Api Designer
Design or refine REST and GraphQL APIs with resource-oriented routes, correct HTTP verbs, status codes, and maintainable specs before implementation.
Overview
Api-designer is an agent skill most often used in Build (backend) and Validate (scope) that architects REST and GraphQL APIs with resource-oriented design, HTTP semantics, and review-ready specifications.
Install
npx skills add https://github.com/charon-fan/agent-playbook --skill api-designerWhat is this skill?
- Activates for new API design, API review, improvements, and specification authoring.
- REST guidance: resource-oriented paths, method safety/idempotency table, and status-code usage.
- Explicit anti-patterns (e.g., POST /getUsers, redundant /create segments).
- GraphQL expertise called out alongside REST in the skill description.
- Playbook hooks suggest post-completion logging and background self-improvement triggers.
- HTTP methods reference table covers GET, POST, PUT, PATCH, DELETE with safe and idempotent flags.
Adoption & trust: 575 installs on skills.sh; 58 GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You are about to code endpoints ad hoc and need a consistent REST or GraphQL contract with clear methods, status codes, and naming before agents generate handlers.
Who is it for?
Indie developers defining v1 APIs for SaaS or mobile clients who want agent-led design review before scaffolding controllers.
Skip if: Pure internal gRPC-only systems with no HTTP surface, or teams that already have a frozen OpenAPI file and only need codegen.
When should I use this skill?
Design a new API, review API design, improve an existing API, or create API specifications.
What do I get? / Deliverables
You leave with reviewed resource models, route conventions, and spec-ready API design aligned to REST and GraphQL best practices for implementation.
- REST or GraphQL API design
- Resource and route conventions
- API specification suitable for implementation
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Build → backend is the primary home for net-new API architecture, while the same skill supports review passes before ship. Backend captures contract design, versioning, and HTTP semantics rather than agent-tooling or pure DevOps deploy scripts.
Where it fits
Define core resources and auth boundaries for an MVP API before committing to a framework.
Draft REST routes and PATCH vs PUT rules for a new users-and-billing service.
Shape webhook and partner-facing GraphQL fields with consistent error shapes.
Audit legacy POST /getUsers-style paths and produce a migration-friendly resource map.
How it compares
Design-and-spec skill for HTTP APIs, not an MCP database connector or a load-testing harness.
Common Questions / FAQ
Who is api-designer for?
Solo builders and small teams using Claude Code to design or improve REST and GraphQL HTTP APIs before writing server code.
When should I use api-designer?
During Validate when scoping API boundaries; during Build when authoring new resources; during Ship review when auditing an existing public API.
Is api-designer safe to install?
Metadata allows Bash and web tools—use least privilege in your agent config and review the Security Audits panel on this Prism page before enabling hooks.
SKILL.md
READMESKILL.md - Api Designer
# API Designer Expert in designing REST and GraphQL APIs that are robust, scalable, and maintainable. ## When This Skill Activates Activates when you: - Design a new API - Review API design - Improve existing API - Create API specifications ## REST API Design Principles ### 1. Resource-Oriented Design **Good:** ``` GET /users # List users POST /users # Create user GET /users/{id} # Get specific user PATCH /users/{id} # Update user DELETE /users/{id} # Delete user ``` **Avoid:** ``` POST /getUsers # Should be GET POST /users/create # Redundant GET /users/get/{id} # Redundant ``` ### 2. HTTP Methods | Method | Safe | Idempotent | Purpose | |--------|------|------------|---------| | GET | ✓ | ✓ | Read resource | | POST | ✗ | ✗ | Create resource | | PUT | ✗ | ✓ | Replace resource | | PATCH | ✗ | ✗ | Update resource | | DELETE | ✗ | ✓ | Delete resource | ### 3. Status Codes | Code | Meaning | Usage | |------|---------|-------| | 200 | OK | Successful GET, PATCH, DELETE | | 201 | Created | Successful POST | | 204 | No Content | Successful DELETE with no body | | 400 | Bad Request | Invalid input | | 401 | Unauthorized | Missing or invalid auth | | 403 | Forbidden | Authenticated but not authorized | | 404 | Not Found | Resource doesn't exist | | 409 | Conflict | Resource already exists | | 422 | Unprocessable | Valid syntax but semantic errors | | 429 | Too Many Requests | Rate limit exceeded | | 500 | Internal Server Error | Server error | ### 4. Naming Conventions - **URLs**: kebab-case (`/user-preferences`) - **JSON**: camelCase (`{"userId": "123"}`) - **Query params**: snake_case or camelCase (`?page_size=10`) ### 5. Pagination ```http GET /users?page=1&page_size=20 Response: { "data": [...], "pagination": { "page": 1, "page_size": 20, "total": 100, "total_pages": 5 } } ``` ### 6. Filtering and Sorting ```http GET /users?status=active&sort=-created_at,name # -created_at = descending # name = ascending ``` ## GraphQL API Design ### Schema Design ```graphql type Query { user(id: ID!): User users(limit: Int, offset: Int): UserConnection! } type Mutation { createUser(input: CreateUserInput!): CreateUserPayload! updateUser(id: ID!, input: UpdateUserInput!): UpdateUserPayload! } type User { id: ID! email: String! profile: Profile posts(first: Int, after: String): PostConnection! } type UserConnection { edges: [UserEdge!]! pageInfo: PageInfo! } type UserEdge { node: User! cursor: String! } type PageInfo { hasNextPage: Boolean! hasPreviousPage: Boolean! startCursor: String endCursor: String } ``` ### Best Practices - **Nullability**: Default to non-null, nullable only when appropriate - **Connections**: Use cursor-based pagination for lists - **Payloads**: Use mutation payloads for consistent error handling - **Descriptions**: Document all types and fields ## API Versioning ### Approaches **URL Versioning** (Recommended): ``` /api/v1/users /api/v2/users ``` **Header Versioning**: ``` GET /users Accept: application/vnd.myapi.v2+json ``` ### Versioning Guidelines - Start with v1 - Maintain backwards compatibility when possible - Deprecate old versions with notice - Document breaking changes ## Authentication & Authorization ### Authentication Methods 1. **JWT Bearer Token** ```http Authorization: Bearer <token> ``` 2. **API Key** ```http X-API-Key: <key> ``` 3. **OAuth 2.0** ```http Authorization: Bearer <access_token> ```