SKILL.md
OpenAPI Specification 3.2
Agent-oriented reference for the OpenAPI Specification 3.2.0. Use when editing, generating, or validating OpenAPI descriptions (OAD).
When to Use
- Authoring or updating OpenAPI 3.2 YAML/JSON documents
- Resolving
$ref,$self, and relative URIs in multi-document OADs
- Describing paths, operations, parameters (query/path/header/cookie/querystring), request body, and responses
- Using Schema Objects (JSON Schema Draft 2020-12 dialect), components, and references
- Configuring security schemes (apiKey, http, mutualTLS, oauth2, openIdConnect) and requirements
- Working with media types, encoding (form, multipart), and examples (dataValue/serializedValue/externalValue)
Core References
Topic
Description
Reference
OpenAPI Object
Root object, openapi, $self, info, servers, paths, webhooks, components, security, tags
Format & Structure
JSON/YAML, case sensitivity, rich text, OAD structure, parsing, base URI
Fixed & Patterned Fields
Fixed vs patterned fields, paths keys, components keys, extensions (x-)
Info & Metadata
Info, Contact, License objects
Server
Server Object, Server Variable, URL templating
Paths & Operations
Paths Object, Path Item, Operation Object, additionalOperations, query
Path Templating
Path templating, path parameters, matching, ABNF
Parameters
Parameter Object, in (path/query/header/cookie/querystring), style, schema vs content
Request Body & Media Type
Request Body, Media Type Object, sequential media types, itemSchema
Encoding Object
Encoding by name/position, contentType, style, explode, form, multipart
Media Types
Content keys, media type ranges, OpenAPI Media Type Registry
Responses
Responses Object, Response Object, headers, content, links
HTTP Status Codes
Response keys, default, 1XX–5XX range with X
Schema & Components
Schema Object (JSON Schema 2020-12), Components, $ref resolution
Schema JSON Schema Keywords
JSON Schema 2020-12 keywords and OAS extensions in Schema
Schema Composition & Polymorphism
allOf, oneOf, anyOf, discriminator
schema-composition-polymorphism
Data Types & Formats
JSON Schema types, format keyword, OAS dialect
Discriminator & XML
Discriminator Object, XML Object (nodeType, name, namespace)
Components Reuse
Reusing parameters, responses, schemas via $ref
Reference Object
$ref, summary/description override, resolution rules
Header Object
Response/multipart headers, style simple, Set-Cookie, Link
Example Object
dataValue, serializedValue, value, externalValue, Working with Examples
Tag & External Docs
Tag Object, External Documentation Object, parent, kind
Link Object
operationRef, operationId, parameters, requestBody
Runtime Expressions
$request, $response, $url, $method, ABNF, Link/Callback usage
Security
Security Scheme, OAuth Flows, Security Requirement Object
Security Scheme Types
apiKey, http (basic/bearer), mutualTLS, oauth2, openIdConnect
Security Requirement Object
OR/AND semantics, {} optional, [] clear, scopes
OAuth2 Flows
OAuth Flows Object, OAuth Flow Object, authorizationCode, deviceAuthorization
Callbacks & Webhooks
Callback Object, webhooks
Extensions
Specification extensions (x-), extension registries
Best Practices
Topic
Description
Reference
Spec Authoring
operationId, tags, $self, components reuse, responses, security
Advanced
Topic
Description
Reference
Base URI & Resolution
$self, retrieval URI, reference resolution, parsing guidance
advanced-base-uri-and-resolution
Security Filtering
Empty Paths/Path Item, Security Considerations
Key Points
- OAS 3.2 root uses
openapi: 3.2.0; at least one ofcomponents,paths, orwebhooksMUST be present.
$selfprovides the document's base URI for reference resolution; use it in multi-document OADs.
- Schema Object is a superset of JSON Schema Draft 2020-12; empty schema =
true, none =false.
- Parameter: use either
schema+styleorcontent(one Media Type);in: "querystring"requirescontent.
- Security at root is OR (one of the Security Requirement Objects); per-operation overrides;
{}= optional.