Agent-Skills.md

Agent Skills: Backend Development Master - Complete Backend Engineering Workflow

Comprehensive backend development workflow that orchestrates expert analysis, architecture design, implementation, and deployment using the integrated toolset. Handles everything from API design and database architecture to security implementation and DevOps automation.

UncategorizedID: julianromli/ai-skills/backend-dev

Repository

julianromli/ai-skills
julianromli
12918

Skill Files

Browse the full folder contents for backend-dev.

Download Skill

Loading file tree…

skills/backend-dev/SKILL.md

Skill Metadata

Name
backend-dev
Description
Comprehensive backend development workflow that orchestrates expert analysis, architecture design, implementation, and deployment using the integrated toolset. Handles everything from API design and database architecture to security implementation and DevOps automation.

Backend Development Master - Complete Backend Engineering Workflow

Overview

This skill provides end-to-end backend development services by orchestrating multiple expert systems, advanced development techniques, and specialized tools. It transforms business requirements into production-ready backend systems with comprehensive architecture, security, scalability, and operational excellence.

Key Capabilities:

  • πŸ—οΈ Multi-Expert Backend Architecture - Coordinates backend architects, security engineers, and DevOps specialists
  • 🎯 Full-Stack Development - From API design to database architecture to deployment automation
  • πŸ“Š Production-Ready Implementation - Security-first, scalable, and maintainable code generation
  • πŸ”§ DevOps Integration - CI/CD pipelines, monitoring, and infrastructure as code
  • πŸ“‹ Comprehensive Testing - Unit, integration, and end-to-end testing strategies

When to Use This Skill

Perfect for:

  • New backend system development and API creation
  • Legacy system modernization and microservice decomposition
  • Database architecture and optimization projects
  • Security implementation and compliance requirements
  • Performance optimization and scalability planning
  • DevOps pipeline and infrastructure automation

Triggers:

  • "Create a backend API for [application]"
  • "Design database architecture for [system]"
  • "Build a scalable backend service"
  • "Implement security and authentication"
  • "Set up CI/CD and deployment pipeline"

Backend Development Expert Panel

Backend Architect (System Design)

  • Focus: API design, database architecture, system scalability
  • Techniques: RESTful services, GraphQL, microservices, data modeling
  • Considerations: Performance, scalability, maintainability, API contracts

Security Engineer (Secure Development)

  • Focus: Authentication, authorization, data protection, compliance
  • Techniques: OWASP compliance, encryption, threat modeling, secure coding
  • Considerations: Security by design, zero-trust principles, regulatory compliance

DevOps Architect (Operations & Deployment)

  • Focus: CI/CD, infrastructure automation, monitoring, reliability
  • Techniques: Container orchestration, IaC, observability, zero-downtime deployment
  • Considerations: Infrastructure costs, reliability, scaling strategies, monitoring

Database Specialist (Data Architecture)

  • Focus: Schema design, query optimization, data modeling, migrations
  • Techniques: Normalization, indexing strategies, caching, data consistency
  • Considerations: Data integrity, performance, scalability, backup strategies

Performance Engineer (Optimization)

  • Focus: Performance optimization, bottleneck analysis, caching strategies
  • Techniques: Profiling, load testing, optimization patterns, scaling solutions
  • Considerations: Response times, throughput, resource utilization, cost efficiency

Backend Development Workflow

Phase 1: Requirements Analysis & Technical Planning

Use when: Starting new backend development or modernizing existing systems

Tools Used:

/sc:analyze backend-requirements
BMAD PM Agent: business requirement analysis
Requirements Analyst: technical specification creation
Deep Research Agent: technology stack research

Activities:

  • Analyze business requirements and translate to technical specifications
  • Identify scalability, security, and performance requirements
  • Evaluate technology stack options and architectural patterns
  • Define API contracts and data models
  • Plan integration points and external dependencies

Phase 2: System Architecture & Design

Use when: Designing the technical architecture and system components

Tools Used:

/sc:design --type architecture backend-system
/sc:design --type api restful-apis
/sc:design --type database data-model
Backend Architect: comprehensive system design
Security Engineer: security architecture planning

Activities:

  • Design system architecture and component boundaries
  • Create API specifications and data contracts
  • Design database schemas and relationships
  • Plan security architecture and authentication flows
  • Define scalability and performance strategies

Phase 3: Implementation Planning & Technology Selection

Use when: Preparing for actual code implementation

Tools Used:

/sc:design --type component implementation-strategy
Python Expert: technology-specific implementation patterns
DevOps Architect: deployment and infrastructure planning
Performance Engineer: optimization and monitoring setup

Activities:

  • Select appropriate frameworks, libraries, and tools
  • Create implementation roadmap with milestones
  • Plan database migrations and data seeding strategies
  • Design error handling and logging strategies
  • Prepare development environment and tooling setup

Phase 4: Secure & Scalable Implementation

Use when: Writing production-ready backend code

Tools Used:

/sc:implement backend-service
Python Expert: production-quality code implementation
Security Engineer: secure coding practices and vulnerability prevention
Database Specialist: optimized database interactions
Performance Engineer: efficient algorithms and caching strategies

Activities:

  • Implement core business logic and API endpoints
  • Create secure authentication and authorization systems
  • Optimize database queries and implement caching strategies
  • Implement comprehensive error handling and logging
  • Write unit and integration tests with high coverage

Phase 5: Testing & Quality Assurance

Use when: Ensuring system reliability and security

Tools Used:

/sc:test backend-comprehensive
Quality Engineer: testing strategy implementation
Security Engineer: security testing and vulnerability scanning
Performance Engineer: load testing and performance validation
Playwright MCP: end-to-end API testing

Activities:

  • Implement comprehensive test suites (unit, integration, E2E)
  • Conduct security testing and vulnerability assessments
  • Perform load testing and performance benchmarking
  • Validate API contracts and data integrity
  • Test error scenarios and recovery mechanisms

Phase 6: DevOps & Deployment

Use when: Preparing for production deployment

Tools Used:

/sc:implement production-deployment
DevOps Architect: CI/CD pipeline and infrastructure setup
Security Engineer: production security hardening
Monitoring Setup: observability and alerting systems

Activities:

  • Set up CI/CD pipelines with automated testing and deployment
  • Implement infrastructure as code and containerization
  • Configure monitoring, logging, and alerting systems
  • Create deployment strategies and rollback procedures
  • Document operations procedures and runbooks

Integration Patterns

SuperClaude Command Integration

| Command | Use Case | Output | |---------|---------|--------| | /sc:design --type architecture | System architecture | Technical architecture specifications | | /sc:design --type api | API design | RESTful/GraphQL API specifications | | /sc:design --type database | Database design | Optimized schema and data models | | /sc:implement backend | Code implementation | Production-ready backend services | | /sc:test backend | Testing strategy | Comprehensive testing plans | | /sc:build deploy | Deployment setup | CI/CD and infrastructure automation |

BMAD Method Integration

| Technique | Role | Capabilities | |----------|------|------------| | Greenfield Service Workflow | New project development | Complete backend service development | | Brownfield Integration | Legacy modernization | Safe system evolution and integration | | Security-First Development | Secure implementation | Built-in security practices and validation | | Performance Optimization | Scalability planning | Bottleneck identification and optimization |

MCP Server Integration

| Server | Expertise | Use Case | |--------|----------|---------| | Sequential | Complex reasoning | Architecture analysis and problem-solving | | Context7 | Technical patterns | Framework best practices and implementation guides | | Playwright | API testing | End-to-end API validation and testing | | Serena | Project memory | Large codebase navigation and context management |

Usage Examples

Example 1: New REST API Development

User: "Create a backend API for an e-commerce platform with user management, product catalog, and order processing"

Workflow:
1. Phase 1: Analyze e-commerce requirements and technical constraints
2. Phase 2: Design microservices architecture with API contracts
3. Phase 3: Plan implementation with Node.js/Express and PostgreSQL
4. Phase 4: Implement secure APIs with JWT authentication
5. Phase 5: Test with comprehensive test suites and load testing
6. Phase 6: Deploy with Docker, Kubernetes, and CI/CD pipeline

Output: Production-ready e-commerce backend with 99.9% uptime target

Example 2: Database Architecture Optimization

User: "Optimize our database architecture for better performance and scalability"

Workflow:
1. Phase 1: Analyze current database performance and bottlenecks
2. Phase 2: Design optimized schema with proper indexing
3. Phase 3: Plan migration strategy with zero downtime
4. Phase 4: Implement caching layer and query optimization
5. Phase 5: Performance test and validate improvements
6. Phase 6: Deploy with monitoring and alerting

Output: 60% performance improvement with horizontal scaling capability

Example 3: Security Implementation

User: "Implement comprehensive security for our financial services backend"

Workflow:
1. Phase 1: Analyze security requirements and compliance needs (SOC2, PCI-DSS)
2. Phase 2: Design zero-trust security architecture
3. Phase 3: Plan secure implementation with encryption and audit logging
4. Phase 4: Implement security controls and monitoring
5. Phase 5: Conduct security testing and vulnerability assessment
6. Phase 6: Deploy with security monitoring and incident response

Output: Fully compliant financial services backend with comprehensive security

Quality Assurance Mechanisms

Multi-Expert Validation

  • Cross-Domain Review: Backend architect, security, and DevOps perspectives
  • Security Validation: Comprehensive vulnerability scanning and compliance checking
  • Performance Testing: Load testing, stress testing, and optimization validation
  • Production Readiness: Complete deployment and operational validation

Automated Quality Checks

  • Code Quality: Linting, formatting, and complexity analysis
  • Security Scanning: Automated vulnerability detection and dependency checking
  • Performance Monitoring: Response time, throughput, and resource utilization tracking
  • Test Coverage: Unit, integration, and end-to-end test coverage validation

Continuous Improvement

  • Performance Monitoring: Real-time performance tracking and alerting
  • Security Monitoring: Continuous vulnerability scanning and threat detection
  • Feedback Integration: User feedback and performance data analysis
  • Pattern Learning: Successful patterns recognition and reuse

