ClawHub

Apimon

v2.0.1

Monitor API endpoints and track response times to catch outages. Use when checking uptime, validating schemas, or generating status reports.

0· 253·0 current·0 all-time
by@bytesagain1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (API monitoring, uptime, schema validation, reporting) align with the included commands and the script implementation: each command records timestamped entries to per-command log files and a central history. There are no unrelated binaries, env vars, or external cloud credentials requested.
Instruction Scope
Runtime instructions and the script are narrowly scoped to recording, listing, searching, exporting, and reporting log entries in the data directory (~/.local/share/apimon). The skill does not perform network calls or read other system configuration. Note: it persists whatever text you pass (which may include sensitive API responses or tokens) to disk — review inputs before logging.
Install Mechanism
The skill is instruction-only (no install spec) which is low risk, but a runnable implementation (scripts/script.sh) is included. SKILL.md assumes an 'apimon' CLI; there is no install instruction to place scripts/script.sh on PATH. This is an operational mismatch (you must manually install or invoke the script), not a security red flag.
Credentials
No environment variables or credentials are required. The script uses HOME to create and write to ~/.local/share/apimon — reasonable for a local logger, but be aware logs may contain sensitive data you supply (API keys, full responses).
Persistence & Privilege
The skill does not request always:true or elevated privileges and only writes to its own data directory. It does not modify other skills, system-wide agent settings, or read unrelated credential/config paths.
Assessment
This skill appears coherent with its stated purpose: it provides a simple local CLI logger that stores entries in ~/.local/share/apimon and can export them. Before installing/using: (1) be aware any input you log is persisted — avoid logging secrets or full API responses that include tokens; (2) the package includes scripts/script.sh but no automated install step, so you'll need to install or run the script yourself if you want an 'apimon' command; (3) if you plan to store logs long-term or share exports, consider restricting the data directory permissions or cleaning sensitive fields before logging. If you want higher assurance, inspect scripts/script.sh locally (it's plain bash) before running.

Like a lobster shell, security has layers — review code before you run it.

latestvk9768dxnmdt0q3zkjfa11v031x835mrx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments