SnapAPI — Web Intelligence for AI Agents
Security checks across malware telemetry and agentic risk
Overview
This is a coherent SnapAPI REST reference; it requires a SnapAPI key and can create recurring monitor/webhook jobs, so approve those actions deliberately.
Before installing, confirm you trust SnapAPI with the URLs and page content you submit, use a limited/revocable API key, and require explicit approval before creating recurring monitors, webhooks, or installing the optional native plugin.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Requests may consume your SnapAPI quota and be associated with your SnapAPI account.
The skill uses the user's SnapAPI API key to authorize requests. This is expected for the service and is declared, but it is still account-bound authority.
**Auth:** `X-API-Key: $SNAPAPI_API_KEY`
Use a revocable, low-privilege or low-quota API key where possible, and avoid exposing it in shared prompts, logs, or screenshots.
Monitored URL details or page-change information may be delivered to the webhook receiver you configure.
The monitoring feature can send change notifications to a webhook endpoint. This is disclosed and purpose-aligned, but the artifact does not define the webhook payload or recipient trust model.
Fires a webhook when content changes — use for competitor price tracking, compliance monitoring, stock signals.
Use only trusted webhook endpoints and avoid monitoring sensitive, private, or authenticated URLs unless you are comfortable with that data flow.
A monitor may keep consuming quota and sending notifications until it is disabled through SnapAPI.
The documented monitor endpoint creates recurring external checks on an interval. This is part of the stated purpose, but it can continue after the initial request.
`-d '{"url": "https://competitor.com/pricing", "interval": "1h", "webhook": "https://your-server.com/hook"}'`Create monitors only with explicit user approval, define the URL, interval, webhook, and expected duration, and know how to stop the monitor.
Running that optional command may install additional code that was not reviewed in this artifact set.
The skill is instruction-only, but it references an optional plugin install command whose code is not included in the provided artifacts.
**OpenClaw** — install the native plugin: `openclaw plugins install snapapi`
Review the plugin source, publisher, permissions, and install prompts separately before running the optional install command.