ClawHub

Service Layer Architecture

v1.0.0

Controller-service-query layered API architecture with data enrichment and parallel fetching. Use when building REST APIs or GraphQL resolvers with clean separation of concerns. Triggers on API architecture, service layer, controller pattern, data enrichment, REST API.

0· 804·2 current·2 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the content: the skill is architecture guidance for REST/GraphQL layers and the SKILL.md contains only code examples and patterns relevant to that purpose. There are no unrelated env vars, binaries, or config paths requested.
Instruction Scope
Runtime instructions are example code and design rules (controllers, services, queries, Promise.all). They do not instruct the agent to read arbitrary files, access credentials, or transmit data to external endpoints. Some recommendations (e.g., "always use .lean()") are opinionated and may not fit every scenario, but this is design guidance rather than malicious behavior.
Install Mechanism
The skill is instruction-only (no install spec), which is lowest risk. README includes an npx add command pointing to a GitHub tree URL and copy instructions that assume local skill directories; fetching code from an external repo is optional but carries the usual risk—verify the remote repository before running any fetch/install commands.
Credentials
No environment variables, credentials, or config paths are requested; the skill does not ask for secrets and its example code uses generic query/service calls without requiring external keys.
Persistence & Privilege
Flags are default (always:false, user-invocable:true). The skill does not request persistent presence or system-wide changes and has no install-time behavior that would modify other skills or agent config.
Assessment
This skill is a benign, instruction-only guide for layering controllers, services, and queries. Before you copy or run any remote code referenced in the README (the npx add GitHub URL or repository copies), inspect that repository yourself — fetching and executing code from third-party repos is where risk appears. Also treat design rules as guidance (for example, .lean() improves performance in many MongoDB reads but isn't always appropriate); review and adapt snippets to your application's correctness, security, and error-handling needs. If you want higher assurance, ask the publisher for a canonical source or inspect the repository history before using the code.

Like a lobster shell, security has layers — review code before you run it.

latestvk97drnqfnxjz9jmcd18cqw1m3580x1bm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments