Initial commit: antigravity-claudekit

skills/ck-backend-development/SKILL.md

@@ -0,0 +1,106 @@
+---
+name: ck-backend-development
+description: Build production-ready backends with Node.js, Python, Go. Use for REST/GraphQL/gRPC APIs, authentication (OAuth, JWT), database design, microservices, OWASP security, Docker and Kubernetes deployment.
+---
+
+# ck-backend-development
+
+Production-ready backend development with modern technologies, best practices, and proven patterns.
+
+## When to Use
+
+- Designing RESTful, GraphQL, or gRPC APIs
+- Building authentication and authorization systems
+- Optimizing database queries and schemas
+- Implementing caching and performance optimization
+- OWASP Top 10 security mitigation
+- Designing scalable microservices
+- Testing strategies (unit, integration, E2E)
+- CI/CD pipelines and deployment
+- Monitoring and debugging production systems
+
+## Don't Use When
+
+- Frontend UI work — use `ck-frontend-development` or `ck-frontend-design`
+- Infrastructure-only work (K8s manifests, Dockerfiles) — use `ck-devops`
+- Database schema design only — use `ck-databases`
+
+## Technology Selection
+
+**Languages:**
+- Node.js/TypeScript — full-stack teams, fast iteration
+- Python — data/ML integration, scientific computing
+- Go — high concurrency, performance-critical services
+- Rust — maximum performance, memory safety
+
+**Frameworks:** NestJS, FastAPI, Django, Express, Gin
+
+**Databases:** PostgreSQL (ACID), MongoDB (flexible schema), Redis (caching)
+
+**APIs:** REST (simple/public), GraphQL (flexible queries), gRPC (internal services, performance)
+
+## Quick Decision Matrix
+
+| Need | Choose |
+|------|--------|
+| Fast development | Node.js + NestJS |
+| Data/ML integration | Python + FastAPI |
+| High concurrency | Go + Gin |
+| ACID transactions | PostgreSQL |
+| Flexible schema | MongoDB |
+| Caching | Redis |
+| Internal services | gRPC |
+| Public APIs | GraphQL/REST |
+| Real-time events | Kafka |
+
+## Key Best Practices (2025)
+
+**Security:**
+- Argon2id for password hashing
+- Parameterized queries (eliminates SQL injection)
+- OAuth 2.1 + PKCE for authentication
+- Rate limiting on all public endpoints
+- Security headers (HSTS, CSP, X-Frame-Options)
+
+**Performance:**
+- Redis caching (reduces DB load significantly)
+- Database indexing on frequently queried columns
+- CDN for static assets
+- Connection pooling (pgBouncer for PostgreSQL)
+
+**Testing:** 70% unit / 20% integration / 10% E2E pyramid
+
+**DevOps:** Blue-green or canary deployments, feature flags, Prometheus/Grafana monitoring
+
+## Implementation Checklists
+
+**API:**
+Choose style → Design schema → Validate input → Add auth → Rate limiting → Documentation → Error handling
+
+**Database:**
+Choose DB → Design schema → Create indexes → Connection pooling → Migration strategy → Backup/restore → Test performance
+
+**Security:**
+OWASP Top 10 → Parameterized queries → OAuth 2.1 + JWT → Security headers → Rate limiting → Input validation → Argon2id
+
+**Testing:**
+Unit 70% → Integration 20% → E2E 10% → Load tests → Migration tests
+
+**Deployment:**
+Docker → CI/CD → Blue-green/canary → Feature flags → Monitoring → Logging → Health checks
+
+## Domain References
+
+- **API Design**: REST/GraphQL/gRPC patterns and best practices
+- **Security**: OWASP Top 10 2025, input validation, auth patterns
+- **Authentication**: OAuth 2.1, JWT, RBAC, MFA, session management
+- **Performance**: Caching, query optimization, load balancing, scaling
+- **Architecture**: Microservices, event-driven, CQRS, saga patterns
+- **Testing**: Testing strategies, frameworks, CI/CD testing
+- **DevOps**: Docker, Kubernetes, deployment strategies, monitoring
+
+## Resources
+
+- OWASP Top 10: https://owasp.org/www-project-top-ten/
+- OAuth 2.1: https://oauth.net/2.1/
+- OpenTelemetry: https://opentelemetry.io/