indrasvat/api-compat
skills/api-compat/SKILL.md
Detect breaking changes in APIs — protobuf, OpenAPI/Swagger, GraphQL schemas, or Go exported interfaces. Use when the user says "API compat", "breaking changes", "check API compatibility", "proto breaking", "schema breaking", "is this breaking", "backward compatible", "API diff", "contract check", or when API definition files have been modified.
$ install --global
skillsauthnpx skillsauth add indrasvat/claude-code-skills api-compatInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 23, 2026, 8:11 AM106.7s1 file scanned
SKILL.md
- name:
- api-compat
- description:
- >
- allowed-tools:
- Bash, Read, Grep, Glob
- argument-hint:
- [api-definition-file]
API Compatibility Check
Detect breaking changes in API definitions. Read-only analysis, safe to re-run.
1. Prerequisites
Check for specialized tools via command -v: buf (protobuf), oasdiff (OpenAPI). Report availability. If missing, fall back to manual git-diff analysis and note which tool would improve accuracy.
2. Scope
If $ARGUMENTS names specific files, analyze only those. Otherwise, find API files changed since base branch using git diff --name-only $(git merge-base HEAD main). Detect by pattern:
| Pattern | Type |
|---------|------|
| *.proto | Protobuf |
| openapi.yaml, swagger.json, *.openapi.*, *.swagger.* | OpenAPI |
| *.graphql, *.gql | GraphQL |
| *.go with exported types changed | Go exported API |
Stop with a clear message if no API files are found in scope.
3. Baseline
Compute and print the merge-base: git merge-base HEAD main. For each file in scope, diff working tree against that baseline using git diff <merge-base> -- <file>.
4. Analysis by Type
Protobuf
If buf is available, run buf breaking --against .git#ref=<merge-base>. Otherwise, manually inspect diffs for:
- BREAKING: field number reuse, field removal, type change, adding required fields
- SAFE: new optional field, new enum value with no renumbering
OpenAPI
If oasdiff is available, run oasdiff breaking <base-file> <current-file>. Otherwise, manually inspect diffs for:
- BREAKING: removed endpoint, changed HTTP method, removed parameter, new required parameter, response schema narrowing
- SAFE: new optional parameter, new endpoint, added response fields
GraphQL
Manually inspect diffs for:
- BREAKING: removed type/field, changed return type, new required argument, removed enum value
- SAFE: new optional field/argument, new type, new enum value
Go Exported API
Manually inspect diffs for:
- BREAKING: removed exported symbol, changed function signature, changed interface method set, changed struct field types
- SAFE: new exported symbol, new method on concrete type
5. Output
Print a summary line first: total changes found, how many breaking. Then print a compatibility report table:
| Change | File:Line | Type | Severity |
Severity values: BREAKING, WARN, SAFE. Use WARN when a change is technically non-breaking but likely to cause client issues (e.g., deprecating a widely-used field, adding an enum value to a closed enum).
6. Idempotency
Read-only. No files created, modified, or deleted. Safe to re-run at any time.
$ARGUMENTS
Related Skills
indrasvat/triage-pr
development
VerifiedTrustedCommunity
Fetch, categorize, and address PR review comments in priority order. Classifies each comment as BLOCKER, QUESTION, SUGGESTION, or NITPICK and works through blockers first. Use when the user says "address PR comments", "fix review feedback", "respond to PR", "handle review comments", "triage PR", "what does the reviewer want", "address feedback", "PR comments", "review feedback", or needs to work through pull request review comments systematically.
3SKILL.mdUpdated May 23, 2026
indrasvat/ship-pr
testing
VerifiedTrustedCommunity
Create a pull request with a standards compliance review gate. Reviews the diff against CLAUDE.md and repo conventions before creating the PR, stopping on discrepancies. Supports tiered PR templates (small, standard, complex). Use when the user says "create PR", "open PR", "ship it", "ship PR", "make a pull request", "push and PR", "ready for review", "send for review", "create a pull request", or wants to create a GitHub pull request from the current branch.
3SKILL.mdUpdated May 23, 2026
indrasvat/rollout-check
testing
VerifiedTrustedCommunity
Verify Kubernetes deployment health — pod status, rollout progress, events, readiness, HPA state, and recent errors. Use when the user says "check rollout", "is deploy healthy", "rollout status", "deployment health", "pod status", "check pods", "why is deploy failing", "k8s health", "verify deployment", "are pods ready", "check deployment", or wants to verify a Kubernetes deployment is healthy after a rollout.
3SKILL.mdUpdated May 23, 2026
indrasvat/prd-generator
documentation
VerifiedTrustedCommunity
Generate comprehensive Product Requirements Documents with interactive discovery, progress tracking, and True Ralph Loop support for autonomous implementation. Use when user wants to (1) create a PRD for a new project/feature, (2) implement a PRD autonomously with fresh Claude sessions, (3) track implementation progress, (4) recover context after session loss. Creates docs/PRD.md and docs/PROGRESS.md.
3SKILL.mdUpdated May 23, 2026