codyswanngt/nestjs-graphql
plugins/src/nestjs/skills/nestjs-graphql/SKILL.md
Comprehensive guide for NestJS GraphQL development using Apollo and code-first approach. This skill should be used when writing GraphQL resolvers, mutations, queries, types, subscriptions, or implementing advanced features like field middleware, complexity limits, and custom scalars. Also covers project-specific patterns including zero-trust auth decorators and DataLoader integration.
$ install --global
skillsauthnpx skillsauth add codyswanngt/lisa nestjs-graphqlInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 23, 2026, 4:36 AM2.8s1 file scanned
SKILL.md
- name:
- nestjs-graphql
- description:
- Comprehensive guide for NestJS GraphQL development using Apollo and code-first approach. This skill should be used when writing GraphQL resolvers, mutations, queries, types, subscriptions, or implementing advanced features like field middleware, complexity limits, and custom scalars. Also covers project-specific patterns including zero-trust auth decorators and DataLoader integration.
NestJS GraphQL Development Guide
Overview
This skill provides comprehensive guidance for building GraphQL APIs with NestJS using Apollo Server and the code-first approach. It covers official NestJS GraphQL patterns plus project-specific implementations for authentication, authorization, and data loading.
When to Use This Skill
- Writing new GraphQL resolvers, queries, or mutations
- Creating GraphQL object types, input types, or enums
- Implementing field resolvers or computed fields
- Adding subscriptions for real-time updates
- Configuring query complexity limits
- Creating custom scalars or field middleware
- Implementing authentication/authorization on GraphQL operations
- Setting up DataLoader for N+1 prevention
Quick Reference
Core Decorators
| Decorator | Purpose | Import |
|-----------|---------|--------|
| @Resolver() | Define resolver class | @nestjs/graphql |
| @Query() | Define query operation | @nestjs/graphql |
| @Mutation() | Define mutation operation | @nestjs/graphql |
| @Args() | Extract arguments | @nestjs/graphql |
| @Context() | Access GraphQL context | @nestjs/graphql |
| @Parent() | Access parent in field resolver | @nestjs/graphql |
| @ResolveField() | Define field resolver | @nestjs/graphql |
| @ObjectType() | Define GraphQL object type | @nestjs/graphql |
| @InputType() | Define GraphQL input type | @nestjs/graphql |
| @Field() | Define field on type | @nestjs/graphql |
| @Extensions() | Attach metadata to fields | @nestjs/graphql |
Type Decorators
| Decorator | GraphQL Type | TypeScript Type |
|-----------|-------------|-----------------|
| @Field(() => String) | "String!" | string |
| @Field(() => Int) | "Int!" | number |
| @Field(() => Float) | "Float!" | number |
| @Field(() => Boolean) | "Boolean!" | boolean |
| @Field(() => ID) | "ID!" | string |
| @Field(() => [String]) | "[String!]!" | string[] |
| @Field({ nullable: true }) | String | string \| null |
Code-First Patterns
Basic Resolver Structure
import { Args, Context, Mutation, Query, Resolver } from "@nestjs/graphql";
import { Public, Authed } from "../auth";
@Resolver(() => Entity)
export class EntityResolver {
constructor(private readonly entityService: EntityService) {}
@Query(() => Entity, { description: "Retrieve entity by ID" })
@Authed()
async entity(@Args("id", { type: () => ID }) id: string): Promise<Entity> {
return this.entityService.findById(id);
}
@Mutation(() => Entity, { description: "Create new entity" })
@Authed()
async createEntity(
@Args("input") input: CreateEntityInput,
@Context() { req }: GraphQLContext
): Promise<Entity> {
return this.entityService.create(input, req.user.id);
}
}
Object Type Definition
import { Field, ID, ObjectType } from "@nestjs/graphql";
@ObjectType({ description: "Represents a user in the system" })
export class User {
@Field(() => ID, { description: "Unique identifier" })
id: string;
@Field(() => String, { description: "User's email address" })
email: string;
@Field(() => String, { nullable: true, description: "Display name" })
displayName?: string;
@Field(() => Date, { description: "Account creation timestamp" })
createdAt: Date;
}
Input Type Definition
import { Field, InputType } from "@nestjs/graphql";
@InputType({ description: "Input for creating a new user" })
export class CreateUserInput {
@Field(() => String, { description: "User's email address" })
email: string;
@Field(() => String, { description: "User's password" })
password: string;
@Field(() => String, { nullable: true, description: "Optional display name" })
displayName?: string;
}
References
This skill includes detailed reference files for specific topics:
references/quick-start.md
Setup and configuration for NestJS GraphQL with Apollo driver, module configuration, and code-first vs schema-first approaches.
