@httpRequestTests and @httpResponseTests are dual in that params is either the provided input to the test, or the expected output one should assert against, depending on whether you're generating a client or a server:

• in @httpRequestTests:
  • clients assert that they serialize an HTTP request given params
  • servers assert that they deserialize params given an HTTP request.
• in @httpResponseTests:
  • clients assert that they deserialize params given an HTTP response.
  • servers assert that they serialize an HTTP response given params

@httpMalformedRequestTests only make sense for servers. Servers assert that they reject a malformed request with the expected HTTP response.

The dual, @httpMalformedResponseTests, is missing, and would be very handy for clients. Clients would assert that they reject a malformed response with an expected error message.