by 安全扫描
OpenClaw
安全
high confidenceThis is an instruction-only API design/reference skill that is internally consistent: it only reads its bundled documentation and does not request credentials, install software, or contact external endpoints.
评估建议
This skill is a local API design guide and appears coherent and low-risk. Before installing: (1) confirm you trust the skill source (homepage unknown); (2) avoid pasting real secrets or production tokens into prompts or example templates (the docs include sample tokens/passwords for illustration); (3) if your agent environment can run shell/CLI commands, be explicit about whether you want the agent to execute any npm/docker/curl examples from the docs — the skill itself does not automatically in...详细分析 ▾
✓ 用途与能力
Name and description (API design, review, documentation) match the packaged files: design principles, templates, review checklists, and docs. There are no unrelated requirements (no binaries, env vars, or config paths).
ℹ 指令范围
SKILL.md instructs the agent to read local reference files and use templates to produce docs/review output — this is appropriate. The reference docs contain example CLI commands (npm, docker, curl) and sample tokens/passwords in examples; those are illustrative only. Recommend caution: do not paste real secrets into examples or prompt the agent to run those commands automatically.
✓ 安装机制
No install spec and no code files to write or execute. Lowest-risk category (instruction-only).
✓ 凭证需求
The skill requires no environment variables, credentials, or config paths. All content is local documentation and templates, so requested privileges are proportional.
✓ 持久化与权限
always is false and there is no install-time modification or persistent agent configuration. The skill is user-invocable and the platform default allows autonomous invocation, but that default is not combined here with any broad privileges or credentials.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/27
Initial release of the API Design skill. - Provides API design principles, naming conventions, HTTP status codes, error response formats, and versioning strategies. - Includes OpenAPI documentation templates and review checklists for both design and audit scenarios. - Supports both English and Chinese triggers for flexible usage. - Offers a structured guide and references for designing, reviewing, and standardizing APIs.
● 无害
安装命令 点击复制
官方npx clawhub@latest install openapi-design
镜像加速npx clawhub@latest install openapi-design --registry https://cn.clawhub-mirror.com
技能文档
API 设计规范与最佳实践技能,提供从设计到文档生成的完整指导。
核心能力
- API 设计原则 — RESTful 设计最佳实践
- 命名规范 — 资源、端点、参数命名标准
- HTTP 状态码 — 完整状态码参考
- 错误响应格式 — 统一错误结构
- 版本管理 — URL 版本策略
- OpenAPI 模板 — 快速生成 API 文档
- 审查清单 — 设计审查检查点
使用场景
场景 1: 设计新 API
- 读取
references/common/design-principles.md了解设计原则 - 读取
references/design/resource-modeling.md进行资源建模 - 读取
references/design/endpoint-design.md设计端点 - 使用
references/templates/openapi3-模板.md生成 OpenAPI 文档 - 使用
references/review/api-review-checklist.md自查
场景 2: 审查现有 API
- 读取
references/review/api-review-checklist.md - 按清单逐项审查
- 输出审查报告
场景 3: 规范化接口
- 读取
references/common/naming-conventions.md检查命名 - 读取
references/common/错误-响应-格式.md检查错误格式 - 读取
references/common/versioning-strategy.md检查版本策略 - 生成整改建议
文件结构
api-design/
├── SKILL.md
└── references/
├── common/
│ ├── design-principles.md
│ ├── naming-conventions.md
│ ├── http-status-codes.md
│ ├── error-response-format.md
│ └── versioning-strategy.md
├── design/
│ ├── resource-modeling.md
│ ├── endpoint-design.md
│ └── security-best-practices.md
├── templates/
│ └── openapi3-template.md
├── review/
│ └── api-review-checklist.md
└── documentation/
└── doc-generation-guide.md
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制