references/resolvers-mutations.md
Comprehensive guide to writing resolvers, queries, mutations, field resolvers, and using decorators like @Args, @Context, @Parent.
references/types-scalars.md
Creating object types, input types, enums, interfaces, unions, and custom scalars. Includes mapped types (PartialType, PickType, etc.).
references/advanced-features.md
Field middleware, query complexity, plugins, subscriptions, and extensions.
references/project-patterns.md
Project-specific patterns including zero-trust auth decorators (@Public, @Authed, @Owner, @Groups), DataLoader integration, and GraphQL documentation standards.
Common Tasks
Adding a New Query
- Add method to resolver with
@Query()decorator - Add auth decorator (
@Public(),@Authed(), or@Groups()) - Define return type in decorator:
@Query(() => ReturnType) - Add description:
@Query(() => ReturnType, { description: "..." }) - Use
@Args()for parameters with descriptions
Adding a New Mutation
- Add method to resolver with
@Mutation()decorator - Add auth decorator (mutations typically use
@Authed()) - Create InputType for complex inputs
- Access user context via
@Context() { req }: GraphQLContext
Adding Field Resolver
@ResolveField(() => [Comment], { description: "Entity's comments" })
async comments(
@Parent() entity: Entity,
@Context() { loaders }: GraphQLContext
): Promise<Comment[]> {
return loaders.commentsLoader.load(entity.id);
}
Adding DataLoader for New Entity
- Add batch method to service:
getByIds(ids: string[]): Promise<Entity[]> - Add loader type to
IDataLoadersinterface - Create loader in
DataLoaderService.getLoaders() - Use in resolver:
loaders.entityLoader.load(id)
See references/project-patterns.md for detailed DataLoader patterns.
Related Skills
codyswanngt/lisa-wiki-onboard-me
documentation
VerifiedTrustedCommunity
Onboard a user to the project via its LLM Wiki. Interviews the user about themselves in relation to the project, captures that to project-scoped memory only, then gives a guided tour of what the project is and sample questions they can ask. Use when someone is new to the project or asks to be onboarded. Read-mostly — it does not open PRs or write PII into the wiki.
1SKILL.mdUpdated Jun 5, 2026
codyswanngt/lisa-wiki-migrate
documentation
VerifiedTrustedCommunity
Migrate an existing, hand-rolled wiki implementation onto the lisa-wiki kernel — phased and compatibility-first, with a strict no-loss guarantee. Use when adopting lisa-wiki in a repo that already has its own wiki/, ingest skills, docs, or roles. Renaming things into the canonical shape is fine; losing functionality or data is not. Ends by running /doctor.
1SKILL.mdUpdated Jun 5, 2026
codyswanngt/lisa-wiki-lint
development
VerifiedTrustedCommunity
Health-check the LLM Wiki. Reports orphan pages, contradictions, stale claims, broken internal links, missing index/log coverage, structure-manifest violations, and secret/tenant leaks. Use periodically or before hardening a wiki. Read-only — it reports findings, it does not fix them.
1SKILL.mdUpdated Jun 5, 2026
codyswanngt/lisa-wiki-ingest
testing
VerifiedTrustedCommunity
Ingest source material into the LLM Wiki. With an argument (URL, file path, or prompt) it ingests that one source; with no argument it runs a full ingest across every enabled non-external-write source. Routes to the right connector, then runs the ordered pipeline (source note → synthesis → index → log → verify → state → commit/PR). Use whenever new knowledge should enter the wiki.
1SKILL.mdUpdated Jun 5, 2026