Moodle External Api Development

Name: Moodle External Api Development
Author: sickn33

sickn33/antigravity-awesome-skills

Scaffold Moodle-compliant external web service classes with execute_parameters, execute, and execute_returns for custom LMS plugins and mobile backends.

Overview

Moodle-external-api-development is an agent skill for the Build phase that creates custom Moodle LMS external web services following the execute_parameters, execute, and execute_returns framework.

Install

npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill moodle-external-api-development

What is this skill?

Strict Moodle three-method external API pattern: execute_parameters, execute, execute_returns
Step-by-step file placement under local/yourplugin/classes/external/
Namespaces, MOODLE_INTERNAL guard, and externallib.php bootstrap included in templates
Covers custom web services for quizzes, course management, reporting, and mobile app backends
Aligns with Moodle coding standards and external_function_parameters structures
Three required external API methods per Moodle class pattern

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 473 installs on skills.sh; 40.1k GitHub stars; 3/3 security scanners passed (skills.sh audits).

What problem does it solve?

You need Moodle plugin endpoints but lack a checked pattern for externallib structures, namespaces, and return typing Moodle expects.

Who is it for?

Indie edtech devs and integrators extending Moodle with custom plugins, quiz ops, or mobile backends on an existing LMS install.

Skip if: Greenfield non-Moodle SaaS APIs or teams avoiding PHP and Moodle’s service registration workflow.

When should I use this skill?

Creating custom web services for Moodle plugins, REST/AJAX endpoints for course or quiz operations, or mobile app backends on Moodle LMS.

What do I get? / Deliverables

A registered external API class file with validated parameters, implemented execute logic, and typed returns ready to expose via Moodle web services.

classes/external/your_api_name.php external_api implementation
Registered web service function with typed parameters and returns

Recommended Skills

Entra App Registrationmicrosoft/azure-skills

Walkthrough for Microsoft Entra ID app registration, OAuth configuration, and MSAL-based authentication setup.374k installs·1.2k stars

Azure Aigatewaymicrosoft/azure-skills

Quick reference for building and operating Azure API Management as an AI gateway using ARM .NET SDK and policy best prac…373k installs·1.2k stars

Lark Openapi Explorerlarksuite/cli

Escalation path for uncovered Lark/Feishu APIs: browse official OpenAPI docs and execute via lark-cli.208k installs·13.7k stars

Supabasesupabase/agent-skills

Authoritative Supabase agent skill for database, auth, edge functions, and client SSR with emphasis on up-to-date docs, …111k installs·2.2k stars

Firebase Auth Basicsfirebase/agent-skills

firebase-auth-basics is a guided agent skill for solo builders implementing Firebase Authentication in web or mobile-bac…75.7k installs·345 stars

Firebase Data Connectfirebase/agent-skills

Firebase Data Connect is an agent skill that equips solo builders to design relational data layers on Firebase using Gra…73.2k installs·345 stars

Journey fit

Primary fit

BuildBackend, data & payments

Canonical shelf is Build → backend because the skill implements server-side Moodle external_api endpoints inside PHP plugins. Backend subphase matches PHP external classes, capability checks, and REST/AJAX exposure described in Moodle’s externallib pattern.

How it compares

Moodle externallib ceremony—not a generic FastAPI or Express scaffold generator.

Common Questions / FAQ

Who is moodle-external-api-development for?

PHP developers and solo edtech builders maintaining Moodle plugins who need REST/AJAX-safe external functions for courses, quizzes, or external apps.

When should I use moodle-external-api-development?

Use it in Build while implementing custom web services for Moodle plugins, mobile backends, or reporting integrations before Ship security review of exposed endpoints.

Is moodle-external-api-development safe to install?

The skill generates server-side Moodle APIs that affect authorization and data access; review the Security Audits panel on this page and audit capabilities before enabling services in production.

SKILL.md

READMESKILL.md - Moodle External Api Development

# Moodle External API Development

This skill guides you through creating custom external web service APIs for Moodle LMS, following Moodle's external API framework and coding standards.

