Why validate inputs with JSON Schema before processing?

To avoid processing malformed or unexpected structures and catch contract violations early.

How should I handle dates and IDs?

Use ISO 8601 strings with timezone (or Z for UTC); large IDs should be stored as strings to prevent precision loss.

What should I include in API error responses?

Structured errors with code, message, and field, plus a request_id for debugging and tracing.

JSON

Verified

@ivangdavila

npx machina-cli add skill @ivangdavila/json --openclaw

Files (1)

SKILL.md

2.9 KB

Schema & Validation

Always validate against JSON Schema before processing untrusted input—don't assume structure
Define schemas for API responses—catches contract violations early
Use additionalProperties: false to reject unknown fields in strict contexts

Naming & Consistency

Pick one convention and stick to it—camelCase for JS ecosystems, snake_case for Python/Ruby
Avoid mixed conventions in same payload—userId alongside user_name confuses consumers
Use plural for collections: "users": [] not "user": []

Null Handling

Distinguish "field is null" from "field is absent"—they mean different things
Omit optional fields entirely rather than sending null—reduces payload, clearer intent
Document which fields are nullable in schema—don't surprise consumers

Dates & Times

Always use ISO 8601: "2024-01-15T14:30:00Z"—no ambiguous formats like "01/15/24"
Include timezone or use UTC with Z suffix—local times without zone are useless
Timestamps as strings, not epoch integers—human-readable, no precision loss

Numbers & IDs

Large IDs as strings: "id": "9007199254740993"—JavaScript loses precision above 2^53
Money as string or integer cents—never float: "price": "19.99" or "price_cents": 1999
Avoid floats for anything requiring exactness—currency, coordinates with precision

Structure Best Practices

Keep nesting shallow—3 levels max; flatten or split into related endpoints
Consistent envelope for APIs: {"data": ..., "meta": ..., "errors": ...}
Paginate large arrays—never return unbounded lists; include next/prev links or cursor

API Response Patterns

Errors as structured objects: {"code": "INVALID_EMAIL", "message": "...", "field": "email"}
Include request ID in responses for debugging: "request_id": "abc-123"
Return created/updated resource in response—saves client a follow-up GET

Serialization

toJSON() method silently overrides output—Date becomes string, custom classes may surprise
Map, Set, BigInt don't serialize—need custom replacer function
Circular references throw—detect cycles before stringify or use libraries like flatted
Strip sensitive data before serializing—don't rely on client to ignore extra fields

Parsing Safety

__proto__ key can pollute prototypes—sanitize input or use Object.create(null)
Parse in try/catch—malformed JSON from external sources is common
Reviver function for type reconstruction: dates, BigInt, custom types

Unicode

Emoji need surrogate pairs in escapes: 😀 = \uD83D\uDE00—single \u1F600 invalid
Control chars U+0000–U+001F must be escaped—pasted text may contain invisible ones
BOM at file start breaks parsing—strip \uFEFF from file input

Source

git clone https://clawhub.ai/ivangdavila/jsonView on GitHub

Overview

Learn to design, validate, and serialize JSON data for robust APIs. The skill covers using JSON Schema, consistent naming, proper null handling, and safe parsing to avoid common JSON pitfalls. It also encompasses numeric handling, dates, and Unicode safety.

How This Skill Works

Inputs and outputs are validated against JSON Schema prior to processing to catch contract violations. Use a consistent naming convention and a standard envelope with data, meta, and errors, along with pagination for large lists. During serialization and parsing, respect safe practices: format dates as ISO 8601 strings, store IDs and monetary values appropriately, and guard against prototype pollution.

When to Use It

Validating untrusted JSON inputs with JSON Schema before processing
Designing API responses using a consistent envelope ({data, meta, errors}) and pagination
Handling large IDs and monetary values to avoid precision loss (strings or cents)
Enforcing a single naming convention and disciplined field naming
Parsing and serializing JSON safely to prevent prototype pollution and errors

Quick Start

Step 1: Define and enforce JSON Schema for inputs and API responses.
Step 2: Apply a single naming convention, enforce envelope structure, and paginate large arrays.
Step 3: Implement safe serialization/parsing (ensure proper toJSON handling, try/catch during parsing, and prototype pollution safeguards).

Best Practices

Validate inputs/outputs against JSON Schema for every endpoint
Adopt a single naming convention (camelCase or snake_case) and avoid mixing conventions
Distinguish null from missing fields and omit optional data when absent
Use ISO 8601 timestamps with timezone (UTC) for all dates
Store precise values as strings or integer cents; avoid floats for money

Example Use Cases

An API response uses the envelope { data, meta, errors } and paginates results.
Errors are structured objects like { code, message, field } and include a request_id.
Monetary values are sent as strings or integer cents to avoid precision loss.
Timestamps are ISO 8601 strings with a Z suffix for UTC times.
Inputs are sanitized for __proto__ and prototypes to prevent pollution.

Frequently Asked Questions

Add this skill to your agents