ClawHub

APIClaw

v1.0.0

APIClaw API platform overview — AI-powered commerce data infrastructure. Provides programmatic access to 200M+ Amazon products with real-time data across 6 e...

1· 97·0 current·0 all-time
by@christine-srp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description describe an API wrapper for commerce data and the SKILL.md + openapi reference only document that API and how to call it. Required credential (APICLAW_API_KEY) and the listed endpoints align with the stated purpose.
Instruction Scope
SKILL.md instructs using Authorization: Bearer APICLAW_API_KEY and POST JSON to https://api.apiclaw.io/openapi/v2. It does not instruct reading unrelated files, other env vars, or executing arbitrary shell commands. The agent will make network calls to the documented external API (expected for this skill).
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk or downloaded during install. Low install risk.
Credentials
Only one required env var (APICLAW_API_KEY) is declared and used in the docs. That is proportionate for an API wrapper. No additional secrets or config paths are requested.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges or claim to modify other skills/config. Normal autonomous invocation applies but is not excessive here.
Assessment
This skill is coherent for calling a third‑party commerce API, but verify the external service before installing: 1) Confirm the apiclaw.io site and pricing are legitimate and match your expectations. 2) Treat APICLAW_API_KEY as a secret — don’t reuse high-privilege keys and rotate/revoke if compromised. 3) Review what data you will send to the API (avoid sending PII or proprietary data). 4) Monitor API usage and billing after enabling the key. 5) Note a minor oddity: the SKILL.md links a GitHub repo named Amazon-analysis-skill (the separate, related skill) — this isn’t necessarily malicious but double-check linked URLs and maintainers if you need strong trust guarantees.

Like a lobster shell, security has layers — review code before you run it.

latestvk9797m56g55mztnyzhgb86jmnh838rh0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvAPICLAW_API_KEY
Primary envAPICLAW_API_KEY

Comments