api-contract-testing

This skill bundle is a benign API contract-testing toolkit: documentation, test examples, and scripts for validating OpenAPI specs, generating Postman collections, and running Pact-based consumer/provider tests. I found no signs of malicious code, obfuscated payloads, credential exfiltration, or download-and-execute supply-chain patterns in the provided content. The main security considerations are operational: ensure tests and state handlers run against isolated test databases and avoid using proxying to real production endpoints unintentionally. Follow standard supply-chain hygiene when installing third-party CLIs (install from official registries, pin versions, review package reputations).