backend-development
This skill provides comprehensive guidance for building production-ready backend systems using modern technologies including Node.js, Python, Go, and Rust with frameworks like NestJS and FastAPI. Use it when designing APIs, implementing authentication systems, optimizing databases, setting up CI/CD pipelines, addressing security vulnerabilities, building microservices, or developing scalable backend infrastructure.
git clone --depth 1 https://github.com/mrgoonie/claudekit-skills /tmp/backend-development && cp -r /tmp/backend-development/.claude/skills/backend-development ~/.claude/skills/backend-developmentSKILL.md
# Backend Development Skill Production-ready backend development with modern technologies, best practices, and proven patterns. ## When to Use - Designing RESTful, GraphQL, or gRPC APIs - Building authentication/authorization systems - Optimizing database queries and schemas - Implementing caching and performance optimization - OWASP Top 10 security mitigation - Designing scalable microservices - Testing strategies (unit, integration, E2E) - CI/CD pipelines and deployment - Monitoring and debugging production systems ## Technology Selection Guide **Languages:** Node.js/TypeScript (full-stack), Python (data/ML), Go (concurrency), Rust (performance) **Frameworks:** NestJS, FastAPI, Django, Express, Gin **Databases:** PostgreSQL (ACID), MongoDB (flexible schema), Redis (caching) **APIs:** REST (simple), GraphQL (flexible), gRPC (performance) See: `references/backend-technologies.md` for detailed comparisons ## Reference Navigation **Core Technologies:** - `backend-technologies.md` - Languages, frameworks, databases, message queues, ORMs - `backend-api-design.md` - REST, GraphQL, gRPC patterns and best practices **Security & Authentication:** - `backend-security.md` - OWASP Top 10 2025, security best practices, input validation - `backend-authentication.md` - OAuth 2.1, JWT, RBAC, MFA, session management **Performance & Architecture:** - `backend-performance.md` - Caching, query optimization, load balancing, scaling - `backend-architecture.md` - Microservices, event-driven, CQRS, saga patterns **Quality & Operations:** - `backend-testing.md` - Testing strategies, frameworks, tools, CI/CD testing - `backend-code-quality.md` - SOLID principles, design patterns, clean code - `backend-devops.md` - Docker, Kubernetes, deployment strategies, monitoring - `backend-debugging.md` - Debugging strategies, profiling, logging, production debugging - `backend-mindset.md` - Problem-solving, architectural thinking, collaboration ## Key Best Practices (2025) **Security:** Argon2id passwords, parameterized queries (98% SQL injection reduction), OAuth 2.1 + PKCE, rate limiting, security headers **Performance:** Redis caching (90% DB load reduction), database indexing (30% I/O reduction), CDN (50%+ latency cut), connection pooling **Testing:** 70-20-10 pyramid (unit-integration-E2E), Vitest 50% faster than Jest, contract testing for microservices, 83% migrations fail without tests **DevOps:** Blue-green/canary deployments, feature flags (90% fewer failures), Kubernetes 84% adoption, Prometheus/Grafana monitoring, OpenTelemetry tracing ## Quick Decision Matrix | Need | Choose | |------|--------| | Fast development | Node.js + NestJS | | Data/ML integration | Python + FastAPI | | High concurrency | Go + Gin | | Max performance | Rust + Axum | | ACID transactions | PostgreSQL | | Flexible schema | MongoDB | | Caching | Redis | | Internal services | gRPC | | Public APIs | GraphQL/REST | | Real-time events | Kafka | ## Implementation Checklist **API:** Choose style → Design schema → Validate input → Add auth → Rate limiting → Documentation → Error handling **Database:** Choose DB → Design schema → Create indexes → Connection pooling → Migration strategy → Backup/restore → Test performance **Security:** OWASP Top 10 → Parameterized queries → OAuth 2.1 + JWT → Security headers → Rate limiting → Input validation → Argon2id passwords **Testing:** Unit 70% → Integration 20% → E2E 10% → Load tests → Migration tests → Contract tests (microservices) **Deployment:** Docker → CI/CD → Blue-green/canary → Feature flags → Monitoring → Logging → Health checks ## Resources - OWASP Top 10: https://owasp.org/www-project-top-ten/ - OAuth 2.1: https://oauth.net/2.1/ - OpenTelemetry: https://opentelemetry.io/
Manage MCP (Model Context Protocol) server integrations - discover tools/prompts/resources, analyze relevance for tasks, and execute MCP capabilities. Use when need to work with MCP servers, discover available MCP tools, filter MCP capabilities for specific tasks, execute MCP tools programmatically, or implement MCP client functionality. Keeps main context clean by handling MCP discovery in subagent context.
Stage all files and create a commit.
Stage, commit and push all code in the current branch
Create a pull request
Create a new agent skill
Utilize tools of Model Context Protocol (MCP) servers
Create aesthetically beautiful interfaces following proven design principles. Use when building UI/UX, analyzing designs from inspiration sites, generating design images with ai-multimodal, implementing visual hierarchy and color theory, adding micro-interactions, or creating design documentation. Includes workflows for capturing and analyzing inspiration screenshots with chrome-devtools and ai-multimodal, iterative design image generation until aesthetic standards are met, and comprehensive design system guidance covering BEAUTIFUL (aesthetic principles), RIGHT (functionality/accessibility), SATISFYING (micro-interactions), and PEAK (storytelling) stages. Integrates with chrome-devtools, ai-multimodal, media-processing, ui-styling, and web-frameworks skills.
Process and generate multimedia content using Google Gemini API. Capabilities include analyze audio files (transcription with timestamps, summarization, speech understanding, music/sound analysis up to 9.5 hours), understand images (captioning, object detection, OCR, visual Q&A, segmentation), process videos (scene detection, Q&A, temporal analysis, YouTube URLs, up to 6 hours), extract from documents (PDF tables, forms, charts, diagrams, multi-page), generate images (text-to-image, editing, composition, refinement). Use when working with audio/video files, analyzing images or screenshots, processing PDF documents, extracting structured data from media, creating images from text prompts, or implementing multimodal AI features. Supports multiple models (Gemini 2.5/2.0) with context windows up to 2M tokens.