Public APIs Skill Creator
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly purpose-aligned, but it can generate runnable skill scripts using unescaped API URLs from a live external catalog, which could cause unintended code execution if a crafted URL is used.
Install only if you are comfortable with a skill that fetches a live public API catalog and can create persistent local skills. Before running any generated skill, inspect its SKILL.md and scripts, especially the embedded API URL.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or malformed API entry could make a generated skill execute something other than a simple API request.
The API_URL value is written directly into generated executable shell and Python scripts without escaping. If the URL contains quotes, newlines, or shell/Python syntax, the generated skill could run unintended commands or code when later executed.
cat > "$TARGET/scripts/call.sh" <<EOF #!/usr/bin/env bash set -euo pipefail curl -s "$API_URL" EOF
Do not run generated skills until reviewing their files. The skill author should validate URLs, restrict schemes/hosts where appropriate, and generate code using safe quoting such as shell-safe escaping and Python string serialization.
Recommendations and generated examples can change if the upstream repository changes or contains incorrect entries.
The API catalog is fetched live from the public-apis GitHub repository and cached locally. This is central to the skill's purpose, but the content is mutable external input.
curl -s "https://api.github.com/repos/public-apis/public-apis/contents/README.md" | \
python3 - "$CACHE_FILE" <<'PY'
...
content = base64.b64decode(data['content']).decode('utf-8', errors='ignore')Treat API recommendations as untrusted until verified. Prefer pinning to a known commit or validating catalog entries before generating runnable files.
Using --try will contact the selected external API and may download a small response preview.
With the --try flag, the skill makes an outbound GET request to the selected API link and writes the response preview to a fixed temporary file. This is disclosed and purpose-aligned, but it is still a network action to a catalog-provided URL.
code=$(curl -s -o /tmp/public_api_probe.out -w '%{http_code}' "$BEST_LINK" || true)Use --try only for API links you are comfortable contacting, and review the selected URL first.
Creating a skill with an existing name could replace that skill's files and affect future agent behavior.
The generated skill is placed in the OpenClaw skills workspace and files are written directly to the target path. This is expected for a skill creator, but there is no collision check or confirmation before overwriting files for the same name.
OUT_DIR="/root/.openclaw/workspace/skills" ... TARGET="$OUT_DIR/$SKILL_NAME" mkdir -p "$TARGET/scripts" ... cat > "$TARGET/SKILL.md" <<EOF
Use unique skill names, review the target directory before generation, and add overwrite protection or backups.