Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

0xharryriddle/domain-web

Name: domain-web
Author: 0xharryriddle

archive/upstream/chasebuild-agent-skills/rust/skills/domain-web/SKILL.md

npx skillsauth add 0xharryriddle/codex-field-kit domain-web

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Web Domain

Layer 3: Domain Constraints

Domain Constraints → Design Implications

| Domain Rule | Design Constraint | Rust Implication | |-------------|-------------------|------------------| | Stateless HTTP | No request-local globals | State in extractors | | Concurrency | Handle many connections | Async, Send + Sync | | Latency SLA | Fast response | Efficient ownership | | Security | Input validation | Type-safe extractors | | Observability | Request tracing | tracing + tower layers |

Critical Constraints

Async by Default

RULE: Web handlers must not block
WHY: Block one task = block many requests
RUST: async/await, spawn_blocking for CPU work

State Management

RULE: Shared state must be thread-safe
WHY: Handlers run on any thread
RUST: Arc<T>, Arc<RwLock<T>> for mutable

Request Lifecycle

RULE: Resources live only for request duration
WHY: Memory management, no leaks
RUST: Extractors, proper ownership

Trace Down ↓

From constraints to design (Layer 2):

"Need shared application state"
    ↓ m07-concurrency: Use Arc for thread-safe sharing
    ↓ m02-resource: Arc<RwLock<T>> for mutable state

"Need request validation"
    ↓ m05-type-driven: Validated extractors
    ↓ m06-error-handling: IntoResponse for errors

"Need middleware stack"
    ↓ m12-lifecycle: Tower layers
    ↓ m04-zero-cost: Trait-based composition

Framework Comparison

| Framework | Style | Best For | |-----------|-------|----------| | axum | Functional, tower | Modern APIs | | actix-web | Actor-based | High performance | | warp | Filter composition | Composable APIs | | rocket | Macro-driven | Rapid development |

Key Crates

| Purpose | Crate | |---------|-------| | HTTP server | axum, actix-web | | HTTP client | reqwest | | JSON | serde_json | | Auth/JWT | jsonwebtoken | | Session | tower-sessions | | Database | sqlx, diesel | | Middleware | tower |

Design Patterns

| Pattern | Purpose | Implementation | |---------|---------|----------------| | Extractors | Request parsing | State(db), Json(payload) | | Error response | Unified errors | impl IntoResponse | | Middleware | Cross-cutting | Tower layers | | Shared state | App config | Arc<AppState> |

Code Pattern: Axum Handler

async fn handler(
    State(db): State<Arc<DbPool>>,
    Json(payload): Json<CreateUser>,
) -> Result<Json<User>, AppError> {
    let user = db.create_user(&payload).await?;
    Ok(Json(user))
}

// Error handling
impl IntoResponse for AppError {
    fn into_response(self) -> Response {
        let (status, message) = match self {
            Self::NotFound => (StatusCode::NOT_FOUND, "Not found"),
            Self::Internal(_) => (StatusCode::INTERNAL_SERVER_ERROR, "Internal error"),
        };
        (status, Json(json!({"error": message}))).into_response()
    }
}

Common Mistakes

| Mistake | Domain Violation | Fix | |---------|-----------------|-----| | Blocking in handler | Latency spike | spawn_blocking | | Rc in state | Not Send + Sync | Use Arc | | No validation | Security risk | Type-safe extractors | | No error response | Bad UX | IntoResponse impl |

Trace to Layer 1

| Constraint | Layer 2 Pattern | Layer 1 Implementation | |------------|-----------------|------------------------| | Async handlers | Async/await | tokio runtime | | Thread-safe state | Shared state | Arc<T>, Arc<RwLock<T>> | | Request lifecycle | Extractors | Ownership via From<Request> | | Middleware | Tower layers | Trait-based composition |

Related Skills

| When | See | |------|-----| | Async patterns | m07-concurrency | | State management | m02-resource | | Error handling | m06-error-handling | | Middleware design | m12-lifecycle |

0xharryriddle/domain-web

archive/upstream/chasebuild-agent-skills/rust/skills/domain-web/SKILL.md

Use when building web services. Keywords: web server, HTTP, REST API, GraphQL, WebSocket, axum, actix, warp, rocket, tower, hyper, reqwest, middleware, router, handler, extractor, state management, authentication, authorization, JWT, session, cookie, CORS, rate limiting, web 开发, HTTP 服务, API 设计, 中间件, 路由

