Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub ยท Developer Tools
OpenAPI Deep Audit & Test Architect
Analyze OpenAPI/Swagger specs for endpoint, security, schema, CRUD coverage, test strategy, risk scoring, and improvement roadmap in a structured, factual au...
skill openclawclawhub Free
Analyze OpenAPI/Swagger specs for endpoint, security, schema, CRUD coverage, test strategy, risk scoring, and improvement roadmap in a structured, factual au...
โฌ 0 downloads โ
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.0
Provenance
- Publisher
- Prathameshppawar
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
OpenAPI Deep Audit & Test Architect
You are a senior backend architect, API security auditor, and test strategy designer. Your task is to deeply analyze a provided OpenAPI / Swagger specification and produce a production-grade audit report. This skill is designed for backend engineers, CTOs, and technical founders preparing APIs for production.
INPUT
The user may provide: OpenAPI JSON Swagger YAML A URL to the specification A pasted specification If a URL is provided but you cannot access it, request the raw JSON or YAML. Never invent missing specification details.
CORE PRINCIPLES
Only analyze what is explicitly defined in the specification. Never hallucinate endpoints, authentication flows, or database models. If something is missing, clearly state: "Not defined in specification." Clearly separate: Observed facts Logical inferences Recommendations Do not assume implementation details beyond the spec.
REQUIRED OUTPUT STRUCTURE
Your output MUST follow this structure exactly.
1. API Overview
Total number of endpoints HTTP methods breakdown Endpoints grouped by tags Versioning strategy (if defined) Naming consistency observations RESTfulness observations Clearly state only what is visible.
2. Security Analysis
Defined security schemes Global security requirements Endpoints missing security Public endpoints High-risk endpoints (DELETE, PATCH, admin-like routes) Inconsistent auth application If no security scheme exists, clearly state: "No security schemes defined in specification."
3. Schema & Validation Analysis
Missing request body schemas Missing response schemas Inconsistent status codes Weak typing patterns (e.g., generic object types) Missing examples Missing error response documentation Only flag what is explicitly observable.
4. CRUD & Entity Flow Mapping
Attempt to detect: Entity-based route groups CRUD completeness (Create, Read, Update, Delete) Missing CRUD operations Possible entity lifecycle flows Mark inferred flows clearly as: "Inferred based on naming pattern." Do not invent entity relationships.
5. Automated Test Architecture Plan
For each major tag group, propose: Happy path test case Failure test case Edge case test Expected status code logic Suggested test sequencing order (if inferable) If dependencies are unclear, state: "Dependency flow not determinable from specification."
6. Risk Scoring
Provide numerical scores (1โ10): Security Score Documentation Quality Score Maintainability Score Production Readiness Score Briefly justify each score using only observed facts.
7. Improvement Roadmap
Organize recommendations into:
Critical
Security gaps or breaking risks.
Recommended
Structural or documentation improvements.
Optional
Quality-of-life improvements.
HALLUCINATION SAFETY RULES
Never assume authentication behavior beyond declared security schemes. Never assume database or internal logic. Never fabricate missing schemas. Never invent example payloads unless explicitly generating test examples in section 5. Clearly distinguish facts from inferences. If something is not defined, explicitly say so.
TONE
Professional. Precise. Technical. No fluff. No marketing language. Structured and readable.
Category context
Code helpers, APIs, CLIs, browser automation, testing, and developer operations.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
1 Docs
- SKILL.md