← Back to Skills Marketplace
harrylabsj

Api Workbench

by haidong · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
51
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install api-workbench
Description
Command-line API debugging tool with natural language requests, curl parsing, assertions, collection runner, and API documentation generation.
README (SKILL.md)

API Workbench (api-workbench)

A terminal-native API debugging tool. Send HTTP requests, validate responses, chain multiple requests with variable passing, and generate API docs — all from the command line.

Supports three input modes: natural language, curl command import, and OpenAPI/Swagger spec import (JSON format only; YAML requires optional PyYAML).

Quick Start

clawhub run api-workbench "GET https://jsonplaceholder.typicode.com/posts/1"

This sends an HTTP GET request and displays a formatted response with status, headers, body, timing, and equivalent curl command.

Features

Feature Description
Multi-mode Input Natural language, curl command, OpenAPI import, manual
Full HTTP Support GET/POST/PUT/DELETE/PATCH/HEAD/OPTIONS
Request Components Headers, query/path params, JSON/form/text/file body, auth
Response Analysis Status, headers, body (auto-formatted JSON), timing, size
Assertions Status range, JSON Schema, header check, response time
Collection Runner Multi-request chains with variable passing and data-driven execution
API Doc Generation Auto-generate Markdown API docs from requests/responses
History & Favorites Auto-save last 100 requests, searchable and re-runnable
SSRF Protection Blocks requests to internal/private addresses by default

Sample Prompts

Prompt 1: Natural Language Request

clawhub run api-workbench "Get user list from https://api.example.com/users?page=1"

Expected output:

═══════════════════════════════════════
GET https://api.example.com/users?page=1
═══════════════════════════════════════
Status: 200 OK  ⏱ 127ms  📦 4.2 KB
Headers:
  Content-Type: application/json
  X-RateLimit-Remaining: 98
Body:
{
  "data": [...],
  "total": 150,
  "page": 1
}
curl: curl -X GET 'https://api.example.com/users?page=1'

Prompt 2: Curl Command Import

clawhub run api-workbench --curl "curl -X POST https://api.example.com/login -H 'Content-Type: application/json' -d '{\"username\":\"admin\",\"password\":\"secret\"}'"

Expected output: Parses curl into structured request → executes → shows response + test results.

Prompt 3: Collection Runner with Variables

clawhub run api-workbench --collection login-and-fetch.json

Expected output: Executes collection steps with variable passing:

✅ [1/2] POST /login → 200 OK (87ms)
✅ [2/2] GET /profile → 200 OK (64ms) [token passed]
2 passed, 0 failed

Prompt 4: OpenAPI Import

clawhub run api-workbench --openapi ./petstore.json  (Note: only JSON format is natively supported; YAML requires optional PyYAML)

Expected output: Lists 15 discovered API endpoints, prompts user to select and test.

Prompt 5: Request with Assertions

clawhub run api-workbench "GET https://api.example.com/users" --expect-status 200 --expect-time \x3C 500ms

Expected output: Request + assertion results with pass/fail for each check.

First-Success Path

Goal: First HTTP request within 5 seconds of installation.

Step 1: clawhub install api-workbench
Step 2: clawhub run api-workbench "GET https://jsonplaceholder.typicode.com/posts/1"
Step 3: Internal pipeline:
  a. nl_parser.py extracts method=GET, url=...
  b. request.py sends HTTP request
  c. response.py parses and formats
  d. formatter.py pretty-prints output
Step 4: User sees formatted request + response
Step 5: User copies the output curl command to share → first value

Architecture

api-workbench/
├── SKILL.md
├── scripts/
│   ├── request.py         # HTTP client (fetch/urllib)
│   ├── response.py        # Response parsing and formatting
│   ├── curl_parser.py     # Curl command parser
│   ├── nl_parser.py       # Natural language intent parser
│   ├── openapi.py         # OpenAPI/Swagger import
│   ├── assertions.py      # Assertion engine
│   ├── collection.py      # Collection Runner
│   ├── variables.py       # Variable passing and resolution
│   ├── history.py         # Request history management
│   ├── formatter.py       # Output formatter
│   ├── doc_generator.py   # API documentation generator
│   └── security.py        # Security module (SSRF, sanitization)
└── references/
    └── examples.json

Error Handling

Code Scenario Action
E001 Invalid URL Format error + correct examples
E002 DNS failure Network error + check suggestion
E003 Connection refused Error + port/service status hints
E004 TLS cert invalid Warning + --insecure option
E005 Request timeout Timeout info + current timeout_ms config
E006 Response parse failure Return raw body + parse error
E007 Curl parse failure Syntax error with position
E008 OpenAPI parse failure Schema validation error details
E009 Collection step failure Continue/stop per config
E010 File upload not found Path error
E011 NL intent unparsable Suggest manual mode

Security

  • Credentials never stored: Auth tokens/passwords not persisted in history
  • SSRF protection: Blocks requests to 127.0.0.1/10.x/172.16-31.x/192.168.x by default
  • Local execution: All requests from local machine, zero external data sharing
  • Environment variables: Supports $ENV_VAR / ${ENV_VAR} syntax to avoid hardcoded secrets
  • File upload size limit: Default max 50MB
Usage Guidance
Install only if you are comfortable with an API tool that may send credentials to endpoints you specify and save request history locally. Avoid using it with production tokens, sensitive query parameters, cookies, or private response bodies unless you first verify history redaction, clear saved history, and review generated docs/curl output before sharing.
Capability Tags
requires-sensitive-credentials
Capability Assessment
Purpose & Capability
The HTTP request runner, curl parser, collection runner, OpenAPI parser, assertions, and documentation generator all fit the stated API testing/debugging purpose.
Instruction Scope
The skill discloses history and environment-variable support, but its claim that credentials are never stored is overstated because authorization/API-key header values can be partially retained in history and raw credentials can appear in generated curl/docs output.
Install Mechanism
No installer hooks, package installation, background service, or privilege escalation mechanism was found in the artifacts.
Credentials
Network requests, local file reads for OpenAPI/data files, and optional environment-variable substitution are broadly consistent with an API workbench, but users should treat them as sensitive operations.
Persistence & Privilege
History is written automatically to ~/.openclaw/data/api-workbench/history.json, keeps up to 100 entries, stores URLs and headers, does not set restrictive file permissions, and provides no clear opt-out/private mode in the skill instructions.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install api-workbench
  3. After installation, invoke the skill by name or use /api-workbench
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of API Workbench — a terminal-native API debugging and testing tool. - Supports natural language requests, curl parsing, and OpenAPI (JSON) imports. - Full HTTP request/response workflow with assertions, variable passing, and collection runner. - Includes automatic API documentation generation and history management. - Built-in SSRF protection and secure handling of credentials. - Usable from the command line for fast, flexible API testing and debugging.
Metadata
Slug api-workbench
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Api Workbench?

Command-line API debugging tool with natural language requests, curl parsing, assertions, collection runner, and API documentation generation. It is an AI Agent Skill for Claude Code / OpenClaw, with 51 downloads so far.

How do I install Api Workbench?

Run "/install api-workbench" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Api Workbench free?

Yes, Api Workbench is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Api Workbench support?

Api Workbench is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Api Workbench?

It is built and maintained by haidong (@harrylabsj); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments