ClawHub

API Health Checker

v1.0.0

Tests API endpoints by sending requests, validating responses, measuring performance, handling authentication, and generating detailed health reports.

0· 594·0 current·0 all-time
by@underbench2-gif
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the SKILL.md instructions: sending HTTP requests, validating responses, handling auth headers, measuring timing, and producing reports. There are no declared environment variables, binaries, or installs that don't belong to an API health checker.
Instruction Scope
Instructions are limited to making HTTP requests and validating responses, which is appropriate. They allow arbitrary endpoints, custom headers, and request bodies (including authentication tokens). That is expected for this purpose, but it also means the skill will accept and use sensitive values provided by the user and can be pointed at internal/private endpoints if the user asks it to.
Install Mechanism
Instruction-only skill with no install spec and no code files. This minimizes risk from installation artifacts — nothing is downloaded or written to disk by an installer.
Credentials
The skill declares no required environment variables or credentials, which is consistent because authentication is expected to be provided per-request via headers or bodies. Users should be aware this means any API keys or bearer tokens must be supplied in prompts or request configurations (not stored by the skill).
Persistence & Privilege
always is false and the skill is user-invokable (normal). The SKILL.md does not request persistent background monitoring or self-enablement, so it does not ask for elevated or permanent privileges.
Assessment
This skill is coherent for API testing, but exercise caution when providing secrets or testing internal endpoints. Do not paste long-lived production API keys into prompts unless you trust the environment; prefer short-lived or scoped tokens. Decide in advance whether response bodies and headers (which may contain sensitive data) should be included in reports. Limit tests to the endpoints you control and avoid instructing the skill to scan internal/localhost addresses unless you intend that. If you need continuous monitoring, verify how results will be stored or transmitted — this instruction-only skill does not declare any persistent storage or transmit destinations, so ask the publisher how reports are delivered and retained before sending sensitive data.

Like a lobster shell, security has layers — review code before you run it.

apivk974va2ts7kdns8y3bwegbc2ms814x46healthvk974va2ts7kdns8y3bwegbc2ms814x46latestvk974va2ts7kdns8y3bwegbc2ms814x46monitoringvk974va2ts7kdns8y3bwegbc2ms814x46performancevk974va2ts7kdns8y3bwegbc2ms814x46testingvk974va2ts7kdns8y3bwegbc2ms814x46

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments