ajianaz/backend-dev

Backend Development Master - Complete Backend Engineering Workflow

Overview

This skill provides end-to-end backend development services by orchestrating multiple expert systems, advanced development techniques, and specialized tools. It transforms business requirements into production-ready backend systems with comprehensive architecture, security, scalability, and operational excellence.

Key Capabilities:

• 🏗️ Multi-Expert Backend Architecture - Coordinates backend architects, security engineers, and DevOps specialists
• 🎯 Full-Stack Development - From API design to database architecture to deployment automation
• 📊 Production-Ready Implementation - Security-first, scalable, and maintainable code generation
• 🔧 DevOps Integration - CI/CD pipelines, monitoring, and infrastructure as code
• 📋 Comprehensive Testing - Unit, integration, and end-to-end testing strategies

When to Use This Skill

Perfect for:

• New backend system development and API creation
• Legacy system modernization and microservice decomposition
• Database architecture and optimization projects
• Security implementation and compliance requirements
• Performance optimization and scalability planning
• DevOps pipeline and infrastructure automation

Triggers:

• "Create a backend API for [application]"
• "Design database architecture for [system]"
• "Build a scalable backend service"
• "Implement security and authentication"
• "Set up CI/CD and deployment pipeline"

Backend Development Expert Panel

Backend Architect (System Design)

• Focus: API design, database architecture, system scalability
• Techniques: RESTful services, GraphQL, microservices, data modeling
• Considerations: Performance, scalability, maintainability, API contracts

Security Engineer (Secure Development)

• Focus: Authentication, authorization, data protection, compliance
• Techniques: OWASP compliance, encryption, threat modeling, secure coding
• Considerations: Security by design, zero-trust principles, regulatory compliance

DevOps Architect (Operations & Deployment)

• Focus: CI/CD, infrastructure automation, monitoring, reliability
• Techniques: Container orchestration, IaC, observability, zero-downtime deployment
• Considerations: Infrastructure costs, reliability, scaling strategies, monitoring

Database Specialist (Data Architecture)

• Focus: Schema design, query optimization, data modeling, migrations
• Techniques: Normalization, indexing strategies, caching, data consistency
• Considerations: Data integrity, performance, scalability, backup strategies

Performance Engineer (Optimization)

• Focus: Performance optimization, bottleneck analysis, caching strategies
• Techniques: Profiling, load testing, optimization patterns, scaling solutions
• Considerations: Response times, throughput, resource utilization, cost efficiency

Backend Development Workflow

Phase 1: Requirements Analysis & Technical Planning

Use when: Starting new backend development or modernizing existing systems

Tools Used:

/sc:analyze backend-requirements
BMAD PM Agent: business requirement analysis
Requirements Analyst: technical specification creation
Deep Research Agent: technology stack research

Activities:

• Analyze business requirements and translate to technical specifications
• Identify scalability, security, and performance requirements
• Evaluate technology stack options and architectural patterns
• Define API contracts and data models
• Plan integration points and external dependencies

Phase 2: System Architecture & Design

Use when: Designing the technical architecture and system components

Tools Used:

/sc:design --type architecture backend-system
/sc:design --type api restful-apis
/sc:design --type database data-model
Backend Architect: comprehensive system design
Security Engineer: security architecture planning

Activities:

• Design system architecture and component boundaries
• Create API specifications and data contracts
• Design database schemas and relationships
• Plan security architecture and authentication flows
• Define scalability and performance strategies

Phase 3: Implementation Planning & Technology Selection

Use when: Preparing for actual code implementation

Tools Used:

/sc:design --type component implementation-strategy
Python Expert: technology-specific implementation patterns
DevOps Architect: deployment and infrastructure planning
Performance Engineer: optimization and monitoring setup

Activities:

• Select appropriate frameworks, libraries, and tools
• Create implementation roadmap with milestones
• Plan database migrations and data seeding strategies
• Design error handling and logging strategies
• Prepare development environment and tooling setup

Phase 4: Secure & Scalable Implementation

Use when: Writing production-ready backend code

Tools Used:

/sc:implement backend-service
Python Expert: production-quality code implementation
Security Engineer: secure coding practices and vulnerability prevention
Database Specialist: optimized database interactions
Performance Engineer: efficient algorithms and caching strategies

Activities:

• Implement core business logic and API endpoints
• Create secure authentication and authorization systems
• Optimize database queries and implement caching strategies
• Implement comprehensive error handling and logging
• Write unit and integration tests with high coverage

Phase 5: Testing & Quality Assurance

Use when: Ensuring system reliability and security

Tools Used:

