後端開發

This skill automates security vulnerability testing. It is triggered when the user requests security assessments, penetration tests, or vulnerability scans. The skill covers OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, authentication issues, and authorization flaws. Use this skill when the user mentions "security test", "vulnerability scan", "OWASP", "SQL injection", "XSS", "CSRF", "authentication", or "authorization" in the context of application or API testing.

Remote control tmux sessions for interactive CLIs (python, gdb, git add -p, etc.) by sending keystrokes and scraping pane output. Use when debugging applications, running interactive REPLs (Python, gdb, ipdb, psql, mysql, node), automating terminal workflows, interactive git commands (git add -p, git stash -p, git rebase -i), or when user mentions tmux, debugging, or interactive shells.

Secure backend applications against OWASP threats. Implement authentication, encryption, scanning, compliance, and incident response procedures.

Defines measurable performance budgets for bundle size, API latency, database queries, and render times. Provides enforcement strategies and monitoring plans. Use for "performance budgets", "performance monitoring", "web vitals", or "optimization targets".

Build, test, and manage mcpGraph tools using the mcpGraphToolkit MCP server. Discover MCP servers and tools, construct graph nodes with JSONata and JSON Logic, and interact with mcpGraph configurations. IMPORTANT: Always read this file before creating graph tools using mcpGraphToolkit.

Migration du stockage Patient/Practitioner vers HAPI FHIR. Utiliser quand l'utilisateur demande d'implémenter l'architecture hybride FHIR, créer des mappers FHIR, ou intégrer avec HAPI FHIR.

Domain specialist for data persistence, database design, query optimization, and data modeling. Scope: SQL injection prevention, indexing strategies, normalization, migrations, scaling, backup/recovery, ORM patterns, N+1 query detection, query optimization, relationship mapping. Excludes: API design, business logic, infrastructure, frontend, security beyond database. Triggers: "database", "SQL", "query", "index", "schema", "migration", "sharding", "replication", "backup", "N+1", "ORM", "Eloquent", "Django", "query optimization", "slow query", "relationship", "foreign key", "join".

技術ドキュメント向けMarkdown高度構文スキル。Mermaid図、複雑テーブル、コードブロック、数式表現を活用。Anchors:• GitHub Flavored Markdown Spec / 適用: 拡張構文 / 目的: プラットフォーム互換ドキュメント• CommonMark Spec / 適用: 基本構文 / 目的: クロスプラットフォーム互換性• Mermaid Official Docs / 適用: ダイアグラム / 目的: ビジュアル技術文書Trigger:Use when creating technical documentation with Mermaid diagrams, complex tables,syntax-highlighted code blocks, mathematical expressions, or YAML front-matter.

Complete Easy.Platform backend development for EasyPlatform. Covers CQRS commands/queries, entities, validation, migrations, background jobs, and message bus. Use for any .NET backend task in this monorepo.

Generate exhaustively complete and accurate Datadog Software Catalog entity YAML files (v3 schema) by examining project source code and interviewing engineers. Use when engineers need to create or update entity.datadog.yaml files for services, datastores, queues, APIs, or systems. Triggers include: "create entity yaml", "generate service catalog entry", "document this project in datadog", "create service definition", "add to software catalog", or any request involving Datadog entity/service documentation. Supports all v3 entity kinds: service, datastore, queue, api, system. Fetches existing Datadog data via API. Validates against official JSON schema. Merges with existing definitions. Outputs to .datadog/ directory.

This skill enables Claude to monitor and analyze application error rates to improve reliability. It is used when the user needs to track and understand errors occurring in their application, including HTTP errors, application exceptions, database errors, external API errors, background job errors, and client-side errors. Use this skill when the user asks to "monitor errors", "analyze error rates", "track application errors", or requests help with "error monitoring". It sets up comprehensive error tracking and alerting based on defined thresholds.

Deploy the memory application to the remote server. Use when deploying code, syncing changes, restarting services, or running commands on the production server.

Particle lifecycle management—emission/spawning, death conditions, object pooling, trails, fade-in/out, and state transitions. Use when particles need birth/death cycles, continuous emission, trail effects, or memory-efficient recycling.

Establishes git workflow guardrails including conventional commits, commit message hooks, branch naming conventions, PR templates, and code review processes. Provides hook configurations, workflow templates, and emergency bypass instructions. Use when users request "setup git hooks", "enforce commit conventions", "add PR templates", or "standardize git workflow".

执行威科夫市场结构分析并生成交互式图表。触发场景：(1)分析股票吸筹/派发形态 (2)识别威科夫阶段(Phase A-E) (3)标注SC/AR/Spring/SOS等事件 (4)用户提到"威科夫分析"或"Wyckoff"

Implement REST APIs with FastAPI including endpoints, Pydantic models, validation, dependency injection, and error handling. Use when building API endpoints, request validation, or authentication.

This skill enables Claude to monitor and analyze application error rates to improve reliability. It is used when the user needs to track and understand errors occurring in their application, including HTTP errors, application exceptions, database errors, external API errors, background job errors, and client-side errors. Use this skill when the user asks to "monitor errors", "analyze error rates", "track application errors", or requests help with "error monitoring". It sets up comprehensive error tracking and alerting based on defined thresholds.

Electronプロセス間通信（IPC）パターンの設計と実装専門知識。安全で効率的なMain-Rendererプロセス通信、contextBridge、型安全なAPI設計を提供。Anchors:• Electron Security / 適用: contextBridge/preload設計 / 目的: セキュアなIPC実装• Clean Architecture / 適用: Main/Renderer境界設計 / 目的: 責務分離と保守性• Type Safety / 適用: TypeScript型契約 / 目的: IPC通信の型安全性確保Trigger:Use when implementing IPC communication patterns, setting up contextBridge, designing typed IPC handlers, securing renderer-main communication, or structuring bidirectional messaging flows.ipcMain, ipcRenderer, contextBridge, invoke, handle, preload, typed IPC

Webアプリケーションにおける包括的な入力検証とサニタイズ。型安全な検証、許可リストフィルタリング、コンテキスト対応エンコーディングを通じて、XSS、SQLインジェクション、コマンドインジェクション、パストラバーサルなどの入力ベースの攻撃を防止。Anchors:• OWASP Top 10 / 適用: 全ての入力検証判断 / 目的: 業界標準のセキュリティベースライン• CWE-20 (不適切な入力検証) / 適用: 検証戦略設計 / 目的: 一般的な脆弱性パターン防止• OWASP ASVS 5.1 / 適用: 検証要件仕様 / 目的: セキュリティ検証標準Trigger:Use when implementing user input handling, form validation, API request validation, file upload processing,database query construction, command execution with user input, URL parameter processing, or any data from untrusted sources.

Core prompt-engineering protocols mandatory for ALL prompt-related tasks. Provides LLM prompt engineering best practices: clear/direct, multishot, chain-of-thought, XML tags, prompt chaining, long context, extended thinking. Includes guard rails: reduce hallucinations, increase consistency, mitigate jailbreaks, handle streaming refusals, reduce prompt leak, keep in character. Scope: general prompt engineering principles and best practices. Triggers: all prompt-related tasks.