Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

d-subrahmanyam/django

Name: django
Author: d-subrahmanyam

.agents/skills/django/SKILL.md

npx skillsauth add d-subrahmanyam/deno-fresh-microservices django

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Django Core Knowledge

Full Reference: See advanced.md for Django Channels setup, WebSocket consumers, JWT authentication middleware, broadcasting from views, room management, and WebSocket testing.

Deep Knowledge: Use mcp__documentation__fetch_docs with technology: django for comprehensive documentation.

Model Definition

from django.db import models

class User(models.Model):
    name = models.CharField(max_length=100)
    email = models.EmailField(unique=True)
    created_at = models.DateTimeField(auto_now_add=True)
    is_active = models.BooleanField(default=True)

    class Meta:
        ordering = ['-created_at']

    def __str__(self):
        return self.name

Views (Class-Based)

from django.views.generic import ListView, DetailView, CreateView
from django.urls import reverse_lazy

class UserListView(ListView):
    model = User
    template_name = 'users/list.html'
    context_object_name = 'users'
    paginate_by = 20

class UserDetailView(DetailView):
    model = User
    template_name = 'users/detail.html'

class UserCreateView(CreateView):
    model = User
    fields = ['name', 'email']
    success_url = reverse_lazy('user-list')

Django REST Framework

from rest_framework import viewsets, serializers

class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ['id', 'name', 'email', 'created_at']

class UserViewSet(viewsets.ModelViewSet):
    queryset = User.objects.all()
    serializer_class = UserSerializer

Key Commands

python manage.py makemigrations
python manage.py migrate
python manage.py createsuperuser
python manage.py runserver

Project Structure

myproject/
├── manage.py
├── myproject/
│   ├── settings.py
│   ├── urls.py
│   └── wsgi.py
└── users/
    ├── models.py
    ├── views.py
    ├── urls.py
    └── admin.py

When NOT to Use This Skill

FastAPI projects - FastAPI is async-first with automatic OpenAPI docs
Flask microservices - Django is heavyweight for simple APIs
Non-Python backends - Use language-appropriate frameworks
Real-time only apps - Consider Node.js or Go for WebSocket-heavy apps
Serverless functions - Django startup time is too slow

Anti-Patterns

| Anti-Pattern | Why It's Bad | Solution | |--------------|--------------|----------| | N+1 queries | Slow performance | Use select_related() and prefetch_related() | | No index on frequently queried fields | Slow queries | Add db_index=True to model fields | | Using .filter() in loops | Multiple DB hits | Use .filter(id__in=list) | | Storing sensitive data in settings.py | Security risk | Use environment variables | | Missing CSRF protection | XSS vulnerability | Keep CsrfViewMiddleware enabled | | Fat models | Hard to test | Move business logic to services |

Quick Troubleshooting

| Problem | Diagnosis | Fix | |---------|-----------|-----| | "No such table" error | Migrations not applied | Run python manage.py migrate | | Static files not loading | STATIC_URL misconfigured | Run collectstatic in production | | CSRF verification failed | Missing CSRF token | Add {% csrf_token %} to forms | | "OperationalError: database is locked" | SQLite concurrency | Use PostgreSQL in production | | Circular import errors | Models importing each other | Use get_model() or string references | | Slow admin interface | No list_select_related | Add list_select_related to ModelAdmin |

Production Readiness

Security Configuration

# settings/production.py
DEBUG = False
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS')
SECRET_KEY = env('SECRET_KEY')

# Security headers
SECURE_SSL_REDIRECT = True
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_CONTENT_TYPE_NOSNIFF = True
X_FRAME_OPTIONS = 'DENY'

# Session security
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
CSRF_COOKIE_SECURE = True

Caching

CACHES = {
    'default': {
        'BACKEND': 'django.core.cache.backends.redis.RedisCache',
        'LOCATION': env('REDIS_URL'),
    }
}

# Usage
from django.views.decorators.cache import cache_page

@cache_page(60 * 15)  # 15 minutes
def my_view(request):
    ...

