Graphql
Design and implement GraphQL APIs with schema-first contracts, safe query limits, DataLoader batching, and Apollo or urql client integration.
Overview
GraphQL is an agent skill for the Build phase that guides schema-first API design, resolver safety, DataLoader batching, federation, and client integration while limiting abusive queries.
Install
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill graphqlWhat is this skill?
- Schema-first design with intentional nullability and union types for expected failures
- DataLoader guidance to prevent N+1 resolver query storms
- Query depth and complexity limits to block abusive client selections
- Federation notes for microservice graphs plus Apollo/urql client integration
- Explicit when-not-to-use: simple CRUD may stay REST; public high-cache APIs may favor REST
Adoption & trust: 599 installs on skills.sh; 40.1k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You want flexible client-driven queries but fear N+1 resolvers, unbounded query depth, and schema drift that documents itself wrong.
Who is it for?
Solo backend devs adding GraphQL to a SaaS or internal API where multiple clients need different field sets on related data.
Skip if: Greenfield CRUD microservices that only need simple REST caching, or teams unwilling to enforce depth/complexity controls.
When should I use this skill?
Building or reviewing GraphQL APIs, schemas, resolvers, federation, or Apollo/urql clients, or when choosing GraphQL versus REST for a backend.
What do I get? / Deliverables
You leave with concrete patterns for schemas, loaders, limits, and client setup so your GraphQL layer stays performant and intentional about nullability and errors.
- Schema and resolver design recommendations
- Checklist for query limits, loaders, and client fragment usage
Recommended Skills
Journey fit
GraphQL server and client work is core backend engineering while you build product APIs and data layers. Backend is canonical because the skill emphasizes schema, resolvers, N+1 control, federation, and mutations—not UI styling.
How it compares
Use for GraphQL contract and performance discipline instead of ad-hoc resolver code with no query cost limits.
Common Questions / FAQ
Who is graphql for?
Indie and solo builders implementing or reviewing GraphQL servers and typed clients who need schema, DataLoader, and abuse-prevention patterns in one place.
When should I use graphql?
Use it in Build (backend) while designing schemas and resolvers, before Ship (perf) load tests expose N+1 issues, and when evaluating GraphQL versus REST for a new API.
Is graphql safe to install?
Skill metadata marks risk safe and Apache 2.0 source; still review the Security Audits panel on this Prism page before installing in your agent environment.
SKILL.md
READMESKILL.md - Graphql
# GraphQL GraphQL gives clients exactly the data they need - no more, no less. One endpoint, typed schema, introspection. But the flexibility that makes it powerful also makes it dangerous. Without proper controls, clients can craft queries that bring down your server. This skill covers schema design, resolvers, DataLoader for N+1 prevention, federation for microservices, and client integration with Apollo/urql. Key insight: GraphQL is a contract. The schema is the API documentation. Design it carefully. 2025 lesson: GraphQL isn't always the answer. For simple CRUD, REST is simpler. For high-performance public APIs, REST with caching wins. Use GraphQL when you have complex data relationships and diverse client needs. ## Principles - Schema-first design - the schema is the contract - Prevent N+1 queries with DataLoader - Limit query depth and complexity - Use fragments for reusable selections - Mutations should be specific, not generic update operations - Errors are data - use union types for expected failures - Nullability is meaningful - design it intentionally ## Capabilities - graphql-schema-design - graphql-resolvers - graphql-federation - graphql-subscriptions - graphql-dataloader - graphql-codegen - apollo-server - apollo-client - urql ## Scope - database-queries -> postgres-wizard - authentication -> authentication-oauth - rest-api-design -> backend - websocket-infrastructure -> backend ## Tooling ### Server - @apollo/server - When: Apollo Server v4 Note: Most popular GraphQL server - graphql-yoga - When: Lightweight alternative Note: Good for serverless - mercurius - When: Fastify integration Note: Fast, uses JIT ### Client - @apollo/client - When: Full-featured client Note: Caching, state management - urql - When: Lightweight alternative Note: Smaller, simpler - graphql-request - When: Simple requests Note: Minimal, no caching ### Tools - graphql-codegen - When: Type generation Note: Essential for TypeScript - dataloader - When: N+1 prevention Note: Batches and caches ## Patterns ### Schema Design Type-safe schema with proper nullability **When to use**: Designing any GraphQL API # SCHEMA DESIGN: """ The schema is your API contract. Design nullability intentionally - non-null fields must always resolve. """ type Query { # Non-null - will always return user or throw user(id: ID!): User! # Nullable - returns null if not found userByEmail(email: String!): User # Non-null list with non-null items users(limit: Int = 10, offset: Int = 0): [User!]! # Search with pagination searchUsers( query: String! first: Int after: String ): UserConnection! } type Mutation { # Input types for complex mutations createUser(input: CreateUserInput!): CreateUserPayload! updateUser(id: ID!, input: UpdateUserInput!): UpdateUserPayload! deleteUser(id: ID!): DeleteUserPayload! } type Subscription { userCreated: User! messageReceived(roomId: ID!): Message! } # Input types input CreateUserInput { email: String! name: String! role: Role = USER } input UpdateUserInput { email: String name: String role: Role } # Payload types (for errors as data) type CreateUserPayload { user: User errors: [Error!]! } union UpdateUserPayload = UpdateUserSuccess | NotFoundError | ValidationError type UpdateUserSuccess { user: User! } # Enums enum Role { USER ADMIN MODERATOR } # Types with relationships type User { id: ID! email: String! name: String! role: Role! posts(limit: Int = 10): [Post!]! createdAt: DateTime! } type Post { id: ID! title: String! content: String! author: