← 返回 Skills 市场
Api Bridge
作者
lrg913427-dot
· GitHub ↗
· v2.0.0
· MIT-0
43
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install gavin-api-bridge
功能描述
Generate API integrations from OpenAPI/Swagger specs. Auto-create MCP servers, API clients, and webhook handlers. Use when user wants to connect to a REST AP...
使用说明 (SKILL.md)
API Bridge
Generate API integrations from OpenAPI/Swagger specs — MCP servers, API clients, and webhook handlers.
When to Use
Activate this skill when the user:
- Says "connect to this API", "integrate with X", "build an API client"
- Wants to create an MCP server for a REST API
- Has an OpenAPI/Swagger spec and wants code generated
- Needs a webhook handler for API events
- Wants to scaffold an API integration quickly
- Mentions "API key", "REST endpoint", or "webhook"
What This Skill Does
When a user wants to connect to an API, this skill:
- Finds or fetches the OpenAPI/Swagger spec
- Generates a working MCP server or API client
- Handles auth (API key, OAuth2, Bearer token)
- Includes error handling, rate limiting, and retries
- Produces ready-to-use code
Quick Start
From OpenAPI Spec URL
# Fetch the spec
curl -s https://api.example.com/openapi.json > /tmp/api-spec.json
# Generate MCP server
# (Use the steps below)
From Existing API Documentation
If no OpenAPI spec exists, create one from the API docs:
- Identify base URL and endpoints
- Create a minimal OpenAPI 3.0 spec
- Generate the integration
Step 1: Parse the Spec
import json
with open('api-spec.json') as f:
spec = json.load(f)
info = spec.get('info', {})
base_url = spec.get('servers', [{}])[0].get('url', '')
paths = spec.get('paths', {})
print(f"API: {info.get('title')}")
print(f"Version: {info.get('version')}")
print(f"Base URL: {base_url}")
print(f"Endpoints: {len(paths)}")
# List all endpoints
for path, methods in paths.items():
for method in methods:
if method in ['get', 'post', 'put', 'patch', 'delete']:
print(f" {method.upper()} {path}")
Step 2: Generate MCP Server (Python)
# mcp_server.py - Generated from OpenAPI spec
import os
import json
import httpx
from mcp.server import Server
from mcp.types import Tool, TextContent
app = Server("api-name")
BASE_URL = "https://api.example.com"
API_KEY = os.environ.get("API_KEY", "")
@app.tool()
async def list_items(limit: int = 10) -> str:
"""List items from the API."""
async with httpx.AsyncClient() as client:
resp = await client.get(
f"{BASE_URL}/items",
headers={"Authorization": f"Bearer {API_KEY}"},
params={"limit": limit},
)
resp.raise_for_status()
return json.dumps(resp.json(), indent=2)
@app.tool()
async def get_item(item_id: str) -> str:
"""Get a single item by ID."""
async with httpx.AsyncClient() as client:
resp = await client.get(
f"{BASE_URL}/items/{item_id}",
headers={"Authorization": f"Bearer {API_KEY}"},
)
resp.raise_for_status()
return json.dumps(resp.json(), indent=2)
@app.tool()
async def create_item(name: str, description: str = "") -> str:
"""Create a new item."""
async with httpx.AsyncClient() as client:
resp = await client.post(
f"{BASE_URL}/items",
headers={"Authorization": f"Bearer {API_KEY}"},
json={"name": name, "description": description},
)
resp.raise_for_status()
return json.dumps(resp.json(), indent=2)
Step 3: Add Rate Limiting
import asyncio
from collections import deque
import time
class RateLimiter:
def __init__(self, max_requests: int = 100, window: int = 60):
self.max_requests = max_requests
self.window = window
self.timestamps = deque()
async def acquire(self):
now = time.time()
while self.timestamps and now - self.timestamps[0] > self.window:
self.timestamps.popleft()
if len(self.timestamps) >= self.max_requests:
wait = self.window - (now - self.timestamps[0])
await asyncio.sleep(wait)
self.timestamps.append(time.time())
rate_limiter = RateLimiter(max_requests=100, window=60)
Step 4: Add Retry Logic
import httpx
from tenacity import retry, stop_after_attempt, wait_exponential
@retry(
stop=stop_after_attempt(3),
wait=wait_exponential(multiplier=1, min=1, max=10),
)
async def api_request(method: str, path: str, **kwargs) -> dict:
"""Make an API request with retry logic."""
async with httpx.AsyncClient() as client:
resp = await client.request(
method,
f"{BASE_URL}{path}",
headers={"Authorization": f"Bearer {API_KEY}"},
**kwargs,
)
resp.raise_for_status()
return resp.json()
Generate Python API Client
"""API client generated from OpenAPI spec."""
import httpx
from typing import Optional, Dict, Any
class APIClient:
def __init__(self, base_url: str, api_key: str = ""):
self.base_url = base_url.rstrip("/")
self.api_key = api_key
self._client = httpx.AsyncClient(
base_url=self.base_url,
headers={
"Authorization": f"Bearer {api_key}",
"Content-Type": "application/json",
},
timeout=30.0,
)
async def close(self):
await self._client.aclose()
async def __aenter__(self):
return self
async def __aexit__(self, *args):
await self.close()
async def _request(
self,
method: str,
path: str,
params: Optional[Dict] = None,
json: Optional[Dict] = None,
) -> Any:
resp = await self._client.request(method, path, params=params, json=json)
resp.raise_for_status()
return resp.json()
# Generated methods from OpenAPI spec
async def list_items(self, limit: int = 10) -> list:
return await self._request("GET", "/items", params={"limit": limit})
async def get_item(self, item_id: str) -> dict:
return await self._request("GET", f"/items/{item_id}")
async def create_item(self, name: str, **kwargs) -> dict:
return await self._request("POST", "/items", json={"name": name, **kwargs})
async def update_item(self, item_id: str, **kwargs) -> dict:
return await self._request("PATCH", f"/items/{item_id}", json=kwargs)
async def delete_item(self, item_id: str) -> None:
await self._request("DELETE", f"/items/{item_id}")
Generate Webhook Handler
"""Webhook handler for API events."""
from fastapi import FastAPI, Request, HTTPException
import hmac
import hashlib
app = FastAPI()
WEBHOOK_SECRET = os.environ.get("WEBHOOK_SECRET", "")
@app.post("/webhook")
async def handle_webhook(request: Request):
# Verify signature
body = await request.body()
signature = request.headers.get("X-Signature", "")
expected = hmac.new(
WEBHOOK_SECRET.encode(),
body,
hashlib.sha256,
).hexdigest()
if not hmac.compare_digest(signature, expected):
raise HTTPException(status_code=401, detail="Invalid signature")
payload = await request.json()
event_type = payload.get("event_type")
if event_type == "item.created":
await handle_item_created(payload)
elif event_type == "item.updated":
await handle_item_updated(payload)
elif event_type == "item.deleted":
await handle_item_deleted(payload)
return {"status": "ok"}
Common API Patterns
OAuth2 Flow
async def get_oauth_token(
client_id: str,
client_secret: str,
token_url: str,
) -> str:
"""Get OAuth2 access token."""
async with httpx.AsyncClient() as client:
resp = await client.post(
token_url,
data={
"grant_type": "client_credentials",
"client_id": client_id,
"client_secret": client_secret,
},
)
resp.raise_for_status()
return resp.json()["access_token"]
Pagination
async def list_all_items(api_client) -> list:
"""List all items with automatic pagination."""
all_items = []
cursor = None
while True:
params = {"limit": 100}
if cursor:
params["cursor"] = cursor
result = await api_client._request("GET", "/items", params=params)
all_items.extend(result["data"])
cursor = result.get("next_cursor")
if not cursor:
break
return all_items
File Upload
async def upload_file(api_client, file_path: str) -> dict:
"""Upload a file to the API."""
