ClawHub

Api Generator

v2.0.0

API code generator. Generate RESTful endpoints, GraphQL schemas, OpenAPI/Swagger docs, API clients, mock servers, authentication, rate limiting.

1· 1.3k·14 current·14 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (API code generator for REST/GraphQL/Swagger/clients/mocks/auth/rate-limiting/tests) align with the included scripts and templates. The two provided scripts produce the claimed outputs and suggested tooling (npm/pip) is only referenced in templates or usage hints — nothing appears unrelated to API generation.
Instruction Scope
SKILL.md directs the agent to run scripts/apigen.sh which generates templates to stdout; that stays within the stated purpose. Note: scripts/script.sh also provides a CLI-like helper that creates a per-user data directory and logs actions (history.log). Templates include references to environment variables (e.g., JWT_SECRET) as placeholders; the skill does not attempt to read arbitrary system files or external secrets.
Install Mechanism
No install spec is provided (instruction-only) and the included code is local shell/Python template generation. No downloads, third-party registries, or archive extraction are performed by the skill itself.
Credentials
The skill declares no required environment variables or credentials. References to env vars appear only in generated template snippets (e.g., JWT_SECRET) which are normal for auth examples and not requested/consumed by the skill at runtime.
Persistence & Privilege
always is false and the skill does not request elevated privileges. However, scripts/script.sh will create a data directory (default: ${APIGEN_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/api-generator}) and append to $DATA_DIR/history.log — local persistence in the user's home directory. This is reasonable for a scaffolding tool but worth noting to users who expect no filesystem writes.
Assessment
This skill appears to do what it claims: generate API scaffolds and example code. Before running, review the bundled scripts (scripts/apigen.sh and scripts/script.sh). They are local template generators and do not make network calls, but script.sh will create ~/.local/share/api-generator (or $APIGEN_DIR/XDG_DATA_HOME) and append a history.log — if you prefer no writes, set APIGEN_DIR to a tmp path or inspect output without running stateful commands. Also review generated auth templates (they reference secrets like JWT_SECRET with 'change-me-in-production') and audit any generated code before using in production. If you need extra assurance, run the scripts in an isolated environment or container.

Like a lobster shell, security has layers — review code before you run it.

chinesevk972kxrs57vwky9kd9m3hppdcs82qj15latestvk97b2sbsrk84253hez92nrefwd832p38productivityvk972kxrs57vwky9kd9m3hppdcs82qj15

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments