api-contract-testing

Verifies API contracts using consumer-driven contracts and schema validation, ensuring reliable microservices communication.

Install this skill

87/100

Security score

The api-contract-testing skill was audited on Feb 28, 2026 and we found 5 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 46

Template literal with variable interpolation in command context

SourceSKILL.md

46	const response = await fetch(`${mockServer.url}/users/123`);

medium line 63

Template literal with variable interpolation in command context

SourceSKILL.md

63	const response = await fetch(`${mockServer.url}/users/999`);

low line 78

Access to .env file

SourceSKILL.md

78	pactBrokerUrl: process.env.PACT_BROKER_URL,

low line 80

Access to .env file

SourceSKILL.md

80	providerVersion: process.env.GIT_SHA,

low line 77

External URL reference

SourceSKILL.md

77	providerBaseUrl: 'http://localhost:3000',

Scanned on Feb 28, 2026

View Security Dashboard

Install this skill with one command

/learn @secondsky/api-contract-testing

GitHub Stars 73

Rate this skill

Categorydevelopment

UpdatedMarch 29, 2026

openclaw api testing backend backend-developer qa-engineer devops-sre data-engineer product-manager development product

secondsky/claude-skills