// Comprehensive API testing for REST and GraphQL endpoints. Use when asked to create, run, or debug API tests, validate schemas, test authentication, verify contracts, or check error handling. Covers Playwright request fixture (TypeScript) and REST Assured (Java 21+).
Accessibility testing toolkit using Selenium WebDriver 4+ with Java 21+ and axe-core engine. Use when asked to validate WCAG 2.1/2.2 compliance, scan pages or components for a11y violations, test keyboard navigation, audit color contrast, check ARIA semantics, generate accessibility reports, filter axe rules, debug screen reader issues, or implement POUR principles (perceivable, operable, understandable, robust).
Automate browser interactions, test web pages and work with Playwright tests.
Automated regression testing strategy and best practices using Playwright with TypeScript. Use when asked to plan, organize, select, execute, or optimize regression test suites for web applications. Covers change-based and risk-based test selection, test tagging and prioritization, parallel execution, sharding, CI/CD pipeline integration with GitHub Actions, flaky test management, suite health monitoring, and regression types (corrective, progressive, selective, complete). Keywords: regression testing, test selection, smoke tests, test suite optimization, CI pipeline, flaky tests, test sharding, impact analysis, git diff.
Accessibility testing for web applications using Playwright (@playwright/test) with TypeScript and axe-core. Use when asked to write, run, or debug automated accessibility checks, keyboard navigation tests, focus management, ARIA/semantic validations, screen reader compatibility, or WCAG 2.1 Level AA compliance testing. Covers axe-core integration, POUR principles (perceivable, operable, understandable, robust), color contrast, form labels, landmarks, and accessible names.
End-to-end, API, and responsive testing for web applications using Playwright with TypeScript. Use when asked to write, run, debug, or maintain Playwright (@playwright/test) TypeScript tests for UI behavior, form submissions, user flows, API validation, responsive design, or visual regression. Covers browser automation, network interception, mocking, Page Object Model, fixtures, and parallel execution.
ISTQB Foundation Level (CTFL) aligned QA toolkit for manual and automated testing. Use when asked to create test plans, test strategies, test conditions, test cases, bug reports, defect logs, regression suites, traceability matrices, or exploratory charters. Supports risk-based testing, test design techniques (equivalence partitioning, boundary value analysis, decision tables, state transitions), test estimation, static testing reviews, and test process management. Includes Playwright automation guidance for test implementation.
| name | api-testing |
| description | Comprehensive API testing for REST and GraphQL endpoints. Use when asked to create, run, or debug API tests, validate schemas, test authentication, verify contracts, or check error handling. Covers Playwright request fixture (TypeScript) and REST Assured (Java 21+). |
Comprehensive API testing skill covering both Playwright TypeScript (request fixture, Supertest, Zod) and Java (REST Assured, AssertJ, JSON Schema Validator). Provides deep domain expertise for the api-tester-specialist agent.
| Stack | Requirements |
|---|---|
| TypeScript | Node.js 18+, @playwright/test or supertest, zod |
| Java | Java 21+, REST Assured 5.x, AssertJ, Jackson, json-schema-validator |
import { test, expect } from "@playwright/test";
test("GET /api/users returns 200 with valid schema", async ({ request }) => {
const response = await request.get("/api/users");
expect(response.ok()).toBeTruthy();
const body = await response.json();
expect(body).toMatchObject({ data: expect.any(Array) });
});
import static io.restassured.RestAssured.*;
import static org.hamcrest.Matchers.*;
import java.util.List;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
@Test
@DisplayName("GET /api/users returns 200 with valid schema")
void getUsers() {
String token = "test-token";
given()
.header("Authorization", "Bearer " + token)
.when()
.get("/api/users")
.then()
.statusCode(200)
.body("data", is(instanceOf(List.class)))
.body("data.size()", greaterThan(0));
}
Common shortcuts and "good enough" excuses that erode test quality — and the reality behind each.
| Rationalization | Reality |
|---|---|
| "Schema validation is overkill" | Without schema validation, a silent field rename becomes a production incident. Validate every response. |
| "Happy path testing is enough" | Error states (400, 401, 403, 404, 409, 500) are where real failures happen. Test all status codes. |
| "Auth tests can wait" | Unauthenticated access to protected endpoints is a security vulnerability, not a backlog item. |
| "This endpoint won't change" | APIs evolve. Contract tests catch breaking changes before they reach production. |
| "Manual API testing with Postman is sufficient" | Manual testing isn't repeatable, can't run in CI, and doesn't scale. Automate API tests. |
| "Idempotency doesn't matter" | Duplicate requests happen in production. Without idempotency testing, you get duplicate records and charges. |
| Document | Content |
|---|---|
| REST API Patterns | CRUD, pagination, filtering, error patterns |
| Playwright API Testing | Request fixture, Supertest, TypeScript patterns |
| REST Assured Testing | REST Assured, AssertJ, Java patterns |
| Schema Validation | Zod (TS), JSON Schema (Java), strict vs loose |
| Contract Testing | Request/response contracts, idempotency, versioning |
| Issue | Solution |
|---|---|
| 401 on authenticated endpoints | Verify token is fresh; check expiry; re-authenticate |
| Flaky API tests | Add retry logic; check for rate limiting; use unique test data |
| Schema validation too strict | Use .passthrough() (Zod) or additionalProperties: true for flexible fields |
| Timeout on slow endpoints | Increase timeout in request options; check for server load |
After completing this skill's workflow, confirm: