jang4360/.agents/skills/nextjs-app-router-fullstack
.agents/skills/nextjs-app-router-fullstack/SKILL.md
# Skill: nextjs-app-router-fullstack ## Purpose Standardize fullstack implementation using Next.js App Router (Server Components + Route Handlers). ## Triggers - Creating new routes or features - Adding server actions - Handling cookies or authentication state - Implementing API routes in /app/api ## Canonical References (Do not duplicate) - AGENTS.md (Security Rules) - SECURITY_CHECKLIST.md - PR-SEQUENCE.md ## Responsibilities - Enforce correct Server vs Client boundary - Ensure secure cook
tools
Updated Apr 6, 2026
$ install --global
skillsauthnpx skillsauth add jang4360/historychat .agents/skills/nextjs-app-router-fullstackInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 6, 2026, 2:14 AM16.1s1 file scanned
SKILL.md
Skill: nextjs-app-router-fullstack
Purpose
Standardize fullstack implementation using Next.js App Router (Server Components + Route Handlers).
Triggers
- Creating new routes or features
- Adding server actions
- Handling cookies or authentication state
- Implementing API routes in /app/api
Canonical References (Do not duplicate)
- AGENTS.md (Security Rules)
- SECURITY_CHECKLIST.md
- PR-SEQUENCE.md
Responsibilities
- Enforce correct Server vs Client boundary
- Ensure secure cookie mutation (Route Handler / Server Function only)
- Prevent client-side secrets or server-only imports
Implementation Steps
- Use Server Components by default.
- Use
use clientonly when interactive state is required. - Cookie read/write must occur only in:
- Route Handlers
- Server Actions
- All API routes must:
- Validate input
- Perform auth guard
- Use RLS-safe DB operations
Required Artifacts
- app/<feature>/page.tsx
- app/api/<feature>/route.ts
- middleware.ts (if needed)
Verification
- Fast Gate passes (lint, typecheck, test)
- No server-only modules imported in client components
Related Skills
jang4360/.agents/skills/testing-vitest-playwright
development
VerifiedTrustedCommunity
# Skill: testing-vitest-playwright ## Purpose Ensure test coverage for route handlers and critical flows. ## Triggers - New API route - Billing logic - Auth changes ## Responsibilities - Unit test core logic - Test webhook idempotency - Test auth guards ## Implementation Steps 1. Write unit test for business logic. 2. Mock webhook replay scenario. 3. Test unauthorized access case. ## Required Artifacts - tests/*
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/systematic-debugging
development
VerifiedTrustedCommunity
# Skill: systematic-debugging ## Purpose Enforce structured debugging workflow. ## Triggers - Production bug - CI failure - Billing mismatch ## Responsibilities - Reproduce - Identify root cause - Patch - Add regression test ## Implementation Steps 1. Reproduce issue locally. 2. Add failing test. 3. Fix. 4. Confirm test passes.
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/supabase-rls-standard
testing
VerifiedTrustedCommunity
# Skill: supabase-rls-standard ## Purpose Apply standardized Row-Level Security policies. ## Triggers - Creating new tables - Modifying ownership rules - Introducing role-based access ## Canonical References - SECURITY_CHECKLIST.md (RLS section) - AGENTS.md ## Responsibilities - Ensure RLS is enabled - Apply ownership + role override template - Index policy columns ## Implementation Steps 1. Enable RLS on new tables. 2. Create SELECT/INSERT/UPDATE/DELETE policies. 3. Use ownership pattern:
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/supabase-auth-ssr-session
tools
VerifiedTrustedCommunity
# Skill: supabase-auth-ssr-session ## Purpose Implement SSR-based authentication using Supabase with secure cookie handling. ## Triggers - Adding login/logout - Protecting routes - Accessing user session server-side ## Canonical References - AGENTS.md - SECURITY_CHECKLIST.md (Auth section) ## Responsibilities - Create browser and server Supabase clients - Enforce cookie-based session flow - Protect admin routes ## Implementation Steps 1. Create `createBrowserClient` and `createServerClient`
SKILL.mdUpdated Apr 6, 2026