Health Checks

from django.http import JsonResponse
from django.db import connection

def health_check(request):
    return JsonResponse({'status': 'healthy'})

def ready_check(request):
    try:
        connection.ensure_connection()
        return JsonResponse({'status': 'ready', 'database': 'connected'})
    except Exception as e:
        return JsonResponse({'status': 'not ready', 'error': str(e)}, status=503)

Gunicorn Configuration

# gunicorn.conf.py
import multiprocessing

workers = multiprocessing.cpu_count() * 2 + 1
worker_class = 'uvicorn.workers.UvicornWorker'  # For async
bind = '0.0.0.0:8000'
max_requests = 1000
timeout = 30

Testing

import pytest
from django.test import Client

@pytest.fixture
def authenticated_client(django_user_model):
    user = django_user_model.objects.create_user(
        username='test', password='test123'
    )
    client = Client()
    client.force_login(user)
    return client

@pytest.mark.django_db
class TestUserAPI:
    def test_create_user(self, api_client):
        response = api_client.post('/api/users/', {
            'name': 'John', 'email': '[email protected]'
        }, content_type='application/json')
        assert response.status_code == 201

Monitoring Metrics

| Metric | Target | |--------|--------| | Response time (p99) | < 200ms | | Error rate (5xx) | < 0.1% | | Database connections | < pool size | | Cache hit ratio | > 80% |

Checklist

[ ] DEBUG=False in production
[ ] Security headers enabled
[ ] HTTPS enforced (SSL redirect)
[ ] Database connection pooling
[ ] Redis caching configured
[ ] Structured JSON logging
[ ] Health/readiness endpoints
[ ] Gunicorn with workers
[ ] Static files on CDN
[ ] pytest with fixtures

Reference Documentation

Models & ORM
Views Patterns

d-subrahmanyam/django

.agents/skills/django/SKILL.md

Django batteries-included Python framework. Covers models, views, templates, ORM, and admin. Use when building full-featured Python web applications. USE WHEN: user mentions "django", "django orm", "django admin", "django templates", asks about "python cms", "django rest framework", "drf", "django models", "django migrations", "django channels", "django forms" DO NOT USE FOR: FastAPI projects - use `fastapi` instead, Flask projects - use `flask` instead, async-first Python APIs, microservices without admin panel

development

Updated Apr 16, 2026

$ install --global

skillsauth

npx skillsauth add d-subrahmanyam/deno-fresh-microservices django

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 24, 2026, 8:54 PM1.8s1 file scanned

SKILL.md

name:: django
description:: |
USE WHEN:: user mentions "django", "django orm", "django admin", "django templates",
DO NOT USE FOR:: FastAPI projects - use `fastapi` instead, Flask projects - use `flask` instead,
allowed-tools:: Read, Grep, Glob, Write, Edit

Django Core Knowledge

Full Reference: See advanced.md for Django Channels setup, WebSocket consumers, JWT authentication middleware, broadcasting from views, room management, and WebSocket testing.

Deep Knowledge: Use mcp__documentation__fetch_docs with technology: django for comprehensive documentation.

Model Definition

from django.db import models

class User(models.Model):
    name = models.CharField(max_length=100)
    email = models.EmailField(unique=True)
    created_at = models.DateTimeField(auto_now_add=True)
    is_active = models.BooleanField(default=True)

    class Meta:
        ordering = ['-created_at']

    def __str__(self):
        return self.name

Views (Class-Based)

from django.views.generic import ListView, DetailView, CreateView
from django.urls import reverse_lazy

class UserListView(ListView):
    model = User
    template_name = 'users/list.html'
    context_object_name = 'users'
    paginate_by = 20

class UserDetailView(DetailView):
    model = User
    template_name = 'users/detail.html'

class UserCreateView(CreateView):
    model = User
    fields = ['name', 'email']
    success_url = reverse_lazy('user-list')

Django REST Framework

from rest_framework import viewsets, serializers

class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ['id', 'name', 'email', 'created_at']

class UserViewSet(viewsets.ModelViewSet):
    queryset = User.objects.all()
    serializer_class = UserSerializer

Key Commands

python manage.py makemigrations
python manage.py migrate
python manage.py createsuperuser
python manage.py runserver

Project Structure

myproject/
├── manage.py
├── myproject/
│   ├── settings.py
│   ├── urls.py
│   └── wsgi.py
└── users/
    ├── models.py
    ├── views.py
    ├── urls.py
    └── admin.py

When NOT to Use This Skill

FastAPI projects - FastAPI is async-first with automatic OpenAPI docs
Flask microservices - Django is heavyweight for simple APIs
Non-Python backends - Use language-appropriate frameworks
Real-time only apps - Consider Node.js or Go for WebSocket-heavy apps
Serverless functions - Django startup time is too slow

Anti-Patterns

Quick Troubleshooting

Production Readiness

Security Configuration

# settings/production.py
DEBUG = False
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS')
SECRET_KEY = env('SECRET_KEY')

# Security headers
SECURE_SSL_REDIRECT = True
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_CONTENT_TYPE_NOSNIFF = True
X_FRAME_OPTIONS = 'DENY'

# Session security
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
CSRF_COOKIE_SECURE = True

Caching

CACHES = {
    'default': {
        'BACKEND': 'django.core.cache.backends.redis.RedisCache',
        'LOCATION': env('REDIS_URL'),
    }
}

# Usage
from django.views.decorators.cache import cache_page

@cache_page(60 * 15)  # 15 minutes
def my_view(request):
    ...

