agentic-qe 1.9.4 → 2.1.0

package/.claude/skills/api-testing-patterns/SKILL.md

@@ -1,42 +1,92 @@
 ---
 name: api-testing-patterns
-description: Apply comprehensive API testing patterns including contract testing, REST/GraphQL testing, and integration testing. Use when testing APIs, microservices, or designing API test strategies.
+description: "Comprehensive API testing patterns including contract testing, REST/GraphQL testing, and integration testing. Use when testing APIs or designing API test strategies."
+category: testing-methodologies
+priority: high
+tokenEstimate: 1200
+agents: [qe-api-contract-validator, qe-test-generator, qe-performance-tester, qe-security-scanner]
+implementation_status: optimized
+optimization_version: 1.0
+last_optimized: 2025-12-02
+dependencies: []
+quick_reference_card: true
+tags: [api, rest, graphql, contract-testing, pact, integration, microservices]
 ---
 
 # API Testing Patterns
 
-## Core Principles
+<default_to_action>
+When testing APIs or designing API test strategy:
+1. IDENTIFY testing level: contract, integration, or component
+2. TEST the contract, not implementation (consumer perspective)
+3. VALIDATE auth, input, errors, idempotency, concurrency
+4. AUTOMATE in CI/CD with schema validation
+5. MONITOR production APIs for contract drift
+
+**Quick Pattern Selection:**
+- Microservices → Consumer-driven contracts (Pact)
+- REST APIs → CRUD + pagination + filtering tests
+- GraphQL → Query validation + complexity limits
+- External deps → Mock with component testing
+- Performance → Load test critical endpoints
+
+**Critical Success Factors:**
+- APIs are contracts - test from consumer perspective
+- Always test error scenarios, not just happy paths
+- Version your API tests to prevent breaking changes
+</default_to_action>
+
+## Quick Reference Card
+
+### When to Use
+- Testing REST or GraphQL APIs
+- Validating microservice contracts
+- Designing API test strategies
+- Preventing breaking API changes
+
+### Testing Levels
+| Level | Purpose | Dependencies | Speed |
+|-------|---------|--------------|-------|
+| Contract | Provider-consumer agreement | None | Fast |
+| Component | API in isolation | Mocked | Fast |
+| Integration | Real dependencies | Database, services | Slower |
+
+### Critical Test Scenarios
+| Scenario | Must Test | Example |
+|----------|----------|---------|
+| Auth | 401/403 handling | Expired token, wrong user |
+| Input | 400 validation | Missing fields, wrong types |
+| Errors | 500 graceful handling | DB down, timeout |
+| Idempotency | Duplicate prevention | Same idempotency key |
+| Concurrency | Race conditions | Parallel checkout |
+
+### Tools
+- **Contract**: Pact, Spring Cloud Contract
+- **REST**: Supertest, REST-assured, Playwright
+- **Load**: k6, Artillery, JMeter
+
+### Agent Coordination
+- `qe-api-contract-validator`: Validate contracts, detect breaking changes
+- `qe-test-generator`: Generate tests from OpenAPI spec
+- `qe-performance-tester`: Load test endpoints
+- `qe-security-scanner`: API security testing
 
-APIs are contracts. Test the contract, not the implementation. Focus on behavior from the consumer's perspective, not the provider's internals.
-
-## Testing Levels
-
-### 1. Contract Testing
+---
 
-**Purpose:** Verify API provider and consumer agree on the contract.
+## Contract Testing
 