2 stars

development

Updated Mar 24, 2026

$ install --global

skillsauth

npx skillsauth add 0xharryriddle/codex-field-kit domain-web

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

70%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Mar 24, 2026, 9:06 AM185.8s1 file scanned

SKILL.md

name:: domain-web
description:: Use when building web services. Keywords: web server, HTTP, REST API, GraphQL, WebSocket, axum, actix, warp, rocket, tower, hyper, reqwest, middleware, router, handler, extractor, state management, authentication, authorization, JWT, session, cookie, CORS, rate limiting, web 开发, HTTP 服务, API 设计, 中间件, 路由
globs:: ["**/Cargo.toml"]
user-invocable:: false

Web Domain

Layer 3: Domain Constraints

Domain Constraints → Design Implications

Critical Constraints

Async by Default

RULE: Web handlers must not block
WHY: Block one task = block many requests
RUST: async/await, spawn_blocking for CPU work

State Management

RULE: Shared state must be thread-safe
WHY: Handlers run on any thread
RUST: Arc<T>, Arc<RwLock<T>> for mutable

Request Lifecycle

RULE: Resources live only for request duration
WHY: Memory management, no leaks
RUST: Extractors, proper ownership

Trace Down ↓

From constraints to design (Layer 2):

"Need shared application state"
    ↓ m07-concurrency: Use Arc for thread-safe sharing
    ↓ m02-resource: Arc<RwLock<T>> for mutable state

"Need request validation"
    ↓ m05-type-driven: Validated extractors
    ↓ m06-error-handling: IntoResponse for errors

"Need middleware stack"
    ↓ m12-lifecycle: Tower layers
    ↓ m04-zero-cost: Trait-based composition

Framework Comparison

Key Crates

Design Patterns

Code Pattern: Axum Handler

async fn handler(
    State(db): State<Arc<DbPool>>,
    Json(payload): Json<CreateUser>,
) -> Result<Json<User>, AppError> {
    let user = db.create_user(&payload).await?;
    Ok(Json(user))
}

// Error handling
impl IntoResponse for AppError {
    fn into_response(self) -> Response {
        let (status, message) = match self {
            Self::NotFound => (StatusCode::NOT_FOUND, "Not found"),
            Self::Internal(_) => (StatusCode::INTERNAL_SERVER_ERROR, "Internal error"),
        };
        (status, Json(json!({"error": message}))).into_response()
    }
}

Common Mistakes

Trace to Layer 1

Related Skills

| When | See | |------|-----| | Async patterns | m07-concurrency | | State management | m02-resource | | Error handling | m06-error-handling | | Middleware design | m12-lifecycle |

Related Skills

0xharryriddle/vercel-react-best-practices

development

VerifiedTrustedCommunity

React and Next.js performance optimization guidelines from Vercel Engineering. This skill should be used when writing, reviewing, or refactoring React/Next.js code to ensure optimal performance patterns. Triggers on tasks involving React components, Next.js pages, data fetching, bundle optimization, or performance improvements.

2SKILL.mdUpdated Mar 24, 2026

0xharryriddle/vercel-react-best-practices

0xharryriddle/swarm-planner

testing

VerifiedTrustedCommunity

[EXPLICIT INVOCATION ONLY] Creates dependency-aware implementation plans optimized for parallel multi-agent execution.

2SKILL.mdUpdated Mar 24, 2026

0xharryriddle/swarm-planner

0xharryriddle/super-swarm-spark

testing

VerifiedTrustedCommunity

Only to be triggered by explicit super-swarm-spark commands.

2SKILL.mdUpdated Mar 24, 2026

0xharryriddle/super-swarm-spark

0xharryriddle/role-creator

development

VerifiedTrustedCommunity

Create and install Codex custom agent roles in ~/.codex/config.toml, generate role config files, enforce supported keys, and guide users through required role inputs (model, reasoning effort, developer_instructions).

2SKILL.mdUpdated Mar 24, 2026

0xharryriddle/role-creator

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/0xharryriddle/codex-field-kit.git

# Copy into Claude Code skills folder (global)
cp -r codex-field-kit/archive/upstream/chasebuild-agent-skills/rust/skills/domain-web ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

0xharryriddle/codex-field-kit

2 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT