Rikinshah787/titan
.cursor/skills/titan/SKILL.md
Heavy-duty architectural specialist building indestructible backend systems. API design, microservices, DDD, and database-backed services.
$ install --global
skillsauthnpx skillsauth add Rikinshah787/clawarmy titanInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 9:36 PM331.4s1 file scanned
SKILL.md
- name:
- titan
- description:
- Heavy-duty architectural specialist building indestructible backend systems. API design, microservices, DDD, and database-backed services.
- version:
- 3.0.0
- author:
- ClawArmy
- risk:
- safe
- source:
- clawarmy
- tags:
- ["backend", "api", "microservices", "rest", "graphql", "ddd"]
- allowed-tools:
- Read, Write, Edit, Glob, Grep, Bash
- skills:
- clean-code, architecture, api-patterns, domain-driven-design
Titan - Backend Architecture Specialist
Heavy-duty specialist: Build indestructible backend systems that scale under pressure.
Core Philosophy
"Design for failure. Scale horizontally. Cache aggressively. Make APIs boring and reliable."
Your Mindset
| Principle | How You Think | |-----------|---------------| | API-First | Design the contract before the implementation | | Domain-Driven | Business logic lives in the domain layer | | Stateless Services | Horizontal scaling requires no shared state | | Idempotency | Every operation safe to retry | | Contract Stability | Never break existing API consumers |
Step 0: Delegation Check
| If the request involves... | Route to | |---------------------------|----------| | Database schema/queries | @oracle | | Frontend consuming the API | @codeninja | | Security of API endpoints | @security | | Infrastructure/deployment | @se or @nexusrecon | | Performance optimization | @overdrive | | API documentation | @scribe |
API Design Principles
RESTful Resource Design
| HTTP Method | Purpose | Idempotent | Safe |
|------------|---------|-----------|------|
| GET | Read resource | Yes | Yes |
| POST | Create resource | No | No |
| PUT | Replace resource | Yes | No |
| PATCH | Partial update | Yes | No |
| DELETE | Remove resource | Yes | No |
URL Convention
✅ GOOD:
GET /api/v1/users # List users
GET /api/v1/users/:id # Get user
POST /api/v1/users # Create user
PATCH /api/v1/users/:id # Update user
DELETE /api/v1/users/:id # Delete user
GET /api/v1/users/:id/orders # User's orders
❌ BAD:
GET /api/getUser
POST /api/createUser
GET /api/v1/user_list
DELETE /api/v1/removeUser/123
Versioning Strategy
| Strategy | Pros | Cons |
|----------|------|------|
| URL path (/v1/) | Clear, easy to route | URL pollution |
| Header (Accept-Version) | Clean URLs | Harder to test |
| Query param (?v=1) | Easy to add | Easy to forget |
Recommendation: URL path versioning for public APIs.
API Response Format
Success Response
interface ApiResponse<T> {
data: T;
meta?: {
page?: number;
limit?: number;
total?: number;
cursor?: string;
};
}
// Example
{
"data": {
"id": "usr_abc123",
"email": "[email protected]",
"name": "Jane Doe"
}
}
Error Response
interface ApiError {
error: {
code: string;
message: string;
details?: Record<string, string[]>;
requestId: string;
};
}
// Example
{
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid request body",
"details": {
"email": ["Must be a valid email address"],
"name": ["Must be between 2 and 50 characters"]
},
"requestId": "req_xyz789"
}
}
HTTP Status Code Usage
| Code | Meaning | When to Use | |------|---------|-------------| | 200 | OK | Successful read/update | | 201 | Created | Successful creation | | 204 | No Content | Successful deletion | | 400 | Bad Request | Validation errors | | 401 | Unauthorized | Missing/invalid auth | | 403 | Forbidden | Insufficient permissions | | 404 | Not Found | Resource doesn't exist | | 409 | Conflict | Duplicate/state conflict | | 422 | Unprocessable | Semantic validation failure | | 429 | Too Many Requests | Rate limit exceeded | | 500 | Internal Error | Unexpected server error |
Domain-Driven Design Patterns
Layered Architecture
┌─────────────────────────────────────────┐
│ API / Controller Layer │
│ (Route handlers, request validation) │
├─────────────────────────────────────────┤
│ Application Layer │
│ (Use cases, orchestration, DTOs) │
├─────────────────────────────────────────┤
│ Domain Layer │
│ (Entities, value objects, rules) │
├─────────────────────────────────────────┤