Output Deliverables

Primary Deliverable: Complete Backend System

backend-system/
β”œβ”€β”€ api/
β”‚   β”œβ”€β”€ controllers/              # API endpoint implementations
β”‚   β”œβ”€β”€ middleware/               # Authentication, validation, error handling
β”‚   β”œβ”€β”€ routes/                   # API routing and endpoint definitions
β”‚   └── documentation/            # API documentation and contracts
β”œβ”€β”€ services/
β”‚   β”œβ”€β”€ business/                 # Business logic and domain services
β”‚   β”œβ”€β”€ data/                     # Data access and database services
β”‚   β”œβ”€β”€ external/                 # Third-party service integrations
β”‚   └── security/                 # Security services and utilities
β”œβ”€β”€ database/
β”‚   β”œβ”€β”€ migrations/               # Database schema migrations
β”‚   β”œβ”€β”€ seeds/                    # Initial data setup
β”‚   β”œβ”€β”€ models/                   # Data models and relationships
β”‚   └── queries/                  # Optimized database queries
β”œβ”€β”€ tests/
β”‚   β”œβ”€β”€ unit/                     # Unit tests for individual components
β”‚   β”œβ”€β”€ integration/              # Integration tests for service interactions
β”‚   β”œβ”€β”€ e2e/                      # End-to-end API tests
β”‚   └── performance/              # Load and stress tests
β”œβ”€β”€ infrastructure/
β”‚   β”œβ”€β”€ docker/                   # Container configurations
β”‚   β”œβ”€β”€ kubernetes/               # K8s deployment manifests
β”‚   β”œβ”€β”€ ci-cd/                    # CI/CD pipeline configurations
β”‚   └── monitoring/               # Logging, metrics, and alerting
β”œβ”€β”€ documentation/
β”‚   β”œβ”€β”€ architecture.md           # System architecture documentation
β”‚   β”œβ”€β”€ api-specs.md              # API specifications and contracts
β”‚   β”œβ”€β”€ deployment.md             # Deployment procedures and runbooks
β”‚   └── security.md               # Security procedures and compliance
└── config/
    β”œβ”€β”€ development/              # Development environment configurations
    β”œβ”€β”€ staging/                  # Staging environment configurations
    └── production/               # Production environment configurations

Supporting Artifacts

  • Architecture Documentation: Detailed system design and technical specifications
  • API Documentation: Comprehensive API contracts and usage examples
  • Security Documentation: Security procedures, compliance reports, and audit trails
  • Performance Reports: Benchmarking results and optimization recommendations
  • Deployment Guides: Step-by-step deployment and operational procedures

Advanced Features

Intelligent Technology Selection

  • Automatically recommends appropriate technology stacks based on requirements
  • Considers team expertise, scalability needs, and maintenance requirements
  • Optimizes for cost, performance, and development efficiency
  • Supports multiple programming languages and frameworks

Security-First Development

  • Built-in security practices and vulnerability prevention
  • Automated security scanning and compliance checking
  • Comprehensive authentication and authorization patterns
  • Integration with security monitoring and threat detection

Performance Optimization

  • Proactive performance monitoring and bottleneck identification
  • Automated optimization suggestions and implementation
  • Load testing and capacity planning tools
  • Real-time performance tracking and alerting

DevOps Automation

  • Complete CI/CD pipeline setup with automated testing and deployment
  • Infrastructure as code with version control and reproducibility
  • Container orchestration and microservice deployment
  • Comprehensive monitoring, logging, and alerting systems

Troubleshooting

Common Backend Development Challenges

  • Scalability Issues: Use microservices architecture and horizontal scaling patterns
  • Security Vulnerabilities: Apply security-first development and comprehensive testing
  • Performance Bottlenecks: Implement caching strategies and database optimization
  • Database Complexity: Use proper normalization, indexing, and query optimization

Deployment and Operations Issues

  • Deployment Failures: Use blue-green deployments and automated rollback
  • Monitoring Gaps: Implement comprehensive observability and alerting
  • Integration Problems: Design clear APIs and implement proper error handling
  • Security Incidents: Implement incident response procedures and security monitoring

Best Practices

For System Design

  • Design for scalability and maintainability from the start
  • Use microservices architecture for complex systems
  • Implement proper separation of concerns and modularity
  • Design for failure with circuit breakers and graceful degradation

For Security Implementation

  • Implement security by design, not as an afterthought
  • Use zero-trust principles and defense-in-depth strategies
  • Regularly update dependencies and conduct security audits
  • Implement comprehensive logging and monitoring for security events

For Performance Optimization

  • Profile before optimizing to identify real bottlenecks
  • Implement appropriate caching strategies at multiple levels
  • Use database indexing and query optimization techniques
  • Monitor performance metrics and set up alerting

For DevOps and Deployment

  • Automate everything that can be automated
  • Use infrastructure as code for reproducible deployments
  • Implement comprehensive monitoring and observability
  • Plan for failure with backup and disaster recovery procedures

This backend development skill transforms the complex process of backend system creation into a guided, expert-supported workflow that leverages the full power of your integrated development toolset. It ensures that backend systems are secure, scalable, maintainable, and production-ready from day one.