api-contract-tester
by Samuel Rose
Turn OpenAPI specs into exhaustive, framework-ready test suites covering happy paths, edge cases, and security gaps.
- Generate framework-ready test suites from OpenAPI specifications
- Identify boundary conditions and off-by-one errors in API endpoints
- Detect authentication vulnerabilities and security gaps in contract logic
$5
One-time purchase · Own forever
Included in download
- Generate framework-ready test suites from OpenAPI specifications
- Identify boundary conditions and off-by-one errors in API endpoints
- browser, network automation included
- Ready for Claude Code
See it in action
"test_user_registration_invalid_email":
it("returns 422 when email is missing '@'", async () => {
const res = await request(app).post("/v1/users").send({ email: "bad-email" });
expect(res.status).toBe(422);
expect(res.body.errors).toContainEqual(expect.objectContaining({ field: "email" }));
});api-contract-tester
by Samuel Rose
Turn OpenAPI specs into exhaustive, framework-ready test suites covering happy paths, edge cases, and security gaps.
$5
One-time purchase · Own forever
⚡ Also available via Agensi MCP — your AI agent can load this skill on demand via MCP. Learn more →
Included in download
- Generate framework-ready test suites from OpenAPI specifications
- Identify boundary conditions and off-by-one errors in API endpoints
- browser, network automation included
- Ready for Claude Code
- Instant install
See it in action
"test_user_registration_invalid_email":
it("returns 422 when email is missing '@'", async () => {
const res = await request(app).post("/v1/users").send({ email: "bad-email" });
expect(res.status).toBe(422);
expect(res.body.errors).toContainEqual(expect.objectContaining({ field: "email" }));
});About This Skill
Exhaustive API Contract & Regression Testing
Transform your OpenAPI specs or Postman collections into professional-grade test suites. Unlike basic tools that only check for "200 OK" responses, this skill acts as a senior quality engineer to probe the boundaries of your API. It identifies off-by-one errors, authentication vulnerabilities, and schema mismatches before they reach production.
What it does
- Parse & Analyze: Extracts endpoints, schemas, and constraints from OpenAPI/Swagger, Postman, or raw code.
- Constraint Testing: Generates tests for min/max values, regex patterns, and enum boundaries.
- Security First: Automatically builds suites for missing tokens, malformed JWTs, and unauthorized cross-user access.
- Robust Validation: Checks for breaking changes between versions, including field removals and type shifts.
- Framework Flexibility: Generates code for Jest, Pytest, Vitest, Playwright, or curl scripts.
Why use this skill
Writing comprehensive API tests is tedious and manual. This skill automates the creation of "the tests developers forget"—such as testing rate-limit headers, pagination boundaries, and SQL injection strings. It ensures consistent error response formats and prevents internal stack traces from leaking to users. The result is a production-ready test suite with a detailed coverage report across 10 distinct categories.
Supported Outputs
- JavaScript/TypeScript: Jest, Vitest, Supertest, Playwright.
- Python: Pytest with requests or httpx.
- DevOps: Shell scripts using curl with assertions.
- Reporting: Markdown-based coverage reports across happy paths, auth, and edge cases.
📖 Learn more: Best Testing & QA Skills for Claude Code →
Use Cases
- Generate framework-ready test suites from OpenAPI specifications
- Identify boundary conditions and off-by-one errors in API endpoints
- Detect authentication vulnerabilities and security gaps in contract logic
- Verify schema compliance against production-ready regression suites
Known Limitations
- Cannot execute/run tests; only generates the code. - Cannot probe live private APIs without user-provided auth tokens or tunnel access. - Inferences from raw code depend on language clarity.
How to Install
unzip api-contract-tester.zip -d ~/.claude/skills/Reviews
No reviews yet — be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
Claude Code, Cursor, Windsurf, GitHub Copilot CLI, or any agent following the SKILL.md specification.
Frequently Asked Questions
Learn More About AI Agent Skills
Similar Skills
code-reviewer
Reviews your code for bugs, security vulnerabilities, logic errors, performance issues, and style violations. Organizes findings by severity and suggests fixes with code examples.
git-commit-writer
Writes conventional commit messages by analyzing your staged git changes. Detects commit type, scope, and breaking changes automatically.
readme-generator
Generates a complete, polished README.md by scanning your actual project structure, dependencies, and code.
env-doctor
Diagnoses why your project will not start. Checks runtime versions, dependencies, environment variables, databases, ports, and build artifacts systematically.