← Back to Skills Marketplace
Wafeq API Reference
by
Yordi de Kleijn
· GitHub ↗
· v1.1.0
331
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install wafeq-api
Description
Complete Wafeq accounting & e-invoicing API reference for the Middle East (UAE, Saudi Arabia). Use when building integrations with Wafeq, creating/managing i...
Usage Guidance
This appears to be a straightforward API reference that legitimately asks only for a Wafeq API key. Before installing/providing secrets: 1) Prefer creating a least-privileged or test API key (scoped or limited) rather than a full-production key. 2) If you must store the key in ~/.openclaw/openclaw.json, ensure that file is protected (filesystem permissions) and that you understand the persistence risk; consider using an OS secret manager instead. 3) Do not run scripts from unknown sources — SKILL.md refers to scripts/setup.sh but the package contains no scripts; if an install or README later asks you to run a downloaded script, review it first. 4) Because the agent can call the API autonomously, decide whether to allow autonomous use or to require user confirmation in your agent settings. 5) If you need higher assurance, verify the skill's provenance (who published it) or prefer installing an official integration from Wafeq or a trusted publisher. If any of these checks fail or you are unsure about the publisher, use a sandbox/test account/key first and rotate the key after testing.
Capability Analysis
Type: OpenClaw Skill
Name: wafeq-api
Version: 1.1.0
The skill bundle is benign, consisting solely of documentation files (`.md`) and metadata (`_meta.json`) for the Wafeq accounting and e-invoicing API. It describes legitimate API endpoints, schemas, and authentication methods (API key, OAuth2), emphasizing secure handling of API keys via environment variables or OpenClaw configuration. There is no executable code, obfuscation, or explicit prompt-injection attempts within the markdown to instruct an agent to perform malicious actions. The mention of `scripts/setup.sh` in `SKILL.md` is an instruction to the user, but the script itself is not included for analysis.
Capability Assessment
Purpose & Capability
Name/description, documentation files, and the single required environment variable (WAFEQ_API_KEY) all align with a Wafeq API reference skill. There are no unrelated credentials, binaries, or install steps requested.
Instruction Scope
SKILL.md stays on-topic (how to call Wafeq endpoints, sample workflows, headers). One mismatch: it suggests validating setup by running scripts/setup.sh from the plugin root, but this bundle contains no scripts — do not run arbitrary scripts from unknown sources. Otherwise the instructions do not request unrelated system data or extra credentials.
Install Mechanism
No install spec and no code files — instruction-only — so nothing is written to disk by an installer. This is the lowest-risk install profile.
Credentials
Only WAFEQ_API_KEY is required, which is appropriate. However SKILL.md documents storing the key in ~/.openclaw/openclaw.json (skills.entries.wafeq-api.apiKey), which persists the secret to disk; evaluate the security of that file/location and prefer least-privilege or short-lived keys when possible.
Persistence & Privilege
always is false and there are no requests to modify other skills or system settings. Note: model invocation is enabled by default — if you provide the API key the agent (and this skill) can make Wafeq API calls autonomously, which is expected but increases the importance of using a restricted key.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install wafeq-api - After installation, invoke the skill by name or use
/wafeq-api - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Fix endpoint URLs (hyphens not underscores), verify all 30+ endpoints against official Wafeq developer docs, confirm manual-journals and journal-line-items work, add env gating and setup script
Metadata
Frequently Asked Questions
What is Wafeq API Reference?
Complete Wafeq accounting & e-invoicing API reference for the Middle East (UAE, Saudi Arabia). Use when building integrations with Wafeq, creating/managing i... It is an AI Agent Skill for Claude Code / OpenClaw, with 331 downloads so far.
How do I install Wafeq API Reference?
Run "/install wafeq-api" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Wafeq API Reference free?
Yes, Wafeq API Reference is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Wafeq API Reference support?
Wafeq API Reference is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Wafeq API Reference?
It is built and maintained by Yordi de Kleijn (@yordilorenzo); the current version is v1.1.0.
More Skills