dpnmw/agents
1
0
Fork 0
mirror of https://github.com/wshobson/agents.git synced 2026-03-18 09:37:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
65e5cb093a38ff6bd97175bf12c732608c635a8d
agents/plugins/backend-development/skills/api-design-principles/assets/api-design-checklist.md
Seth Hobson 65e5cb093a feat: add Agent Skills and restructure documentation 
- Add 47 Agent Skills across 14 plugins following Anthropic's specification
  - Python (5): async patterns, testing, packaging, performance, UV package manager
  - JavaScript/TypeScript (4): advanced types, Node.js patterns, testing, modern JS
  - Kubernetes (4): manifests, Helm charts, GitOps, security policies
  - Cloud Infrastructure (4): Terraform, multi-cloud, hybrid networking, cost optimization
  - CI/CD (4): pipeline design, GitHub Actions, GitLab CI, secrets management
  - Backend (3): API design, architecture patterns, microservices
  - LLM Applications (4): LangChain, prompt engineering, RAG, evaluation
  - Blockchain/Web3 (4): DeFi protocols, NFT standards, Solidity security, Web3 testing
  - Framework Migration (4): React, Angular, database, dependency upgrades
  - Observability (4): Prometheus, Grafana, distributed tracing, SLO
  - Payment Processing (4): Stripe, PayPal, PCI compliance, billing
  - API Scaffolding (1): FastAPI templates
  - ML Operations (1): ML pipeline workflow
  - Security (1): SAST configuration

- Restructure documentation into /docs directory
  - agent-skills.md: Complete guide to all 47 skills
  - agents.md: All 85 agents with model configuration
  - plugins.md: Complete catalog of 63 plugins
  - usage.md: Commands, workflows, and best practices
  - architecture.md: Design principles and patterns

- Update README.md
  - Add Agent Skills banner announcement
  - Reduce length by ~75% with links to detailed docs
  - Add What's New section showcasing Agent Skills
  - Add Popular Use Cases with real examples
  - Improve navigation with Core Guides and Quick Links

- Update marketplace.json with skills arrays for 14 plugins

All 47 skills follow Agent Skills Specification:
- Required YAML frontmatter (name, description)
- Use when activation clauses
- Progressive disclosure architecture
- Under 1024 character descriptions
2025-10-16 20:33:27 -04:00

3.8 KiB
Raw Blame History

API Design Checklist

Pre-Implementation Review

Resource Design

  • Resources are nouns, not verbs
  • Plural names for collections
  • Consistent naming across all endpoints
  • Clear resource hierarchy (avoid deep nesting >2 levels)
  • All CRUD operations properly mapped to HTTP methods

HTTP Methods

  • GET for retrieval (safe, idempotent)
  • POST for creation
  • PUT for full replacement (idempotent)
  • PATCH for partial updates
  • DELETE for removal (idempotent)

Status Codes

  • 200 OK for successful GET/PATCH/PUT
  • 201 Created for POST
  • 204 No Content for DELETE
  • 400 Bad Request for malformed requests
  • 401 Unauthorized for missing auth
  • 403 Forbidden for insufficient permissions
  • 404 Not Found for missing resources
  • 422 Unprocessable Entity for validation errors
  • 429 Too Many Requests for rate limiting
  • 500 Internal Server Error for server issues

Pagination

  • All collection endpoints paginated
  • Default page size defined (e.g., 20)
  • Maximum page size enforced (e.g., 100)
  • Pagination metadata included (total, pages, etc.)
  • Cursor-based or offset-based pattern chosen

Filtering & Sorting

  • Query parameters for filtering
  • Sort parameter supported
  • Search parameter for full-text search
  • Field selection supported (sparse fieldsets)

Versioning

  • Versioning strategy defined (URL/header/query)
  • Version included in all endpoints
  • Deprecation policy documented

Error Handling

  • Consistent error response format
  • Detailed error messages
  • Field-level validation errors
  • Error codes for client handling
  • Timestamps in error responses

Authentication & Authorization

  • Authentication method defined (Bearer token, API key)
  • Authorization checks on all endpoints
  • 401 vs 403 used correctly
  • Token expiration handled

Rate Limiting

  • Rate limits defined per endpoint/user
  • Rate limit headers included
  • 429 status code for exceeded limits
  • Retry-After header provided

Documentation

  • OpenAPI/Swagger spec generated
  • All endpoints documented
  • Request/response examples provided
  • Error responses documented
  • Authentication flow documented

Testing

  • Unit tests for business logic
  • Integration tests for endpoints
  • Error scenarios tested
  • Edge cases covered
  • Performance tests for heavy endpoints

Security

  • Input validation on all fields
  • SQL injection prevention
  • XSS prevention
  • CORS configured correctly
  • HTTPS enforced
  • Sensitive data not in URLs
  • No secrets in responses

Performance

  • Database queries optimized
  • N+1 queries prevented
  • Caching strategy defined
  • Cache headers set appropriately
  • Large responses paginated

Monitoring

  • Logging implemented
  • Error tracking configured
  • Performance metrics collected
  • Health check endpoint available
  • Alerts configured for errors

GraphQL-Specific Checks

Schema Design

  • Schema-first approach used
  • Types properly defined
  • Non-null vs nullable decided
  • Interfaces/unions used appropriately
  • Custom scalars defined

Queries

  • Query depth limiting
  • Query complexity analysis
  • DataLoaders prevent N+1
  • Pagination pattern chosen (Relay/offset)

Mutations

  • Input types defined
  • Payload types with errors
  • Optimistic response support
  • Idempotency considered

Performance

  • DataLoader for all relationships
  • Query batching enabled
  • Persisted queries considered
  • Response caching implemented

Documentation

  • All fields documented
  • Deprecations marked
  • Examples provided
  • Schema introspection enabled
Reference in New Issue View Git Blame Copy Permalink