Public APIs Skill Creator
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or malformed API entry could make a generated skill execute something other than a simple API request.
The API_URL value is written directly into generated executable shell and Python scripts without escaping. If the URL contains quotes, newlines, or shell/Python syntax, the generated skill could run unintended commands or code when later executed.
cat > "$TARGET/scripts/call.sh" <<EOF #!/usr/bin/env bash set -euo pipefail curl -s "$API_URL" EOF
Do not run generated skills until reviewing their files. The skill author should validate URLs, restrict schemes/hosts where appropriate, and generate code using safe quoting such as shell-safe escaping and Python string serialization.
Recommendations and generated examples can change if the upstream repository changes or contains incorrect entries.
The API catalog is fetched live from the public-apis GitHub repository and cached locally. This is central to the skill's purpose, but the content is mutable external input.
curl -s "https://api.github.com/repos/public-apis/public-apis/contents/README.md" | \
python3 - "$CACHE_FILE" <<'PY'
...
content = base64.b64decode(data['content']).decode('utf-8', errors='ignore')Treat API recommendations as untrusted until verified. Prefer pinning to a known commit or validating catalog entries before generating runnable files.
Using --try will contact the selected external API and may download a small response preview.
With the --try flag, the skill makes an outbound GET request to the selected API link and writes the response preview to a fixed temporary file. This is disclosed and purpose-aligned, but it is still a network action to a catalog-provided URL.
code=$(curl -s -o /tmp/public_api_probe.out -w '%{http_code}' "$BEST_LINK" || true)Use --try only for API links you are comfortable contacting, and review the selected URL first.
Creating a skill with an existing name could replace that skill's files and affect future agent behavior.
The generated skill is placed in the OpenClaw skills workspace and files are written directly to the target path. This is expected for a skill creator, but there is no collision check or confirmation before overwriting files for the same name.
OUT_DIR="/root/.openclaw/workspace/skills" ... TARGET="$OUT_DIR/$SKILL_NAME" mkdir -p "$TARGET/scripts" ... cat > "$TARGET/SKILL.md" <<EOF
Use unique skill names, review the target directory before generation, and add overwrite protection or backups.