# Send api-development to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "api-development",
    "name": "api-development",
    "source": "tencent",
    "type": "skill",
    "category": "开发工具",
    "sourceUrl": "https://clawhub.ai/wpank/api-development",
    "canonicalUrl": "https://clawhub.ai/wpank/api-development",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/api-development",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=api-development",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      "README.md",
      "SKILL.md"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "slug": "api-development",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-05-11T16:23:03.820Z",
      "expiresAt": "2026-05-18T16:23:03.820Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=api-development",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=api-development",
        "contentDisposition": "attachment; filename=\"api-development-1.0.0.zip\"",
        "redirectLocation": null,
        "bodySnippet": null,
        "slug": "api-development"
      },
      "scope": "item",
      "summary": "Item download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this item.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/api-development"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/api-development",
    "downloadUrl": "https://openagent3.xyz/downloads/api-development",
    "agentUrl": "https://openagent3.xyz/skills/api-development/agent",
    "manifestUrl": "https://openagent3.xyz/skills/api-development/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/api-development/agent.md"
  }
}
```
## Documentation

### API Development

Orchestrate the full API development lifecycle by coordinating design, implementation, testing, and documentation into a single workflow.

### When to Use This Skill

Building a new API from scratch
Adding endpoints to an existing API
Redesigning or refactoring an API
Planning API versioning and migration
Running a complete API development cycle (design → build → test → document → deploy)

### Orchestration Flow

Follow these steps in order. Each step routes to the appropriate skill or tool.

### 1. Design the API

Load the api-design skill to establish resource models, URL structure, HTTP method semantics, error formats, and pagination strategy.

Deliverables: Resource list, endpoint map, request/response schemas, error format

### 2. Generate OpenAPI Spec

Produce a machine-readable OpenAPI 3.x specification from the design. Use the OpenAPI template in api-design/assets/openapi-template.yaml as a starting point.

Deliverables: openapi.yaml with all endpoints, schemas, auth schemes, and examples

### 3. Scaffold Endpoints

Generate route files, request/response types, and validation schemas for each endpoint. Group routes by resource.

Deliverables: Route files, type definitions, validation schemas per resource

### 4. Implement Business Logic

Write service-layer logic with input validation, authorization checks, database queries, and proper error propagation. Keep controllers thin — business logic lives in the service layer.

Deliverables: Service modules, repository layer, middleware (auth, rate limiting, CORS)

### 5. Test

Write tests at three levels:

Unit tests — service logic, validation, error handling
Integration tests — endpoint behavior with real DB
Contract tests — response shapes match OpenAPI spec

Deliverables: Test suite with coverage for happy paths, error cases, edge cases, and auth

### 6. Document

Generate human-readable API documentation with usage examples and SDK snippets. Ensure every endpoint has description, parameters, request/response examples, and error codes.

Deliverables: API docs, changelog, authentication guide

### 7. Version and Deploy

Apply a versioning strategy, tag the release, update changelogs, and deploy through the pipeline. Follow the api-versioning skill for deprecation and migration guidance.

Deliverables: Version tag, changelog entry, deployment confirmation

### API Design Decision Table

Choose the right paradigm for your use case.

CriteriaRESTGraphQLgRPCBest forCRUD-heavy public APIsComplex relational data, client-driven queriesInternal microservices, high-throughputData fetchingFixed response shape per endpointClient specifies exact fieldsStrongly typed protobuf messagesOver/under-fetchingCommon problemSolved by designMinimal — schema is explicitCachingNative HTTP caching (ETags, Cache-Control)Requires custom cachingNo built-in HTTP cachingReal-timePolling or WebSocketsSubscriptions (built-in)Bidirectional streamingToolingMature — OpenAPI, Postman, curlGrowing — Apollo, Relay, GraphiQLMature — protoc, grpcurl, BufLearning curveLowMediumMedium-HighVersioningURL or header versioningSchema evolution with @deprecatedPackage versioning in .proto

Rule of thumb: Default to REST for public APIs. Use GraphQL when clients need flexible queries across related data. Use gRPC for internal service-to-service communication.

