Skool doesn't have a public API.
Full stop.
And when you need to automate something on a platform that doesn't have one, you have three options: use Selenium to simulate clicks like it's 2015, accept that it can't be done, or get creative.
I chose the third.
The Real Problem
I have a community on Skool — Cágala, Aprende, Repite. I wanted to automate certain tasks: detect new posts without replies, respond from Telegram, publish without me having to be in front of the screen.
The problem: Skool doesn't offer an official API. Everything their app does passes through internal calls they never documented.
The obvious solution for a developer: see what happens in Chrome's DevTools when you use Skool as a normal user. Every click, every scroll, every action fires HTTP requests. Those requests have endpoints, headers, payloads. That's the API you need — it just was never written in Swagger.
The problem with DevTools: it's manual, uncomfortable, and you have to copy each request by hand. For something simple it's fine. For mapping 30-40 endpoints of a complex platform, it's a nightmare.
What I Built
I built a Chrome extension that does exactly that, but automatically.
API Reverse Engineer — you install it, click "Start," use the site as normal, and when you're done it downloads a clean JSON with all the captured endpoints: URL, method, headers, request body, response body, status code, timing.
Everything you need to replicate those calls from your own code.
The complete flow:
- Install the extension
- Go to Skool (or any site you want to analyze)
- Filter by domain if you don't want noise (e.g.,
api2.skool.com) - Do the actions you want to automate
- Download the JSON
The output looks like this:
{
"meta": {
"capturedAt": "2026-02-20T14:32:00.000Z",
"total": 47,
"uniqueEndpoints": 23,
"site": "www.skool.com"
},
"endpoints": [
{
"method": "POST",
"url": "https://api2.skool.com/posts",
"requestBody": {
"title": "My post",
"body": "Post content"
},
"status": 200,
"responseBody": { "id": "abc123" },
"duration": 142
}
]
}
With that JSON, you have everything you need to call that API from Python, n8n, OpenClaw, or whatever you use.
The Obstacle I Didn't Expect
Skool has a fairly strict Content Security Policy (CSP). The first version of the extension didn't work there — the browser was blocking the script injection I needed to intercept the native fetch.
I had to change the approach: instead of injecting inline code, the extension now uses chrome.scripting.executeScript with world: 'MAIN', which runs in the real page context and bypasses the CSP without violating Chrome Store policies.
It wasn't obvious. It took several iterations. But now it works on any site, regardless of how strict the CSP is.
The Result
With the captured endpoints, I built my own Skool API client. Now Nyx (my AI agent running on the VPS) can:
- Detect new posts in the community without replies
- Generate AI responses
- Publish them directly, without opening the browser
I also published it as an Apify actor for anyone who wants to use it without building the infrastructure.
And I published the extension to the Chrome Store because if it worked for me, it'll work for someone else.
Why This Matters Beyond Skool
API reverse engineering is an underrated skill.
Most of the web services we use — management platforms, CRMs, marketing tools — don't have public APIs or have incomplete APIs. But they all have a web app that works. And that web app communicates with their servers somehow.
With this extension, any developer can document those endpoints in minutes and build integrations that previously seemed impossible.
It doesn't replace having an official API. But while you wait for the platform to build one — or if they never do — this is the real alternative.
Install the extension from the Chrome Store | Source code on GitHub
Have questions about automation or integrations? Join my entrepreneur community Cágala, Aprende, Repite — we can help each other with any technical question.
📝 Originally published in Spanish at cristiantala.com
Top comments (0)