api-contract-tester

Exhaustive API Contract & Regression Testing

Transform your OpenAPI specs or Postman collections into professional-grade test suites. Unlike basic tools that only check for "200 OK" responses, this skill acts as a senior quality engineer to probe the boundaries of your API. It identifies off-by-one errors, authentication vulnerabilities, and schema mismatches before they reach production.

What it does

• Parse & Analyze: Extracts endpoints, schemas, and constraints from OpenAPI/Swagger, Postman, or raw code.
• Constraint Testing: Generates tests for min/max values, regex patterns, and enum boundaries.
• Security First: Automatically builds suites for missing tokens, malformed JWTs, and unauthorized cross-user access.
• Robust Validation: Checks for breaking changes between versions, including field removals and type shifts.
• Framework Flexibility: Generates code for Jest, Pytest, Vitest, Playwright, or curl scripts.

Why use this skill

Writing comprehensive API tests is tedious and manual. This skill automates the creation of "the tests developers forget"—such as testing rate-limit headers, pagination boundaries, and SQL injection strings. It ensures consistent error response formats and prevents internal stack traces from leaking to users. The result is a production-ready test suite with a detailed coverage report across 10 distinct categories.

Supported Outputs

• JavaScript/TypeScript: Jest, Vitest, Supertest, Playwright.
• Python: Pytest with requests or httpx.
• DevOps: Shell scripts using curl with assertions.
• Reporting: Markdown-based coverage reports across happy paths, auth, and edge cases.