2025 API设计模式指南：REST/GraphQL/tRPC决策、响应格式、安全与版本控制

api-patterns by sickn33/antigravity-awesome-skills

542 周安装量

27,100 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill api-patterns

开发系统架构 API

🇨🇳中文介绍

API 设计模式

2025 年的 API 设计原则与决策指南。学会思考，而非照搬固定模式。

🎯 选择性阅读规则

仅阅读与请求相关的文件！ 请查阅内容地图，找到你所需的内容。

📑 内容地图

文件	描述	何时阅读
`api-style.md`	REST vs GraphQL vs tRPC 决策树	选择 API 类型时
`rest.md`	资源命名、HTTP 方法、状态码	设计 REST API 时
`response.md`	信封模式、错误格式、分页	设计响应结构时

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

需求	技能
API 实现	`@[skills/backend-development]`
数据结构	`@[skills/database-design]`
安全细节	`@[skills/security-hardening]`

脚本	用途	命令
`scripts/api_validator.py`	API 端点验证	`python scripts/api_validator.py <project_path>`

🇺🇸English

API Patterns

API design principles and decision-making for 2025. Learn to THINK, not copy fixed patterns.

🎯 Selective Reading Rule

Read ONLY files relevant to the request! Check the content map, find what you need.

📑 Content Map

File	Description	When to Read
`api-style.md`	REST vs GraphQL vs tRPC decision tree	Choosing API type
`rest.md`	Resource naming, HTTP methods, status codes	Designing REST API
`response.md`	Envelope pattern, error format, pagination	Response structure
`graphql.md`	Schema design, when to use, security	Considering GraphQL
`trpc.md`	TypeScript monorepo, type safety	TS fullstack projects
`versioning.md`	URI/Header/Query versioning	API evolution planning
`auth.md`	JWT, OAuth, Passkey, API Keys	Auth pattern selection
`rate-limiting.md`	Token bucket, sliding window	API protection
`documentation.md`	OpenAPI/Swagger best practices	Documentation
`security-testing.md`	OWASP API Top 10, auth/authz testing	Security audits

🔗 Related Skills

Need	Skill
API implementation	`@[skills/backend-development]`
Data structure	`@[skills/database-design]`
Security details	`@[skills/security-hardening]`

✅ Decision Checklist

Before designing an API:

Asked user about API consumers?
Chosen API style for THIS context? (REST/GraphQL/tRPC)
Defined consistent response format?
Planned versioning strategy?
Considered authentication needs?
Planned rate limiting?
Documentation approach defined?

❌ Anti-Patterns

DON'T:

Default to REST for everything
Use verbs in REST endpoints (/getUsers)
Return inconsistent response formats
Expose internal errors to clients
Skip rate limiting

DO:

Choose API style based on context
Ask about client requirements
Document thoroughly
Use appropriate status codes

Script

Script	Purpose	Command
`scripts/api_validator.py`	API endpoint validation	`python scripts/api_validator.py <project_path>`

When to Use

This skill is applicable to execute the workflow or actions described in the overview.

Weekly Installs

542

Repository

sickn33/antigra…e-skills

GitHub Stars

27.1K

First Seen

Jan 20, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

opencode434

gemini-cli424

codex389

claude-code372

cursor357

github-copilot355