api-test-create
当用户需要根据接口规格生成API测试分析文档时使用此技能。接受OpenAPI/Swagger文档、简化接口定义或自然语言描述,基于140个常见API测试陷阱输出全面的测试分析文档,涵盖参数校验、业务逻辑、响应验证和安全测试分析点。
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/blackbat1988/apitestcreateWhat This Skill Does
The api-test-create skill is a powerful tool designed for developers and QA engineers to automatically generate exhaustive API testing strategies. By analyzing your OpenAPI/Swagger definitions or natural language interface descriptions, it systematically evaluates your API across seven critical domains, including parameter validation, business logic, response integrity, and security auditing. It leverages a curated list of 140 common API pitfalls to ensure that your testing documentation covers edge cases and security vulnerabilities often missed during manual review.
Installation
To integrate this tool into your OpenClaw environment, execute the following command in your terminal:
clawhub install openclaw/skills/skills/blackbat1988/apitestcreate
Use Cases
- Strategy Design: Quickly create a robust testing plan when defining new API endpoints for microservices.
- Quality Auditing: Review existing legacy APIs against a comprehensive 140-point checklist to identify hidden vulnerabilities or logic gaps.
- Documentation Generation: Streamline the creation of test plan documentation required for team architecture reviews and security compliance reporting.
- Security Hardening: Identify potential SQL injection, XSS, and authorization loopholes by applying standard security test matrices generated by the skill.
Example Prompts
- "Analyze this OpenAPI JSON: [Paste Swagger JSON] and generate a comprehensive API test plan focusing on the user update endpoint."
- "I have an endpoint 'POST /api/v1/transfer' that handles financial transactions. Generate a test strategy including business logic for concurrency and status transition rules."
- "Create a security-focused testing checklist for my 'GET /profile/{id}' endpoint, specifically looking for authorization, rate limiting, and information leakage risks."
Tips & Limitations
- Input Quality: While the skill supports natural language, providing structured OpenAPI/Swagger specifications yields the most precise test scenarios.
- Context is Key: For complex business logic (e.g., status state machines), include a brief description of the intended state transitions in your prompt to help the AI refine its logic testing.
- Safety Note: This skill generates documentation and testing strategies. It does not perform actual network attacks or penetration testing. It is meant to assist humans in identifying potential weaknesses to mitigate during the design phase.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-blackbat1988-apitestcreate": {
"enabled": true,
"auto_update": true
}
}
}