← Back to Skills Marketplace
derick001

HTTP Request Builder

by Derick · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
454
Downloads
0
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install http-request-builder
Description
Build, test, and save HTTP requests from the CLI with custom headers, auth, body, cookies, templates, interactive mode, and request history tracking.
README (SKILL.md)

HTTP Request Builder

What This Does

A CLI tool to build, test, and save HTTP requests. Send requests with custom headers, authentication, body, and cookies. Save requests as templates for reuse and maintain a history of your HTTP calls.

Key features:

  • Send HTTP requests with GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS methods
  • Set custom headers with key-value pairs
  • Add authentication (Basic Auth, Bearer tokens)
  • Include request body (JSON, form data, raw text)
  • Manage cookies for requests
  • Save requests as templates (JSON files) for reuse
  • Load and execute saved templates
  • Interactive mode for building requests step-by-step
  • Command-line mode for scripting and automation
  • Request history tracks your recent HTTP calls

When To Use

  • You need to test REST API endpoints quickly from the terminal
  • You want to save and reuse complex API requests
  • You prefer a CLI tool over GUI applications like Postman
  • You need to automate API testing in scripts
  • You want to share API request configurations with team members
  • You're debugging API issues and need to replay requests

Usage

Basic commands:

# Send a GET request
python3 scripts/main.py get https://api.example.com/data

# Send a POST request with JSON body
python3 scripts/main.py post https://api.example.com/api \
  --header "Content-Type: application/json" \
  --body '{"name": "test", "value": 123}'

# Send with Basic authentication
python3 scripts/main.py get https://api.example.com/secure \
  --auth basic --username admin --password secret

# Send with Bearer token
python3 scripts/main.py get https://api.example.com/secure \
  --auth bearer --token "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"

# Save request as template
python3 scripts/main.py post https://api.example.com/api \
  --header "Content-Type: application/json" \
  --body '{"name": "test"}' \
  --save-template my-request

# Load and execute template
python3 scripts/main.py template my-request

# Interactive mode
python3 scripts/main.py interactive

# View request history
python3 scripts/main.py history

# Clear history
python3 scripts/main.py history --clear

Examples

Example 1: Simple GET request

python3 scripts/main.py get https://jsonplaceholder.typicode.com/posts/1

Output:

Response Status: 200 OK
Response Headers:
  content-type: application/json; charset=utf-8
  ...

Response Body:
{
  "userId": 1,
  "id": 1,
  "title": "sunt aut facere repellat provident occaecati excepturi optio reprehenderit",
  "body": "quia et suscipit\
suscipit recusandae consequuntur expedita et cum\
reprehenderit molestiae ut ut quas totam\
nostrum rerum est autem sunt rem eveniet architecto"
}

Example 2: POST request with JSON body and headers

python3 scripts/main.py post https://jsonplaceholder.typicode.com/posts \
  --header "Content-Type: application/json" \
  --header "X-API-Key: my-secret-key" \
  --body '{
    "title": "foo",
    "body": "bar",
    "userId": 1
  }'

Example 3: Save and reuse request template

# Save template
python3 scripts/main.py post https://api.example.com/users \
  --header "Content-Type: application/json" \
  --header "Authorization: Bearer token123" \
  --body '{"name": "New User"}' \
  --save-template create-user

# Use template later
python3 scripts/main.py template create-user

# List all templates
python3 scripts/main.py templates

Example 4: Interactive mode

python3 scripts/main.py interactive

Interactive mode guides you through:

  1. HTTP method selection
  2. URL input
  3. Headers configuration
  4. Authentication setup
  5. Request body input
  6. Send request and view results

Requirements

  • Python 3.x
  • requests library (installed automatically or via pip)

Install missing dependencies:

pip3 install requests

Limitations

  • This is a CLI tool, not a GUI application
  • History and templates stored in simple JSON files in ~/.http-request-builder/
  • Limited authentication support (Basic, Bearer tokens only)
  • No OAuth, API key in header, or complex authentication flows
  • No cookie persistence across sessions (cookies only for single request)
  • No proxy configuration support
  • No SSL certificate verification controls
  • No support for websockets or streaming responses
  • No advanced features like response validation or testing assertions
  • Request history limited to 100 entries by default
  • Templates are simple JSON files without encryption
  • No built-in support for environment variables in templates
  • Performance limited by Python requests library
  • Large response bodies may be truncated for display
  • No support for multipart form data file uploads
  • No built-in rate limiting or retry logic
  • No support for HTTP/2 or HTTP/3 protocols

Directory Structure

The tool stores data in ~/.http-request-builder/:

  • templates/ - Saved request templates (JSON files)
  • history.json - Request history log
  • config.json - Configuration (if any)

Error Handling

  • Invalid URLs return helpful error messages
  • Network timeouts after 30 seconds
  • JSON parsing errors show the problematic content
  • Missing templates indicate which template wasn't found
  • Authentication failures suggest correct format

Contributing

This is a skill built by the Skill Factory. Issues and improvements should be reported through the OpenClaw project.

