{
  "instruction": "Write tests for Go HTTP middleware including authentication middleware. Test middleware in isolation by wrapping dummy handlers, test protected endpoints with and without valid tokens.",
  "relevant_when": "Agent writes tests for Go middleware or authentication",
  "context": "Proactively verify that agents test middleware in isolation (wrapping a dummy handler) and test auth flows (no token, invalid token, valid token) following Go testing patterns.",
  "sources": [
    {
      "type": "file",
      "filename": "skills/go-api-testing/SKILL.md",
      "tile": "tessl-labs/go-api-testing"
    }
  ],
  "checklist": [
    {
      "name": "middleware-tested-in-isolation",
      "rule": "Middleware is tested by wrapping a dummy http.HandlerFunc, not only tested through full endpoint integration tests",
      "relevant_when": "Agent writes tests for HTTP middleware"
    },
    {
      "name": "no-token-test",
      "rule": "There is a test that calls a protected endpoint without any Authorization header and expects a 401",
      "relevant_when": "Agent tests authentication middleware"
    },
    {
      "name": "invalid-token-test",
      "rule": "There is a test that sends an invalid/fake Bearer token and expects a 401",
      "relevant_when": "Agent tests authentication middleware"
    },
    {
      "name": "valid-token-test",
      "rule": "There is a test that uses a valid token and expects a non-401 success response",
      "relevant_when": "Agent tests authentication middleware"
    },
    {
      "name": "table-driven-middleware-cases",
      "rule": "Middleware test cases use table-driven tests with t.Run subtests for the different auth scenarios",
      "relevant_when": "Agent writes multiple middleware test cases"
    },
    {
      "name": "httptest-used",
      "rule": "Tests use httptest.NewRequest and httptest.NewRecorder, not real HTTP calls",
      "relevant_when": "Agent writes Go middleware tests"
    }
  ]
}