ClawHub

Smoke Test Generator

v1.0.0

Generate comprehensive API smoke test suites — categorised tests for auth, CRUD, integrations, cached vs live endpoints, with summary reporting. Use when val...

0· 332·1 current·1 all-time
byNissan Dookeran@nissan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description (API smoke tests) match the included instructions and script. However the SKILL.md's claim 'Works with any HTTP API' is overstated: the provided tests are tailored to a specific API shape (endpoints like /api/orchestrate, /api/stories, /api/voice/*, /api/agents) and check for a Turso DB in /api/health. That means the suite is not truly generic and is intended for a particular application (Sandman Tales demo).
Instruction Scope
Runtime instructions and the script perform many HTTP requests (GET/POST) including POSTs that may create data or trigger generation workflows. The instructions do not read local files or environment variables beyond accepting a BASE URL argument. This is appropriate for smoke tests, but you should be aware the tests have side effects (create/orchestrate calls) and assume specific routes/behaviors.
Install Mechanism
There is no install spec (instruction-only with an included example script), so nothing is downloaded or written by an installer. Minor note: the script depends on Python and the 'httpx' library but these dependencies are not declared in metadata.
Credentials
The skill requests no environment variables or credentials and the script does not access system secrets. It uses hard-coded demo credentials in the example and accepts a BASE URL argument; this is proportionate but means you must ensure the target URL is a safe/testing environment.
Persistence & Privilege
The skill does not request permanent presence, does not alter other skills or system settings, and has 'always' false. It only issues outbound HTTP to the configured BASE URL, which matches its stated purpose.
Assessment
This appears to be a normal smoke-test suite for a specific demo application (Sandman Tales). Before running it: 1) Only run against staging/local environments (it issues POSTs that can create or trigger work); do not point BASE at production. 2) Review and edit tests to avoid destructive operations or calls that consume paid external resources. 3) Ensure your Python environment has the httpx dependency installed (not declared by the skill). 4) Note the tests expect particular endpoints and a Turso DB check—if your API differs, adapt the script. 5) Because the source is unknown and there is no homepage, prefer to run the script in an isolated environment (CI job or container) and inspect/modify it to suit your API before giving it network access.

Like a lobster shell, security has layers — review code before you run it.

latestvk97153j0r8p21deqkq3gf0a7xs823x4e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧪 Clawdis

Comments