CtrlK
BlogDocsLog inGet started
Tessl Logo

api-patterns

API design principles and decision-making. REST vs GraphQL vs tRPC selection, response formats, versioning, pagination.

62

1.14x
Quality

44%

Does it follow best practices?

Impact

92%

1.14x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/antigravity-api-patterns/SKILL.md
SKILL.md
Quality
Evals
Security

Evaluation results

100%

10%

Refactor and Document a Public REST API

REST endpoint naming, methods, status codes, and error response format

Criteria
Without context
With context

No verbs in paths

100%

100%

Plural resource names

100%

100%

Lowercase hyphenated paths

100%

100%

Correct HTTP methods

100%

100%

201 for creation

100%

100%

Correct 4xx codes

75%

100%

Consistent response format

100%

100%

Error response has error code

100%

100%

Error response has request ID

0%

100%

No internal details in errors

100%

100%

URI versioning used

100%

100%

Versioning justification

100%

100%

100%

16%

Design the API Architecture for an Internal Analytics Dashboard

API style selection, auth pattern selection, and JWT principles

Criteria
Without context
With context

tRPC recommended

100%

100%

Monorepo + TS justification

100%

100%

Does NOT recommend REST or GraphQL as primary

100%

100%

OAuth 2.0 for Google Workspace

100%

100%

JWT short expiry + refresh

50%

100%

No sensitive data in JWT

25%

100%

Minimal JWT claims

0%

100%

Cursor or keyset pagination

100%

100%

Dataset size justification

100%

100%

TypeScript endpoint example

100%

100%

Auth in code example

100%

100%

77%

9%

Harden a GraphQL API Before Public Launch

GraphQL security configuration and rate limiting strategy

Criteria
Without context
With context

Introspection disabled

100%

100%

Query depth limit

100%

100%

Query complexity/cost limit

100%

100%

Batch size limit

0%

0%

Rate limiting present

100%

100%

429 on limit exceeded

100%

100%

X-RateLimit-Limit header

0%

37%

X-RateLimit-Remaining header

0%

37%

X-RateLimit-Reset header

0%

37%

Token bucket or sliding window strategy

100%

100%

Introspection justification

100%

100%

Depth/complexity rationale

100%

100%

Repository
boisenoise/skills-collections
Commit

431bfad

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

Refactor and Document a Public REST APIDesign the API Architecture for an Internal Analytics DashboardHarden a GraphQL API Before Public Launch

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill