davila7/api-documentation-generator
cli-tool/components/skills/development/api-documentation-generator/SKILL.md
Generate comprehensive, developer-friendly API documentation from code, including endpoints, parameters, examples, and best practices
$ install --global
skillsauthnpx skillsauth add davila7/claude-code-templates api-documentation-generatorInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 25, 2026, 9:25 PM1.8s1 file scanned
SKILL.md
- name:
- api-documentation-generator
- description:
- Generate comprehensive, developer-friendly API documentation from code, including endpoints, parameters, examples, and best practices
API Documentation Generator
Overview
Automatically generate clear, comprehensive API documentation from your codebase. This skill helps you create professional documentation that includes endpoint descriptions, request/response examples, authentication details, error handling, and usage guidelines.
Perfect for REST APIs, GraphQL APIs, and WebSocket APIs.
When to Use This Skill
- Use when you need to document a new API
- Use when updating existing API documentation
- Use when your API lacks clear documentation
- Use when onboarding new developers to your API
- Use when preparing API documentation for external users
- Use when creating OpenAPI/Swagger specifications
How It Works
Step 1: Analyze the API Structure
First, I'll examine your API codebase to understand:
- Available endpoints and routes
- HTTP methods (GET, POST, PUT, DELETE, etc.)
- Request parameters and body structure
- Response formats and status codes
- Authentication and authorization requirements
- Error handling patterns
Step 2: Generate Endpoint Documentation
For each endpoint, I'll create documentation including:
Endpoint Details:
- HTTP method and URL path
- Brief description of what it does
- Authentication requirements
- Rate limiting information (if applicable)
Request Specification:
- Path parameters
- Query parameters
- Request headers
- Request body schema (with types and validation rules)
Response Specification:
- Success response (status code + body structure)
- Error responses (all possible error codes)
- Response headers
Code Examples:
- cURL command
- JavaScript/TypeScript (fetch/axios)
- Python (requests)
- Other languages as needed
Step 3: Add Usage Guidelines
I'll include:
- Getting started guide
- Authentication setup
- Common use cases
- Best practices
- Rate limiting details
- Pagination patterns
- Filtering and sorting options
Step 4: Document Error Handling
Clear error documentation including:
- All possible error codes
- Error message formats
- Troubleshooting guide
- Common error scenarios and solutions
Step 5: Create Interactive Examples
Where possible, I'll provide:
- Postman collection
- OpenAPI/Swagger specification
- Interactive code examples
- Sample responses
Examples
Example 1: REST API Endpoint Documentation
## Create User
Creates a new user account.
**Endpoint:** `POST /api/v1/users`
**Authentication:** Required (Bearer token)
**Request Body:**
\`\`\`json
{
"email": "[email protected]", // Required: Valid email address
"password": "SecurePass123!", // Required: Min 8 chars, 1 uppercase, 1 number
"name": "John Doe", // Required: 2-50 characters
"role": "user" // Optional: "user" or "admin" (default: "user")
}
\`\`\`
**Success Response (201 Created):**
\`\`\`json
{
"id": "usr_1234567890",
"email": "[email protected]",
"name": "John Doe",
"role": "user",
"createdAt": "2026-01-20T10:30:00Z",
"emailVerified": false
}
\`\`\`
**Error Responses:**
- `400 Bad Request` - Invalid input data
\`\`\`json
{
"error": "VALIDATION_ERROR",
"message": "Invalid email format",
"field": "email"
}
\`\`\`
- `409 Conflict` - Email already exists
\`\`\`json
{
"error": "EMAIL_EXISTS",
"message": "An account with this email already exists"
}
\`\`\`
- `401 Unauthorized` - Missing or invalid authentication token
**Example Request (cURL):**
\`\`\`bash
curl -X POST https://api.example.com/api/v1/users \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"password": "SecurePass123!",
"name": "John Doe"
}'
\`\`\`
**Example Request (JavaScript):**
\`\`\`javascript
const response = await fetch('https://api.example.com/api/v1/users', {
method: 'POST',
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
email: '[email protected]',
password: 'SecurePass123!',
name: 'John Doe'
})
});
const user = await response.json();
console.log(user);
\`\`\`
**Example Request (Python):**
\`\`\`python
import requests
response = requests.post(
'https://api.example.com/api/v1/users',
headers={
'Authorization': f'Bearer {token}',
'Content-Type': 'application/json'
},
json={
'email': '[email protected]',
'password': 'SecurePass123!',
'name': 'John Doe'
}
)
user = response.json()
print(user)
\`\`\`
Example 2: GraphQL API Documentation
## User Query
Fetch user information by ID.