## When to Use This Skill

- Creating custom web services for Moodle plugins
- Implementing REST/AJAX endpoints for course management
- Building APIs for quiz operations, user tracking, or reporting
- Exposing Moodle functionality to external applications
- Developing mobile app backends using Moodle

## Core Architecture Pattern

Moodle external APIs follow a strict three-method pattern:

1. **`execute_parameters()`** - Defines input parameter structure
2. **`execute()`** - Contains business logic
3. **`execute_returns()`** - Defines return structure

## Step-by-Step Implementation

### Step 1: Create the External API Class File

**Location**: `/local/yourplugin/classes/external/your_api_name.php`

```php
<?php
namespace local_yourplugin\external;

defined('MOODLE_INTERNAL') || die();
require_once("$CFG->libdir/externallib.php");

use external_api;
use external_function_parameters;
use external_single_structure;
use external_value;

class your_api_name extends external_api {
    
    // Three required methods will go here
    
}
```

**Key Points**:
- Class must extend `external_api`
- Namespace follows: `local_pluginname\external` or `mod_modname\external`
- Include the security check: `defined('MOODLE_INTERNAL') || die();`
- Require externallib.php for base classes

### Step 2: Define Input Parameters

```php
public static function execute_parameters() {
    return new external_function_parameters([
        'userid' => new external_value(PARAM_INT, 'User ID', VALUE_REQUIRED),
        'courseid' => new external_value(PARAM_INT, 'Course ID', VALUE_REQUIRED),
        'options' => new external_single_structure([
            'includedetails' => new external_value(PARAM_BOOL, 'Include details', VALUE_DEFAULT, false),
            'limit' => new external_value(PARAM_INT, 'Result limit', VALUE_DEFAULT, 10)
        ], 'Options', VALUE_OPTIONAL)
    ]);
}
```

**Common Parameter Types**:
- `PARAM_INT` - Integers
- `PARAM_TEXT` - Plain text (HTML stripped)
- `PARAM_RAW` - Raw text (no cleaning)
- `PARAM_BOOL` - Boolean values
- `PARAM_FLOAT` - Floating point numbers
- `PARAM_ALPHANUMEXT` - Alphanumeric with extended chars

**Structures**:
- `external_value` - Single value
- `external_single_structure` - Object with named fields
- `external_multiple_structure` - Array of items

**Value Flags**:
- `VALUE_REQUIRED` - Parameter must be provided
- `VALUE_OPTIONAL` - Parameter is optional
- `VALUE_DEFAULT, defaultvalue` - Optional with default

### Step 3: Implement Business Logic

```php
public static function execute($userid, $courseid, $options = []) {
    global $DB, $USER;

    // 1. Validate parameters
    $params = self::validate_parameters(self::execute_parameters(), [
        'userid' => $userid,
        'courseid' => $courseid,
        'options' => $options
    ]);

    // 2. Check permissions/capabilities
    $context = \context_course::instance($params['courseid']);
    self::validate_context($context);
    require_capability('moodle/course:view', $context);

    // 3. Verify user access
    if ($params['userid'] != $USER->id) {
        require_capability('moodle/course:viewhiddenactivities', $context);
    }

    // 4. Database operations
    $sql = "SELECT id, name, timecreated
            FROM {your_table}
            WHERE userid = :userid
              AND courseid = :courseid
            LIMIT :limit";
    
    $records = $DB->get_records_sql($sql, [
        'userid' => $params['userid'],
        'courseid' => $params['courseid'],
        'limit' => $params['options']['limi

What is this skill?

Strict Moodle three-method external API pattern: execute_parameters, execute, execute_returns

Step-by-step file placement under local/yourplugin/classes/external/

Namespaces, MOODLE_INTERNAL guard, and externallib.php bootstrap included in templates

Covers custom web services for quizzes, course management, reporting, and mobile app backends

Aligns with Moodle coding standards and external_function_parameters structures

Three required external API methods per Moodle class pattern

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 473 installs on skills.sh; 40.1k GitHub stars; 3/3 security scanners passed (skills.sh audits).

Journey fit

Primary fit

BuildBackend, data & payments

SKILL.md

READMESKILL.md - Moodle External Api Development

# Moodle External API Development

This skill guides you through creating custom external web service APIs for Moodle LMS, following Moodle's external API framework and coding standards.

## When to Use This Skill

- Creating custom web services for Moodle plugins
- Implementing REST/AJAX endpoints for course management
- Building APIs for quiz operations, user tracking, or reporting
- Exposing Moodle functionality to external applications
- Developing mobile app backends using Moodle

## Core Architecture Pattern

Moodle external APIs follow a strict three-method pattern:

1. **`execute_parameters()`** - Defines input parameter structure
2. **`execute()`** - Contains business logic
3. **`execute_returns()`** - Defines return structure

## Step-by-Step Implementation

### Step 1: Create the External API Class File

**Location**: `/local/yourplugin/classes/external/your_api_name.php`