/sc:test backend-comprehensive
Quality Engineer: testing strategy implementation
Security Engineer: security testing and vulnerability scanning
Performance Engineer: load testing and performance validation
Playwright MCP: end-to-end API testing

Activities:

• Implement comprehensive test suites (unit, integration, E2E)
• Conduct security testing and vulnerability assessments
• Perform load testing and performance benchmarking
• Validate API contracts and data integrity
• Test error scenarios and recovery mechanisms

Phase 6: DevOps & Deployment

Use when: Preparing for production deployment

Tools Used:

/sc:implement production-deployment
DevOps Architect: CI/CD pipeline and infrastructure setup
Security Engineer: production security hardening
Monitoring Setup: observability and alerting systems

Activities:

• Set up CI/CD pipelines with automated testing and deployment
• Implement infrastructure as code and containerization
• Configure monitoring, logging, and alerting systems
• Create deployment strategies and rollback procedures
• Document operations procedures and runbooks

Integration Patterns

SuperClaude Command Integration

| Command | Use Case | Output | |---------|---------|--------| | /sc:design --type architecture | System architecture | Technical architecture specifications | | /sc:design --type api | API design | RESTful/GraphQL API specifications | | /sc:design --type database | Database design | Optimized schema and data models | | /sc:implement backend | Code implementation | Production-ready backend services | | /sc:test backend | Testing strategy | Comprehensive testing plans | | /sc:build deploy | Deployment setup | CI/CD and infrastructure automation |

BMAD Method Integration

| Technique | Role | Capabilities | |----------|------|------------| | Greenfield Service Workflow | New project development | Complete backend service development | | Brownfield Integration | Legacy modernization | Safe system evolution and integration | | Security-First Development | Secure implementation | Built-in security practices and validation | | Performance Optimization | Scalability planning | Bottleneck identification and optimization |

MCP Server Integration

| Server | Expertise | Use Case | |--------|----------|---------| | Sequential | Complex reasoning | Architecture analysis and problem-solving | | Context7 | Technical patterns | Framework best practices and implementation guides | | Playwright | API testing | End-to-end API validation and testing | | Serena | Project memory | Large codebase navigation and context management |

Usage Examples

Example 1: New REST API Development

User: "Create a backend API for an e-commerce platform with user management, product catalog, and order processing"

Workflow:
1. Phase 1: Analyze e-commerce requirements and technical constraints
2. Phase 2: Design microservices architecture with API contracts
3. Phase 3: Plan implementation with Node.js/Express and PostgreSQL
4. Phase 4: Implement secure APIs with JWT authentication
5. Phase 5: Test with comprehensive test suites and load testing
6. Phase 6: Deploy with Docker, Kubernetes, and CI/CD pipeline

Output: Production-ready e-commerce backend with 99.9% uptime target

Example 2: Database Architecture Optimization

User: "Optimize our database architecture for better performance and scalability"

Workflow:
1. Phase 1: Analyze current database performance and bottlenecks
2. Phase 2: Design optimized schema with proper indexing
3. Phase 3: Plan migration strategy with zero downtime
4. Phase 4: Implement caching layer and query optimization
5. Phase 5: Performance test and validate improvements
6. Phase 6: Deploy with monitoring and alerting

Output: 60% performance improvement with horizontal scaling capability

Example 3: Security Implementation

User: "Implement comprehensive security for our financial services backend"

Workflow:
1. Phase 1: Analyze security requirements and compliance needs (SOC2, PCI-DSS)
2. Phase 2: Design zero-trust security architecture
3. Phase 3: Plan secure implementation with encryption and audit logging
4. Phase 4: Implement security controls and monitoring
5. Phase 5: Conduct security testing and vulnerability assessment
6. Phase 6: Deploy with security monitoring and incident response

Output: Fully compliant financial services backend with comprehensive security

Quality Assurance Mechanisms

Multi-Expert Validation

• Cross-Domain Review: Backend architect, security, and DevOps perspectives
• Security Validation: Comprehensive vulnerability scanning and compliance checking
• Performance Testing: Load testing, stress testing, and optimization validation
• Production Readiness: Complete deployment and operational validation

Automated Quality Checks

• Code Quality: Linting, formatting, and complexity analysis
• Security Scanning: Automated vulnerability detection and dependency checking
• Performance Monitoring: Response time, throughput, and resource utilization tracking
• Test Coverage: Unit, integration, and end-to-end test coverage validation

