api-docs-generator
API Docs Generator
Before generating any output, read config/defaults.md and adapt all patterns, imports, and code examples to the user's configured stack.
Process
- Scan the
app/api/directory for allroute.tsfiles. - For each route file, extract: exported HTTP method handlers, URL path (from file path), request/response types, Zod schemas, middleware/auth patterns.
- Generate a valid OpenAPI 3.1 specification.
- Output as YAML (default) or JSON if requested.
Route Scanning
Path Extraction
Convert Next.js App Router file paths to OpenAPI paths:
| File path | OpenAPI path |
|---|---|
app/api/users/route.ts |
/api/users |
app/api/users/[id]/route.ts |
/api/users/{id} |
app/api/posts/[postId]/comments/route.ts |
/api/posts/{postId}/comments |
app/api/[...slug]/route.ts |
/api/{slug} (note: catch-all) |
Method Extraction
Detect exported functions: GET, POST, PUT, PATCH, DELETE. Each becomes an operation in the spec.
Schema Extraction
From Zod Schemas
If the route uses Zod for validation, extract the schema structure directly:
// Detect this pattern:
const createSchema = z.object({
name: z.string().min(1).max(100),
email: z.string().email(),
});
// Convert to OpenAPI:
// type: object
// properties:
// name: { type: string, minLength: 1, maxLength: 100 }
// email: { type: string, format: email }
// required: [name, email]
From TypeScript Types
If no Zod schema exists, infer from TypeScript type annotations on the request/response.
Auth Detection
Detect common auth patterns and add security schemes:
// Pattern: session check → Bearer auth or cookie session
const session = await auth();
if (!session) return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
// Pattern: API key header → API key auth
const apiKey = request.headers.get("x-api-key");
Response Detection
Scan NextResponse.json(...) calls and their status codes to build response schemas:
// 200 with data shape
return NextResponse.json({ data: items, pagination: {...} });
// 400 with error shape
return NextResponse.json({ error: "...", details: ... }, { status: 400 });
Common Patterns
Pagination Parameters
Detect page, limit, offset, cursor in query params and document as standard pagination:
parameters:
- name: page
in: query
schema: { type: integer, minimum: 1, default: 1 }
- name: limit
in: query
schema: { type: integer, minimum: 1, maximum: 100, default: 20 }
File Uploads
Detect request.formData() and document as multipart/form-data.
Consistent Error Schema
Extract the error response format used across routes and define as a reusable component:
components:
schemas:
ErrorResponse:
type: object
properties:
error: { type: string }
details: {}
required: [error]
Output Structure
openapi: "3.1.0"
info:
title: "{project name} API"
version: "1.0.0"
paths:
/api/users:
get:
summary: List users
parameters: [...]
responses:
"200":
description: Success
content:
application/json:
schema: { $ref: "#/components/schemas/UserListResponse" }
post:
summary: Create user
requestBody:
content:
application/json:
schema: { $ref: "#/components/schemas/CreateUserInput" }
responses:
"201": ...
"400": ...
components:
schemas:
User: ...
CreateUserInput: ...
securitySchemes:
bearerAuth:
type: http
scheme: bearer
Output Format
## Generated API Documentation
**File**: `openapi.yaml` (or `openapi.json`)
**Endpoints discovered**: X
**Schemas extracted**: X
[Generated spec]
### Endpoints Summary
| Method | Path | Summary | Auth |
|--------|------|---------|------|
| GET | /api/users | List users | Yes |
| POST | /api/users | Create user | Yes |
Reference
See references/openapi-patterns.md for OpenAPI 3.1 structure, Zod-to-OpenAPI mapping, and security scheme patterns.
More from nembie/claude-code-skills
code-reviewer
Automated code review for security, performance, and maintainability. Use when asked for code review, security audit, quality check, PR review, or to find issues in code.
22auth-scaffold
Scaffold authentication with Auth.js (NextAuth v5), including providers, session handling, middleware protection, and role-based access. Use when asked to set up auth, add login, protect routes, or implement authentication.
3test-generator
Generate unit and integration tests for API routes, utilities, React components, and hooks. Use when asked to generate tests, write unit tests, create integration tests, add test coverage, or test a component/route/function.
3nextjs-route-generator
Scaffold Next.js App Router API routes with Zod validation, error handling, and TypeScript types. Use when asked to create API routes, REST endpoints, CRUD operations, or scaffold a Next.js backend.
3typescript-refactorer
Identify TypeScript code smells and suggest type-safe refactoring. Use when asked to refactor, improve types, clean up TypeScript code, tighten types, reduce any usage, or improve type safety.
3prisma-query-optimizer
Analyze Prisma queries for performance issues and suggest optimizations. Use when asked to optimize, analyze, audit, or review Prisma queries, or when investigating slow database operations in a Prisma-based project.
3