testing-api-manual

Facilitates manual API testing for pharmaceutical workflows using Docker and Clerk JWT authentication, ensuring efficient job execution.

Install this skill

0/100

Security score

The testing-api-manual skill was audited on Feb 28, 2026 and we found 43 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 54

Template literal with variable interpolation in command context

SourceSKILL.md

```bash

medium line 191

Template literal with variable interpolation in command context

SourceSKILL.md

191

```bash

medium line 35

Curl to non-GitHub URL

SourceSKILL.md

35	curl http://localhost:8080/health

medium line 80

Curl to non-GitHub URL

SourceSKILL.md

80	curl -X POST http://localhost:8080/jobs \

medium line 113

Curl to non-GitHub URL

SourceSKILL.md

113	curl http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN"

medium line 120

Curl to non-GitHub URL

SourceSKILL.md

120	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.status, .gamp_category'

medium line 169

Curl to non-GitHub URL

SourceSKILL.md

169	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.'

medium line 175

Curl to non-GitHub URL

SourceSKILL.md

175	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.status'

medium line 178

Curl to non-GitHub URL

SourceSKILL.md

178	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.gamp_category'

medium line 181

Curl to non-GitHub URL

SourceSKILL.md

181	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.result.test_suite'

medium line 184

Curl to non-GitHub URL

SourceSKILL.md

184	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.error'

medium line 197

Curl to non-GitHub URL

SourceSKILL.md

197	RESPONSE=$(curl -s -X POST http://localhost:8080/jobs \

medium line 209

Curl to non-GitHub URL

SourceSKILL.md

209	STATUS=$(curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq -r '.status')

medium line 221

Curl to non-GitHub URL

SourceSKILL.md

221	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.'

medium line 233

Curl to non-GitHub URL

SourceSKILL.md

233	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.result.test_suite' \| head -20

medium line 373

Curl to non-GitHub URL

SourceSKILL.md

373	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.error'

medium line 401

Curl to non-GitHub URL

SourceSKILL.md

401	curl -X POST http://localhost:8080/jobs -H "Authorization: Bearer $TOKEN" -F "file=@datasets/urs_corpus_v2/category_3/URS-020.md"

medium line 404

Curl to non-GitHub URL

SourceSKILL.md

404	curl http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN"

medium line 407

Curl to non-GitHub URL

SourceSKILL.md

407	while true; do curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.status, .gamp_category'; sleep 10; done

medium line 39

Access to .env file

SourceSKILL.md

39	3. .env.local with Clerk credentials:

low line 59

Access to .env file

SourceSKILL.md

59	TOKEN=$(python3 scripts/get_clerk_token.py --user-id user_35KgiAcvIC0tdtFvJUN1vDkrNYc --env-file .env.local)

low line 193

Access to .env file

SourceSKILL.md

193	TOKEN=$(python3 scripts/get_clerk_token.py --user-id user_35KgiAcvIC0tdtFvJUN1vDkrNYc --env-file .env.local)

low line 285

Access to .env file

SourceSKILL.md

285	TOKEN=$(python3 scripts/get_clerk_token.py --user-id user_35KgiAcvIC0tdtFvJUN1vDkrNYc --env-file .env.local)

medium line 294

Access to .env file

SourceSKILL.md

294	3. Check Clerk credentials in .env.local:

low line 296

Access to .env file

SourceSKILL.md

296	grep CLERK .env.local

low line 398

Access to .env file

SourceSKILL.md

398	TOKEN=$(python3 scripts/get_clerk_token.py --user-id user_35KgiAcvIC0tdtFvJUN1vDkrNYc --env-file .env.local)

low line 35

External URL reference

SourceSKILL.md

35	curl http://localhost:8080/health

low line 80

External URL reference

SourceSKILL.md

80	curl -X POST http://localhost:8080/jobs \

low line 113

External URL reference

SourceSKILL.md

113	curl http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN"

low line 120

External URL reference

SourceSKILL.md

120	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.status, .gamp_category'

low line 169

External URL reference

SourceSKILL.md

169	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.'

low line 175

External URL reference

SourceSKILL.md

175	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.status'

low line 178

External URL reference

SourceSKILL.md

178	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.gamp_category'

low line 181

External URL reference

SourceSKILL.md

181	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.result.test_suite'

low line 184

External URL reference

SourceSKILL.md

184	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.error'

low line 197

External URL reference

SourceSKILL.md

197	RESPONSE=$(curl -s -X POST http://localhost:8080/jobs \

low line 209

External URL reference

SourceSKILL.md

209	STATUS=$(curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq -r '.status')

low line 221

External URL reference

SourceSKILL.md

221	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.'

low line 233

External URL reference

SourceSKILL.md

233	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.result.test_suite' \| head -20

low line 373

External URL reference

SourceSKILL.md

373	curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.error'

low line 401

External URL reference

SourceSKILL.md

401	curl -X POST http://localhost:8080/jobs -H "Authorization: Bearer $TOKEN" -F "file=@datasets/urs_corpus_v2/category_3/URS-020.md"

low line 404

External URL reference

SourceSKILL.md

404	curl http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN"

low line 407

External URL reference

SourceSKILL.md

407	while true; do curl -s http://localhost:8080/jobs/$JOB_ID -H "Authorization: Bearer $TOKEN" \| jq '.status, .gamp_category'; sleep 10; done

Scanned on Feb 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 22

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw api testing backend qa-engineer backend-developer product-manager docker development product

mattnigh/skills_collection