// Analyzes Express route definitions and controller logic to document API endpoints, payloads, and response structures. Use when reverse-engineering an existing Express application's API surface.
Compares a modernized Next.js application against its legacy Express counterpart using runtime side-by-side verification. Use when ensuring functional and business logic parity between two systems.
Manages the end-to-end modernization of legacy Express monoliths into Next.js architectures. Orchestrates subagents for auditing, scaffolding, and verification. Use when starting or managing a greenfield rewrite project.
Systematically probe a modernized Next.js application for logic flaws, security vulnerabilities, or missing features. Use this to find bugs or cases where the migration failed to match legacy behavior.
Analyzes authentication flows, authorization rules, middleware logic, and side-effects. Use when extracting business rules, Passport configurations, or mailer logic from an Express application.
Analyzes legacy ORM models (Mongoose, Sequelize) to extract schemas, validations, and relationships. Use when reverse-engineering a legacy data layer for a modern rewrite.
Analyzes legacy UI templates (Pug, EJS, HTML) to extract a comprehensive inventory of components, layouts, and conditional logic. Use when reverse-engineering a legacy frontend for a modern rewrite.
| name | auditing-api-contracts |
| description | Analyzes Express route definitions and controller logic to document API endpoints, payloads, and response structures. Use when reverse-engineering an existing Express application's API surface. |
Analyze the surface area of a legacy application's API to precisely document its behavior for recreation in a modern framework (e.g., Next.js Route Handlers).
Reverse-engineer the legacy API's routes, payloads, and response structures, categorizing them by Primary Resources and Sub-resources.
Copy this checklist and track your progress:
Task Progress:
- [ ] Step 1: Locate the Routes & Controllers
- [ ] Step 2: Categorize Resources
- [ ] Step 3: Identify Common Patterns
- [ ] Step 4: Analyze Each Endpoint
- [ ] Step 5: Generate API_Contracts.md
Search the legacy codebase (e.g., ../ExpressModernization-Old/) for where endpoints are defined (usually config/routes.js, routes/, or directly in app.js/server.js). Trace each route to its corresponding controller function.
Divide the API surface into:
Users, Products, Posts).Comments belonging to a Post, Reviews for a Product).Look for a Common Response Envelope. Is the API consistent in how it returns data?
{ success: true, data: [...], meta: { total: 100 } }For every endpoint, document:
GET /resource/:id/sub-resourcerequiresLogin, hasAuthorization). Document what they implicitly check (Session, Ownership, Roles).req.body, req.query, and req.params. Identify required vs. optional fields and their data types.Compile findings into a single, highly detailed artifact at docs/legacy-audit/API_Contracts.md.
Critical: Ensure that all of the endpoints are listed in a checklist within the artifact. The agent will use this checklist during the later scaffolding phase of the modernization workflow to ensure nothing is missed. Also, identify any necessary route redirects (e.g., /articles -> / if an endpoint isn't actually implemented but routing behavior is expected).
Additionally, identify specific parity probes (e.g., "The search API must be queried with an empty string to ensure it returns the same default sort as legacy"). Append these specific test cases to docs/verification/Verification_Plan.md.