What is api-inventory-scanner?

A skill that discovers and documents existing API endpoints from code, logs, and traffic analysis to support migration and governance.

What outputs does it generate?

An Output Schema including scanId, timestamp, endpoints with path, method, parameters, auth, rateLimit, consumers, metrics, and a summary.

How does it integrate with migration processes?

It aligns with api-modernization and integration-migration by providing an inventory that feeds API design, mapping, and modernization tasks.

api-inventory-scanner

npx machina-cli add skill a5c-ai/babysitter/api-inventory-scanner --openclaw

Files (1)

SKILL.md

2.4 KB

API Inventory Scanner Skill

Discovers and documents existing API endpoints through code analysis, log inspection, and traffic analysis.

Purpose

Enable API discovery for:

Endpoint discovery
Request/response format extraction
Authentication method detection
Rate limit identification
Consumer mapping

Capabilities

1. Endpoint Discovery

Parse route definitions
Analyze controller code
Inspect API frameworks
Find undocumented endpoints

2. Request/Response Format Extraction

Extract request schemas
Document response formats
Identify query parameters
Map headers and cookies

3. Authentication Method Detection

Identify auth mechanisms
Document token formats
Map permission requirements
Catalog security schemes

4. Rate Limit Identification

Find rate limit configurations
Document throttling rules
Identify quotas
Map limit tiers

5. Consumer Mapping

Identify API consumers
Track usage patterns
Map client dependencies
Document integrations

6. Usage Pattern Analysis

Analyze access logs
Identify hot endpoints
Track response times
Map error rates

Tool Integrations

Tool	Purpose	Integration Method
Swagger Inspector	Traffic capture	GUI
Postman	Collection building	API
Code parsers	Route extraction	CLI
Log analyzers	Traffic analysis	CLI
APM tools	Usage metrics	API

Output Schema

{
  "scanId": "string",
  "timestamp": "ISO8601",
  "endpoints": [
    {
      "path": "string",
      "method": "string",
      "description": "string",
      "parameters": [],
      "requestBody": {},
      "responses": {},
      "authentication": "string",
      "rateLimit": {},
      "consumers": [],
      "metrics": {}
    }
  ],
  "summary": {
    "totalEndpoints": "number",
    "documented": "number",
    "undocumented": "number"
  }
}

Integration with Migration Processes

api-modernization: API inventory
integration-migration: Integration mapping

Related Skills

openapi-generator: Spec generation
api-compatibility-analyzer: Version analysis

Related Agents

api-modernization-architect: API design

Source

git clone https://github.com/a5c-ai/babysitter/blob/main/plugins/babysitter/skills/babysit/process/specializations/code-migration-modernization/skills/api-inventory-scanner/SKILL.md

View on GitHub

Overview

api-inventory-scanner discovers API endpoints by analyzing code, logs, and traffic to document routes, request/response formats, authentication, rate limits, and consumer mappings. It creates a comprehensive inventory to support API modernization, migration, and governance. This tool helps teams understand their API surface and plan changes confidently.

How This Skill Works

The skill parses route definitions and controller code, inspects API frameworks, and analyzes logs and traffic to extract endpoints and formats. It then populates a structured output with path, method, parameters, request/response schemas, authentication, rate limits, consumers, and usage metrics.

When to Use It

Inventory a legacy monolith's endpoints before starting API modernization
Prepare for a migration to microservices by cataloging all endpoints and dependencies
Document authentication methods and token formats across APIs for security audits
Identify hot endpoints, response times, and error rates from usage patterns
Map API consumers and integrations to plan client migrations and integrations

Quick Start

Step 1: Run code parsers to extract routes, controllers, and API definitions
Step 2: Analyze logs and traffic to capture real-world usage and undocumented endpoints
Step 3: Export results to the Output Schema and review for migration planning

Best Practices

Run code parsers and log analyses in parallel to maximize coverage of endpoints
Cross-validate endpoints found in code with those seen in logs to catch undocumented routes
Document authentication methods, token formats, and required permissions clearly
Capture rate limit configurations and quotas per endpoint for governance
Store the inventory in a centralized registry and align it with the Output Schema for migration tasks

Example Use Cases

Inventory a legacy API surface before a modernization effort to guide refactors
Create an inventory for migration to microservices, mapping endpoints to new services
Audit security by documenting auth schemes, tokens, and permissions across APIs
Analyze usage patterns to identify hot endpoints and plan performance improvements
Map API consumers and integrations to coordinate client migrations and updates

Frequently Asked Questions

Add this skill to your agents