api-security
Comprehensive API security guidance covering authentication methods, rate limiting, input validation, CORS, security headers, and protection against OWASP API Top 10 vulnerabilities. Use when designing API authentication, implementing rate limiting, configuring CORS, setting security headers, or reviewing API security.
audit
Run security audit on code for OWASP Top 10, CWE vulnerabilities, and security anti-patterns
authentication-patterns
Comprehensive authentication implementation guidance including JWT best practices, OAuth 2.0/OIDC flows, Passkeys/FIDO2/WebAuthn, MFA patterns, and secure session management. Use when implementing login systems, token-based auth, SSO, passwordless authentication, or reviewing authentication security.
authorization-models
Comprehensive authorization guidance covering RBAC, ABAC, ACL, ReBAC, and policy-as-code patterns. Use when designing permission systems, implementing access control, or choosing authorization strategies.
check-deps
Check dependencies for known CVEs and security vulnerabilities
container-security
Container and Kubernetes security patterns including Docker hardening, image scanning, pod security standards, network policies, RBAC, secrets management, and runtime protection. Use when securing containerized applications, building secure images, or configuring Kubernetes security controls.
cryptography
Comprehensive cryptography guidance covering encryption algorithms, password hashing, TLS configuration, key management, and post-quantum considerations. Use when implementing encryption, choosing hashing algorithms, configuring TLS/SSL, managing cryptographic keys, or reviewing cryptographic implementations.
devsecops-practices
DevSecOps methodology guidance covering shift-left security, SAST/DAST/IAST integration, security gates in CI/CD pipelines, vulnerability management workflows, and security champions programs.
scan-secrets
Scan codebase for hardcoded secrets, API keys, credentials, and sensitive data
secrets-management
Comprehensive guidance for secure secrets management including storage solutions (Vault, AWS Secrets Manager, Azure Key Vault), environment variables, secret rotation, scanning tools, and CI/CD pipeline security. Use when implementing secrets storage, configuring secret rotation, preventing secret leaks, or reviewing credentials handling.
secure-coding
Provides guidance on secure coding practices including OWASP Top 10 2025, CWE Top 25, input validation, output encoding, and language-specific security patterns. Use when reviewing code for security vulnerabilities, implementing security controls, or learning secure development practices.
supply-chain-security
Software supply chain security guidance covering SBOM generation, SLSA framework, dependency scanning, SCA tools, and protection against supply chain attacks like dependency confusion and typosquatting.
threat-modeling
Threat modeling methodologies (STRIDE, DREAD), attack trees, threat modeling as code, and integration with SDLC for proactive security design
vulnerability-management
Vulnerability lifecycle management including CVE tracking, CVSS scoring, risk prioritization, remediation workflows, and coordinated disclosure practices
ears-convert
Convert specifications to/from EARS format.
zero-trust
Zero Trust architecture principles including ZTNA, micro-segmentation, identity-first security, continuous verification, and BeyondCorp patterns. Use when designing network security, implementing identity-based access, or building cloud-native applications with zero trust principles.
ai-writing-assistant
Leverage AI tools effectively for professional writing tasks. Provides prompt patterns, refinement workflows, voice preservation techniques, and quality checkpoints for AI-augmented drafting.
brand-statement
Develop your personal brand statement using the Skills x Interests x Market Needs framework. Use when crafting your professional positioning, LinkedIn headline, or elevator pitch.
career-strategy
Internal vs external career growth paths, goal setting, career maintenance, and long-term planning for software engineers. Use when deciding between internal promotion vs external job search, setting career goals, or planning long-term career trajectory.
code-review-communication
Frameworks for giving and receiving code review feedback effectively. Use for PR comments, review strategies, handling disagreements, and balancing thoroughness with kindness.
craft-linkedin-post
Generate an engaging LinkedIn post using proven storytelling frames. Use when you want to share learnings, celebrate wins, or build professional visibility.
developer-visibility
Build professional visibility through LinkedIn, GitHub, conference speaking, and internal branding. Provides frameworks for personal brand development, content creation, and career growth.
difficult-conversations
Structured approach to workplace conflicts, performance discussions, and challenging feedback using preparation-delivery-followup framework. Use when preparing for tough conversations, addressing conflicts, giving critical feedback, or navigating sensitive workplace discussions.
draft-email
Draft a professional email using the What-Why-How framework. Use when you need to compose emails to colleagues, stakeholders, or leadership.
feedback-conversations
Navigate difficult conversations and deliver constructive feedback using structured frameworks. Covers the Preparation-Delivery-Follow-up model and Situation-Behavior-Impact (SBI) feedback technique. Use when preparing for difficult conversations, giving feedback, or managing conflicts.
interview-skills
Frameworks for technical interviews and salary negotiation. Use for behavioral interview prep (STAR method), technical interview communication, offer evaluation, and compensation negotiation strategies.
mentoring-developers
Frameworks for effective mentoring and knowledge transfer. Use for 1:1 meetings, pair programming, onboarding, teaching technical concepts, and developing junior engineers.
plan-career-goals
Create structured career goals with timelines, actions, milestones, and accountability measures.
professional-communication
Guide technical communication for software developers. Covers email structure, team messaging etiquette, meeting agendas, and adapting messages for technical vs non-technical audiences. Use when drafting professional messages, preparing meeting communications, or improving written communication.
promotion-preparation
Building promotion cases, brag documents, tracking wins, and self-advocacy for career advancement. Use when preparing for promotions, documenting accomplishments, or building your case for advancement.
api-versioning
Use when planning API versioning strategy, handling breaking changes, or managing API deprecation. Covers URL, header, and query parameter versioning approaches.
cdn-architecture
Use when designing content delivery networks, caching strategies, or global content distribution. Covers CDN architecture, cache hierarchies, origin shielding, cache invalidation, and edge optimization.
chaos-engineering-fundamentals
Use when implementing chaos engineering, designing fault injection experiments, or building resilience testing practices. Covers chaos principles and experiment design.
chaos-plan
Design chaos engineering experiments for a system - identifies failure modes, creates experiment hypotheses, and generates GameDay plans
data-architecture
Use when designing data platforms, choosing between data lakes/lakehouses/warehouses, or implementing data mesh patterns. Covers modern data architecture approaches.
data-flow
Design data pipeline architecture for a given data flow scenario
design-interview-methodology
4-step framework for system design interviews. Use when preparing for technical interviews, practicing whiteboard design, or structuring architectural discussions. Covers requirements gathering, high-level design, deep dives, and wrap-up.
distributed-tracing
Use when implementing distributed tracing, understanding trace propagation, or debugging cross-service issues. Covers OpenTelemetry, span context, and trace correlation.
edge-computing
Use when designing edge computing architectures, serverless at edge, or distributed compute strategies. Covers edge functions, compute placement decisions, Cloudflare Workers, Lambda@Edge, and edge-native patterns.
edge-strategy
Design CDN and edge deployment strategy for global distribution - optimizes latency, plans caching architecture, and recommends edge compute placement
estimation-techniques
Back-of-envelope calculations for system design. Use when estimating QPS, storage, bandwidth, or latency for capacity planning. Includes latency numbers every programmer should know and common estimation patterns.
etl-elt-patterns
Use when designing data pipelines, choosing between ETL and ELT approaches, or implementing data transformation patterns. Covers modern data pipeline architecture.
explain
Explain a systems design concept
gameday-planning
Use when planning GameDay exercises, designing failure scenarios, or conducting chaos drills. Covers GameDay preparation, execution, and follow-up.
golden-paths
Use when designing standardized development workflows, paved roads, or opinionated defaults. Covers golden path patterns, template design, developer workflow optimization, and guardrails.
idempotency-patterns
Use when designing idempotent APIs, handling retries safely, or preventing duplicate operations. Covers idempotency keys, at-most-once semantics, and duplicate prevention.
improve-expertise
Run self-improve on an expert's mental model to sync with codebase. Use periodically to keep expertise files accurate.
incident-response
Use when designing incident management processes, creating runbooks, or establishing on-call practices. Covers incident lifecycle, communication, and postmortems.
instrumentation-planning
Plan instrumentation strategy before implementation, covering what to instrument, naming conventions, cardinality management, and instrumentation budget
internal-developer-platform
Use when designing Internal Developer Platforms (IDPs), building platform teams, or improving developer experience. Covers platform engineering principles, Backstage, portal design, and platform team structures.
Page 647 of 1486 · 74266 results
