- Home
- Skills
- Shajar5110
- Hackathon Ii Phase 3
- Backend Expert
backend-expert_skill
- Python
1
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill shajar5110/hackathon-ii-phase-3 --skill backend-expert- SKILL.md38.7 KB
Overview
This skill is an enterprise-grade backend expertise pack delivering 25+ years of best practices across FastAPI, Express, Node.js, Next.js with TypeScript and Python tooling. It covers databases (Postgres, Mongo, Redis, Elasticsearch), API styles (REST, GraphQL, WebSockets, gRPC), security hardening, performance tuning, testing, and deployment strategies for production-scale systems. Use it to design, implement, and operate secure, high-performance, scalable backends for any use case.
How this skill works
The skill codifies decision trees, project structure templates, middleware patterns, authentication/authorization schemes, database access layers, caching and queue strategies, and deployment blueprints. It inspects architectural requirements and prescribes concrete implementations for route protection, RBAC/permission guards, token handling, CSRF/XSS/SQL injection mitigations, and performance optimizations like caching, DB tuning, and load balancing. It also provides testing matrices (unit, integration, E2E, load, security) and CI/CD/Kubernetes deployment patterns.
When to use it
- Building a new production backend requiring enterprise-grade security and scalability
- Modernizing or auditing an existing backend for security, performance, or reliability gaps
- Designing multi-database systems with mixed workloads (OLTP, search, caching, time-series)
- Implementing microservices, event-driven systems, or hybrid monolith-to-microservices migrations
- Preparing a backend for high-traffic, real-time, or compliance-sensitive environments
Best practices
- Apply the decision matrix to choose framework and data store per bounded context
- Enforce authentication middleware and RBAC at route level; centralize error handling and logging
- Never trust client input: validate at API boundary and use parameterized queries/ORM safety features
- Use layered caching (Redis + HTTP) and async queues to decouple heavy work from request paths
- Instrument tracing, metrics, and structured logs from day one; include chaos/load tests in CI pipelines
Example use cases
- E-commerce platform: secure payments, inventory consistency (sagas), search, and high throughput order processing
- SaaS multi-tenant API: RBAC, quota/rate limiting, tenant-aware caching and DB partitioning
- Real-time collaboration app: WebSockets scaled via pub/sub, presence, and backpressure controls
- High-traffic public API: API gateway + rate limiting, CDN, autoscaling Kubernetes deployments, and blue/green releases
FAQ
Yes — it provides templates, middleware examples, and patterns for FastAPI, Express/Node.js, and TypeScript projects; adapt configuration and secrets for your environment.
How does it handle token revocation and session security?
It recommends issuing tokens with jti, storing revocation state in a fast store (Redis), validating token expiry, and preferring HTTP-only cookies or secure Authorization headers with refresh-token strategies.