From antigravity-awesome-skills
Generates production-ready OpenAPI 3.x and Swagger 2.0 specs from natural language descriptions, code, or partial specs. Activates on OpenAPI, Swagger, API schema, or endpoint documentation requests.
How this skill is triggered — by the user, by Claude, or both
Slash command
/antigravity-awesome-skills:openapi-spec-generatorThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Use this skill when you need generate complete, production-ready OpenAPI 3.x and Swagger 2.0 specifications from natural language descriptions, code, or partial specs. Use this skill whenever the user mentions OpenAPI, Swagger, API spec, REST API documentation, YAML/JSON API schema, endpoint documentation, API...
Use this skill when you need generate complete, production-ready OpenAPI 3.x and Swagger 2.0 specifications from natural language descriptions, code, or partial specs. Use this skill whenever the user mentions OpenAPI, Swagger, API spec, REST API documentation, YAML/JSON API schema, endpoint documentation, API...
Generate complete, valid OpenAPI 3.x or Swagger 2.0 specifications from descriptions, code, or partial specs.
Before writing any YAML/JSON, ask (or infer from context) the following:
| Question | Why it matters |
|---|---|
| OpenAPI 3.x or Swagger 2.0? | Different info, servers/host, components/definitions structure |
| Output format: YAML or JSON? | YAML default unless user specifies JSON |
| What does this API do? | Sets info.title, info.description, tags |
| List of endpoints (or code to extract from)? | Core paths object |
| Authentication type(s)? | securitySchemes — see reference |
| Common data models or entities? | components/schemas / definitions |
| Any existing partial spec to extend? | Merge rather than overwrite |
If the user provides code (Express routes, FastAPI, Django URLs, Spring controllers, etc.), extract endpoints automatically — do not ask what the user already told you.
Follow the structure guide for the chosen version. Always produce a complete, valid spec — never leave placeholder comments like # TODO: add schema.
openapi: "3.1.0"
info:
title: <API Title>
version: "1.0.0"
description: <Short description>
contact:
name: <Team or Author>
email: <[email protected]>
servers:
- url: https://api.example.com/v1
description: Production
- url: https://staging-api.example.com/v1
description: Staging
tags:
- name: <Tag>
description: <Tag description>
paths:
/resource:
get:
summary: List resources
operationId: listResources
tags: [<Tag>]
parameters: []
responses:
"200":
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/ResourceList"
example:
items: []
total: 0
"401":
$ref: "#/components/responses/Unauthorized"
"500":
$ref: "#/components/responses/InternalError"
security:
- BearerAuth: []
components:
schemas: {}
responses:
Unauthorized:
description: Authentication required
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
InternalError:
description: Internal server error
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
securitySchemes: {}
swagger: "2.0"
info:
title: <API Title>
version: "1.0.0"
description: <Short description>
host: api.example.com
basePath: /v1
schemes: [https]
consumes: [application/json]
produces: [application/json]
tags: []
paths: {}
definitions: {}
securityDefinitions: {}
$ref for any schema used in more than one place.example or examples on every schema and response body.required array.nullable: true (OAS 3.0) or x-nullable: true (Swagger 2.0) for optional nullable fields.format keywords: int32, int64, float, date, date-time, uuid, email, uri, byte, binary.Common schema patterns:
# Pagination wrapper
PagedResult:
type: object
required: [items, total, page, pageSize]
properties:
items:
type: array
items:
$ref: "#/components/schemas/Resource"
total:
type: integer
format: int64
example: 100
page:
type: integer
format: int32
example: 1
pageSize:
type: integer
format: int32
example: 20
# Standard error
Error:
type: object
required: [code, message]
properties:
code:
type: string
example: RESOURCE_NOT_FOUND
message:
type: string
example: The requested resource was not found.
details:
type: object
additionalProperties: true
# Timestamps mixin (use allOf)
Timestamps:
type: object
properties:
createdAt:
type: string
format: date-time
updatedAt:
type: string
format: date-time
Read reference/security-schemes.md for detailed patterns. Quick reference:
| Scheme | OAS 3.x type | Notes |
|---|---|---|
| Bearer JWT | http, scheme bearer | Most common for REST APIs |
| API Key (header) | apiKey, in header | e.g. X-API-Key |
| API Key (query) | apiKey, in query | Avoid — leaks in logs |
| OAuth 2 | oauth2 | Use flows to define grant types |
| Basic Auth | http, scheme basic | Only over HTTPS |
| OpenID Connect | openIdConnect | Provide openIdConnectUrl |
Apply security globally at the root and override per-operation only where it differs (e.g., public endpoints use security: []).
Path parameters — always required: true:
parameters:
- name: userId
in: path
required: true
schema:
type: string
format: uuid
example: 123e4567-e89b-12d3-a456-426614174000
Query parameters — document defaults and enums:
- name: status
in: query
schema:
type: string
enum: [active, inactive, pending]
default: active
Headers — include X-Request-ID, correlation IDs, etc. as common parameters defined under components/parameters.
Always include at minimum:
| Code | When |
|---|---|
200 | Successful GET, PUT, PATCH |
201 | Successful POST that creates a resource |
204 | Successful DELETE (no body) |
400 | Validation / bad request |
401 | Missing or invalid auth |
403 | Authenticated but not authorized |
404 | Resource not found |
409 | Conflict (duplicate, state mismatch) |
422 | Unprocessable entity (semantic errors) |
429 | Rate limited |
500 | Internal server error |
Use $ref to components/responses for 401, 403, 404, 429, 500 to avoid repetition.
Before delivering the spec, verify:
openapi or swagger version field presentoperationId (camelCase, unique)200/201/204 response4xx and 5xx responses defined for all operations$ref targets exist in components/ or definitions/required array for all request/response bodiesexample per schema or response bodycomponents/schemas is referenced)yaml or json..yaml / .json fileWhen the user provides source code, extract:
Express / Koa / Fastify (Node.js)
.get(), .post(), .put(), .patch(), .delete() calls:param → path parameter {param}authenticate → note security requirementreq.body, req.query, req.params usage → infer request schemaFastAPI / Flask (Python)
@app.get(), @router.post(), etc.Query(), Path(), Body() → map to parameter locationSpring Boot (Java)
@GetMapping, @PostMapping, etc.@PathVariable, @RequestParam, @RequestBodyDjango REST Framework
ViewSet and Router → CRUD endpointsSerializer fields → schema propertiesRails
routes.rb resource routes → standard REST endpointsreference/security-schemes.md — Detailed security scheme examples for all auth typesreference/common-patterns.md — Pagination, HATEOAS, problem+json, webhooks, file upload patternsRead these when the user asks about a specific pattern or when generating complex auth/pagination setups.
Once the OpenAPI/Swagger Specification output is delivered, ask the user:
"Would you like me to generate API test cases for this design? (yes/no)"
If the user says yes:
If the user says no:
npx claudepluginhub deco31416/antigravity-awesome-skills --plugin antigravity-awesome-skills3plugins reuse this skill
First indexed Jul 2, 2026
Generates production-ready OpenAPI 3.x and Swagger 2.0 specs from natural language descriptions, code, or partial specs. Activates on OpenAPI, Swagger, API schema, or endpoint documentation requests.
Generates OpenAPI 3.0+ specs from existing API code, enhances with schemas/examples/errors, creates interactive docs/SDKs, and validates compliance.
Generates and maintains OpenAPI 3.1 specs from code or design-first, validates API implementations, and generates SDKs.