async with httpx.AsyncClient() as client:
with open(file_path, "rb") as f:
resp = await client.post(
f"{api_client.base_url}/files",
headers={"Authorization": f"Bearer {api_client.api_key}"},
files={"file": (file_path, f, "application/octet-stream")},
)
resp.raise_for_status()
return resp.json()
OpenAPI Spec Sources
Common places to find OpenAPI specs:
Or search: site:github.com "openapi" OR "swagger" "api-name"
Pitfalls
- Spec version — Check if it's OpenAPI 2.0 (Swagger) or 3.0+ (different format)
- Auth types — API key vs Bearer token vs OAuth2 vs Basic auth (check spec's securitySchemes)
- Rate limits — Always implement rate limiting; check API docs for limits
- Pagination — Different APIs use different patterns (cursor, offset, page, link header)
- Content types — Some APIs use
application/x-www-form-urlencodedinstead of JSON - Webhook verification — Always verify signatures; don't trust raw payloads
- Error handling — Check API docs for error codes and retry-after headers
Verification
After generating the integration:
- Test with a simple GET request (list endpoint)
- Verify auth works (check response code)
- Test error handling (invalid ID, missing auth)
- Check rate limiting (exceed limit, verify backoff)
- Test pagination (if applicable)
安全使用建议
This skill appears safe to install as an instruction-only scaffolding helper. Before running generated code, review the endpoints it exposes, use low-privilege credentials, avoid enabling unnecessary write/delete actions, and add authentication or webhook signature checks for any generated server.
功能分析
Type: OpenClaw Skill
Name: gavin-api-bridge
Version: 2.0.0
The skill bundle provides boilerplate code and instructions for generating API integrations, MCP servers, and webhook handlers from OpenAPI specifications. The code snippets in SKILL.md follow standard practices for API clients, including environment variable usage for secrets, rate limiting, and signature verification for webhooks, with no evidence of malicious intent or data exfiltration.
能力标签
能力评估
Purpose & Capability
The stated purpose matches the documented behavior: generating OpenAPI/Swagger-based MCP servers, API clients, and webhook handlers. Users should note that the generated tools can make live API calls, including write operations.
Instruction Scope
The examples are user-directed scaffolding instructions rather than automatic execution, but they include generic generated tools that may perform authenticated API requests. Generated endpoints should be reviewed before use.
Install Mechanism
No install spec, binaries, helper code, or package dependencies are provided; the artifact set is instruction-only and the static scan had no code to analyze.
Credentials
API keys, OAuth tokens, and bearer tokens are expected for this kind of integration, but the registry requirements do not declare required credentials or environment variables. This appears under-declared rather than hidden.
Persistence & Privilege
No autorun, background persistence, protected-path writes, or post-install execution are shown. Generated MCP servers or webhook handlers would run only if the user deploys them.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install gavin-api-bridge - 安装完成后,直接呼叫该 Skill 的名称或使用
/gavin-api-bridge触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
Major upgrade: Automated generation of MCP servers, API clients, and webhook handlers from OpenAPI/Swagger specs.
- Generates ready-to-use MCP server code, Python API clients, and secure webhook handlers.
- Handles authentication (API key, OAuth2, Bearer token), rate limiting, and retries out-of-the-box.
- Works from both existing OpenAPI/Swagger specs or minimal specs created from API docs.
- Clear guidance for users on when and how to activate or use the skill.
- Designed for fast, robust scaffolding of REST API integrations.
元数据
常见问题
Api Bridge 是什么?
Generate API integrations from OpenAPI/Swagger specs. Auto-create MCP servers, API clients, and webhook handlers. Use when user wants to connect to a REST AP... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 43 次。
如何安装 Api Bridge?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install gavin-api-bridge」即可一键安装,无需额外配置。
Api Bridge 是免费的吗?
是的,Api Bridge 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Api Bridge 支持哪些平台?
Api Bridge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Api Bridge?
由 lrg913427-dot(@lrg913427-dot)开发并维护,当前版本 v2.0.0。
推荐 Skills