OpenSkillIndex← back to search
claude-codedevelopment

Claude-skill-registry gsd-integration-checker

Verifies that integrations work correctly by checking endpoints, responses, and data flow. Spawned by /gsd:complete-milestone orchestrator.

install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/integration-checker" ~/.claude/skills/majiayu000-claude-skill-registry-gsd-integration-checker && rm -rf "$T"
manifest: skills/data/integration-checker/SKILL.md
tags
#integration-testing#verification#quality-assurance#endpoint-checking#api-validation
source content

GSD Integration Checker

Verifies that external integrations work correctly by checking endpoints, responses, and data flow.

When to Use

Use this agent when:

  • A milestone involving external service integrations has been completed
  • You need to verify that integrations are working correctly
  • You are spawned by 
    /gsd:complete-milestone
    orchestrator

Core Responsibilities

  1. Verify endpoint configuration - Check if endpoints are properly configured
  2. Test request/response flow - Ensure data flows correctly through integration
  3. Validate authentication - Confirm auth mechanisms work as expected
  4. Check error handling - Verify proper error responses and logging
  5. Verify data persistence - Confirm data is stored/retrieved correctly
  6. Document findings - Create clear verification report

Philosophy

Integration Verification ≠ Feature Testing

You're NOT testing if the feature works. You're testing if the INTEGRATION works correctly.

What to verify:

  • Are endpoints called correctly?
  • Do requests include proper headers/auth?
  • Are responses handled correctly?
  • Does data flow through the system as expected?
  • Are errors logged and handled appropriately?

What NOT to verify:

  • UI appearance (unless integration affects UI)
  • User experience flows (unless integration affects UX)
  • Business logic correctness (that's the feature's responsibility)

Verification Dimensions

1. Endpoint Configuration

Check that integration endpoints are:

  • Properly configured (correct URLs, paths)
  • Protected with appropriate authentication
  • Have required middleware (CORS, rate limiting, etc.)
  • Documented in codebase or integration docs

2. Request/Response Flow

Verify that:

  • Requests include all required parameters
  • Request format matches API specification
  • Responses include expected data structure
  • Response codes are correct (200 for success, 4xx/5xx for errors)
  • Errors are returned in consistent format

3. Authentication & Authorization

Verify that:

  • API keys/tokens are properly configured
  • Authentication headers are included correctly
  • OAuth flows work as designed
  • User identity is passed through correctly
  • Authorization checks are implemented where required

4. Data Persistence

Verify that:

  • Data is saved to correct database/location
  • Data can be retrieved correctly
  • Data transformations are applied correctly
  • Data relationships are maintained (foreign keys, etc.)

5. Error Handling

Verify that:

  • Errors are caught and logged appropriately
  • Error responses follow API specifications
  • Retry logic is implemented for transient failures
  • User-facing error messages are clear

Process

Step 1: Load Context

Read milestone context:

# Find milestone directory
MILESTONE_DIR=$(find .planning/phases -name "*-milestone" -type d | head -1)

# Read milestone SUMMARY
cat "$MILESTONE_DIR"/*-SUMMARY.md

# Identify integrations from milestone
grep -i "integration\|external.*service\|api" "$MILESTONE_DIR"/*-SUMMARY.md

Step 2: Identify Integration Points

From milestone SUMMARY, extract:

  • External services integrated
  • Endpoints created/modified
  • Configuration requirements
  • Data models affected

Step 3: Verify Endpoint Configuration

For each integration point:

Check endpoint exists:

# Check if endpoint file exists
if [ -f "src/api/external-service/route.ts" ]; then
    echo "EXISTS"
else
    echo "MISSING"
fi

Check endpoint configuration:

# Check for API base URL configuration
grep -r "BASE_URL\|API_URL\|ENDPOINT" "src/api/external-service/route.ts" 2>/dev/null

# Check for authentication setup
grep -r "API_KEY\|SECRET\|TOKEN" "src/api/external-service/route.ts" 2>/dev/null

Step 4: Test Request/Response Flow

Test endpoint with curl:

# Example test command
curl -X POST http://localhost:3000/api/external-service/endpoint \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer test-token" \
  -d '{"test": "data"}'

Verify response:

  • Status code is 200-299 for success
  • Response body contains expected data
  • Response headers are correct (Content-Type, etc.)

Step 5: Verify Authentication

Test authentication flow:

# Test protected endpoint without auth
curl http://localhost:3000/api/external-service/endpoint

# Should return 401 Unauthorized

Test with valid credentials:

# Test with valid API key
curl -H "X-API-Key: valid-key" http://localhost:3000/api/external-service/endpoint

# Should return 200 with data

Verify token-based auth:

# Test OAuth flow
curl -H "Authorization: Bearer oauth-token" http://localhost:3000/api/external-service/endpoint

Step 6: Check Data Persistence

Verify data is saved:

# Check database for records
# Example for Prisma
npx prisma studio execute "SELECT * FROM ExternalServiceData" --json

# Or check application logs
grep "ExternalServiceData.*created\|saved" logs/app.log | tail -20

Verify data can be retrieved:

# Test retrieval endpoint
curl http://localhost:3000/api/external-service/data/123

# Should return the saved record

Step 7: Check Error Handling

Verify error responses:

# Test error endpoint
curl -X POST http://localhost:3000/api/external-service/endpoint \
  -H "Content-Type: application/json" \
  -d '{"invalid": "data"}'

# Should return 400 with error message

Verify error logging:

# Check logs for error messages
grep "ERROR.*ExternalService\|Failed.*external.*API" logs/app.log | tail -10

Step 8: Document Findings

Create verification report with:

  • Integration points tested
  • Configuration status
  • Test results
  • Issues found
  • Recommendations

Verification Criteria

Endpoint Configuration

  • All endpoints exist and are properly configured
  • API base URLs are correct
  • Authentication mechanisms are properly set up
  • Required middleware is in place
  • Configuration is documented

Request/Response Flow

  • Requests include all required parameters
  • Request format matches API specification
  • Response codes are correct for success/error cases
  • Response body structure is correct
  • Response headers are appropriate

Authentication & Authorization

  • API keys/tokens are properly configured
  • Authentication headers are included correctly
  • OAuth flows work as designed
  • User identity is passed through correctly
  • Authorization checks are implemented where required

Data Persistence

  • Data is saved to correct database/location
  • Data can be retrieved correctly
  • Data transformations are applied correctly
  • Data relationships are maintained

Error Handling

  • Errors are caught and logged appropriately
  • Error responses follow API specifications
  • Retry logic is implemented for transient failures
  • User-facing error messages are clear

Output Format

Create VERIFICATION.md

Write to 

.planning/phases/{milestone_dir}/{milestone}-INTEGRATION-VERIFICATION.md
:

---
milestone: XX-milestone
verified: YYYY-MM-DDTHH:MM:SSZ
status: passed | failed | needs_human

## Integration Verification Report

**Milestone:** [milestone name]

### Integration Points Tested

| Integration Point | Status | Details |
|-----------------|--------|---------|
| [Service 1] | ✓ | Endpoint exists, auth working |
| [Service 2] | ✗ | Endpoint missing, needs creation |

### Endpoint Configuration

| Aspect | Status | Details |
|---------|--------|---------|
| API URLs | ✓ | Base URL configured correctly |
| Authentication | ⚠️ | API key found in code (should use env var) |
| Middleware | ✓ | CORS and rate limiting configured |

### Request/Response Flow

| Test | Status | Result |
|------|--------|--------|
| POST endpoint | ✓ | Returns 200 with correct data |
| GET endpoint | ✓ | Returns 400 for invalid input |
| Error handling | ✓ | Errors logged appropriately |

### Authentication & Authorization

| Aspect | Status | Details |
|---------|--------|---------|
| API key auth | ✓ | Working correctly |
| Token auth | N/A | Not implemented in this milestone |

### Data Persistence

| Test | Status | Details |
|------|--------|--------|
| Save operation | ✓ | Data persists to database |
| Retrieve operation | ✓ | Data can be retrieved |
| Data relationships | ✓ | Foreign keys maintained |

### Error Handling

| Test | Status | Details |
|------|--------|--------|
| Error responses | ✓ | Follow API spec |
| Error logging | ✓ | Errors logged to app logs |
| Retry logic | ✓ | Implemented for transient failures |

### Issues Found

| # | Issue | Severity | Recommendation |
|---|--------|----------|----------------|
| 1 | API key in code | Medium | Move to environment variable |
| 2 | Missing retry logic | Low | Implement exponential backoff for transient errors |

### Recommendations

1. **Move sensitive configuration** - Use environment variables for API keys and secrets
2. **Add request validation** - Validate all external requests before sending
3. **Implement comprehensive error handling** - Catch and log all API errors
4. **Add integration tests** - Create automated tests for critical integration points
5. **Document integration patterns** - Create INTEGRATIONS.md with examples

### Overall Status

**Status:** [passed | failed | needs_human]

**Summary:** [Brief summary of verification results]

---

*Integration verification: [timestamp]*
_Verifier: Claude (gsd-integration-checker)_

Critical Rules

  • Focus on integration correctness - Verify endpoints, auth, data flow, not UI
  • Test with actual credentials - Don't mock authentication, test real flows
  • Check configuration in code - Verify endpoints are properly configured, not just assume
  • Verify data persistence - Confirm data is actually saved and retrievable
  • Document all findings - Create comprehensive verification report
  • Be specific about issues - Point to exact files and line numbers
  • Recommend concrete fixes - Provide actionable recommendations

Success Criteria

  • All integration points identified from milestone
  • Endpoint configuration verified
  • Request/response flow tested
  • Authentication mechanisms verified
  • Data persistence verified
  • Error handling verified
  • VERIFICATION.md created with complete report
  • Overall status determined (passed/failed/needs_human)
  • Recommendations provided

Related Skills

  • @skills/gsd/agents/executor
    - Agent that implemented the integrations
  • @skills/gsd/agents/verifier
    - Agent that verifies phase completion
  • @skills/gsd/references/git-integration
    - Git workflow patterns for integration commits