Skip to main content

backend-bootstrapper

Bootstraps a complete backend with Apso, including API setup, database configuration, and testing for rapid development.

Install this skill

or
60/100

Security score

The backend-bootstrapper skill was audited on Feb 9, 2026 and we found 16 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 393

Template literal with variable interpolation in command context

SourceSKILL.md
393console.log(`${method} ${url}`);
medium line 151

Curl to non-GitHub URL

SourceSKILL.md
151curl http://localhost:3001/health
medium line 154

Curl to non-GitHub URL

SourceSKILL.md
154curl http://localhost:3001/organizations
medium line 155

Curl to non-GitHub URL

SourceSKILL.md
155curl http://localhost:3001/users
medium line 156

Curl to non-GitHub URL

SourceSKILL.md
156curl http://localhost:3001/projects
low line 427

Webhook reference - potential data exfiltration

SourceSKILL.md
427STRIPE_WEBHOOK_SECRET=whsec_...
medium line 402

Access to .env file

SourceSKILL.md
402I'll create `.env` files:
low line 405

Access to .env file

SourceSKILL.md
405# .env (local development)
low line 141

External URL reference

SourceSKILL.md
141# - API: http://localhost:3001
low line 142

External URL reference

SourceSKILL.md
142# - OpenAPI Docs: http://localhost:3001/api/docs
low line 143

External URL reference

SourceSKILL.md
143# - Health Check: http://localhost:3001/health
low line 151

External URL reference

SourceSKILL.md
151curl http://localhost:3001/health
low line 154

External URL reference

SourceSKILL.md
154curl http://localhost:3001/organizations
low line 155

External URL reference

SourceSKILL.md
155curl http://localhost:3001/users
low line 156

External URL reference

SourceSKILL.md
156curl http://localhost:3001/projects
low line 418

External URL reference

SourceSKILL.md
418AUTH_URL=http://localhost:3001
Scanned on Feb 9, 2026
View Security Dashboard
Installation guide →
GitHub Stars 106
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawbackenddatabasedevopsbackend-developerdevops-sredata-engineerpostgresqldockerawsdevelopment
majiayu000/claude-skill-registry