 **Pattern: Consumer-Driven Contracts**
 ```javascript
 // Consumer defines expectations
-const expectedContract = {
-  request: {
-    method: 'POST',
-    path: '/orders',
-    body: { productId: 'abc', quantity: 2 }
-  },
-  response: {
-    status: 201,
-    body: { orderId: 'string', total: 'number' }
-  }
+const contract = {
+  request: { method: 'POST', path: '/orders', body: { productId: 'abc', quantity: 2 } },
+  response: { status: 201, body: { orderId: 'string', total: 'number' } }
 };
 
-// Provider must fulfill this contract
-test('order API meets consumer contract', async () => {
-  const response = await api.post('/orders', {
-    productId: 'abc',
-    quantity: 2
-  });
-  
+// Provider must fulfill
+test('order API meets contract', async () => {
+  const response = await api.post('/orders', { productId: 'abc', quantity: 2 });
+
   expect(response.status).toBe(201);
   expect(response.body).toMatchSchema({
     orderId: expect.any(String),
@@ -45,534 +95,180 @@ test('order API meets consumer contract', async () => {
 });
 ```
 
-**Tools:** Pact, Spring Cloud Contract
+**When:** Microservices, distributed systems, third-party integrations
 
-**When to use:** Microservices, distributed systems, third-party integrations
-
-### 2. Integration Testing
+---
 
-**Purpose:** Verify API works with real dependencies (database, external services).
+## Critical Test Patterns
 
-**Pattern: Test with Real Dependencies**
+### Authentication & Authorization
 ```javascript
-describe('Order API integration', () => {
-  beforeEach(async () => {
-    await db.migrate();
-    await db.seed();
-  });
-  
-  afterEach(async () => {
-    await db.rollback();
+describe('Auth', () => {
+  it('rejects without token', async () => {
+    expect((await api.get('/orders')).status).toBe(401);
   });
-  
-  it('creates order and updates inventory', async () => {
-    const response = await api.post('/orders', {
-      productId: 'product-123',
-      quantity: 2
-    });
-    
-    expect(response.status).toBe(201);
-    
-    // Verify side effects
-    const inventory = await db.inventory.findById('product-123');
-    expect(inventory.quantity).toBe(8); // Was 10, now 8
-  });
-});
-```
-
-**When to use:** Testing business logic that spans multiple components
 
-### 3. Component Testing
-
-**Purpose:** Test API in isolation with mocked dependencies.
-
-**Pattern: Mock External Dependencies**
-```javascript
-describe('Order API component', () => {
-  it('handles payment service timeout', async () => {
-    const paymentService = mockPaymentService({
-      charge: () => { throw new TimeoutError(); }
-    });
-    
-    const api = createAPI({ paymentService });
-    const response = await api.post('/orders', orderData);
-    
-    expect(response.status).toBe(503);
-    expect(response.body.error).toBe('Payment service unavailable');
+  it('rejects expired token', async () => {
+    const expired = generateExpiredToken();
+    expect((await api.get('/orders', { headers: { Authorization: `Bearer ${expired}` } })).status).toBe(401);
   });
-});
-```
-
-**When to use:** Testing error handling, edge cases, without hitting real services
-
-## Critical Test Scenarios
-
-### Authentication & Authorization
 
-```javascript
-describe('Authentication', () => {
-  it('rejects requests without token', async () => {
-    const response = await api.get('/orders');
-    expect(response.status).toBe(401);
-  });
-  
-  it('rejects requests with expired token', async () => {
-    const expiredToken = generateExpiredToken();
-    const response = await api.get('/orders', {
-      headers: { Authorization: `Bearer ${expiredToken}` }
-    });
-    expect(response.status).toBe(401);
-  });
-  
-  it('allows access only to authorized resources', async () => {
+  it('blocks cross-user access', async () => {
     const userAToken = generateToken({ userId: 'A' });
-    const response = await api.get('/orders/user-B-order', {
-      headers: { Authorization: `Bearer ${userAToken}` }
-    });
-    expect(response.status).toBe(403);
+    expect((await api.get('/orders/user-B-order', { headers: { Authorization: `Bearer ${userAToken}` } })).status).toBe(403);
   });
 });
 ```
 
