ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ai Intelligent Api Management

API 管理,接口设计 + 文档 + 测试。

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 52 · 0 current installs · 0 all-time installs
by@yang1002378395-cmyk
duplicate of @yang1002378395-cmyk/ai-intelligent-api-management
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared purpose (API design, docs, testing, monitoring) matches what an API-management project would do. However, the packaged skill contains no implementation and instead tells the user/agent to clone and run an external GitHub repo — an inconsistency between the skill bundle and the runtime instructions.
!
Instruction Scope
The SKILL.md instructs running commands that fetch and execute third-party code (git clone, pip install -r requirements.txt, python app.py). Those steps would cause the agent/user to download and execute arbitrary code outside the skill package and could lead to code execution or data exfiltration. The instructions do not limit or describe what the external code does, nor do they declare any environment/credential needs that external components might require.
!
Install Mechanism
There is no install spec in the skill bundle, but the README-style instructions direct cloning from a GitHub repo and installing Python dependencies. While GitHub is a common host, this still results in arbitrary remote code being installed and executed (moderate-to-high risk). The skill package itself contains no code to vet.
Credentials
The skill declares no required environment variables or credentials, which is appropriate for the manifest. However, because the agent is instructed to run external software, that external code may request or use secrets/configuration not declared by the skill. The lack of declared env vars therefore provides limited assurance.
Persistence & Privilege
The skill does not request always: true and is user-invocable only. That is reasonable. Still, the instructions run a server (python app.py) which implies long-running network services and potential persistent presence on the host — behavior not captured in the skill metadata and worth considering before running.
What to consider before installing
This skill bundle contains only instructions and no code; following it will clone and run code from a GitHub repo and install its Python dependencies. Before installing or running anything: (1) Inspect the linked GitHub repository and review its code, startup scripts, and requirements.txt; (2) Review the repo for any network endpoints, telemetry, or credential usage; (3) Run the project in an isolated environment or container (not on a production machine); (4) Prefer skills that include their code in the package or come from a vetted source; (5) If you must proceed, at minimum audit requirements and run static checks on the cloned code, and avoid supplying sensitive credentials until you confirm what the software needs and why.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
chinesevk97eavkmmrp48gg76atr0cw36983vtjtlatestvk97eavkmmrp48gg76atr0cw36983vtjt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤖 Clawdis

SKILL.md

AI 智能 API 管理系统

描述

API 管理,接口设计 + 文档 + 测试。

功能

  • API 设计(可视化设计)
  • 文档生成(自动生成)
  • 接口测试(自动化测试)
  • 版本管理(版本控制)
  • 性能监控(API监控)

定价

  • 基础版:¥99/月(100 API)
  • 专业版:¥499/月(1000 API)
  • 企业版:¥1999/月(无限 API)

适用场景

  • API 开发
  • 接口管理
  • 文档生成
  • 接口测试

技术栈

  • Python + FastAPI
  • OpenAPI/Swagger
  • 接口测试
  • 性能监控

安装

git clone https://github.com/openclaw-skills/ai-intelligent-api-management
cd ai-intelligent-api-management
pip install -r requirements.txt
python app.py

创建:2026-03-13 作者:OpenClaw Skills Team

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…