Api Design

v1.0.0

API design specification and best practices skill. Use when: designing new APIs, reviewing existing APIs, generating API documentation, standardizing interfa...

⭐ 0· 94·0 current·0 all-time

byBingWang@sydpz

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name and description (API design, review, documentation) match the packaged files: design principles, templates, review checklists, and docs. There are no unrelated requirements (no binaries, env vars, or config paths).

ℹ

Instruction Scope

SKILL.md instructs the agent to read local reference files and use templates to produce docs/review output — this is appropriate. The reference docs contain example CLI commands (npm, docker, curl) and sample tokens/passwords in examples; those are illustrative only. Recommend caution: do not paste real secrets into examples or prompt the agent to run those commands automatically.

✓

Install Mechanism

No install spec and no code files to write or execute. Lowest-risk category (instruction-only).

✓

Credentials

The skill requires no environment variables, credentials, or config paths. All content is local documentation and templates, so requested privileges are proportional.

✓

Persistence & Privilege

always is false and there is no install-time modification or persistent agent configuration. The skill is user-invocable and the platform default allows autonomous invocation, but that default is not combined here with any broad privileges or credentials.

Scan Findings in Context

[no_regex_findings] expected: The regex-based scanner found nothing to analyze; this is expected for an instruction-only skill composed of markdown files (no executable code).

Assessment

This skill is a local API design guide and appears coherent and low-risk. Before installing: (1) confirm you trust the skill source (homepage unknown); (2) avoid pasting real secrets or production tokens into prompts or example templates (the docs include sample tokens/passwords for illustration); (3) if your agent environment can run shell/CLI commands, be explicit about whether you want the agent to execute any npm/docker/curl examples from the docs — the skill itself does not automatically install or run those tools. If you need networked behavior or credential use, request that from a skill that explicitly declares those needs.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ezeqeqr9f4n1hnxjdd11wmd83q7a1

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Api Design

License

Comments