 ### Input Validation
-
 ```javascript
-describe('Input validation', () => {
+describe('Validation', () => {
   it('validates required fields', async () => {
-    const response = await api.post('/orders', {
-      // Missing productId
-      quantity: 2
-    });
+    const response = await api.post('/orders', { quantity: 2 }); // Missing productId
     expect(response.status).toBe(400);
     expect(response.body.errors).toContain('productId is required');
   });
-  
-  it('validates data types', async () => {
-    const response = await api.post('/orders', {
-      productId: 'abc',
-      quantity: 'two' // Should be number
-    });
-    expect(response.status).toBe(400);
-  });
-  
-  it('validates value ranges', async () => {
-    const response = await api.post('/orders', {
-      productId: 'abc',
-      quantity: -5 // Negative quantity
-    });
-    expect(response.status).toBe(400);
-  });
-});
-```
 
-### Error Handling
-
-```javascript
-describe('Error handling', () => {
-  it('handles database connection failure', async () => {
-    db.disconnect();
-    const response = await api.get('/orders');
-    expect(response.status).toBe(503);
-    expect(response.body.error).toMatch(/service unavailable/i);
+  it('validates types', async () => {
+    expect((await api.post('/orders', { productId: 'abc', quantity: 'two' })).status).toBe(400);
   });
-  
-  it('handles malformed JSON', async () => {
-    const response = await fetch('/orders', {
-      method: 'POST',
-      body: 'not-json'
-    });
-    expect(response.status).toBe(400);
-  });
-  
-  it('handles unexpected errors gracefully', async () => {
-    // Simulate internal error
-    orderService.create = () => { throw new Error('Unexpected'); };
-    
-    const response = await api.post('/orders', validOrder);
-    expect(response.status).toBe(500);
-    expect(response.body.error).not.toContain('Unexpected'); // Don't leak internals
+
+  it('validates ranges', async () => {
+    expect((await api.post('/orders', { productId: 'abc', quantity: -5 })).status).toBe(400);
   });
 });
 ```
 
 ### Idempotency
-
 ```javascript
-describe('Idempotent operations', () => {
-  it('PUT is idempotent', async () => {
-    const updateData = { status: 'shipped' };
-    
-    await api.put('/orders/123', updateData);
-    const response = await api.put('/orders/123', updateData);
-    
-    expect(response.status).toBe(200);
-    // Verify state hasn't changed incorrectly
-  });
-  
-  it('POST with idempotency key prevents duplicates', async () => {
-    const idempotencyKey = 'unique-key-123';
-    const orderData = { productId: 'abc', quantity: 2 };
-    
-    const response1 = await api.post('/orders', orderData, {
-      headers: { 'Idempotency-Key': idempotencyKey }
-    });
-    
-    const response2 = await api.post('/orders', orderData, {
-      headers: { 'Idempotency-Key': idempotencyKey }
-    });
-    
-    expect(response1.body.orderId).toBe(response2.body.orderId);
-    // Verify only one order was created
-  });
+it('prevents duplicates with idempotency key', async () => {
+  const key = 'unique-123';
+  const data = { productId: 'abc', quantity: 2 };
+
+  const r1 = await api.post('/orders', data, { headers: { 'Idempotency-Key': key } });
+  const r2 = await api.post('/orders', data, { headers: { 'Idempotency-Key': key } });
+
+  expect(r1.body.orderId).toBe(r2.body.orderId); // Same order
 });
 ```
 
 ### Concurrency
-
 ```javascript
-describe('Concurrent requests', () => {
-  it('handles race condition on inventory update', async () => {
-    const promises = Array(10).fill().map(() => 
-      api.post('/orders', { productId: 'abc', quantity: 1 })
-    );
-    
-    const responses = await Promise.all(promises);
-    const successful = responses.filter(r => r.status === 201);
-    
-    // Verify inventory wasn't oversold
-    const inventory = await db.inventory.findById('abc');
-    expect(inventory.quantity).toBe(initialQuantity - successful.length);
-  });
+it('handles race condition on inventory', async () => {
+  const promises = Array(10).fill().map(() =>
+    api.post('/orders', { productId: 'abc', quantity: 1 })
+  );
+  const responses = await Promise.all(promises);
+  const successful = responses.filter(r => r.status === 201);
+
+  const inventory = await db.inventory.findById('abc');
+  expect(inventory.quantity).toBe(initialQuantity - successful.length);
 });
 ```
 
