edercnj/x-test-contract
java/src/main/resources/targets/claude/skills/conditional/test/x-test-contract/SKILL.md
Runs consumer-driven contract tests (Pact, Spring Cloud Contract) to verify API compatibility between services.
development
Updated Apr 21, 2026
$ install --global
skillsauthnpx skillsauth add edercnj/ia-dev-environment x-test-contractInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 21, 2026, 8:50 AM53.6s2 files scanned
SKILL.md
- name:
- x-test-contract
- description:
- Runs consumer-driven contract tests (Pact, Spring Cloud Contract) to verify API compatibility between services.
- user-invocable:
- true
- allowed-tools:
- Read, Write, Edit, Bash, Grep, Glob
- argument-hint:
- [--provider | --consumer | --all]
Global Output Policy
- Language: English ONLY.
- Tone: Technical, Direct, and Concise.
- Efficiency: Remove all conversational fillers and greetings to save tokens.
Skill: Contract Tests
Purpose
Run consumer-driven contract tests to verify API compatibility between services. Support both consumer-side (pact generation) and provider-side (pact verification) workflows using Pact or Spring Cloud Contract.
Activation Condition
Include this skill when testing.contract_tests == true in the project configuration.
Triggers
/x-test-contract --consumer-- generate pact files from consumer tests/x-test-contract --provider-- verify provider against published pacts/x-test-contract --all-- run both consumer generation and provider verification
Parameters
| Parameter | Type | Required | Default | Description |
|-----------|------|----------|---------|-------------|
| --consumer | Flag | No | false | Generate pact files from consumer tests |
| --provider | Flag | No | false | Verify provider against published pacts |
| --all | Flag | No | false | Run both consumer generation and provider verification |
Prerequisites
- Contract testing framework installed:
- Java: Pact JVM or Spring Cloud Contract
- TypeScript: Pact JS
- Python: Pact Python
- Go: Pact Go
- Consumer and/or provider test files exist
- Build tool configured for contract test execution
Workflow
Step 1 — Verify Framework
Check contract testing framework installed:
- Scan build file for Pact/Spring Cloud Contract dependencies
- Verify framework version compatibility
Step 2 — Determine Mode
Based on argument:
--consumer: generate pact files--provider: verify against pacts--all: both in sequence- (none): show usage/help
Step 3 — Run Consumer Tests
- Discover consumer test files (scan for
@PactTest,Pact,pact.describe) - Run consumer tests: generate pact files (JSON contracts)
- Verify pact files generated in
target/pacts/orpacts/directory - Validate pact content: interactions defined, request/response match expectations
Step 4 — Run Provider Verification
- Discover provider verification configuration
- Start provider application (or use test server)
- Run provider verification against published pacts
- Report: which interactions passed/failed
- Publish verification results (if pact broker configured)
Step 5 — Report Results
Generate structured output:
## Contract Test Results — [Mode: Consumer/Provider]
### Summary
- Interactions tested: [N]
- Passed: [N]
- Failed: [N]
### Failed Interactions
1. [Consumer -> Provider: interaction description, expected vs actual]
### Checklist Results
[Items that passed / failed / not applicable]
### Verdict: PASS / FAIL
Contract Checklist (10 points)
- Consumer defines explicit expectations (request headers, body, status code)
- Provider states defined for each interaction (setup test data)
- Pact files versioned and published to broker (or committed to repo)
- Provider verification runs in CI pipeline
- Breaking changes detected before deployment
- Contract covers happy path AND error responses
- Contract includes required headers (Content-Type, Authorization pattern)
- No sensitive data in pact files (use example data)
- Consumer version tagged (branch, commit SHA)
- Can-I-Deploy check integrated in CI (if using Pact Broker)
Error Handling
| Scenario | Action | |----------|--------| | Contract framework not installed | Report missing dependency with install instructions for the detected language | | Consumer-provider interaction fails | Report failed interactions with expected vs actual details | | Pact broker unreachable | Warn and continue with local pact files | | Sensitive data detected in pact files | FAIL with file location and remediation guidance |
Rules
- FAIL if any consumer-provider interaction verification fails
- FAIL if pact files contain sensitive data
- Warn if pact broker not configured (local-only contracts are fragile)
- Warn if provider states not defined (tests may pass with wrong data)
- Verify both happy path and error scenarios are covered
Related Skills
edercnj/x-validate-docs
development
VerifiedTrustedCommunity
Documentation freshness gate: validates 6 dimensions (readme, api, adr, etc.) per PR.
SKILL.mdUpdated Jun 10, 2026
edercnj/x-validate-dependency-policy
testing
VerifiedTrustedCommunity
Conditional dep-policy gate: CVEs, licenses, versions, freshness; SARIF + report.
SKILL.mdUpdated Jun 10, 2026
edercnj/x-update-architecture
documentation
VerifiedTrustedCommunity
Incrementally updates the service or system architecture document; never regenerative.
SKILL.mdUpdated Jun 10, 2026
edercnj/x-scan-secrets
development
VerifiedTrustedCommunity
Scans code and git history for leaked credentials, API keys, and tokens; SARIF output.
SKILL.mdUpdated Jun 10, 2026