api-patterns
API Patterns
API design principles and decision-making for 2025. Learn to THINK, not copy fixed patterns.
🎯 Selective Reading Rule
Read ONLY files relevant to the request! Check the content map, find what you need.
📑 Content Map
| File | Description | When to Read |
|---|---|---|
api-style.md |
REST vs GraphQL vs tRPC decision tree | Choosing API type |
rest.md |
Resource naming, HTTP methods, status codes | Designing REST API |
response.md |
Envelope pattern, error format, pagination | Response structure |
graphql.md |
Schema design, when to use, security | Considering GraphQL |
trpc.md |
TypeScript monorepo, type safety | TS fullstack projects |
versioning.md |
URI/Header/Query versioning | API evolution planning |
auth.md |
JWT, OAuth, Passkey, API Keys | Auth pattern selection |
rate-limiting.md |
Token bucket, sliding window | API protection |
documentation.md |
OpenAPI/Swagger best practices | Documentation |
security-testing.md |
OWASP API Top 10, auth/authz testing | Security audits |
🔗 Related Skills
| Need | Skill |
|---|---|
| API implementation | @[skills/backend-development] |
| Data structure | @[skills/database-design] |
| Security details | @[skills/security-hardening] |
✅ Decision Checklist
Before designing an API:
- Asked user about API consumers?
- Chosen API style for THIS context? (REST/GraphQL/tRPC)
- Defined consistent response format?
- Planned versioning strategy?
- Considered authentication needs?
- Planned rate limiting?
- Documentation approach defined?
❌ Anti-Patterns
DON'T:
- Default to REST for everything
- Use verbs in REST endpoints (/getUsers)
- Return inconsistent response formats
- Expose internal errors to clients
- Skip rate limiting
DO:
- Choose API style based on context
- Ask about client requirements
- Document thoroughly
- Use appropriate status codes
Script
| Script | Purpose | Command |
|---|---|---|
scripts/api_validator.py |
API endpoint validation | python scripts/api_validator.py <project_path> |
More from tai-ch0802/skills-bundle
sdd
Spec-Driven Development (SDD): A structured workflow (Requirement -> Analysis -> Implementation) enforcing explicit documentation before coding.
13code-quality
Pragmatic coding standards and code review guidelines. Covers naming, functions, anti-patterns, review checklists, and AI-specific review patterns. Replaces clean-code + code-review-checklist.
12testing-mastery
Unified testing skill — TDD workflow, unit/integration patterns, E2E/Playwright strategies. Replaces tdd-workflow + testing-patterns + webapp-testing.
10prd
Guidelines and templates for creating effective Product Requirement Documents (PRD), bridging the gap between business goals and technical implementation.
8skill-creator
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, update or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.
8frontend-design
Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, artifacts, posters, or applications (examples include websites, landing pages, dashboards, React components, HTML/CSS layouts, or when styling/beautifying any web UI). Generates creative, polished code and UI design that avoids generic AI aesthetics.
7