Continuous Improvement

• Performance Monitoring: Real-time performance tracking and alerting
• Security Monitoring: Continuous vulnerability scanning and threat detection
• Feedback Integration: User feedback and performance data analysis
• Pattern Learning: Successful patterns recognition and reuse

Output Deliverables

Primary Deliverable: Complete Backend System

backend-system/
├── api/
│   ├── controllers/              # API endpoint implementations
│   ├── middleware/               # Authentication, validation, error handling
│   ├── routes/                   # API routing and endpoint definitions
│   └── documentation/            # API documentation and contracts
├── services/
│   ├── business/                 # Business logic and domain services
│   ├── data/                     # Data access and database services
│   ├── external/                 # Third-party service integrations
│   └── security/                 # Security services and utilities
├── database/
│   ├── migrations/               # Database schema migrations
│   ├── seeds/                    # Initial data setup
│   ├── models/                   # Data models and relationships
│   └── queries/                  # Optimized database queries
├── tests/
│   ├── unit/                     # Unit tests for individual components
│   ├── integration/              # Integration tests for service interactions
│   ├── e2e/                      # End-to-end API tests
│   └── performance/              # Load and stress tests
├── infrastructure/
│   ├── docker/                   # Container configurations
│   ├── kubernetes/               # K8s deployment manifests
│   ├── ci-cd/                    # CI/CD pipeline configurations
│   └── monitoring/               # Logging, metrics, and alerting
├── documentation/
│   ├── architecture.md           # System architecture documentation
│   ├── api-specs.md              # API specifications and contracts
│   ├── deployment.md             # Deployment procedures and runbooks
│   └── security.md               # Security procedures and compliance
└── config/
    ├── development/              # Development environment configurations
    ├── staging/                  # Staging environment configurations
    └── production/               # Production environment configurations

Supporting Artifacts

• Architecture Documentation: Detailed system design and technical specifications
• API Documentation: Comprehensive API contracts and usage examples
• Security Documentation: Security procedures, compliance reports, and audit trails
• Performance Reports: Benchmarking results and optimization recommendations
• Deployment Guides: Step-by-step deployment and operational procedures

Advanced Features

Intelligent Technology Selection

• Automatically recommends appropriate technology stacks based on requirements
• Considers team expertise, scalability needs, and maintenance requirements
• Optimizes for cost, performance, and development efficiency
• Supports multiple programming languages and frameworks

Security-First Development

• Built-in security practices and vulnerability prevention
• Automated security scanning and compliance checking
• Comprehensive authentication and authorization patterns
• Integration with security monitoring and threat detection

Performance Optimization

• Proactive performance monitoring and bottleneck identification
• Automated optimization suggestions and implementation
• Load testing and capacity planning tools
• Real-time performance tracking and alerting

DevOps Automation

• Complete CI/CD pipeline setup with automated testing and deployment
• Infrastructure as code with version control and reproducibility
• Container orchestration and microservice deployment
• Comprehensive monitoring, logging, and alerting systems

Troubleshooting

Common Backend Development Challenges

• Scalability Issues: Use microservices architecture and horizontal scaling patterns
• Security Vulnerabilities: Apply security-first development and comprehensive testing
• Performance Bottlenecks: Implement caching strategies and database optimization
• Database Complexity: Use proper normalization, indexing, and query optimization

Deployment and Operations Issues

• Deployment Failures: Use blue-green deployments and automated rollback
• Monitoring Gaps: Implement comprehensive observability and alerting
• Integration Problems: Design clear APIs and implement proper error handling
• Security Incidents: Implement incident response procedures and security monitoring

Best Practices

For System Design

• Design for scalability and maintainability from the start
• Use microservices architecture for complex systems
• Implement proper separation of concerns and modularity
• Design for failure with circuit breakers and graceful degradation

For Security Implementation

• Implement security by design, not as an afterthought
• Use zero-trust principles and defense-in-depth strategies
• Regularly update dependencies and conduct security audits
• Implement comprehensive logging and monitoring for security events

For Performance Optimization

• Profile before optimizing to identify real bottlenecks
• Implement appropriate caching strategies at multiple levels
• Use database indexing and query optimization techniques
• Monitor performance metrics and set up alerting

For DevOps and Deployment

• Automate everything that can be automated
• Use infrastructure as code for reproducible deployments
• Implement comprehensive monitoring and observability
• Plan for failure with backup and disaster recovery procedures

---

This backend development skill transforms the complex process of backend system creation into a guided, expert-supported workflow that leverages the full power of your integrated development toolset. It ensures that backend systems are secure, scalable, maintainable, and production-ready from day one.