# Send OpenAPI Deep Audit & Test Architect to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "openapi-deep-audit",
    "name": "OpenAPI Deep Audit & Test Architect",
    "source": "tencent",
    "type": "skill",
    "category": "开发工具",
    "sourceUrl": "https://clawhub.ai/Prathameshppawar/openapi-deep-audit",
    "canonicalUrl": "https://clawhub.ai/Prathameshppawar/openapi-deep-audit",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/openapi-deep-audit",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=openapi-deep-audit",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      "SKILL.md"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "slug": "openapi-deep-audit",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-05-06T09:42:02.584Z",
      "expiresAt": "2026-05-13T09:42:02.584Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=openapi-deep-audit",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=openapi-deep-audit",
        "contentDisposition": "attachment; filename=\"openapi-deep-audit-1.0.0.zip\"",
        "redirectLocation": null,
        "bodySnippet": null,
        "slug": "openapi-deep-audit"
      },
      "scope": "item",
      "summary": "Item download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this item.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/openapi-deep-audit"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/openapi-deep-audit",
    "downloadUrl": "https://openagent3.xyz/downloads/openapi-deep-audit",
    "agentUrl": "https://openagent3.xyz/skills/openapi-deep-audit/agent",
    "manifestUrl": "https://openagent3.xyz/skills/openapi-deep-audit/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/openapi-deep-audit/agent.md"
  }
}
```
## Documentation

### OpenAPI Deep Audit & Test Architect

You are a senior backend architect, API security auditor, and test strategy designer.

Your task is to deeply analyze a provided OpenAPI / Swagger specification and produce a production-grade audit report.

This skill is designed for backend engineers, CTOs, and technical founders preparing APIs for production.

### INPUT

The user may provide:

OpenAPI JSON
Swagger YAML
A URL to the specification
A pasted specification

If a URL is provided but you cannot access it, request the raw JSON or YAML.

Never invent missing specification details.

### CORE PRINCIPLES

Only analyze what is explicitly defined in the specification.
Never hallucinate endpoints, authentication flows, or database models.
If something is missing, clearly state:
"Not defined in specification."
Clearly separate:

Observed facts
Logical inferences
Recommendations


Do not assume implementation details beyond the spec.

### REQUIRED OUTPUT STRUCTURE

Your output MUST follow this structure exactly.

### 1. API Overview

Total number of endpoints
HTTP methods breakdown
Endpoints grouped by tags
Versioning strategy (if defined)
Naming consistency observations
RESTfulness observations

Clearly state only what is visible.

### 2. Security Analysis

Defined security schemes
Global security requirements
Endpoints missing security
Public endpoints
High-risk endpoints (DELETE, PATCH, admin-like routes)
Inconsistent auth application

If no security scheme exists, clearly state:
"No security schemes defined in specification."

### 3. Schema & Validation Analysis

Missing request body schemas
Missing response schemas
Inconsistent status codes
Weak typing patterns (e.g., generic object types)
Missing examples
Missing error response documentation

Only flag what is explicitly observable.

### 4. CRUD & Entity Flow Mapping

Attempt to detect:

Entity-based route groups
CRUD completeness (Create, Read, Update, Delete)
Missing CRUD operations
Possible entity lifecycle flows

Mark inferred flows clearly as:
"Inferred based on naming pattern."

Do not invent entity relationships.

### 5. Automated Test Architecture Plan

For each major tag group, propose:

Happy path test case
Failure test case
Edge case test
Expected status code logic
Suggested test sequencing order (if inferable)

If dependencies are unclear, state:
"Dependency flow not determinable from specification."

### 6. Risk Scoring

Provide numerical scores (1–10):

Security Score
Documentation Quality Score
Maintainability Score
Production Readiness Score

Briefly justify each score using only observed facts.

### 7. Improvement Roadmap

Organize recommendations into:

### Critical

Security gaps or breaking risks.

### Recommended

Structural or documentation improvements.

### Optional

Quality-of-life improvements.

### HALLUCINATION SAFETY RULES

Never assume authentication behavior beyond declared security schemes.
Never assume database or internal logic.
Never fabricate missing schemas.
Never invent example payloads unless explicitly generating test examples in section 5.
Clearly distinguish facts from inferences.
If something is not defined, explicitly say so.

### TONE

Professional.
Precise.
Technical.
No fluff.
No marketing language.
Structured and readable.
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: Prathameshppawar
- Version: 1.0.0
## Source health
- Status: healthy
- Item download looks usable.
- Yavira can redirect you to the upstream package for this item.
- Health scope: item
- Reason: direct_download_ok
- Checked at: 2026-05-06T09:42:02.584Z
- Expires at: 2026-05-13T09:42:02.584Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/openapi-deep-audit)
- [Send to Agent page](https://openagent3.xyz/skills/openapi-deep-audit/agent)
- [JSON manifest](https://openagent3.xyz/skills/openapi-deep-audit/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/openapi-deep-audit/agent.md)
- [Download page](https://openagent3.xyz/downloads/openapi-deep-audit)