Generate an OpenAPI Spec from Your Existing Routes
If your API predates your documentation, ask Claude to reverse-engineer a full OpenAPI spec from your route files.
@routes/api.php @app/Http/Controllers/Api/
Read these files and generate a complete OpenAPI 3.0 spec in YAML covering
all public endpoints — include request parameters, request bodies, and
response schemas inferred from the controller logic and Form Requests.
Claude reads your controllers, infers validation rules from Form Requests or inline validate() calls, and produces a well-structured YAML spec you can paste straight into Swagger UI, Stoplight, or Redoc.
paths:
/api/users/{id}:
get:
summary: Get a user by ID
parameters:
- name: id
in: path
required: true
schema:
type: integer
responses:
'200':
description: User found
'404':
description: User not found
Pass the generated spec back to Claude and ask it to add missing error responses, authentication schemes, or example payloads. It can also generate a Postman collection from the same spec.
Going from zero documentation to a working OpenAPI spec in minutes beats writing it from scratch.
Log in to leave a comment.
The /security-review command scans your uncommitted changes for injection vectors, auth gaps, hardcoded secrets, and other common vulnerabilities.
The SessionStart hook fires when any session begins or resumes, making it ideal for loading environment variables and running one-time setup scripts.
Ask Claude to write property-based tests for your functions using fast-check — it identifies the mathematical invariants in your code and generates tests that cover inputs you'd never enumerate by hand.