如:
- * 连接状态(已连接/已断开)
- 当前服务器/国家/城市
- IP、协议、技术
2) 连接流程
目标: 连接到目标(国家/城市/组)并进行验证。
伪逻辑:
- * 运行 nordvpn status
- 如果已断开 → 直接连接
- 如果已连接到不同目标 → nordvpn disconnect 然后连接
- 再次运行 nordvpn status 并确认已连接
命令:
bash
nordvpn connect
nordvpn status
3) 断开连接流程
bash
nordvpn disconnect
nordvpn status
4) 安全解析目标
如果用户请求城市:
- * 当国家已知时,优先使用 nordvpn cities
- 否则尝试连接;如果失败,列出国家并提供类似搜索的建议。
bash
nordvpn countries
nordvpn cities
nordvpn groups
常见错误及处理
未登录
症状:
处理:
- * 返回:需要登录。请运行 nordvpn login 并重试。
- 可选:运行 nordvpn account 进行确认。
守护进程未运行/权限被拒绝
症状:
处理:
- * 检查 systemctl status nordvpnd(systemd 安装)
- 确认 snap 服务健康状态(snap 安装方式各异)
- 确保用户属于正确的组(某些安装使用 nordvpn 组):
bash
groups
getent group nordvpn || true
无效位置/组
症状:
处理:
bash
nordvpn countries
nordvpn groups
nordvpn cities
实用自动化方案
确保 VPN 已连接(任意服务器)
bash
nordvpn status | sed -n 1,10p
nordvpn connect
nordvpn status | sed -n 1,15p
重新连接到特定国家
bash
nordvpn disconnect
nordvpn connect Sweden
nordvpn status
切换终止开关(示例)
bash
nordvpn set killswitch on
nordvpn settings
注意事项
- * 命令选项和设置键可能因 NordVPN CLI 版本而异。始终参考:
bash
nordvpn help
nordvpn set --help
nordvpn allowlist --help
- * 如果您需要稳定的机器可读输出,NordVPN CLI 并不一致地提供 JSON;请计划防御性地解析人类可读的状态文本(基于行的键/值提取,容忍缺失字段)。
