---
name: uat
description: Send a message to the Ghostfolio agent API and display the response. Use for testing agent tools end-to-end against a running dev server.
argument-hint: <message to send to agent>
disable-model-invocation: true
allowed-tools: Bash, Read, Write
---

# UAT - Agent API Tester

Send `$ARGUMENTS` to the Ghostfolio agent at `http://localhost:3333/api/v1/agent/chat` and display the response.

## Steps

1. **Check for credentials** - Read `.uat-creds.json` in the repo root. If it doesn't exist, run setup first.

2. **Setup (if no creds)** - Run `.claude/skills/uat/scripts/setup.sh` to create a test user and import sample data.

3. **Load credentials** - Read `.uat-creds.json`:

   ```json
   { "accessToken": "...", "authToken": "..." }
   ```

   `authToken` is the JWT Bearer token. `accessToken` is the anonymous auth token for refreshing.

4. **Send the message** - POST to the agent:

   ```bash
   curl -s -X POST http://localhost:3333/api/v1/agent/chat \
     -H "Content-Type: application/json" \
     -H "Authorization: Bearer <authToken>" \
     -d '{"message": "$ARGUMENTS"}'
   ```

5. **Handle auth errors** - If you get a 401, refresh the JWT:

   ```bash
   curl -s -X POST http://localhost:3333/api/v1/auth/anonymous \
     -H "Content-Type: application/json" \
     -d '{"accessToken": "<accessToken from creds>"}'
   ```

   Save the new `authToken` back to `.uat-creds.json`, then retry the agent call.

6. **Display results** - Format and show:
   - The `response` text from the agent
   - Any `toolCalls` array (tool name + inputs + output for each)
   - The `conversationId` (save it to `.uat-creds.json` as `conversationId` for multi-turn continuity)
   - Any errors with status code and body

7. **Multi-turn** - If `.uat-creds.json` has a `conversationId`, include it in the request body:
   ```json
   { "message": "$ARGUMENTS", "conversationId": "..." }
   ```
   To start a fresh conversation, delete `conversationId` from `.uat-creds.json`.

## Credentials file format

`.uat-creds.json` (gitignored):

```json
{
  "accessToken": "anonymous-access-token",
  "authToken": "jwt-bearer-token",
  "conversationId": "optional-for-multi-turn"
}
```

## Troubleshooting

- **Connection refused**: API isn't running. Run `npm run dev:api` (or `npm run dev` for deps + api).
- **401 Unauthorized**: Refresh JWT via `/auth/anonymous` (step 5 above).
- **500 errors**: Check API logs. Common cause: LLM config missing from DB (OpenRouter key not set).
- **No `.uat-creds.json`**: Run setup script manually: `bash .claude/skills/uat/scripts/setup.sh`