Api Designer
v1.0.0Use when designing REST or GraphQL APIs, creating OpenAPI specifications, or planning API architecture. Invoke for resource modeling, versioning strategies,...
⭐ 0· 9·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
Name, description, and all included files (SKILL.md and reference docs) are consistent with an API design/architect role: OpenAPI guidance, pagination, error handling, versioning, REST patterns, and templates. There are no unrelated requirements (no env vars, no binaries) that don't belong to an API-designer skill.
Instruction Scope
SKILL.md and reference files are prose and templates for designing APIs and instruct the agent to produce API specs and related artifacts; they reference local markdown files bundled with the skill. The file includes one external link (https://skillboss.co/skill.md) and README suggests cloning a GitHub repo if manually installing — these are common for documentation but are external resources the user may wish to verify before following. The instructions do not tell the agent to read unrelated system files, access secrets, or transmit data to unknown endpoints.
Install Mechanism
No install specification is provided (instruction-only skill). No code files that would be executed are present — only documentation. The README includes a common git clone URL for manual installation; this is expected for community skills but is optional and external. No downloads or extract operations are specified in the skill metadata.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. All guidance relates to API design and the examples mention common auth schemes only as design considerations (OAuth, JWT) — no credentials are requested or stored by the skill.
Persistence & Privilege
always:false (not forced into every run). disable-model-invocation:false (agent may invoke autonomously) which is the platform default; this is acceptable because the skill has no external network actions or credential access. The skill does not request system-level privileges or modify other skills' configs.
Assessment
This skill is documentation-only and appears coherent with its stated purpose. Before installing or manually cloning the repository: 1) verify the source (the README suggests a GitHub repo) and inspect any code if you plan to run local install steps; 2) don't paste secrets into prompts — the skill doesn't need credentials but your agent might include context from your environment in messages, so avoid sending sensitive data; 3) if you follow external links (skillboss.co or GitHub), review those pages for additional install or telemetry instructions; 4) because the agent can invoke the skill autonomously (normal default), consider whether you want it to run without prompting — you can disable autonomous invocation if you prefer tighter control.Like a lobster shell, security has layers — review code before you run it.
latestvk97f6wf22ndbnsvq43e7t649p584r71popenclawvk97f6wf22ndbnsvq43e7t649p584r71pskillvk97f6wf22ndbnsvq43e7t649p584r71p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.