**Query:**
\`\`\`graphql
query GetUser($id: ID!) {
user(id: $id) {
id
email
name
role
createdAt
posts {
id
title
publishedAt
}
}
}
\`\`\`
**Variables:**
\`\`\`json
{
"id": "usr_1234567890"
}
\`\`\`
**Response:**
\`\`\`json
{
"data": {
"user": {
"id": "usr_1234567890",
"email": "[email protected]",
"name": "John Doe",
"role": "user",
"createdAt": "2026-01-20T10:30:00Z",
"posts": [
{
"id": "post_123",
"title": "My First Post",
"publishedAt": "2026-01-21T14:00:00Z"
}
]
}
}
}
\`\`\`
**Errors:**
\`\`\`json
{
"errors": [
{
"message": "User not found",
"extensions": {
"code": "USER_NOT_FOUND",
"userId": "usr_1234567890"
}
}
]
}
\`\`\`
Example 3: Authentication Documentation
## Authentication
All API requests require authentication using Bearer tokens.
### Getting a Token
**Endpoint:** `POST /api/v1/auth/login`
**Request:**
\`\`\`json
{
"email": "[email protected]",
"password": "your-password"
}
\`\`\`
**Response:**
\`\`\`json
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expiresIn": 3600,
"refreshToken": "refresh_token_here"
}
\`\`\`
### Using the Token
Include the token in the Authorization header:
\`\`\`
Authorization: Bearer YOUR_TOKEN
\`\`\`
### Token Expiration
Tokens expire after 1 hour. Use the refresh token to get a new access token:
**Endpoint:** `POST /api/v1/auth/refresh`
**Request:**
\`\`\`json
{
"refreshToken": "refresh_token_here"
}
\`\`\`
Best Practices
✅ Do This
- Be Consistent - Use the same format for all endpoints
- Include Examples - Provide working code examples in multiple languages
- Document Errors - List all possible error codes and their meanings
- Show Real Data - Use realistic example data, not "foo" and "bar"
- Explain Parameters - Describe what each parameter does and its constraints
- Version Your API - Include version numbers in URLs (/api/v1/)
- Add Timestamps - Show when documentation was last updated
- Link Related Endpoints - Help users discover related functionality
- Include Rate Limits - Document any rate limiting policies
- Provide Postman Collection - Make it easy to test your API
❌ Don't Do This
- Don't Skip Error Cases - Users need to know what can go wrong
- Don't Use Vague Descriptions - "Gets data" is not helpful
- Don't Forget Authentication - Always document auth requirements
- Don't Ignore Edge Cases - Document pagination, filtering, sorting
- Don't Leave Examples Broken - Test all code examples
- Don't Use Outdated Info - Keep documentation in sync with code
- Don't Overcomplicate - Keep it simple and scannable
- Don't Forget Response Headers - Document important headers
Documentation Structure
Recommended Sections
-
Introduction
- What the API does
- Base URL
- API version
- Support contact
-
Authentication
- How to authenticate
- Token management
- Security best practices
-
Quick Start
- Simple example to get started
- Common use case walkthrough
-
Endpoints
- Organized by resource
- Full details for each endpoint
-
Data Models
- Schema definitions
- Field descriptions
- Validation rules
-
Error Handling
- Error code reference
- Error response format
- Troubleshooting guide
-
Rate Limiting
- Limits and quotas
- Headers to check
- Handling rate limit errors
-
Changelog
- API version history
- Breaking changes
- Deprecation notices
-
SDKs and Tools
- Official client libraries
- Postman collection
- OpenAPI specification
Common Pitfalls
Problem: Documentation Gets Out of Sync
Symptoms: Examples don't work, parameters are wrong, endpoints return different data Solution:
- Generate docs from code comments/annotations
