← 返回 Skills 市场
51
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install api-workbench
功能描述
Command-line API debugging tool with natural language requests, curl parsing, assertions, collection runner, and API documentation generation.
使用说明 (SKILL.md)
API Workbench (api-workbench)
A terminal-native API debugging tool. Send HTTP requests, validate responses, chain multiple requests with variable passing, and generate API docs — all from the command line.
Supports three input modes: natural language, curl command import, and OpenAPI/Swagger spec import (JSON format only; YAML requires optional PyYAML).
Quick Start
clawhub run api-workbench "GET https://jsonplaceholder.typicode.com/posts/1"
This sends an HTTP GET request and displays a formatted response with status, headers, body, timing, and equivalent curl command.
Features
| Feature | Description |
|---|---|
| Multi-mode Input | Natural language, curl command, OpenAPI import, manual |
| Full HTTP Support | GET/POST/PUT/DELETE/PATCH/HEAD/OPTIONS |
| Request Components | Headers, query/path params, JSON/form/text/file body, auth |
| Response Analysis | Status, headers, body (auto-formatted JSON), timing, size |
| Assertions | Status range, JSON Schema, header check, response time |
| Collection Runner | Multi-request chains with variable passing and data-driven execution |
| API Doc Generation | Auto-generate Markdown API docs from requests/responses |
| History & Favorites | Auto-save last 100 requests, searchable and re-runnable |
| SSRF Protection | Blocks requests to internal/private addresses by default |
Sample Prompts
Prompt 1: Natural Language Request
clawhub run api-workbench "Get user list from https://api.example.com/users?page=1"
Expected output:
═══════════════════════════════════════
GET https://api.example.com/users?page=1
═══════════════════════════════════════
Status: 200 OK ⏱ 127ms 📦 4.2 KB
Headers:
Content-Type: application/json
X-RateLimit-Remaining: 98
Body:
{
"data": [...],
"total": 150,
"page": 1
}
curl: curl -X GET 'https://api.example.com/users?page=1'
Prompt 2: Curl Command Import
clawhub run api-workbench --curl "curl -X POST https://api.example.com/login -H 'Content-Type: application/json' -d '{\"username\":\"admin\",\"password\":\"secret\"}'"
Expected output: Parses curl into structured request → executes → shows response + test results.
Prompt 3: Collection Runner with Variables
clawhub run api-workbench --collection login-and-fetch.json
Expected output: Executes collection steps with variable passing:
✅ [1/2] POST /login → 200 OK (87ms)
✅ [2/2] GET /profile → 200 OK (64ms) [token passed]
2 passed, 0 failed
Prompt 4: OpenAPI Import
clawhub run api-workbench --openapi ./petstore.json (Note: only JSON format is natively supported; YAML requires optional PyYAML)
Expected output: Lists 15 discovered API endpoints, prompts user to select and test.
Prompt 5: Request with Assertions
clawhub run api-workbench "GET https://api.example.com/users" --expect-status 200 --expect-time \x3C 500ms
Expected output: Request + assertion results with pass/fail for each check.
First-Success Path
Goal: First HTTP request within 5 seconds of installation.
Step 1: clawhub install api-workbench
Step 2: clawhub run api-workbench "GET https://jsonplaceholder.typicode.com/posts/1"
Step 3: Internal pipeline:
a. nl_parser.py extracts method=GET, url=...
b. request.py sends HTTP request
c. response.py parses and formats
d. formatter.py pretty-prints output
Step 4: User sees formatted request + response
Step 5: User copies the output curl command to share → first value
Architecture
api-workbench/
├── SKILL.md
├── scripts/
│ ├── request.py # HTTP client (fetch/urllib)
│ ├── response.py # Response parsing and formatting
│ ├── curl_parser.py # Curl command parser
│ ├── nl_parser.py # Natural language intent parser
│ ├── openapi.py # OpenAPI/Swagger import
│ ├── assertions.py # Assertion engine
│ ├── collection.py # Collection Runner
│ ├── variables.py # Variable passing and resolution
│ ├── history.py # Request history management
│ ├── formatter.py # Output formatter
│ ├── doc_generator.py # API documentation generator
│ └── security.py # Security module (SSRF, sanitization)
└── references/
└── examples.json
Error Handling
| Code | Scenario | Action |
|---|---|---|
| E001 | Invalid URL | Format error + correct examples |
| E002 | DNS failure | Network error + check suggestion |
| E003 | Connection refused | Error + port/service status hints |
| E004 | TLS cert invalid | Warning + --insecure option |
| E005 | Request timeout | Timeout info + current timeout_ms config |
| E006 | Response parse failure | Return raw body + parse error |
| E007 | Curl parse failure | Syntax error with position |
| E008 | OpenAPI parse failure | Schema validation error details |
| E009 | Collection step failure | Continue/stop per config |
| E010 | File upload not found | Path error |
| E011 | NL intent unparsable | Suggest manual mode |
Security
- Credentials never stored: Auth tokens/passwords not persisted in history
- SSRF protection: Blocks requests to
127.0.0.1/10.x/172.16-31.x/192.168.xby default - Local execution: All requests from local machine, zero external data sharing
- Environment variables: Supports
$ENV_VAR/${ENV_VAR}syntax to avoid hardcoded secrets - File upload size limit: Default max 50MB
安全使用建议
Install only if you are comfortable with an API tool that may send credentials to endpoints you specify and save request history locally. Avoid using it with production tokens, sensitive query parameters, cookies, or private response bodies unless you first verify history redaction, clear saved history, and review generated docs/curl output before sharing.
能力标签
能力评估
Purpose & Capability
The HTTP request runner, curl parser, collection runner, OpenAPI parser, assertions, and documentation generator all fit the stated API testing/debugging purpose.
Instruction Scope
The skill discloses history and environment-variable support, but its claim that credentials are never stored is overstated because authorization/API-key header values can be partially retained in history and raw credentials can appear in generated curl/docs output.
Install Mechanism
No installer hooks, package installation, background service, or privilege escalation mechanism was found in the artifacts.
Credentials
Network requests, local file reads for OpenAPI/data files, and optional environment-variable substitution are broadly consistent with an API workbench, but users should treat them as sensitive operations.
Persistence & Privilege
History is written automatically to ~/.openclaw/data/api-workbench/history.json, keeps up to 100 entries, stores URLs and headers, does not set restrictive file permissions, and provides no clear opt-out/private mode in the skill instructions.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install api-workbench - 安装完成后,直接呼叫该 Skill 的名称或使用
/api-workbench触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of API Workbench — a terminal-native API debugging and testing tool.
- Supports natural language requests, curl parsing, and OpenAPI (JSON) imports.
- Full HTTP request/response workflow with assertions, variable passing, and collection runner.
- Includes automatic API documentation generation and history management.
- Built-in SSRF protection and secure handling of credentials.
- Usable from the command line for fast, flexible API testing and debugging.
元数据
常见问题
Api Workbench 是什么?
Command-line API debugging tool with natural language requests, curl parsing, assertions, collection runner, and API documentation generation. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 51 次。
如何安装 Api Workbench?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install api-workbench」即可一键安装,无需额外配置。
Api Workbench 是免费的吗?
是的,Api Workbench 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Api Workbench 支持哪些平台?
Api Workbench 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Api Workbench?
由 haidong(@harrylabsj)开发并维护,当前版本 v1.0.0。
推荐 Skills