Loading...
Loading...
Found 123 Skills
Builds ASP.NET Core APIs, EF Core data access, gRPC, SignalR, and backend services with middleware, security (OAuth, JWT, OWASP), resilience, messaging, OpenAPI, .NET Aspire, Semantic Kernel, HybridCache, YARP reverse proxy, output caching, Office documents (Excel, Word, PowerPoint), PDF, and architecture patterns. Spans 32 topic areas. Do not use for UI rendering patterns or CI/CD pipeline authoring.
Clerk auth with API Keys beta (Dec 2025), Next.js 16 proxy.ts (March 2025 CVE context), API version 2025-11-10 breaking changes, clerkMiddleware() options, webhooks, production considerations (GCP outages), and component reference. Prevents 15 documented errors. Use when: API keys for users/orgs, Next.js 16 middleware filename, troubleshooting JWKS/CSRF/JWT/token-type-mismatch errors, webhook verification, user type inconsistencies, or testing with 424242 OTP.
Expert FastAPI developer specializing in production-ready async REST APIs with Pydantic v2, SQLAlchemy 2.0, OAuth2/JWT authentication, and comprehensive security. Deep expertise in dependency injection, background tasks, async database operations, input validation, and OWASP security best practices. Use when building high-performance Python web APIs, implementing authentication systems, or securing API endpoints.
Comprehensive Supabase development expert covering Edge Functions, database schema management, migrations, PostgreSQL functions, and RLS policies. Use for any Supabase development including TypeScript/Deno Edge Functions, declarative schema management, SQL formatting, migration creation, database function authoring with SECURITY INVOKER, and RLS policy implementation with auth.uid() and auth.jwt().
Expert guidance for ElysiaJS web framework development. Use when building REST APIs, GraphQL services, or WebSocket applications with Elysia on Bun. Covers routing, lifecycle hooks, TypeBox validation, Eden type-safe clients, authentication with JWT/Bearer, all official plugins (OpenAPI, CORS, JWT, static, cron, GraphQL, tRPC), testing patterns, and production deployment. Assumes bun-expert skill is active for Bun runtime expertise.
Expert session decisions for iOS/tvOS: token storage security levels, refresh flow architectures, multi-session handling strategies, and logout cleanup requirements. Use when implementing authentication, debugging token issues, or designing session architecture. Trigger keywords: session, authentication, token, Keychain, refresh token, access token, JWT, OAuth2, logout, session expiration, KeychainHelper, SecItemAdd, kSecAttrAccessible
Production backend systems development. Stack: Node.js/TypeScript, Python, Go, Rust | NestJS, FastAPI, Django, Express | PostgreSQL, MongoDB, Redis. Capabilities: REST/GraphQL/gRPC APIs, OAuth 2.1/JWT auth, OWASP security, microservices, caching, load balancing, Docker/K8s deployment. Actions: design, build, implement, secure, optimize, deploy, test APIs and services. Keywords: API design, REST, GraphQL, gRPC, authentication, OAuth, JWT, RBAC, database, PostgreSQL, MongoDB, Redis, caching, microservices, Docker, Kubernetes, CI/CD, OWASP, security, performance, scalability, NestJS, FastAPI, Express, middleware, rate limiting. Use when: designing APIs, implementing auth/authz, optimizing queries, building microservices, securing endpoints, deploying containers, setting up CI/CD.
Security engineering that protects applications, data, and users from real-world threatsUse when "security, authentication, authorization, encryption, OWASP, vulnerability, XSS, SQL injection, CSRF, secrets, password, JWT, OAuth, permissions, audit, compliance, security, authentication, authorization, encryption, vulnerabilities, OWASP, compliance, audit" mentioned.
This skill should be used when the user requests to generate, create, or add Row-Level Security (RLS) policies for Supabase databases in multi-tenant or role-based applications. It generates comprehensive RLS policies using auth.uid(), auth.jwt() claims, and role-based access patterns. Trigger terms include RLS, row level security, supabase security, generate policies, auth policies, multi-tenant security, role-based access, database security policies, supabase permissions, tenant isolation.
Automatically discover API design skills when working with REST APIs, GraphQL schemas, API authentication, OAuth, JWT, rate limiting, API versioning, error handling, or endpoint design. Activates for backend API development tasks.
NestJS 11+ best practices for enterprise Node.js applications with TypeScript. Use when writing, reviewing, or refactoring NestJS controllers, services, modules, or APIs. Triggers on: NestJS modules, controllers, providers, dependency injection, @Injectable, @Controller, @Module, middleware, guards, interceptors, pipes, exception filters, ValidationPipe, class-validator, class-transformer, DTOs, JWT authentication, Passport strategies, @nestjs/passport, TypeORM entities, Prisma client, Drizzle ORM, repository pattern, circular dependencies, forwardRef, @nestjs/swagger, OpenAPI decorators, GraphQL resolvers, @nestjs/graphql, microservices, TCP transport, Redis transport, NATS, Kafka, NestJS 11 breaking changes, Express v5 migration, custom decorators, ConfigService, @nestjs/config, health checks, or NestJS testing patterns.
Complete development skill set for the ABE Framework, providing a full-stack solution for modern Go HTTP RESTful API application development. Core features include: modular engine architecture, standardized controller route registration, global and route-level middleware system, dependency injection container (supporting global and request-level scopes), multi-language internationalization (i18n) support, access control system based on JWT and Casbin, asynchronous event bus mechanism, high-performance goroutine pool management, extensible plugin mechanism, configuration management system (supporting multi-layer configuration priority), GORM database integration, structured logging system, form validation framework, scheduled task scheduling (Cron), CORS cross-domain support, etc. Suitable for scenarios such as building enterprise-level web services, microservice architecture applications, API gateways, and backend management systems. The framework adopts a loose-coupling design, supports the UseCase business logic pattern, provides a complete error handling mechanism and performance monitoring capabilities, helping enterprises quickly build stable and maintainable distributed application systems.