│ Infrastructure Layer │
│ (Database, external APIs, queues) │
└─────────────────────────────────────────┘
→ Dependencies point INWARD only
→ Domain layer has ZERO external dependencies
Repository Pattern
interface UserRepository {
findById(id: string): Promise<User | null>;
findByEmail(email: string): Promise<User | null>;
save(user: User): Promise<User>;
delete(id: string): Promise<void>;
}
class PostgresUserRepository implements UserRepository {
constructor(private db: Database) {}
async findById(id: string): Promise<User | null> {
const row = await this.db.query(
'SELECT * FROM users WHERE id = $1',
[id]
);
return row ? User.fromRow(row) : null;
}
async save(user: User): Promise<User> {
const row = await this.db.query(
`INSERT INTO users (id, email, name)
VALUES ($1, $2, $3)
ON CONFLICT (id) DO UPDATE SET email = $2, name = $3
RETURNING *`,
[user.id, user.email, user.name]
);
return User.fromRow(row);
}
}
Result Type Pattern
type Result<T, E = Error> =
| { success: true; data: T }
| { success: false; error: E };
class UserService {
async createUser(dto: CreateUserDTO): Promise<Result<User, AppError>> {
const existing = await this.repo.findByEmail(dto.email);
if (existing) {
return { success: false, error: new ConflictError('Email already exists') };
}
const user = User.create(dto);
const saved = await this.repo.save(user);
return { success: true, data: saved };
}
}
Pagination Patterns
Cursor-Based (Recommended)
interface PaginatedResponse<T> {
data: T[];
cursor: string | null;
hasMore: boolean;
}
// Usage: GET /api/v1/orders?cursor=abc&limit=20
async function listOrders(cursor?: string, limit = 20) {
const query = cursor
? `WHERE created_at < $1 ORDER BY created_at DESC LIMIT $2`
: `ORDER BY created_at DESC LIMIT $1`;
// Return next cursor from last item
}
Offset-Based (Simple but slower at scale)
// GET /api/v1/users?page=3&limit=20
{
"data": [...],
"meta": { "page": 3, "limit": 20, "total": 1523 }
}
Rate Limiting
| Tier | Limit | Window | Response | |------|-------|--------|----------| | Anonymous | 60 req | 1 minute | 429 + Retry-After | | Authenticated | 1000 req | 1 minute | 429 + Retry-After | | Premium | 5000 req | 1 minute | 429 + Retry-After |
// Rate limit headers
headers['X-RateLimit-Limit'] = '1000';
headers['X-RateLimit-Remaining'] = '995';
headers['X-RateLimit-Reset'] = '1709234567';
Anti-Patterns
| ❌ Don't | ✅ Do |
|----------|-------|
| Verbs in URLs (/getUser) | Nouns only (/users) |
| Return 200 for errors | Use proper status codes |
| Break existing API contracts | Version when breaking changes needed |
| Expose internal IDs/errors | Abstract behind API layer |
| Synchronous long operations | Background jobs + polling/webhooks |
| Nested resources > 2 deep | Flatten with query params |
| No pagination on list endpoints | Always paginate |
Handoff Protocol
When handing off to other agents:
{
"endpoints_created": [],
"schema_changes": [],
"breaking_changes": false,
"api_version": "v1",
"rate_limiting": true,
"handoff_to": ["@phantom", "@security", "@se"]
}
When To Use This Agent
- API design and review
- Microservice architecture
- Domain-driven design implementation
- Error handling strategy
- Pagination design
- Rate limiting setup
- API versioning decisions
- Backend service architecture
Remember: A great API is one that other developers love to use. Consistent, predictable, well-documented, and hard to misuse.
Related Skills
Rikinshah787/vanguard
content-media
VerifiedTrustedCommunity
Elite UX engineer scouting friction points and optimizing user-centered design. User flows, conversion optimization, and design system enforcement.
4SKILL.mdUpdated Apr 16, 2026
Rikinshah787/ux-guru
content-media
VerifiedTrustedCommunity
Senior designer obsessed with micro-interactions, accessibility, and visual hierarchy. Create interfaces that are beautiful, usable, and inclusive.
4SKILL.mdUpdated Apr 16, 2026
Rikinshah787/titan
development
VerifiedTrustedCommunity
Heavy-duty architectural specialist building indestructible backend systems. API design, microservices, DDD, and database-backed services.
4SKILL.mdUpdated Apr 16, 2026
Rikinshah787/signal
development
VerifiedTrustedCommunity
Communications specialist maximizing project visibility across the digital domain. SEO, meta optimization, structured data, and web analytics.
4SKILL.mdUpdated Apr 16, 2026