```php
<?php
namespace local_yourplugin\external;

defined('MOODLE_INTERNAL') || die();
require_once("$CFG->libdir/externallib.php");

use external_api;
use external_function_parameters;
use external_single_structure;
use external_value;

class your_api_name extends external_api {
    
    // Three required methods will go here
    
}
```

**Key Points**:
- Class must extend `external_api`
- Namespace follows: `local_pluginname\external` or `mod_modname\external`
- Include the security check: `defined('MOODLE_INTERNAL') || die();`
- Require externallib.php for base classes

### Step 2: Define Input Parameters

```php
public static function execute_parameters() {
    return new external_function_parameters([
        'userid' => new external_value(PARAM_INT, 'User ID', VALUE_REQUIRED),
        'courseid' => new external_value(PARAM_INT, 'Course ID', VALUE_REQUIRED),
        'options' => new external_single_structure([
            'includedetails' => new external_value(PARAM_BOOL, 'Include details', VALUE_DEFAULT, false),
            'limit' => new external_value(PARAM_INT, 'Result limit', VALUE_DEFAULT, 10)
        ], 'Options', VALUE_OPTIONAL)
    ]);
}
```

**Common Parameter Types**:
- `PARAM_INT` - Integers
- `PARAM_TEXT` - Plain text (HTML stripped)
- `PARAM_RAW` - Raw text (no cleaning)
- `PARAM_BOOL` - Boolean values
- `PARAM_FLOAT` - Floating point numbers
- `PARAM_ALPHANUMEXT` - Alphanumeric with extended chars

**Structures**:
- `external_value` - Single value
- `external_single_structure` - Object with named fields
- `external_multiple_structure` - Array of items

**Value Flags**:
- `VALUE_REQUIRED` - Parameter must be provided
- `VALUE_OPTIONAL` - Parameter is optional
- `VALUE_DEFAULT, defaultvalue` - Optional with default

### Step 3: Implement Business Logic

```php
public static function execute($userid, $courseid, $options = []) {
    global $DB, $USER;

    // 1. Validate parameters
    $params = self::validate_parameters(self::execute_parameters(), [
        'userid' => $userid,
        'courseid' => $courseid,
        'options' => $options
    ]);

    // 2. Check permissions/capabilities
    $context = \context_course::instance($params['courseid']);
    self::validate_context($context);
    require_capability('moodle/course:view', $context);

    // 3. Verify user access
    if ($params['userid'] != $USER->id) {
        require_capability('moodle/course:viewhiddenactivities', $context);
    }

    // 4. Database operations
    $sql = "SELECT id, name, timecreated
            FROM {your_table}
            WHERE userid = :userid
              AND courseid = :courseid
            LIMIT :limit";
    
    $records = $DB->get_records_sql($sql, [
        'userid' => $params['userid'],
        'courseid' => $params['courseid'],
        'limit' => $params['options']['limi

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is moodle-external-api-development for?

When should I use moodle-external-api-development?

Is moodle-external-api-development safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is moodle-external-api-development for?

When should I use moodle-external-api-development?

Is moodle-external-api-development safe to install?

SKILL.md