### API Checklist

Run through this checklist before marking any API work as complete.

### Authentication & Authorization

Authentication mechanism chosen (JWT, OAuth2, API key)
 Authorization rules enforced at every endpoint
 Tokens validated and scoped correctly
 Secrets stored securely (never in code or logs)

### Rate Limiting

Rate limits configured per endpoint or consumer tier
 RateLimit-* headers included in responses
 429 Too Many Requests returned with Retry-After header
 Rate limit strategy documented for consumers

### Pagination

All collection endpoints paginated
 Pagination style chosen (cursor-based or offset-based)
 page_size bounded with a sensible maximum
 Total count or hasNextPage indicator included

### Filtering & Sorting

Filter parameters validated and sanitized
 Sort fields allow-listed (no arbitrary column sorting)
 Default sort order defined and documented

### Error Handling

Consistent error response schema across all endpoints
 Correct HTTP status codes (4xx for client, 5xx for server)
 Validation errors return field-level detail
 Internal errors never leak stack traces or sensitive data

### Versioning

Versioning strategy selected and applied uniformly
 Breaking vs non-breaking change policy documented
 Deprecation timeline communicated via Sunset header

### CORS

Allowed origins configured (no wildcard * in production with credentials)
 Allowed methods and headers explicitly listed
 Preflight (OPTIONS) requests handled correctly

### Documentation

OpenAPI / Swagger spec generated and up to date
 Every endpoint has description, parameters, and example responses
 Authentication requirements documented
 Error codes and meanings listed
 Changelog maintained for each version

### Security

Input validation on all fields
 SQL injection prevention
 HTTPS enforced
 Sensitive data never in URLs or logs
 CORS configured correctly

### Monitoring

Structured logging with request IDs
 Error tracking configured (Sentry, Datadog, etc.)
 Performance metrics collected (latency, error rate)
 Health check endpoint available (/health)
 Alerts configured for error rate spikes

### Skill Routing Table

NeedSkillPurposeAPI design principlesapi-designResource modeling, HTTP semantics, pagination, error formatsVersioning strategyapi-versioningVersion lifecycle, deprecation, migration patternsAuthenticationauth-patternsJWT, OAuth2, sessions, RBAC, MFAError handlingerror-handlingError types, retry patterns, circuit breakers, HTTP errorsRate limitingrate-limitingAlgorithms, HTTP headers, tiered limits, distributed limitingCachingcachingCache strategies, HTTP caching, invalidation, Redis patternsDatabase migrationsdatabase-migrationsSchema evolution, zero-downtime patterns, rollback strategies

### NEVER Do

NEVER skip the design phase — jumping straight to code produces inconsistent APIs that are expensive to fix
NEVER expose database schema directly — API resources are not database tables; design around consumer use cases
NEVER ship without authentication — every production endpoint must have an auth strategy
NEVER return inconsistent error formats — every error response must follow the same schema
NEVER break a published API without a versioning plan — breaking changes require a new version, migration guide, and deprecation timeline
NEVER deploy without tests and documentation — untested APIs ship bugs, undocumented APIs frustrate developers
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: wpank
- Version: 1.0.0
## Source health
- Status: healthy
- Item download looks usable.
- Yavira can redirect you to the upstream package for this item.
- Health scope: item
- Reason: direct_download_ok
- Checked at: 2026-05-11T16:23:03.820Z
- Expires at: 2026-05-18T16:23:03.820Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/api-development)
- [Send to Agent page](https://openagent3.xyz/skills/api-development/agent)
- [JSON manifest](https://openagent3.xyz/skills/api-development/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/api-development/agent.md)
- [Download page](https://openagent3.xyz/downloads/api-development)