aedelon/code-patterns
skills/code-patterns/SKILL.md
Reference patterns for REST APIs, pytest/vitest testing, Docker multi-stage builds, GitHub Actions CI/CD, PostgreSQL, TypeScript generics, Python async, and React Server Components. MUST BE USED when user asks about: "API design", "how to test", "Dockerfile", "CI/CD pipeline", "database schema", "TypeScript types", "async/await", "React hooks", "Next.js", "FastAPI", "testing pattern", "mock", "fixture", "docker compose", "github actions", "workflow yaml", "postgres query", "SQL pattern", "migration", "generic type", "server component", "use client", "use server", "middleware pattern", "error handling pattern", "retry logic". Includes code examples and validation commands. NOT for running tests (use smart-test-runner), security patterns (use security-audit), or git operations (use commit-message).
$ install --global
skillsauthnpx skillsauth add aedelon/claude-code-blueprint code-patternsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 29, 2026, 12:17 PM36.5s1 file scanned
SKILL.md
- name:
- code-patterns
- description:
- |-
- MUST BE USED when user asks about:
- API design", "how to test", "Dockerfile", "CI/CD pipeline",
Code Patterns Reference
This skill contains comprehensive patterns for modern development. Reference files are organized by topic.
Quick Reference
| Topic | Key Patterns | When to Use | |-------|--------------|-------------| | API Design | REST, GraphQL, OpenAPI | Designing/implementing APIs | | Testing | pytest, vitest, mocking | Writing tests | | Docker | Multi-stage, Compose | Containerizing apps | | CI/CD | GitHub Actions, pipelines | Setting up automation | | Database | PostgreSQL, migrations | Database design | | TypeScript | Types, generics, patterns | TS development | | Python | async, patterns, uv | Python development | | React/Next.js | Server Components, hooks | Frontend development |
Reference Files
api.md- REST, GraphQL, authentication, paginationtesting.md- pytest, vitest, mocking, coveragedocker.md- Dockerfiles, Compose, productionci-cd.md- GitHub Actions, deploymentdatabase.md- PostgreSQL, migrations, queriestypescript.md- Types, generics, advanced patternspython.md- async, patterns, best practicesreact.md- Server Components, hooks, Next.js
API Design Quick Reference
REST Endpoints
GET /resources List
GET /resources/{id} Get one
POST /resources Create
PUT /resources/{id} Replace
PATCH /resources/{id} Update
DELETE /resources/{id} Delete
HTTP Status Codes
| Code | Meaning | |------|---------| | 200 | OK | | 201 | Created | | 204 | No Content | | 400 | Bad Request | | 401 | Unauthorized | | 403 | Forbidden | | 404 | Not Found | | 422 | Unprocessable | | 429 | Rate Limited | | 500 | Server Error |
Testing Quick Reference
pytest
@pytest.fixture
def client():
return TestClient(app)
def test_endpoint(client):
response = client.get("/api/users")
assert response.status_code == 200
vitest
import { describe, it, expect, vi } from 'vitest';
describe('Component', () => {
it('should work', () => {
expect(true).toBe(true);
});
});
Docker Quick Reference
Multi-Stage Build
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build
FROM node:20-alpine
COPY --from=builder /app/dist ./dist
USER node
CMD ["node", "dist/index.js"]
Compose
services:
app:
build: .
ports:
- "3000:3000"
depends_on:
db:
condition: service_healthy
db:
image: postgres:16-alpine
healthcheck:
test: ["CMD", "pg_isready"]
CI/CD Quick Reference
GitHub Actions
name: CI
on: [push, pull_request]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- run: npm ci
- run: npm test
TypeScript Quick Reference
Utility Types
Partial<T> // All properties optional
Required<T> // All properties required
Pick<T, K> // Select properties
Omit<T, K> // Exclude properties
Record<K, V> // Object with key type K, value type V
Generics
function first<T>(arr: T[]): T | undefined {
return arr[0];
}
Python Quick Reference
Async
async def fetch_data():
async with aiohttp.ClientSession() as session:
async with session.get(url) as response:
return await response.json()
Type Hints
def process(items: list[str]) -> dict[str, int]:
return {item: len(item) for item in items}
React/Next.js Quick Reference
Server Component (default)
// app/page.tsx
async function Page() {
const data = await fetch('...');
return <div>{data}</div>;
}
Client Component
'use client';
import { useState } from 'react';
export function Counter() {
const [count, setCount] = useState(0);
return <button onClick={() => setCount(c => c + 1)}>{count}</button>;
}
Related Skills
aedelon/uv-workflow
tools
VerifiedTrustedCommunity
Master uv package manager for Python: project setup, dependency management, virtual environments, lockfiles, CI/CD integration, Docker builds, and migration from pip/poetry. MUST BE USED when user mentions: "uv", "uv add", "uv run", "uv sync", "uv init", "uv lock", "uv venv", "uv pip", "pyproject.toml", "python project setup", "python dependencies", "virtual environment", "venv", "pip install", "poetry to uv", "migrate from pip", "lockfile python", "requirements.txt", "setup.py", "pip freeze", "uv tool", "install package", "add dependency", "python environment", "new python project", "package manager python", "create project", "uv export", "uv cache", "uv python". 10-100x faster than pip. Covers init, add, sync, lock, run, Docker, CI/CD. NOT for npm/pnpm/yarn (JS toolchain), Rust cargo, or deployment (use deployment-assistant).
53SKILL.mdUpdated Mar 27, 2026
aedelon/security-audit
development
VerifiedTrustedCommunity
Proactive security audit: OWASP top 10, dependency vulnerabilities, secrets detection, input validation, auth patterns, and secure defaults. MUST BE USED when user mentions: "security", "vulnerability", "audit", "OWASP", "CVE", "security review", "pentest", "injection", "XSS", "CSRF", "authentication", "authorization", "secrets", "hardcoded password", "secure", "npm audit", "pip-audit", "check security", "is this secure", "security risk", "data leak", "SQL injection", "command injection", "path traversal", "SSRF", "RCE", "privilege escalation", "supply chain", "dependency scan", "snyk", "trivy", "semgrep", "bandit". Scans code for vulnerabilities, checks dependencies, verifies auth patterns. NOT for explaining security concepts (use pedagogical-explain), or general code review (use code-review).
53SKILL.mdUpdated Mar 27, 2026
aedelon/research-protocol
development
VerifiedTrustedCommunity
Conduct rigorous research with proper citations (DOI, arXiv, PMID) and source triangulation. MUST BE USED when user asks: "what is SOTA", "recent developments", "compare X vs Y", "is it true that", "research says", "latest papers on", "scientific evidence", "studies show", "state of the art", "literature review", "find papers", "academic research", "benchmark results", "who published", "when was X released", "current best", "what does the research say", "evidence for", "peer reviewed". Searches multiple sources, evaluates reliability, states confidence level. NOT for verifying API signatures (use anti-hallucination) or general web search (use WebSearch directly).
53SKILL.mdUpdated Mar 27, 2026
aedelon/core-protocols
development
VerifiedTrustedCommunity
Debug errors systematically by searching first, then analyzing, then proposing verified solutions. MUST BE USED when user reports: "error", "bug", "doesn't work", "fails", "crash", stack traces, exception messages, or any troubleshooting scenario. Triggers: "TypeError", "ImportError", "undefined is not a function", "segfault", "panic", "broken", "not working", "unexpected behavior", "regression", "failing", "exception", "traceback", "stack trace", "debug this", "why does this fail", "help me fix". Also enforces confidence levels and output templates. Prevents guessing solutions without research.
53SKILL.mdUpdated Mar 27, 2026