home / skills / willsigmon / sigstack / api-testing-expert

api-testing-expert skill

/plugins/testing/skills/api-testing-expert

This skill helps you design and execute robust API tests across REST, GraphQL, and mock services to improve reliability.

npx playbooks add skill willsigmon/sigstack --skill api-testing-expert

Review the files below or copy the command above to add this skill to your agents.

Files (1)

SKILL.md

3.1 KB

---
name: API Testing Expert
description: API testing - Postman, REST clients, contract testing, mock servers
allowed-tools: Read, Edit, Bash, WebFetch
model: sonnet
---

# API Testing Expert

Comprehensive API testing patterns for REST, GraphQL, and more.

## Tools Comparison

| Tool | Best For | Free Tier | Pricing |
|------|----------|-----------|---------|
| Postman | Teams | 3 users | $14/user/mo |
| Bruno | Local-first | Unlimited | Free |
| Hoppscotch | Open source | Unlimited | Free |
| REST Client (VS Code) | In-editor | Unlimited | Free |

## Bruno (Recommended for Vibe Coders)

Git-friendly, no account needed.

### Install
```bash
brew install bruno
```

### Collection Structure
```
api-tests/
├── bruno.json
├── environments/
│   ├── local.bru
│   └── production.bru
└── requests/
    ├── auth/
    │   └── login.bru
    └── users/
        └── get-user.bru
```

### Request File
```bru
meta {
  name: Get User
  type: http
  seq: 1
}

get {
  url: {{baseUrl}}/users/{{userId}}
  body: none
  auth: bearer {{token}}
}

tests {
  test("status is 200", function() {
    expect(res.status).to.equal(200);
  });

  test("has user data", function() {
    expect(res.body.id).to.exist;
  });
}
```

## REST Client (VS Code)

### HTTP File
```http
### Login
POST {{baseUrl}}/auth/login
Content-Type: application/json

{
  "email": "[email protected]",
  "password": "secret"
}

### Get User (use token from login)
GET {{baseUrl}}/users/me
Authorization: Bearer {{$dotenv TOKEN}}
```

## Postman CLI (Newman)

### Run in CI
```bash
npx newman run collection.json \
  -e environment.json \
  --reporters cli,json \
  --reporter-json-export results.json
```

### GitHub Actions
```yaml
- name: Run API Tests
  run: |
    npx newman run ./postman/collection.json \
      -e ./postman/ci-environment.json \
      --bail
```

## Contract Testing (Pact)

### Consumer Test
```javascript
const { Pact } = require('@pact-foundation/pact');

const provider = new Pact({
  consumer: 'Frontend',
  provider: 'UserService',
});

describe('User API', () => {
  it('returns user by id', async () => {
    await provider.addInteraction({
      state: 'user 1 exists',
      uponReceiving: 'a request for user 1',
      withRequest: {
        method: 'GET',
        path: '/users/1',
      },
      willRespondWith: {
        status: 200,
        body: {
          id: 1,
          name: like('John'),
        },
      },
    });
  });
});
```

## Mock Servers

### MSW (Mock Service Worker)
```typescript
import { http, HttpResponse } from 'msw';
import { setupServer } from 'msw/node';

const handlers = [
  http.get('/api/users/:id', ({ params }) => {
    return HttpResponse.json({
      id: params.id,
      name: 'Test User',
    });
  }),
];

export const server = setupServer(...handlers);
```

### Prism (OpenAPI Mock)
```bash
# Mock from OpenAPI spec
npx @stoplight/prism-cli mock openapi.yaml
```

## Quick API Test Pattern

```bash
# Simple curl test script
curl -sf "$API_URL/health" || exit 1
curl -sf -H "Authorization: Bearer $TOKEN" "$API_URL/users/me" | jq .
```

Use when: API testing, contract testing, mock servers, CI integration

Overview

This skill is an API Testing Expert that consolidates practical patterns for REST, GraphQL, contract testing, and mock servers. It shows tool recommendations (Postman, Bruno, Hoppscotch, REST Client), CI integration examples, contract testing with Pact, and mock server setups like MSW and Prism. The content is focused on repeatable test structure, local-first workflows, and CI-ready execution.

How this skill works

The skill inspects API interaction patterns and supplies ready-to-use snippets for requests, assertions, and mock responses. It demonstrates how to structure collections, run tests in CI (Newman), author consumer-driven contracts (Pact), and spin up mock servers (MSW, Prism). Example files and commands are provided so you can copy, adapt, and run tests immediately.

When to use it

Validating API endpoints during feature development and refactors
Running integration tests in CI/CD pipelines to catch regressions
Setting up consumer-driven contract tests between services
Creating local mock servers for frontend development or isolated testing
Comparing tools for team workflows (local-first vs cloud, editor vs GUI)

Best practices

Keep environment files separate (local, ci, production) and avoid committing secrets
Use small, focused requests with clear assertions to make failures actionable
Run API smoke tests early in CI (health and auth checks) to fail fast
Combine contract tests with provider verification to prevent integration drift
Prefer lightweight, git-friendly tools (Bruno, REST Client) for reproducible workflows

Example use cases

Local-first API test suite using Bruno with requests/ and environments/ structured in repo
CI step that runs Newman against Postman collections and exports JSON reports
Consumer test that emits a Pact file and provider verification in a downstream pipeline
Frontend developers using MSW to mock backend responses during UI development
Running Prism to mock an OpenAPI contract for parallel backend/frontend work

FAQ

Which tool is best for teams?

Postman excels for team collaboration and user-friendly collections; Bruno and Hoppscotch suit local-first or open-source preferences.

How do I run tests in CI?

Export a collection (Postman) or use your test runner, then run with Newman or a CLI tool in a CI job and fail fast on key smoke tests.

When should I use contract testing?

Use contract testing when separate teams own consumer and provider services to lock expected interactions and prevent integration regressions.