333-333-333/go-object-storage
skills/go-object-storage/SKILL.md
Cloud-agnostic object storage with abstract interfaces and implementations for S3, GCS, and MinIO. Trigger: When storing files, logs, metrics exports, backups, or any binary objects in cloud storage.
development
Updated Mar 25, 2026
$ install --global
skillsauthnpx skillsauth add 333-333-333/agents go-object-storageInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Error
VirusTotalMulti-engine malware detection
70%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 25, 2026, 12:21 PM44.5s5 files scanned
SKILL.md
- name:
- go-object-storage
- description:
- >
- Trigger:
- When storing files, logs, metrics exports, backups, or any binary objects in cloud storage.
- author:
- 333-333-333
- version:
- 1.0
- type:
- generic
- scope:
- [api]
When to Use
- Storing user-uploaded files (pet photos, caregiver documents)
- Exporting observability data (logs, metrics, traces) to long-term storage
- Storing backups or reports
- Any file/blob persistence need
Critical Patterns
| Pattern | Rule |
|---------|------|
| Interface first | ObjectStore interface in shared package, never import SDK in domain |
| Cloud agnostic | Same interface for S3, GCS, MinIO — swap via config |
| Bucket per concern | Separate buckets: uploads, exports, backups |
| Signed URLs for clients | Never expose raw credentials; generate pre-signed URLs |
| Content-addressed when possible | Use hash-based keys for immutable objects |
Interface
Reference:
assets/storage.go—internal/shared/storage/storage.go
Defines ObjectStore interface with Put, Get, Delete, Exists, SignedURL, and List methods, plus PutOptions and ObjectInfo types.
S3-Compatible Implementation (S3 / MinIO)
Reference:
assets/s3.go—internal/shared/storage/s3.go
Uses AWS SDK v2. Supports custom endpoints and path-style access for MinIO compatibility.
Key Naming Conventions
{concern}/{service}/{date}/{filename}
Examples:
uploads/caregiver/2025-01-15/photo-abc123.jpg
exports/observability/2025-01-15/traces-14h.jsonl
exports/observability/2025-01-15/metrics-14h.jsonl
backups/booking/2025-01-15/booking-db-full.sql.gz
Configuration
Reference:
assets/config.go—StorageConfig+NewObjectStorefactory
Factory function switches on Provider to create the appropriate implementation (s3/minio or gcs).
Local Development with MinIO
Reference:
assets/docker-compose-minio.yml
# Config for local dev
STORAGE_PROVIDER=minio
STORAGE_ENDPOINT=http://localhost:9000
STORAGE_REGION=us-east-1
STORAGE_FORCE_PATH_STYLE=true
Commands
# AWS SDK v2
go get github.com/aws/aws-sdk-go-v2
go get github.com/aws/aws-sdk-go-v2/config
go get github.com/aws/aws-sdk-go-v2/service/s3
# MinIO for local dev
docker-compose up minio
# Create buckets via MinIO client
brew install minio/stable/mc
mc alias set local http://localhost:9000 minioadmin minioadmin
mc mb local/bastet-uploads
mc mb local/bastet-exports
mc mb local/bastet-backups
Anti-Patterns
| ❌ Don't | ✅ Do |
|----------|-------|
| Import AWS SDK in domain layer | Use ObjectStore interface |
| Hardcode bucket names | Configure via environment variables |
| Send files through your API | Generate pre-signed URLs, client uploads directly |
| Store files without organized key structure | Use {concern}/{service}/{date}/{file} pattern |
| Single bucket for everything | Separate buckets per concern (uploads, exports, backups) |
Related Skills
333-333-333/ux-review
testing
VerifiedTrustedCommunity
Review Flutter components and screens for UX/UI compliance. Trigger: When user invokes /ux-review command or requests UX audit.
SKILL.mdUpdated Mar 25, 2026
333-333-333/typescript
development
VerifiedTrustedCommunity
TypeScript strict patterns and best practices. Trigger: When implementing or refactoring TypeScript in .ts/.tsx (types, interfaces, generics, const maps, type guards, removing any, tightening unknown).
SKILL.mdUpdated Mar 25, 2026
333-333-333/testing-strategy
testing
VerifiedTrustedCommunity
Testing philosophy and strategy for every feature: test pyramid, mandatory levels per change type, completion checklist, and skill delegation. Trigger: When planning tests for a feature, reviewing test coverage, defining acceptance criteria, or asking what tests a change needs.
SKILL.mdUpdated Mar 25, 2026
333-333-333/terraform-security
development
VerifiedTrustedCommunity
Terraform security practices: sensitive variables, secret management, state protection, .gitignore patterns, and CI/CD credential handling. Trigger: When handling secrets in Terraform, configuring state backends, reviewing .gitignore for Terraform, or setting up CI/CD pipelines for infrastructure.
SKILL.mdUpdated Mar 25, 2026