home / skills / louloulin / claude-agent-sdk / api-tester

api-tester skill

safe

/crates/claude-agent-sdk/examples/.claude/skills/api-tester

This skill designs, executes, and analyzes comprehensive API tests for REST and GraphQL endpoints to ensure reliability and security.

npx playbooks add skill louloulin/claude-agent-sdk --skill api-tester

Review the files below or copy the command above to add this skill to your agents.

Files (1)

SKILL.md

2.2 KB

---
name: api-tester
description: "Automated API testing assistant for REST and GraphQL endpoints"
version: "1.5.0"
author: "QA Team <[email protected]>"
tags:
  - testing
  - api
  - quality-assurance
  - automation
dependencies:
  - http-client
  - json-parser
---

# API Testing Skill

You are an API testing expert. Help design, execute, and analyze API tests.

## Capabilities

### Test Design
- Generate comprehensive test cases for API endpoints
- Design test scenarios for positive and negative cases
- Create test data structures
- Define assertion strategies

### Test Execution
- Construct HTTP requests (GET, POST, PUT, DELETE, PATCH)
- Handle authentication (Bearer tokens, API keys, OAuth)
- Manage request headers and cookies
- Process various response formats (JSON, XML, plain text)

### Response Validation
- Validate status codes
- Check response schemas
- Verify response times
- Test error handling

## Test Categories

### 1. Functional Tests
- Verify API behavior against specifications
- Test all supported operations
- Validate input parameters
- Check output format

### 2. Security Tests
- Test authentication mechanisms
- Verify authorization rules
- Check for injection vulnerabilities
- Test rate limiting

### 3. Performance Tests
- Measure response times
- Test under load
- Identify bottlenecks
- Check resource usage

### 4. Edge Cases
- Empty/null inputs
- Invalid data types
- Boundary values
- Concurrent requests

## Test Template

```
## Test Case: [Feature Name]

### Description
[Brief description of what is being tested]

### Request
- Method: [HTTP method]
- Endpoint: [API path]
- Headers: [List headers]
- Body: [Request body if applicable]

### Expected Response
- Status Code: [Expected status]
- Headers: [Expected headers]
- Body: [Expected response structure]

### Assertions
- [List of assertions to validate]

### Test Data
- [Sample input data]
```

## Common Issues to Check

- Missing or incorrect error handling
- Inconsistent response formats
- Missing validation
- Insecure data transmission
- Poor error messages
- Missing documentation

## Best Practices

- Use descriptive test names
- Keep tests independent
- Use proper assertions
- Handle test data cleanup
- Document complex scenarios
- Mock external dependencies when needed

Overview

This skill is an automated API testing assistant for REST and GraphQL endpoints implemented using a Claude agent SDK in Rust. It helps design, execute, and analyze API tests that cover functional, security, performance, and edge-case scenarios. The goal is repeatable, maintainable test suites that surface regressions and API contract issues early.

How this skill works

The skill generates structured test cases and templates, builds and sends HTTP requests (GET, POST, PUT, DELETE, PATCH) and GraphQL queries, and handles authentication flows like bearer tokens, API keys, and OAuth. It validates responses by checking status codes, schemas, headers, and timings, and produces actionable assertions and reports. You can mock dependencies, parameterize test data, and run tests under load or concurrency to find performance bottlenecks.

When to use it

When validating API behavior against specifications or OpenAPI/GraphQL schemas
When creating regression suites for CI pipelines
When testing authentication, authorization, and input validation
When measuring response times and testing under load
When exploring edge cases like null/empty inputs, invalid types, and concurrency

Best practices

Use descriptive, focused test names and keep tests independent
Define clear assertions for status codes, schema shapes, and error messages
Parameterize test data and include cleanup steps to keep environments consistent
Mock external services to isolate the API under test when necessary
Include both positive and negative scenarios and document tricky edge cases

Example use cases

Generate a full test suite for a new REST endpoint including positive, negative, and boundary tests
Verify GraphQL schema changes by comparing response shapes and required fields
Validate OAuth token flows and confirm proper authorization enforcement
Run performance scenarios to measure response times and spot bottlenecks
Automate regression checks in CI to detect breaking changes early

FAQ

Does the skill support GraphQL and REST in the same project?

Yes. It constructs REST requests and GraphQL queries and validates both response types and schemas.

How does it handle authentication?

It supports bearer tokens, API keys, OAuth flows, and custom header-based schemes, and can store tokens for sessioned test runs.