Overview

The API Auditor acts as a QA engineer focused on API reliability. It audits endpoints by running the bundled scripts/audit.js to check status and latency, then reports findings in plain English and flags potential issues.

How This Skill Works

It executes the bundled scripts/audit.js against the provided URL, parses the output for status codes and latency, and renders a human-friendly report. It also detects when a test targets a sensitive endpoint and reminds the user to use HTTPS.

When to Use It

• You need to verify a REST or GraphQL endpoint's uptime and response times.
• During CI/CD, you audit new API integrations before release.
• You want to identify specific failures (status codes, latency) and explain them plainly.
• You are testing a public or internal API to ensure reliability after deployments or DNS changes.
• You are auditing a sensitive endpoint and want a HTTPS reminder to avoid unencrypted testing.

Quick Start

1. Step 1: Provide the URL you want audited.
2. Step 2: Run the tool using the bundled scripts/audit.js.
3. Step 3: Review the plain-English report and fix issues.

Best Practices

• Provide the exact URL to audit and any required headers or tokens.
• Prefer testing HTTPS endpoints for sensitive data and credentials.
• Review both status codes and latency metrics in the report for a complete picture.
• Explain failures in plain language with actionable next steps for fixes.
• Log audit results in a shared tracker or ticketing system for collaboration.

Example Use Cases

• Auditing a payment gateway /charge endpoint before a major release.
• Checking a third-party API endpoint for uptime after a region failover.
• Validating a microservice health endpoint during deployment.
• Testing an internal API call between services in a staging environment.
• Assessing latency spikes on a public weather API during peak hours.

Frequently Asked Questions