-## REST API Testing Patterns
-
-### CRUD Operations
+---
 
+## REST CRUD Pattern
 ```javascript
 describe('Product CRUD', () => {
   let productId;
-  
-  it('CREATE: creates new product', async () => {
-    const response = await api.post('/products', {
-      name: 'Widget',
-      price: 10.00
-    });
-    expect(response.status).toBe(201);
-    expect(response.headers.location).toMatch(/\/products\/\w+/);
-    productId = response.body.id;
-  });
-  
-  it('READ: retrieves product', async () => {
-    const response = await api.get(`/products/${productId}`);
-    expect(response.status).toBe(200);
-    expect(response.body.name).toBe('Widget');
-  });
-  
-  it('UPDATE: modifies product', async () => {
-    const response = await api.put(`/products/${productId}`, {
-      name: 'Widget',
-      price: 12.00
-    });
-    expect(response.status).toBe(200);
-    expect(response.body.price).toBe(12.00);
-  });
-  
-  it('DELETE: removes product', async () => {
-    const response = await api.delete(`/products/${productId}`);
-    expect(response.status).toBe(204);
-    
-    const getResponse = await api.get(`/products/${productId}`);
-    expect(getResponse.status).toBe(404);
-  });
-});
-```
-
-### Pagination
 
-```javascript
-describe('Pagination', () => {
-  it('returns first page by default', async () => {
-    const response = await api.get('/products');
-    expect(response.body.items).toHaveLength(20); // Default page size
-    expect(response.body.page).toBe(1);
-  });
-  
-  it('supports custom page size', async () => {
-    const response = await api.get('/products?pageSize=50');
-    expect(response.body.items).toHaveLength(50);
-  });
-  
-  it('includes pagination metadata', async () => {
-    const response = await api.get('/products');
-    expect(response.body).toHaveProperty('totalItems');
-    expect(response.body).toHaveProperty('totalPages');
-    expect(response.body).toHaveProperty('nextPage');
+  it('CREATE', async () => {
+    const r = await api.post('/products', { name: 'Widget', price: 10 });
+    expect(r.status).toBe(201);
+    productId = r.body.id;
   });
-});
-```
 
-### Filtering & Sorting
-
-```javascript
-describe('Filtering and sorting', () => {
-  it('filters by category', async () => {
-    const response = await api.get('/products?category=electronics');
-    expect(response.body.items.every(p => p.category === 'electronics')).toBe(true);
+  it('READ', async () => {
+    const r = await api.get(`/products/${productId}`);
+    expect(r.body.name).toBe('Widget');
   });
-  
-  it('sorts by price ascending', async () => {
-    const response = await api.get('/products?sort=price:asc');
-    const prices = response.body.items.map(p => p.price);
-    expect(prices).toEqual([...prices].sort((a, b) => a - b));
-  });
-  
-  it('combines multiple filters', async () => {
-    const response = await api.get('/products?category=electronics&minPrice=100');
-    expect(response.body.items.every(p => 
-      p.category === 'electronics' && p.price >= 100
-    )).toBe(true);
-  });
-});
-```
 
-## GraphQL Testing Patterns
-
-```javascript
-describe('GraphQL API', () => {
-  it('queries nested data', async () => {
-    const query = `
-      query {
-        order(id: "123") {
-          id
-          items {
-            product {
-              name
-              price
-            }
-            quantity
-          }
-          total
-        }
-      }
-    `;
-    
-    const response = await graphql.query(query);
-    expect(response.data.order.items).toBeDefined();
+  it('UPDATE', async () => {
+    const r = await api.put(`/products/${productId}`, { price: 12 });
+    expect(r.body.price).toBe(12);
   });
-  
-  it('handles query complexity limits', async () => {
-    const complexQuery = `
-      query {
-        orders {
-          items {
-            product {
-              reviews {
-                author {
-                  orders { ... }
-                }
-              }
-            }
-          }
-        }
-      }
-    `;
-    
-    const response = await graphql.query(complexQuery);
-    expect(response.errors[0].message).toMatch(/query too complex/i);
-  });
-});
-```
-
-## Performance Testing
 
-```javascript
-describe('API performance', () => {
-  it('responds within acceptable time', async () => {
-    const start = Date.now();
-    await api.get('/products');
-    const duration = Date.now() - start;
-    
-    expect(duration).toBeLessThan(200); // 200ms SLA
-  });
-  
-  it('handles load of 100 concurrent requests', async () => {
-    const requests = Array(100).fill().map(() => api.get('/products'));
-    const responses = await Promise.all(requests);
-    
-    const successful = responses.filter(r => r.status === 200);
-    expect(successful.length).toBeGreaterThan(95); // 95% success rate
+  it('DELETE', async () => {
+    expect((await api.delete(`/products/${productId}`)).status).toBe(204);
+    expect((await api.get(`/products/${productId}`)).status).toBe(404);
   });
 });
 ```
 
-## Testing Tools
-
-### REST APIs
-- **Supertest** (Node.js) - HTTP assertions
-- **REST-assured** (Java) - Fluent API testing
-- **Postman/Newman** - Collection-based testing
-- **Playwright API** - E2E with API calls
-
-### Contract Testing
-- **Pact** - Consumer-driven contracts
-- **Spring Cloud Contract** - JVM contract testing
-
-### Load Testing
-- **k6** - Modern load testing
-- **Apache JMeter** - Enterprise load testing
-- **Artillery** - Modern performance testing
-
-## Common Pitfalls
-
-### ❌ Testing Implementation, Not Contract
-Don't test internal database queries. Test the API response.
-
-### ❌ Ignoring HTTP Semantics
-Use correct status codes (200, 201, 400, 404, 500) and methods (GET, POST, PUT, DELETE).
-
-### ❌ No Negative Testing
-Always test error cases, not just happy paths.
-
-### ❌ Brittle Tests
-Don't assert on field order or extra fields. Focus on contract.
-
-### ❌ Slow Tests
-Mock external services. Don't wait for real third-party APIs.
+---
 
 ## Best Practices
 
-### ✅ Test from Consumer Perspective
-Write tests as if you're using the API, not implementing it.
-
-### ✅ Use Schema Validation
-Validate response structure, not exact values.
-
-### ✅ Test Error Scenarios
-Network failures, timeouts, invalid input, authorization errors.
-
-### ✅ Version Your API Tests
-Keep tests for each API version to prevent breaking changes.
+### ✅ Do This
+- Test from consumer perspective
+- Use schema validation (not exact values)
+- Test error scenarios extensively
+- Version API tests
+- Automate in CI/CD
 
-### ✅ Automate in CI/CD
-Run API tests on every commit, not just before release.
+### ❌ Avoid This
+- Testing implementation, not contract
+- Ignoring HTTP semantics (status codes)
+- No negative testing
+- Asserting on field order or extra fields
+- Slow tests (mock external services)
 
-## Real-World Example: E-Commerce API
-
-```javascript
-describe('E-Commerce Order API', () => {
-  describe('Happy path', () => {
-    it('complete order flow', async () => {
-      // Add to cart
-      const cart = await api.post('/cart', { productId: 'abc', quantity: 2 });
-      
-      // Apply discount
-      await api.post('/cart/discount', { code: 'SAVE10' });
-      
-      // Checkout
-      const order = await api.post('/orders', {
-        cartId: cart.body.id,
-        payment: { method: 'card', token: 'tok_123' }
-      });
-      
-      expect(order.status).toBe(201);
-      expect(order.body.status).toBe('pending');
-    });
-  });
-  
-  describe('Edge cases', () => {
-    it('handles out of stock during checkout', async () => {
-      // Product sold out between cart and checkout
-      const order = await api.post('/orders', {
-        cartId: 'cart-with-sold-out-item'
-      });
-      
-      expect(order.status).toBe(409); // Conflict
-      expect(order.body.error).toMatch(/out of stock/i);
-    });
-  });
-});
-```
-
-## Using with QE Agents
+---
 
-### Automated Contract Testing
+## Agent-Assisted API Testing
 
-**qe-api-contract-validator** ensures API contracts are maintained:
 ```typescript
-// Agent validates API contract against specification
-await agent.validateContract({
+// Validate contracts
+await Task("Contract Validation", {
   spec: 'openapi.yaml',
   endpoint: '/orders',
-  method: 'POST',
   checkBreakingChanges: true
-});
+}, "qe-api-contract-validator");
 
-// Returns:
-// {
-//   valid: false,
-//   breakingChanges: [
-//     'Field "orderId" changed from string to number'
-//   ],
-//   warnings: ['New optional field "metadata" added']
-// }
-```
-
-### Agent-Generated API Test Suites
-
-**qe-test-generator** creates comprehensive API tests:
-```typescript
-// Generate tests from OpenAPI spec
-await agent.generateFromSpec({
+// Generate tests from spec
+await Task("Generate API Tests", {
   spec: 'openapi.yaml',
   coverage: 'comprehensive',
-  include: [
-    'happy-paths',
-    'input-validation',
-    'auth-scenarios',
-    'error-handling',
-    'idempotency',
-    'concurrency'
-  ]
-});
+  include: ['happy-paths', 'input-validation', 'auth-scenarios', 'error-handling']
+}, "qe-test-generator");
+
+// Load test
+await Task("API Load Test", {
+  endpoint: '/orders',
+  rps: 1000,
+  duration: '5min'
+}, "qe-performance-tester");
 
-// → Creates 200+ tests covering all API patterns
+// Security scan
+await Task("API Security Scan", {
+  spec: 'openapi.yaml',
+  checks: ['sql-injection', 'xss', 'broken-auth', 'rate-limiting']
+}, "qe-security-scanner");
 ```
 
-### Real-Time API Test Execution
+---
 
-**qe-test-executor** runs API tests with smart retry logic:
-```typescript
-// Execute API tests with intelligent retry for flakiness
-await agent.executeAPITests({
-  suite: 'integration',
-  parallel: true,
-  retryStrategy: 'exponential-backoff',
-  flakyDetection: true
-});
+## Agent Coordination Hints
 
-// → Detects and reports network-related flakiness
-// → Auto-retries transient failures (503, timeout)
-// → Fails fast on persistent errors (401, 404)
+### Memory Namespace
+```
+aqe/api-testing/
+├── contracts/*        - API contract definitions
+├── generated-tests/*  - Generated test suites
+├── validation/*       - Contract validation results
+└── performance/*      - Load test results
 ```
 
-### Contract-Based Integration Testing
-
+### Fleet Coordination
 ```typescript
-// Agent coordinates contract testing between services
-const contractFleet = await FleetManager.coordinate({
+const apiFleet = await FleetManager.coordinate({
   strategy: 'contract-testing',
-  agents: [
-    'qe-api-contract-validator',  // Validate contracts
-    'qe-test-generator',          // Generate consumer tests
-    'qe-test-executor'            // Execute against provider
-  ],
-  topology: 'mesh'  // Consumer-provider pairs
+  agents: ['qe-api-contract-validator', 'qe-test-generator', 'qe-test-executor'],
+  topology: 'mesh'
 });
 
