Build robust backend systems with modern technologies (Node.js, Python, Go, Rust), frameworks (NestJS, FastAPI, Django), databases (PostgreSQL, MongoDB, Redis), APIs (REST, GraphQL, gRPC), authentication (OAuth 2.1, JWT), testing strategies, security best practices (OWASP Top 10), performance optimization, scalability patterns (microservices, caching, sharding), DevOps practices (Docker, Kubernetes, CI/CD), and monitoring. Use when designing APIs, implementing authentication, optimizing database queries, setting up CI/CD pipelines, handling security vulnerabilities, building microservices, or developing production-ready backend systems.
/plugin marketplace add GGPrompts/TabzBeads/plugin install backend@tabz-beadsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
references/backend-api-design.mdreferences/backend-architecture.mdreferences/backend-authentication.mdreferences/backend-code-quality.mdreferences/backend-debugging.mdreferences/backend-devops.mdreferences/backend-mindset.mdreferences/backend-performance.mdreferences/backend-security.mdreferences/backend-technologies.mdreferences/backend-testing.mdProduction-ready backend development with modern technologies, best practices, and proven patterns.
Languages: Node.js/TypeScript (full-stack), Python (data/ML), Go (concurrency), Rust (performance) Frameworks: NestJS, FastAPI, Django, Express, Gin Databases: PostgreSQL (ACID), MongoDB (flexible schema), Redis (caching) APIs: REST (simple), GraphQL (flexible), gRPC (performance)
See: references/backend-technologies.md for detailed comparisons
Core Technologies:
backend-technologies.md - Languages, frameworks, databases, message queues, ORMsbackend-api-design.md - REST, GraphQL, gRPC patterns and best practicesSecurity & Authentication:
backend-security.md - OWASP Top 10 2025, security best practices, input validationbackend-authentication.md - OAuth 2.1, JWT, RBAC, MFA, session managementPerformance & Architecture:
backend-performance.md - Caching, query optimization, load balancing, scalingbackend-architecture.md - Microservices, event-driven, CQRS, saga patternsQuality & Operations:
backend-testing.md - Testing strategies, frameworks, tools, CI/CD testingbackend-code-quality.md - SOLID principles, design patterns, clean codebackend-devops.md - Docker, Kubernetes, deployment strategies, monitoringbackend-debugging.md - Debugging strategies, profiling, logging, production debuggingbackend-mindset.md - Problem-solving, architectural thinking, collaborationSecurity: Argon2id passwords, parameterized queries (98% SQL injection reduction), OAuth 2.1 + PKCE, rate limiting, security headers
Performance: Redis caching (90% DB load reduction), database indexing (30% I/O reduction), CDN (50%+ latency cut), connection pooling
Testing: 70-20-10 pyramid (unit-integration-E2E), Vitest 50% faster than Jest, contract testing for microservices, 83% migrations fail without tests
DevOps: Blue-green/canary deployments, feature flags (90% fewer failures), Kubernetes 84% adoption, Prometheus/Grafana monitoring, OpenTelemetry tracing
| Need | Choose |
|---|---|
| Fast development | Node.js + NestJS |
| Data/ML integration | Python + FastAPI |
| High concurrency | Go + Gin |
| Max performance | Rust + Axum |
| ACID transactions | PostgreSQL |
| Flexible schema | MongoDB |
| Caching | Redis |
| Internal services | gRPC |
| Public APIs | GraphQL/REST |
| Real-time events | Kafka |
API: Choose style → Design schema → Validate input → Add auth → Rate limiting → Documentation → Error handling
Database: Choose DB → Design schema → Create indexes → Connection pooling → Migration strategy → Backup/restore → Test performance
Security: OWASP Top 10 → Parameterized queries → OAuth 2.1 + JWT → Security headers → Rate limiting → Input validation → Argon2id passwords
Testing: Unit 70% → Integration 20% → E2E 10% → Load tests → Migration tests → Contract tests (microservices)
Deployment: Docker → CI/CD → Blue-green/canary → Feature flags → Monitoring → Logging → Health checks
Avoid over-engineering. Only make changes directly requested or clearly necessary. Keep solutions simple and focused. Do not add features, refactor code, or make improvements beyond what was asked. Start with a monolith and split to microservices only when needed.
Read and understand relevant files before proposing code edits. Do not speculate about code you have not inspected.
This skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.