ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Skylv Openapi Generator

v1.0.0

Generates OpenAPI 3.0 specs from code. Creates API documentation for REST endpoints. Triggers: openapi spec, generate api doc, swagger.

0· 105·0 current·1 all-time
by@sky-lv

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for sky-lv/skylv-openapi-generator.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Skylv Openapi Generator" (sky-lv/skylv-openapi-generator) from ClawHub.
Skill page: https://clawhub.ai/sky-lv/skylv-openapi-generator
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install skylv-openapi-generator

ClawHub CLI

Package manager switcher

npx clawhub@latest install skylv-openapi-generator
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description claim the skill will generate OpenAPI 3.0 specs from code, but there are no instructions, tools, or required permissions for reading/parsing source code. The skill only provides a generic OpenAPI template and guidance; it does not actually describe how to extract API surface from code or what inputs are needed.
Instruction Scope
SKILL.md contains a template and best-practice tips and does not instruct the agent to read files, environment variables, or external endpoints. However it is vague about expected inputs (how to supply code or repository) which grants the agent broad discretion when invoked; that vagueness is a functional mismatch rather than an explicit security action.
Install Mechanism
No install spec and no code files — instruction-only. This is low-risk from an installation/execution perspective.
Credentials
No environment variables, credentials, or config paths requested. Nothing asks for unrelated secrets or access.
Persistence & Privilege
always is false, and there is no indication the skill modifies other skills or system settings. No elevated persistence requested.
What to consider before installing
This skill is low-risk technically (no installs, no credentials), but it is misleading: it promises automated generation from code yet provides only a template and tips. If you expect the skill to parse your repository or automatically extract endpoints, confirm how you must supply code (paste, repo URL, files) and whether the agent will access external repos. Avoid sending sensitive credentials or private code unless you trust the agent's environment. If you need real code analysis, prefer a skill or tool that documents the exact input method and any required binaries/permissions.

Like a lobster shell, security has layers — review code before you run it.

latestvk9777adybmkcf1k55dr8yqqrk9859dce
105downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@sky-lv
latest
Download

OpenAPI Generator

Overview

Creates OpenAPI 3.0 specifications for REST APIs.

When to Use

  • User asks to "generate API documentation"
  • Documenting new API endpoints

Template Structure

openapi: 3.0.0 info: title: My API version: 1.0.0 paths: /users: get: summary: List users parameters: - name: page in: query schema: { type: integer } responses: 200: description: Success

Tips

  • Always specify response schemas
  • Use $ref to avoid duplication
  • Group endpoints with tags
  • Add examples for request/response bodies

Comments

Loading comments...