Usage Guidance
This tool appears to do what it says: build, send, and save HTTP requests locally. Before installing/using it, be aware that templates and request history are saved as plaintext JSON under ~/.http-request-builder/ and can include bearer tokens and basic-auth credentials. Do not save secrets you would not want stored on disk; restrict filesystem access to that folder (correct file permissions), remove sensitive fields before saving templates, or delete templates/history when finished. Confirm the script's source (source/homepage unknown) before trusting it with sensitive requests, and consider running it in a sandboxed environment if you need to send credentials to untrusted endpoints.
Capability Analysis
Type: OpenClaw Skill Name: http-request-builder Version: 1.0.0 The skill is classified as suspicious due to two significant vulnerabilities in `scripts/main.py`. First, it stores sensitive authentication data (usernames, passwords, and bearer tokens) in plain text within JSON template files in `~/.http-request-builder/templates/`. Second, it is vulnerable to path traversal when saving or loading templates, as the template name is directly used to construct file paths (e.g., `TEMPLATES_DIR / f"{name}.json"`) without sanitization, potentially allowing arbitrary file write/read within the user's home directory. While these are serious flaws, there is no clear evidence of intentional malicious behavior such as data exfiltration to unauthorized endpoints, backdoor installation, or prompt injection against the agent.
Capability Assessment
Purpose & Capability
Name, description, SKILL.md, README, and included Python script all align: a CLI tool to build, send, save, and replay HTTP requests. There are no unexpected binaries, env vars, or config paths required beyond storing data in the user's home directory.
Instruction Scope
Runtime instructions and the code operate within the described scope (sending HTTP requests, interactive and CLI modes, saving templates/history). However, the tool explicitly saves templates and history as JSON files in ~/.http-request-builder/ and may persist authentication tokens and usernames/passwords in plaintext; the SKILL.md documents this limitation but it is a privacy/security consideration the user should weigh.
Install Mechanism
Instruction-only with a bundled script; no install spec or remote downloads. The only runtime dependency is the widely-used 'requests' Python package, which the code checks for. No high-risk install behavior is present.
Credentials
The skill requests no environment variables or credentials and the code does not read hidden system credentials. However, it writes and reads templates/history that may include sensitive data (bearer tokens, basic auth username/password) in plaintext JSON files. The SKILL.md mentions templates are not encrypted; users should treat stored templates/history as sensitive.
Persistence & Privilege
The skill does not request 'always' presence, does not modify other skills or global agent settings, and only creates a config directory under the user's home (~/.http-request-builder). This is appropriate for a CLI tool that stores user data locally.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install http-request-builder
  3. After installation, invoke the skill by name or use /http-request-builder
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: A command-line tool to build, test, and save HTTP requests with support for headers, authentication, request bodies, cookies, history, and templates. - Send requests with GET, POST, PUT, DELETE, PATCH, HEAD, and OPTIONS methods. - Support for custom headers, Basic and Bearer authentication, request body in JSON/raw/form, and cookies. - Save and load HTTP requests as reusable templates. - Interactive and command-line modes for flexibility. - Maintains a request history and provides commands for managing templates and history. - Simple error handling and helpful user feedback.
Metadata
Slug http-request-builder
Version 1.0.0
License
All-time Installs 3
Active Installs 3
Total Versions 1
Frequently Asked Questions

What is HTTP Request Builder?

Build, test, and save HTTP requests from the CLI with custom headers, auth, body, cookies, templates, interactive mode, and request history tracking. It is an AI Agent Skill for Claude Code / OpenClaw, with 454 downloads so far.

How do I install HTTP Request Builder?

Run "/install http-request-builder" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is HTTP Request Builder free?

Yes, HTTP Request Builder is completely free (open-source). You can download, install and use it at no cost.

Which platforms does HTTP Request Builder support?

HTTP Request Builder is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created HTTP Request Builder?

It is built and maintained by Derick (@derick001); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments