DiscordSign up
SKILLS.SH

api-testing

HTTP API testing for TypeScript (Supertest) and Python (httpx, pytest). Test REST APIs, GraphQL, request/response validation, authentication, and error…

INSTALLATION
npx skills add https://github.com/secondsky/claude-skills --skill api-testing
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

API Testing

Expert knowledge for testing HTTP APIs with Supertest (TypeScript/JavaScript) and httpx/pytest (Python).

TypeScript/JavaScript (Supertest)

Installation

# Using Bun

bun add -d supertest @types/supertest

# or: npm install -D supertest @types/supertest

Basic Setup

import { describe, it, expect } from 'vitest'

import request from 'supertest'

import { app } from './app'

describe('API Tests', () => {

  it('returns health status', async () => {

    const response = await request(app)

      .get('/api/health')

      .expect(200)

    expect(response.body).toEqual({ status: 'ok' })

  })

  it('creates a user', async () => {

    const response = await request(app)

      .post('/api/users')

      .send({ name: 'John Doe', email: 'john@example.com' })

      .expect(201)

    expect(response.body).toMatchObject({

      id: expect.any(Number),

      name: 'John Doe',

    })

  })

  it('validates required fields', async () => {

    await request(app)

      .post('/api/users')

      .send({ name: 'John Doe' })

      .expect(400)

  })

})

Request Methods

// GET

await request(app).get('/api/users').expect(200)

// POST with body

await request(app)

  .post('/api/users')

  .send({ name: 'John' })

  .expect(201)

// PUT

await request(app)

  .put('/api/users/1')

  .send({ name: 'Jane' })

  .expect(200)

// DELETE

await request(app).delete('/api/users/1').expect(204)

Headers and Query Parameters

// Set headers

await request(app)

  .get('/api/protected')

  .set('Authorization', 'Bearer token123')

  .expect(200)

// Query parameters

await request(app)

  .get('/api/users')

  .query({ page: 1, limit: 10 })

  .expect(200)

Authentication Testing

describe('Authentication', () => {

  let authToken: string

  beforeAll(async () => {

    const response = await request(app)

      .post('/api/auth/login')

      .send({ email: 'user@example.com', password: 'password123' })

      .expect(200)

    authToken = response.body.token

  })

  it('accesses protected endpoint', async () => {

    await request(app)

      .get('/api/protected')

      .set('Authorization', `Bearer ${authToken}`)

      .expect(200)

  })

  it('rejects without token', async () => {

    await request(app).get('/api/protected').expect(401)

  })

})

Error Handling

it('handles validation errors', async () => {

  const response = await request(app)

    .post('/api/users')

    .send({ email: 'invalid-email' })

    .expect(400)

  expect(response.body).toMatchObject({

    error: 'Validation failed',

    details: expect.any(Array),

  })

})

it('handles not found', async () => {

  await request(app).get('/api/users/999999').expect(404)

})

Python (httpx + pytest)

Installation

uv add --dev httpx pytest-asyncio

Basic Setup

import pytest

from fastapi.testclient import TestClient

from main import app

client = TestClient(app)

def test_health_check():

    response = client.get("/api/health")

    assert response.status_code == 200

    assert response.json() == {"status": "ok"}

def test_create_user():

    response = client.post(

        "/api/users",

        json={"name": "John Doe", "email": "john@example.com"}

    )

    assert response.status_code == 201

    data = response.json()

    assert data["name"] == "John Doe"

    assert "id" in data

def test_not_found():

    response = client.get("/api/users/999")

    assert response.status_code == 404

Fixtures

@pytest.fixture

def auth_token(client):

    response = client.post(

        "/api/auth/login",

        json={"email": "user@example.com", "password": "password123"}

    )

    return response.json()["token"]

def test_protected_endpoint(client, auth_token):

    response = client.get(

        "/api/protected",

        headers={"Authorization": f"Bearer {auth_token}"}

    )

    assert response.status_code == 200

File Upload

def test_file_upload(client, tmp_path):

    test_file = tmp_path / "test.txt"

    test_file.write_text("test content")

    with open(test_file, "rb") as f:

        response = client.post(

            "/api/upload",

            files={"file": ("test.txt", f, "text/plain")}

        )

    assert response.status_code == 200

GraphQL Testing

it('queries GraphQL endpoint', async () => {

  const query = `

    query GetUser($id: ID!) {

      user(id: $id) { id name email }

    }

  `

  const response = await request(app)

    .post('/graphql')

    .send({ query, variables: { id: '1' } })

    .expect(200)

  expect(response.body.data.user).toMatchObject({

    id: '1',

    name: expect.any(String),

  })

})

Performance Testing

it('responds within acceptable time', async () => {

  const start = Date.now()

  await request(app).get('/api/users').expect(200)

  const duration = Date.now() - start

  expect(duration).toBeLessThan(100) // 100ms threshold

})

Best Practices

  • Group related endpoints in describe blocks
  • Reset database between tests
  • Validate status codes first
  • Check response structure
  • Test error message format
  • Mock external services
  • Test both happy path and error cases

See Also

  • vitest-testing - Unit testing framework
  • playwright-testing - E2E API testing
  • test-quality-analysis - Test quality patterns
BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

find-skills
2/3

Discover and install specialized agent skills from the open ecosystem when users need extended capabilities. Helps identify relevant skills by domain and task when users ask "how do I do X" or "find a skill for X" Integrates with the Skills CLI ( npx skills find , npx skills add ) to search, verify, and install packages from the skills.sh directory Recommends skills based on install count, source reputation, and GitHub stars to ensure quality before suggesting installation Presents skill options with install commands and links to skills.sh for user review and one-click installation

Verified authorvercel-labs
SKILLS.SH
1.5M19.6K
2026-05-22
vercel-react-best-practices
3/3

React and Next.js performance optimization guide with 64 prioritized rules across 8 categories. Organized by impact level, from critical waterfalls and bundle optimization down to advanced patterns, each rule includes incorrect/correct code examples and explanations Covers eight domains: async patterns, bundle size, server-side caching, client-side data fetching, re-render optimization, rendering performance, JavaScript efficiency, and advanced patterns Designed for use during component writing, code review, refactoring, and performance audits on React and Next.js applications Each rule has a prefix code (e.g., async-parallel , bundle-barrel-imports ) for easy reference in automated tooling and documentation

Verified authorvercel-labs
SKILLS.SH
389K26.9K
2026-05-22
azure-validate
2/3

Pre-deployment validation for Azure infrastructure, configuration, and permissions before deployment. Requires .azure/plan.md from a prior azure-prepare run; stops immediately if the plan is missing Executes recipe-specific validation commands (azd provision, bicep build, terraform validate) and records proof in the plan document Performs build verification, configuration checks, and permission validation; blocks deployment if any check fails Only authorized method to set plan status to Validated ; must be followed by azure-deploy skill to execute the actual deployment

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22
appinsights-instrumentation
3/3

Guidance and reference material for instrumenting webapps with Azure Application Insights. Covers SDK setup, telemetry patterns, and configuration for ASP.NET Core and Node.js applications hosted in Azure Distinguishes between this skill (reference and guidance) and azure-prepare (actual implementation); invoke azure-prepare when the user wants to add instrumentation to their project Provides auto-instrumentation guidance for C# ASP.NET Core apps in Azure App Service, plus manual instrumentation paths for creating App Insights resources via Bicep templates or Azure CLI Includes language-specific code modification guides for ASP.NET Core, Node.js, and Python, plus quick references for OpenTelemetry SDKs and exporters

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card