ClawHub

Mock Api Skill

v1.0.0

快速创建支持自定义路径、方法和响应的模拟 REST API,用于开发和测试环境。

0· 21·0 current·0 all-time
by@sky-lv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description, SKILL.md, and mock_api.py align: the code implements configurable endpoints, methods, delays, and example endpoints described in the README. There are no unrelated env vars, binaries, or capabilities requested.
Instruction Scope
SKILL.md only instructs running the included Python script and optionally providing a JSON config; the script reads that config file if supplied. One important operational note: the default host in the code is 0.0.0.0 (publicly reachable). That is coherent with the README but is a security consideration — for local testing prefer binding to 127.0.0.1 or restrict network access.
Install Mechanism
No install spec is provided (instruction-only with a bundled Python file). Nothing is downloaded or extracted from remote URLs; the runtime is the included Python script, so installation risk is low and transparent.
Credentials
The skill requires no environment variables or credentials and the code does not attempt to read secrets or other env configuration. The only file the script may read is a user-provided JSON config (as expected).
Persistence & Privilege
always:false and default invocation settings are used. The skill does not modify other skills or system-wide agent settings and does not request persistent privileges.
Assessment
This skill appears to be what it claims — a local mock API server. Before running: (1) inspect any JSON config you pass in (it will be read from disk); (2) avoid binding to 0.0.0.0 on untrusted networks — use --host 127.0.0.1 or firewall rules for local testing; (3) run it in an isolated environment (local VM or container) if you have security concerns; (4) be aware the mock /api/login endpoint returns a simulated token for testing only and is not a secure auth mechanism. If you plan to expose the server, ensure network access controls are applied.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fh6yvqycnysh7s739v2w1n184e4et

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments