ArchPilotExecutable architecture guardrails

Search docs

Docs search

Validation rule

Back to Rule Catalog
AP-API-012API Design

DTO/entity leakage through API boundary

Flags APIs that expose persistence entities or internal DTOs across the external boundary.

warningviolationNo auto-fix

How to fix

  1. Introduce explicit public request/response DTOs.
  2. Map only intended fields across the API boundary.
  3. Regenerate or update the API contract after the change.

What it means

The API response appears coupled to database or internal implementation shape.

Why it matters

Leaking internal entities makes API compatibility depend on storage details and can expose sensitive fields.

Common causes

  • ORM entities are returned directly.
  • Internal DTOs are reused as public response contracts.
  • Mapping code was skipped for convenience.

Example bad pattern

A route returns the full Prisma User record including internal flags.

Example good pattern

The route returns a UserSummaryResponse with only public fields.

Related files/config

  • contracts/openapi.yaml
  • apps/api/src

Related CLI commands

  • archpilot validate
  • archpilot validate --ci

Related docs

Rule CatalogAPI DesignApplication Layering
AP-API-012 - DTO/entity leakage through API boundary | ArchPilot Docs