Backend

Expert skill for implementing JWT-based authentication in FastAPI applications. Handles token generation, verification, user authentication, protected routes, and security best practices. Includes setup for password hashing, OAuth2 schemes, and user data isolation. Use when implementing JWT authentication in FastAPI applications, securing API endpoints with token-based authentication, or implementing user registration and login functionality.

Prevent leaking database errors and P-codes to clients. Use when implementing API error handling or user-facing error messages.

Comprehensive Spring Boot 3.x best practices for building scalable, maintainable enterprise applications with Jakarta EE. Use this skill when creating Spring Boot applications, designing REST APIs, implementing security, writing tests, or architecting Spring Boot projects. Covers Controller-Service-Repository patterns, validation, error handling, testing strategies, performance optimization, and production-ready configurations.

Nodemon JSON configuration templates and validation logic for development server hot-reload. Includes 5 required standards (watch patterns, exec command, ignore patterns, development settings, required dependencies). Use when creating or auditing nodemon.json files to enable automatic server restart on file changes.

Expert Node.js guidance for fetching and integrating RSS feeds and REST APIs. Use when requests mention Fetch, RSS, API, REST endpoints, Atom feeds, pagination, authentication, rate limits, webhooks, or when building API clients that ingest feed data.

Implements Passport.js authentication middleware with local, OAuth, and JWT strategies for Express/Node.js. Use when building Node.js APIs, implementing custom auth flows, or needing flexible authentication strategies.

Comprehensive reference documentation for all data structures in the VRP toolkit project. Use when needing to understand data structure definitions, attributes, formats, or representations to avoid repeatedly reading code. Covers Problem layer (Instance, Solution, Node), Algorithm layer (Solver, Operators, ALNS), Data layer (OSMnx, distance matrices), and runtime formats (routes as lists, time windows as tuples).

Guide for implementing Shopify apps, extensions, themes, and integrations using GraphQL/REST APIs, Shopify CLI, Polaris UI, and various extension types (Checkout, Admin, POS). Use when building Shopify apps, implementing checkout extensions, customizing admin interfaces, creating themes with Liquid, or integrating with Shopify's APIs.

Validate CasareRPA workflow JSON files for structural integrity, node dependencies, and connection validity. See schemas/ for JSON schema definitions. Use when: validating workflows, checking workflow JSON, testing workflow definitions, graph structure validation, node connections.

Generate NestJS module files with controllers, services, DTOs, and entities. Triggers on "create nestjs module", "generate nest module", "nestjs resource", "nest crud module".

Create, configure, and integrate MCP (Model Context Protocol) servers and clients. Use when building MCP servers with FastMCP (Python) or MCP SDK (Node/TypeScript), integrating external APIs, or creating custom tools/resources for LLMs. Handles server creation, client configuration, transport protocols, and security patterns.

Create encrypted, verifiable backups with proof receipts (BLAKE3 + ROOT.txt) and mandatory restore drill. Uses age encryption for modern, simple UX. Designed for sovereign EU infrastructure. Use after node-hardening completes. Triggers: 'backup node', 'encrypted backup', 'create backup', 'restore drill', 'generate proof receipts', 'verify backup', 'backup with proof'.

Use the MCP Code Execution Bridge for context-efficient access to Supabase and shadcn tools. Provides API-based database operations (query, insert, update, delete) that work without Docker/MCP servers. Use when you need database access or component management without loading all tool definitions into context.

Complete US Internal Revenue Code (Title 26) with 2,160 sections covering individual income tax, business deductions, corporate tax, partnerships, international tax, capital gains, and all federal tax provisions. Search by section number or topic.

Start or stop the demo server (FastAPI) on port 2026. Use when you need to run or kill the development server.

Using PolicyEngine programmatically via Python client or REST API

C# best practices with .NET 8, ASP.NET Core, Entity Framework, and modern async programming for 2025

Manage media files (images, PDFs, videos) in Laravel using Spatie's Media Library. Handle file uploads, store files on any filesystem (S3, local), generate image conversions (thumbnails, responsive images), manage file metadata with custom properties, and serve files with automatic URL generation. Use when implementing file upload functionality, image processing, media collections, responsive images, or file management in Laravel applications.

Generic DigitalOcean droplet deployment using doctl CLI for any application type (APIs, web servers, background workers). Includes validation, deployment scripts, systemd service management, secret handling, health checks, and deployment tracking. Use when deploying Python/Node.js/any apps to droplets, managing systemd services, handling secrets securely, or when user mentions droplet deployment, doctl, systemd, or server deployment.

Production-ready Express.js development covering middleware architecture, error handling, security hardening, testing strategies, and deployment patterns