Skills
skills/onewave-ai/claude-skills/api-endpoint-scaffolder

api-endpoint-scaffolder

SKILL.md

API Endpoint Scaffolder

Instructions

When creating a new API endpoint:

  1. Identify the framework (Express, Next.js, FastAPI, etc.)
  2. Determine HTTP method (GET, POST, PUT, PATCH, DELETE)
  3. Define request/response types
  4. Implement with best practices

Templates

Next.js App Router (TypeScript)

// app/api/[resource]/route.ts
import { NextRequest, NextResponse } from 'next/server';
import { z } from 'zod';

const RequestSchema = z.object({
  // Define your schema
});

export async function GET(request: NextRequest) {
  try {
    const { searchParams } = new URL(request.url);
    // Implementation
    return NextResponse.json({ data }, { status: 200 });
  } catch (error) {
    console.error('[API] Error:', error);
    return NextResponse.json(
      { error: 'Internal server error' },
      { status: 500 }
    );
  }
}

export async function POST(request: NextRequest) {
  try {
    const body = await request.json();
    const validated = RequestSchema.parse(body);
    // Implementation
    return NextResponse.json({ data }, { status: 201 });
  } catch (error) {
    if (error instanceof z.ZodError) {
      return NextResponse.json(
        { error: 'Validation failed', details: error.errors },
        { status: 400 }
      );
    }
    return NextResponse.json(
      { error: 'Internal server error' },
      { status: 500 }
    );
  }
}

Express (TypeScript)

import { Router, Request, Response, NextFunction } from 'express';
import { z } from 'zod';

const router = Router();

const CreateSchema = z.object({
  // Define schema
});

router.post('/', async (req: Request, res: Response, next: NextFunction) => {
  try {
    const data = CreateSchema.parse(req.body);
    // Implementation
    res.status(201).json({ success: true, data });
  } catch (error) {
    next(error);
  }
});

export default router;

Best Practices

  1. Always validate input using Zod, Yup, or similar
  2. Use proper HTTP status codes:
    • 200: Success
    • 201: Created
    • 400: Bad Request
    • 401: Unauthorized
    • 403: Forbidden
    • 404: Not Found
    • 500: Server Error
  3. Log errors but don't expose internals to clients
  4. Use consistent response format
  5. Add rate limiting for public endpoints
  6. Document with OpenAPI/Swagger when possible
Weekly Installs
16
Repository
onewave-ai/claude-skills
GitHub Stars
53
First Seen
Feb 26, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
opencode13
gemini-cli13
github-copilot13
codex13
amp13
cline13