- Use tools like Swagger/OpenAPI
- Add API tests that validate documentation
- Review docs with every API change
Problem: Missing Error Documentation
Symptoms: Users don't know how to handle errors, support tickets increase Solution:
- Document every possible error code
- Provide clear error messages
- Include troubleshooting steps
- Show example error responses
Problem: Examples Don't Work
Symptoms: Users can't get started, frustration increases Solution:
- Test every code example
- Use real, working endpoints
- Include complete examples (not fragments)
- Provide a sandbox environment
Problem: Unclear Parameter Requirements
Symptoms: Users send invalid requests, validation errors Solution:
- Mark required vs optional clearly
- Document data types and formats
- Show validation rules
- Provide example values
Tools and Formats
OpenAPI/Swagger
Generate interactive documentation:
openapi: 3.0.0
info:
title: My API
version: 1.0.0
paths:
/users:
post:
summary: Create a new user
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreateUserRequest'
Postman Collection
Export collection for easy testing:
{
"info": {
"name": "My API",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Create User",
"request": {
"method": "POST",
"url": "{{baseUrl}}/api/v1/users"
}
}
]
}
Related Skills
@doc-coauthoring- For collaborative documentation writing@copywriting- For clear, user-friendly descriptions@test-driven-development- For ensuring API behavior matches docs@systematic-debugging- For troubleshooting API issues
Additional Resources
- OpenAPI Specification
- REST API Best Practices
- GraphQL Documentation
- API Design Patterns
- Postman Documentation
Pro Tip: Keep your API documentation as close to your code as possible. Use tools that generate docs from code comments to ensure they stay in sync!
Related Skills
davila7/zapier-make-patterns
tools
VerifiedTrustedCommunity
No-code automation democratizes workflow building. Zapier and Make (formerly Integromat) let non-developers automate business processes without writing code. But no-code doesn't mean no-complexity - these platforms have their own patterns, pitfalls, and breaking points. This skill covers when to use which platform, how to build reliable automations, and when to graduate to code-based solutions. Key insight: Zapier optimizes for simplicity and integrations (7000+ apps), Make optimizes for power
24,615SKILL.mdUpdated Apr 15, 2026
davila7/yeet
tools
VerifiedTrustedCommunity
Use only when the user explicitly asks to stage, commit, push, and open a GitHub pull request in one flow using the GitHub CLI (`gh`).
24,615SKILL.mdUpdated Apr 15, 2026
davila7/workflow-automation
tools
VerifiedTrustedCommunity
Workflow automation is the infrastructure that makes AI agents reliable. Without durable execution, a network hiccup during a 10-step payment flow means lost money and angry customers. With it, workflows resume exactly where they left off. This skill covers the platforms (n8n, Temporal, Inngest) and patterns (sequential, parallel, orchestrator-worker) that turn brittle scripts into production-grade automation. Key insight: The platforms make different tradeoffs. n8n optimizes for accessibility
24,615SKILL.mdUpdated Apr 15, 2026
davila7/trigger-dev
development
VerifiedTrustedCommunity
Trigger.dev expert for background jobs, AI workflows, and reliable async execution with excellent developer experience and TypeScript-first design. Use when: trigger.dev, trigger dev, background task, ai background job, long running task.
24,615SKILL.mdUpdated Apr 15, 2026