Health Checks

from django.http import JsonResponse
from django.db import connection

def health_check(request):
    return JsonResponse({'status': 'healthy'})

def ready_check(request):
    try:
        connection.ensure_connection()
        return JsonResponse({'status': 'ready', 'database': 'connected'})
    except Exception as e:
        return JsonResponse({'status': 'not ready', 'error': str(e)}, status=503)

Gunicorn Configuration

# gunicorn.conf.py
import multiprocessing

workers = multiprocessing.cpu_count() * 2 + 1
worker_class = 'uvicorn.workers.UvicornWorker'  # For async
bind = '0.0.0.0:8000'
max_requests = 1000
timeout = 30

Testing

import pytest
from django.test import Client

@pytest.fixture
def authenticated_client(django_user_model):
    user = django_user_model.objects.create_user(
        username='test', password='test123'
    )
    client = Client()
    client.force_login(user)
    return client

@pytest.mark.django_db
class TestUserAPI:
    def test_create_user(self, api_client):
        response = api_client.post('/api/users/', {
            'name': 'John', 'email': '[email protected]'
        }, content_type='application/json')
        assert response.status_code == 201

Monitoring Metrics

| Metric | Target | |--------|--------| | Response time (p99) | < 200ms | | Error rate (5xx) | < 0.1% | | Database connections | < pool size | | Cache hit ratio | > 80% |

Checklist

[ ] DEBUG=False in production
[ ] Security headers enabled
[ ] HTTPS enforced (SSL redirect)
[ ] Database connection pooling
[ ] Redis caching configured
[ ] Structured JSON logging
[ ] Health/readiness endpoints
[ ] Gunicorn with workers
[ ] Static files on CDN
[ ] pytest with fixtures

Reference Documentation

Models & ORM
Views Patterns

Related Skills

d-subrahmanyam/fastify-typescript

development

VerifiedTrustedCommunity

Guidelines for building high-performance APIs with Fastify and TypeScript, covering validation, Prisma integration, and testing best practices

SKILL.mdUpdated Apr 17, 2026

d-subrahmanyam/fastify-typescript

d-subrahmanyam/fastapi

development

VerifiedTrustedCommunity

FastAPI modern Python web framework. Covers routing, Pydantic models, dependency injection, and async support. Use when building Python APIs. USE WHEN: user mentions "fastapi", "pydantic", "async python api", "python rest api", asks about "dependency injection python", "python openapi", "python swagger", "async endpoints", "python api validation", "fastapi middleware" DO NOT USE FOR: Django apps - use `django` instead, Flask apps - use `flask` instead, synchronous Python APIs without type hints, GraphQL-only APIs

SKILL.mdUpdated Apr 16, 2026

d-subrahmanyam/fastapi

d-subrahmanyam/fastapi-testing

tools

VerifiedTrustedCommunity

FastAPI integration testing specialist. Covers synchronous TestClient, async httpx AsyncClient, dependency injection overrides, auth testing (JWT, OAuth2, API keys), WebSocket testing, file uploads, background tasks, middleware testing, and HTTP mocking with respx, responses, and pytest-httpserver. USE WHEN: user mentions "FastAPI test", "TestClient", "httpx async test", "dependency override test", "respx mock", asks about testing FastAPI endpoints, authentication in tests, or HTTP client mocking. DO NOT USE FOR: Django - use `pytest-django`; pytest internals - use `pytest`; Container infrastructure - use `testcontainers-python`

SKILL.mdUpdated Apr 16, 2026

d-subrahmanyam/fastapi-testing

d-subrahmanyam/fastapi-python

development

VerifiedTrustedCommunity

Expert in FastAPI Python development with best practices for APIs and async operations

SKILL.mdUpdated Apr 16, 2026

d-subrahmanyam/fastapi-python

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/d-subrahmanyam/deno-fresh-microservices.git

# Copy into Claude Code skills folder (global)
cp -r deno-fresh-microservices/.agents/skills/django ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

d-subrahmanyam/deno-fresh-microservices

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT