Use this skill when you need a portable, framework-agnostic discipline for type safety at the network edge of any React or React Native app. Establishes one typed API client as the single fetch boundary, a parse-don't-validate rule that turns wire JSON into trusted domain types before it enters the app, a single...
Portable skill — readable by Claude Code, OpenCode, Codex, Cursor, Windsurf, and others. This skill describes a discipline at the network edge — one client, one envelope, one error type, validated types — not a state library or a styling system. It pairs with the frontend-architecture skill (the client lives in
shared/api-client/) and is the foundation the frontend-optimistic-mutations skill builds on.
The goal: the moment data crosses from the network into the app, it stops being any-shaped wire
JSON and becomes a trusted, typed domain value — or it becomes a single, typed error.
There is exactly one place this transformation happens, and nothing untyped escapes it.
apiClient wraps fetch. Components and hooks never call fetch/axios directly — the boundary is enforceable in review and lint.?. chains, no re-checking shapes in components.{ data } on success or { error } on failure. The client unwraps data and throws on error, so callers receive the payload directly or a typed throw.ApiError with a machine code, status, and optional per-field errors. Callers handle one shape.InvoiceId, CustomerId) so the compiler rejects passing one where another is expected — the most common silent bug in data-heavy UIs.The boundary is one folder in shared/ (per the frontend-architecture skill).
src/shared/api-client/
├── index.ts ← barrel: apiClient, ApiError, types
├── client.ts ← the fetch wrapper: buildUrl, headers, parse, verbs
├── config.ts ← base URL resolution, default headers
├── error.ts ← the ApiError class + code→message-key mapping
├── types.ts ← envelope types, HttpMethod, RequestOptions, field errors
└── client.test.ts ← boundary behavior tests (envelope, errors, network)
Domain entity types and their schemas live with their feature module
(modules/{feature}/types/) or a shared contract package; the client is generic over T.
Every verb returns the unwrapped data payload typed by the caller, and throws an
ApiError on any failure. Components never see envelopes or raw responses.
// shared/api-client/client.ts (essence)
export const apiClient = {
get<T>(path: string, options?: RequestOptions): Promise<T> {
return request<T>("GET", path, undefined, options);
},
post<T>(path: string, body?: unknown, options?: RequestOptions): Promise<T> {
return request<T>("POST", path, body, options);
},
patch<T>(path: string, body?: unknown, options?: RequestOptions): Promise<T> {
/* … */
},
put<T>(path: string, body?: unknown, options?: RequestOptions): Promise<T> {
/* … */
},
delete<T>(path: string, options?: RequestOptions): Promise<T> {
/* … */
},
} as const;
export type ApiClient = typeof apiClient;
// CORRECT — a feature hook wraps the client, typed by the caller
const invoice = await apiClient.get<Invoice>(`/invoices/${id}`, { signal });
// WRONG — a raw fetch in a component bypasses the boundary entirely
const res = await fetch(`/api/invoices/${id}`); // untyped, unhandled errors, no envelope
Hard rules:
fetch/axios/XMLHttpRequest outside shared/api-client/ — enforce with an ESLint no-restricted-imports/no-restricted-globals rule.onError (see §6).AbortSignal through RequestOptions so the query layer can cancel (wired by TanStack Query)."Validate" leaves you with the same untyped value and a boolean. "Parse" returns a new, typed value — so downstream code is guaranteed correct by the type system. Run a schema parse at the boundary; after that, the value is trusted.
// modules/invoice/types/invoice.schema.ts
import { z } from "zod";
export const invoiceSchema = z.object({
id: z.string().transform(toInvoiceId), // brand it (see §5)
number: z.string(),
status: z.nativeEnum(InvoiceStatus),
total: z.number().int(), // minor units — never float money
issuedAt: z.string().datetime(),
});
export type Invoice = z.infer<typeof invoiceSchema>;
// the client (or a thin per-entity wrapper) parses at the edge
const raw = await apiClient.get<unknown>(`/invoices/${id}`, { signal });
return invoiceSchema.parse(raw); // throws on contract drift → surfaces as a typed failure
Why this matters: a backend that renames a field or sends a null it shouldn't is caught at
the boundary, with a clear error, instead of producing undefined three components deep where
the stack trace is useless. Components downstream never write invoice?.total ?? 0 defensively.
Validation library is your choice — Zod, Valibot, ArkType, io-ts. The rule is constant: a parse step converts
unknownwire data into a typed domain value at one boundary.
Mirror the backend's single envelope in the client and unwrap it once.
// shared/api-client/types.ts
export interface ApiSuccessEnvelope<T> {
data: T;
}
export interface ApiErrorEnvelope {
error: ApiErrorBody;
}
export type ApiEnvelope<T> = ApiSuccessEnvelope<T> | ApiErrorEnvelope;
export function isApiErrorEnvelope<T>(
e: ApiEnvelope<T>,
): e is ApiErrorEnvelope {
return typeof e === "object" && e !== null && "error" in e;
}
export interface ApiErrorBody {
code: ServerErrorCode; // machine-readable, stable
message: string; // server message (NOT shown to users directly)
fields?: Record<string, string[]>; // per-field validation errors
}
The parse step handles every shape: 204 No Content → undefined; { error } → throw; non-2xx
with no well-formed envelope → synthesize an error; { data } → return data. The caller only
ever sees a typed payload or a throw.
Strings are interchangeable; domain IDs are not. Brand them so the compiler stops you passing a
CustomerId where an InvoiceId is required.
// shared/types/id.ts
declare const brand: unique symbol;
export type Brand<T, B extends string> = T & { readonly [brand]: B };
export type InvoiceId = Brand<string, "InvoiceId">;
export type CustomerId = Brand<string, "CustomerId">;
export const toInvoiceId = (s: string): InvoiceId => s as InvoiceId;
export const toCustomerId = (s: string): CustomerId => s as CustomerId;
function loadInvoice(id: InvoiceId) {
/* … */
}
loadInvoice(customerId); // ❌ compile error — exactly the bug you want caught
loadInvoice(invoiceId); // ✅
Brand IDs at the parse boundary (§3) so every ID in the app is already nominal. The runtime cost is zero — brands erase at compile time.
Collapse every failure mode into a single ApiError so callers handle one shape. It carries a
machine code, the HTTP status, optional per-field errors, and a stable key for localized
messages (it does not localize — that's the UI's job).
// shared/api-client/error.ts (essence)
export class ApiError extends Error {
readonly code: ServerErrorCode;
readonly status: number; // 0 when no response (network/abort)
readonly fields?: Record<string, string[]>;
get isNetworkError() {
return this.status === 0;
}
get hasFieldErrors() {
return !!this.fields && Object.keys(this.fields).length > 0;
}
/** Stable key under an `errors` i18n namespace — never a raw server string. */
get messageKey() {
if (this.isNetworkError) return "network";
return ERROR_CODE_MESSAGE_KEYS[this.code] ?? "generic";
}
static fromEnvelope(body: ApiErrorBody, status: number) {
/* server { error } */
}
static fromNetwork(cause: unknown) {
/* offline / CORS / abort → status 0 */
}
}
The client throws; the query layer decides what the user sees. Keep toasts/redirects out of the client.
// a TanStack Query mutation maps the typed error to a localized toast
useMutation({
mutationFn: (input) => apiClient.post<Invoice>("/invoices", input),
onError: (error: ApiError) => notifyError(error), // looks up error.messageKey in i18n
});
Server validation (fields) maps straight onto form-field errors — one place, typed.
if (error.hasFieldErrors) {
for (const [field, messages] of Object.entries(error.fields!)) {
form.setError(field as Path<FormValues>, { message: messages[0] });
}
}
Hard rules:
throw new Error(string) from the data layer — always ApiError with a code.error.message (a server/dev string) directly to users — resolve messageKey through i18n.INVALID_RESPONSE, don't silently return undefined.The discipline is constant; the data-fetching library only changes where onError/parsing hangs.
| Library | Where the client is called | Where ApiError is handled |
|---|---|---|
| TanStack Query | queryFn/mutationFn call apiClient.* |
onError per query/mutation, or a global QueryCache/MutationCache onError |
| RTK Query | baseQuery wraps apiClient, parses + returns { data } or { error } |
transformErrorResponse → ApiError; handle in component or middleware |
| SWR | fetcher = (key) => apiClient.get(key) |
onError in SWRConfig or per-hook |
| Plain fetch hooks (RN) | a useAsync wrapper calls apiClient.* |
try/catch sets a typed error state |
For React Native, the client is unchanged — fetch and AbortController exist in RN. Only
credentials: "include" (cookie auth) may need swapping for a token header depending on your auth.
apiClient in shared/api-client/; no fetch/axios anywhere else (lint-enforced).{ data } / { error } envelope, unwrapped once in the client.ApiError (code + status + optional fields); no bare throw new Error.error.messageKey resolves through i18n — server message is never shown to users.fields map.AbortSignal flows through RequestOptions for cancellation.undefined.Adding the boundary to a project: create shared/api-client/ with client.ts, error.ts,
types.ts, config.ts. Add the lint rule banning fetch/axios elsewhere. Define your envelope
to match the backend, and your ApiError codes.
Adding a new entity: define its schema (Zod/Valibot) and z.infer type in the feature module,
brand its ID at parse time, and wrap apiClient in typed query/mutation hooks — never call the
client from a component.
Debugging "undefined three components deep": add/repair the boundary parse so contract drift
fails loudly at the edge with a typed error, instead of leaking undefined downstream.
Reviewing the data layer: run the checklist in §8. The highest-value catches are raw fetch in
components (boundary bypass) and throw new Error(string) from the data layer (untyped failures).
This skill follows the Anthropic SKILL.md format and is portable across agents.
skills/frontend-data-contracts/SKILL.md in a public GitHub repo.name and high-signal description — discovery indexes match against it.npx skills add <org>/<repo> --skill "frontend-data-contracts".SKILL.md agents can be pointed here from AGENTS.md / CLAUDE.md; Kiro can mirror it as a steering file.