메뉴
Test API endpoints with proper authorization. Use when testing curl requests, checking API responses, or getting 401 Unauthorized. API requires two auth levels - Basic Auth (nginx) + Session Auth (login). Credentials in .cursor/.secrets/.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Test API endpoints with proper authorization including Basic Auth and session cookies. Use when testing curl requests, checking API responses, getting 401 Unauthorized, session expired errors, or verifying endpoint behavior after changes.
Implement accumulated improvements from improvements-backlog into AI rules and skills. Use when backlog has 5+ items, weekly rule update cycle, 2+ high priority improvements exist, before important releases, when same error repeated 3+ times, when user says implement improvements/process backlog/update rules from errors.
Fix bugs, errors, exceptions, and unexpected behavior. Use when debugging, fixing errors, handling crashes, or when user mentions bug, error, broken, not working, crash, exception, 500 error, Application error, white screen, TypeError, undefined is not a function, or unexpected behavior.
Analyze Claude Code prompt cache efficiency and costs. Use when user asks about cache performance, token usage, session costs, how much a session cost, wants to optimize prompt caching, when costs seem high, when context window is filling up, or mentions cache-analyzer/cache hits/token costs/session metrics/cost analysis.
Review code for quality, security, and maintainability. Use when reviewing pull requests, examining code changes, doing QA checks, architecture review, or CTO review. Also trigger for COMPLEX tasks affecting more than 5 files, API contract changes, or data migrations.
Create new skills, modify and improve existing skills, create or update AI rules. Use when creating rules, building skills, adding coding standards, updating .claude/rules/ or .claude/skills/, converting Cursor rules to Claude Code, measuring skill performance, running evals, or optimizing skill descriptions.
| name | api-testing |
| description | Test API endpoints with proper authorization. Use when testing curl requests, checking API responses, or getting 401 Unauthorized. API requires two auth levels - Basic Auth (nginx) + Session Auth (login). Credentials in .cursor/.secrets/. |
Test API endpoints that require authorization.
Configuration: .cursor/config/project.config.json (site URL, auth settings, test user)
| Level | When needed | Source |
|---|---|---|
| Basic Auth | All requests (nginx) | Config → auth.basic_auth_file |
| Session Auth | API endpoints (except /health) | Login via /api/auth/login |
Get a session and test:
# Run the helper script
bash .cursor/skills/api-testing/scripts/get-session.sh
# Then use the session for any endpoint
bash .cursor/skills/api-testing/scripts/test-endpoint.sh /api/endpoint?param=value
All values (site URL, credentials paths, test user email) are in project.config.json:
# 1. Read config values
CONFIG=".cursor/config/project.config.json"
SITE_URL=$(jq -r .site_url "$CONFIG")
SECRETS_DIR=$(jq -r .auth.secrets_dir "$CONFIG")
TEST_EMAIL=$(jq -r .auth.test_user_email "$CONFIG")
# 2. Get Basic Auth
BASIC_AUTH=$(jq -r '.user + ":" + .pass' "$SECRETS_DIR/$(jq -r .auth.basic_auth_file "$CONFIG")")
# 3. Decode password and login
PASSWORD=$(jq -r .password "$SECRETS_DIR/$(jq -r .auth.test_user_file "$CONFIG")" | base64 -d)
curl -c /tmp/session.txt -u "$BASIC_AUTH" \
-H "Content-Type: application/json" \
-d '{"email":"'"$TEST_EMAIL"'","password":"'"$PASSWORD"'"}' \
"$SITE_URL/api/auth/login"
# 4. Use session for requests
curl -b /tmp/session.txt -u "$BASIC_AUTH" "$SITE_URL/api/endpoint"
rm /tmp/session.txt after testing