-// Microservices contract validation
-await contractFleet.execute({
+await apiFleet.execute({
   services: [
     { name: 'orders-api', consumers: ['checkout-ui', 'admin-api'] },
     { name: 'payment-api', consumers: ['orders-api'] }
@@ -580,95 +276,19 @@ await contractFleet.execute({
 });
 ```
 
-### Performance Testing for APIs
-
-**qe-performance-tester** load tests critical endpoints:
-```typescript
-// Agent runs load tests on API endpoints
-await agent.loadTest({
-  endpoint: '/orders',
-  method: 'POST',
-  rps: 1000,  // 1000 requests per second
-  duration: '5min',
-  scenarios: [
-    'create-order',
-    'concurrent-checkouts',
-    'bulk-operations'
-  ]
-});
-
-// Returns:
-// {
-//   avgResponseTime: '45ms',
-//   p95: '120ms',
-//   p99: '250ms',
-//   errorRate: 0.02,  // 2% error rate
-//   bottlenecks: ['database connection pool']
-// }
-```
-
-### Security Testing for APIs
-
-**qe-security-scanner** tests API vulnerabilities:
-```typescript
-// Agent scans for API security issues
-await agent.scanAPI({
-  spec: 'openapi.yaml',
-  checks: [
-    'sql-injection',
-    'xss',
-    'broken-auth',
-    'excessive-data-exposure',
-    'rate-limiting',
-    'input-validation'
-  ]
-});
-
-// Identifies:
-// - Missing rate limiting on /login
-// - No input sanitization on /search
-// - Exposed internal IDs in responses
-```
-
-### Continuous Contract Monitoring
-
-**qe-production-intelligence** monitors live API contracts:
-```typescript
-// Agent monitors production API for contract drift
-await agent.monitorAPIContract({
-  endpoint: '/orders',
-  spec: 'openapi.yaml',
-  alertOn: 'breaking-changes',
-  sampleRate: 0.01  // Monitor 1% of traffic
-});
-
-// Alerts:
-// "⚠️  Production API returning extra field not in spec: 'internalProcessId'"
-// "🔴 Breaking change detected: 'quantity' changed from int to string"
-```
-
 ---
 
 ## Related Skills
-
-**Core Quality Practices:**
-- [agentic-quality-engineering](../agentic-quality-engineering/) - API testing with agent coordination
-- [holistic-testing-pact](../holistic-testing-pact/) - APIs in test quadrants
-
-**Testing Approaches:**
-- [test-automation-strategy](../test-automation-strategy/) - API tests in automation pyramid
-- [risk-based-testing](../risk-based-testing/) - Risk-based API test prioritization
-- [performance-testing](../performance-testing/) - API load testing patterns
+- [agentic-quality-engineering](../agentic-quality-engineering/) - API testing with agents
+- [tdd-london-chicago](../tdd-london-chicago/) - London school for API testing
+- [performance-testing](../performance-testing/) - API load testing
 - [security-testing](../security-testing/) - API security validation
-
-**Development Practices:**
-- [tdd-london-chicago](../tdd-london-chicago/) - London school for API testing (mocking)
-- [code-review-quality](../code-review-quality/) - Review API test quality
+- [contract-testing](../contract-testing/) - Consumer-driven contracts deep dive
 
 ---
 
 ## Remember
 
-API testing is about verifying contracts and behavior, not implementation details. Focus on what matters to API consumers: correct responses, proper error handling, and acceptable performance.
+API testing = verifying contracts and behavior, not implementation. Focus on what matters to consumers: correct responses, proper error handling, acceptable performance.
 
-**With Agents**: Agents automate contract validation, generate comprehensive API test suites from specifications, and continuously monitor production APIs for contract drift. Use agents to maintain API quality across microservices at scale.
+**With Agents:** Agents automate contract validation, generate comprehensive test suites from specs, and monitor production APIs for drift. Use agents to maintain API quality at scale.