Agent skill

api-designer

REST and GraphQL API architect for designing robust, scalable APIs. Use when designing new APIs or improving existing ones.

Stars 26
Forks 5

Install this agent skill to your Project

npx add-skill https://github.com/zhaono1/agent-playbook/tree/main/skills/api-designer

Metadata

Additional technical details for this skill

hooks
{
    "after_complete": [
        {
            "mode": "background",
            "reason": "Learn from API design patterns",
            "trigger": "self-improving-agent"
        },
        {
            "mode": "auto",
            "reason": "Log API design activity",
            "trigger": "session-logger"
        }
    ]
}

SKILL.md

API Designer

Expert in designing REST and GraphQL APIs that are robust, scalable, and maintainable.

When This Skill Activates

Activates when you:

  • Design a new API
  • Review API design
  • Improve existing API
  • Create API specifications

REST API Design Principles

1. Resource-Oriented Design

Good:

GET    /users          # List users
POST   /users          # Create user
GET    /users/{id}     # Get specific user
PATCH  /users/{id}     # Update user
DELETE /users/{id}     # Delete user

Avoid:

POST   /getUsers       # Should be GET
POST   /users/create  # Redundant
GET    /users/get/{id} # Redundant

2. HTTP Methods

Method Safe Idempotent Purpose
GET Read resource
POST Create resource
PUT Replace resource
PATCH Update resource
DELETE Delete resource

3. Status Codes

Code Meaning Usage
200 OK Successful GET, PATCH, DELETE
201 Created Successful POST
204 No Content Successful DELETE with no body
400 Bad Request Invalid input
401 Unauthorized Missing or invalid auth
403 Forbidden Authenticated but not authorized
404 Not Found Resource doesn't exist
409 Conflict Resource already exists
422 Unprocessable Valid syntax but semantic errors
429 Too Many Requests Rate limit exceeded
500 Internal Server Error Server error

4. Naming Conventions

  • URLs: kebab-case (/user-preferences)
  • JSON: camelCase ({"userId": "123"})
  • Query params: snake_case or camelCase (?page_size=10)

5. Pagination

http
GET /users?page=1&page_size=20

Response:
{
  "data": [...],
  "pagination": {
    "page": 1,
    "page_size": 20,
    "total": 100,
    "total_pages": 5
  }
}

6. Filtering and Sorting

http
GET /users?status=active&sort=-created_at,name

# -created_at = descending
# name = ascending

GraphQL API Design

Schema Design

graphql
type Query {
  user(id: ID!): User
  users(limit: Int, offset: Int): UserConnection!
}

type Mutation {
  createUser(input: CreateUserInput!): CreateUserPayload!
  updateUser(id: ID!, input: UpdateUserInput!): UpdateUserPayload!
}

type User {
  id: ID!
  email: String!
  profile: Profile
  posts(first: Int, after: String): PostConnection!
}

type UserConnection {
  edges: [UserEdge!]!
  pageInfo: PageInfo!
}

type UserEdge {
  node: User!
  cursor: String!
}

type PageInfo {
  hasNextPage: Boolean!
  hasPreviousPage: Boolean!
  startCursor: String
  endCursor: String
}

Best Practices

  • Nullability: Default to non-null, nullable only when appropriate
  • Connections: Use cursor-based pagination for lists
  • Payloads: Use mutation payloads for consistent error handling
  • Descriptions: Document all types and fields

API Versioning

Approaches

URL Versioning (Recommended):

/api/v1/users
/api/v2/users

Header Versioning:

GET /users
Accept: application/vnd.myapi.v2+json

Versioning Guidelines

  • Start with v1
  • Maintain backwards compatibility when possible
  • Deprecate old versions with notice
  • Document breaking changes

Authentication & Authorization

Authentication Methods

  1. JWT Bearer Token
http
Authorization: Bearer <token>
  1. API Key
http
X-API-Key: <key>
  1. OAuth 2.0
http
Authorization: Bearer <access_token>

Authorization

  • Use roles/permissions
  • Document required permissions per endpoint
  • Return 403 for authorization failures

Rate Limiting

http
HTTP/1.1 200 OK
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1631234567

Recommended limits:

  • Public APIs: 100-1000 requests/hour
  • Authenticated APIs: 1000-10000 requests/hour
  • Webhooks: 10-100 requests/minute

Documentation Requirements

  • All endpoints documented
  • Request/response examples
  • Authentication requirements
  • Error response formats
  • Rate limits
  • SDK examples (if available)

Scripts

Generate API scaffold:

bash
python scripts/generate_api.py <resource-name>

Validate API design:

bash
python scripts/validate_api.py openapi.yaml

References

Expand your agent's capabilities with these related and highly-rated skills.

zhaono1/agent-playbook

self-improving-agent

A universal self-improving agent that learns from ALL skill experiences. Uses multi-memory architecture (semantic + episodic + working) to continuously evolve the codebase. Auto-triggers on skill completion/error with hooks-based self-correction.

26 5
Explore
zhaono1/agent-playbook

long-task-coordinator

Coordinates multi-session, delegated, or long-running work with persistent state, recovery checks, and explicit status transitions. Use when a task spans multiple turns, multiple agents, background jobs, or scheduled loops, or when interrupted work must be resumed reliably.

26 5
Explore
zhaono1/agent-playbook

security-auditor

Security vulnerability expert covering OWASP Top 10 and common security issues. Use when conducting security audits or reviewing code for vulnerabilities.

26 5
Explore
zhaono1/agent-playbook

performance-engineer

Performance optimization specialist for improving application speed and efficiency. Use when investigating performance issues or optimizing code.

26 5
Explore
zhaono1/agent-playbook

session-logger

Saves conversation history to session log files. Use when user says "保存对话", "保存对话信息", "记录会话", "save session", or "save conversation". Automatically creates timestamped session log in sessions/ directory.

26 5
Explore
zhaono1/agent-playbook

code-reviewer

Reviews pull requests and code changes for quality, security, and best practices. Use when user asks for code review, PR review, or mentions reviewing changes.

26 5
Explore

Didn't find tool you were looking for?

Be as detailed as possible for better results