← Back to Skills Marketplace
Clean HTTP Toolkit
by
gopendrasharma89-tech
· GitHub ↗
· v0.1.0
· MIT-0
28
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install clean-http-toolkit
Description
Local HTTP client + tiny server toolkit for AI agents. GET / POST / PUT / PATCH / DELETE with retries on 5xx/429, gzip decoding, redirect following, --bearer...
README (SKILL.md)
clean-http-toolkit
v0.1.0
Fifth member of the clean-* family. AI agents constantly need to fetch a URL, POST to an API, download a dataset, or run a mock server for tests — and currently the only option is shell-out to curl (no retry logic) or pip-install requests. This toolkit gives them all four in pure stdlib.
Scripts
scripts/get.py— HTTP GET with retries (5xx/429), gzip decoding, redirect-following,--bearer TOKEN,--basic USER:PASS,--header 'Name: V',--query K=V,--jsonpretty-print,--print-headers,--status-only,--fail(exit 1 on non-2xx).scripts/post.py— POST / PUT / PATCH / DELETE via--method. Body sources:--json '\x3CJSON>',--json-file PATH,--form K=V(repeatable),--raw-file PATH(with--content-type). Same auth + retry options asget.py.scripts/download.py— streaming file download with progress bar on stderr, retries on transient errors,--resumefor incomplete files,--sha256 HEX/--md5 HEXverification, configurable--chunk-size. Memory stays bounded regardless of file size.scripts/serve.py— tiny local HTTP server for tests. Two modes:static(serve a directory, likepython3 -m http.serverbut with--max-requests Ncutoff so CI tests can run and exit cleanly) andecho(reply to every request with a JSON envelope describing the request itself — perfect for webhook smoke tests). Binds to127.0.0.1by default for safety.scripts/check_deps.sh— verifypython3.
Quick start
# Simple GET
python3 scripts/get.py https://api.example.com/users
# GET with auth, query params, JSON pretty-print
python3 scripts/get.py https://api.example.com/users \
--bearer "$TOKEN" \
--query 'limit=20' --query 'page=1' \
--json
# Just the status code (great for health checks)
python3 scripts/get.py https://example.com --status-only
# POST JSON
python3 scripts/post.py https://api.example.com/users \
--json '{"name":"Alice","email":"[email protected]"}' \
--bearer "$TOKEN"
# POST a form
python3 scripts/post.py https://example.com/login \
--form 'user=alice' --form 'pass=secret'
# PUT a JSON file
python3 scripts/post.py https://api.example.com/items/42 \
--method PUT --json-file payload.json
# Download with progress + SHA-256 verification
python3 scripts/download.py \
https://releases.example.com/model.tar.gz \
~/Downloads/model.tar.gz \
--sha256 abc123def456...
# Resume an incomplete download
python3 scripts/download.py URL out.bin --resume
# Local static server for tests
python3 scripts/serve.py --directory ./public --port 8080
# Echo server for webhook smoke tests (auto-exits after 5 requests)
python3 scripts/serve.py --mode echo --port 9000 --max-requests 5
Exit codes
| Code | Meaning |
|---|---|
| 0 | success / 2xx response (or any response if --fail not set) |
| 1 | --fail and response was non-2xx; or --sha256 / --md5 mismatch on download |
| 2 | bad arguments / unsafe path / bad URL / network error / non-2xx download |
Safety properties
- Pure Python 3 standard library (
urllib,http.server). Norequests, nohttpx, no pip install. - All file paths validated against the same safe-path policy as the other
clean-*toolkits. - All URLs validated: must be
http://orhttps://with a host. serve.pybinds to127.0.0.1by default; you must pass--bind 0.0.0.0explicitly to expose it.--insecureis opt-in only — TLS verification is on by default.- Retries are bounded (
--retries N, default 3) with exponential backoff capped at the backoff base × 2^attempt.
Why pure stdlib
Agents are usually run in restricted environments (sandboxes, CI runners, ephemeral containers) where pip install either fails, is forbidden, or burns minutes of setup time. Every script here uses only Python stdlib so it can run anywhere Python 3 is present.
Pairs well with
clean-text-toolkit— pipeget.py URLintohtmlstrip.pyto scrape a page to plain text in one command.clean-json-toolkit— pipe API responses intoquery.py/validate.py/merge.py.clean-log-toolkit—serve.pystatic mode is useful for replaying captured log files over HTTP for parser tests.clean-csv-toolkit— download a CSV withdownload.py, theninspect.py/validate.pyit.
v0.1.0 changes
- First public release. Four scripts:
get.py,post.py,download.py,serve.py. - Shared
_common.pywithsafe_path,safe_url,parse_headers,fetch(with retry + gzip + redirect handling). - All five
clean-*toolkits now share the same safe-path policy, the same 0 / 1 / 2 exit-code contract, and the same zero-dependency principle.
License
MIT
Usage Guidance
Before installing, be comfortable with a local HTTP toolkit that can send authenticated requests and write downloads. Avoid --insecure when using tokens or passwords, keep the test server bound to 127.0.0.1 unless you intentionally expose it, and do not send real API keys, cookies, or personal data to echo mode unless you are prepared for them to be reflected in the response.
Capability Tags
Capability Assessment
Purpose & Capability
The skill's GET, POST, download, and local test-server scripts match its stated purpose as a Python standard-library HTTP toolkit for agents.
Instruction Scope
The skill documents auth headers, echo mode, and the --insecure flag; these are user-directed, but echo mode has no secret redaction and --insecure can weaken HTTPS protections.
Install Mechanism
Install requirements are minimal and disclosed: Python 3 only, with no pip packages or automatic dependency installation.
Credentials
Network access, local file reads/writes for requested bodies/downloads, and a local HTTP server are proportionate to the toolkit's purpose; the server binds to 127.0.0.1 by default.
Persistence & Privilege
The skill does not add persistence or privilege escalation; the server can run until stopped if invoked without --max-requests, but this is explicit user-run behavior.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clean-http-toolkit - After installation, invoke the skill by name or use
/clean-http-toolkit - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
v0.1.0 initial release. Fifth skill in the clean-* family (after csv, text, log, json). Pure stdlib HTTP client + tiny server for AI agents that need to fetch URLs, POST to APIs, download datasets, or run mock servers in tests - without pip install. Four scripts: get.py (HTTP GET with retries on 5xx/429, gzip, redirects, --bearer/--basic/--header/--query, --json pretty-print, --status-only, --fail), post.py (POST/PUT/PATCH/DELETE with --json/--json-file/--form/--raw-file body sources), download.py (streaming download with progress, --resume, --sha256/--md5 verification, configurable chunk-size), serve.py (local static-file server OR JSON echo server for webhook tests, --max-requests N for CI cleanup, binds 127.0.0.1 by default). Same safe-path policy and 0/1/2 exit-code contract as the other clean-* toolkits.
Metadata
Frequently Asked Questions
What is Clean HTTP Toolkit?
Local HTTP client + tiny server toolkit for AI agents. GET / POST / PUT / PATCH / DELETE with retries on 5xx/429, gzip decoding, redirect following, --bearer... It is an AI Agent Skill for Claude Code / OpenClaw, with 28 downloads so far.
How do I install Clean HTTP Toolkit?
Run "/install clean-http-toolkit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Clean HTTP Toolkit free?
Yes, Clean HTTP Toolkit is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Clean HTTP Toolkit support?
Clean HTTP Toolkit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Clean HTTP Toolkit?
It is built and maintained by gopendrasharma89-tech (@gopendrasharma89-tech); the current version is v0.1.0.
More Skills