API Hunter
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: api-hunter Version: 1.0.0 The 'api-hunter' skill is a tool designed to search for and identify free API services by querying a local search engine (defaulting to localhost:8888) and scraping result pages for keywords like 'free tier' or 'no signup'. The Python code in hunter.py is straightforward, using the requests library for network calls without any evidence of data exfiltration, persistence mechanisms, or malicious execution. The SKILL.md documentation is consistent with the code's functionality and does not contain any prompt injection attempts or harmful instructions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing unpinned dependencies can result in different package versions being installed over time.
The setup instructions install third-party Python packages without pinned versions and without a formal install spec. This is common and purpose-aligned for a Python web-search helper, but it is still a supply-chain detail users should notice.
pip install beautifulsoup4 requests
Install in a virtual environment and consider pinning dependency versions before use.
Your search requirements may be sent to whatever service is running on localhost port 8888.
The skill sends user-provided feature queries to a local HTTP search service. This is aligned with the stated API-hunting purpose, but it is an external/local service dependency not declared in requirements.
SEARCH_URL = "http://localhost:8888/search" ... requests.get(SEARCH_URL, params={ 'q': query, 'format': 'json', 'num': 5 }, timeout=10)Use only with a trusted local search service, and avoid putting secrets or private business details in search prompts.