kaxuna1/express
.claude/skills/express/SKILL.md
Builds RESTful API routes, middleware, and request handling with service layer patterns. Use when: Creating API endpoints, adding middleware, implementing authentication guards, or structuring backend services.
development
Updated Apr 16, 2026
$ install --global
skillsauthnpx skillsauth add kaxuna1/ecomsite expressInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 12:58 PM5.1s6 files scanned
SKILL.md
- name:
- express
- description:
- |
- Use when:
- Creating API endpoints, adding middleware, implementing authentication guards, or structuring backend services.
- allowed-tools:
- Read, Edit, Write, Glob, Grep, Bash
Express Skill
Express backend for Luxia e-commerce uses a service layer pattern with modular routing. Routes handle HTTP concerns, services contain business logic, and middleware manages cross-cutting concerns like auth and rate limiting.
Quick Start
Creating a Route
// backend/src/routes/exampleRoutes.ts
import { Router } from 'express';
import { body, validationResult } from 'express-validator';
import { authenticate } from '../middleware/authMiddleware';
import { exampleService } from '../services/exampleService';
const router = Router();
router.post(
'/',
authenticate,
[body('name').notEmpty(), body('email').isEmail()],
async (req, res) => {
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({ errors: errors.array() });
}
try {
const result = await exampleService.create(req.body);
res.status(201).json(result);
} catch (error: any) {
console.error('Error:', error);
res.status(500).json({ message: error.message });
}
}
);
export default router;
Creating a Service
// backend/src/services/exampleService.ts
import { pool } from '../db/client';
export const exampleService = {
async create(payload: { name: string; email: string }) {
const result = await pool.query(
'INSERT INTO examples (name, email) VALUES ($1, $2) RETURNING *',
[payload.name, payload.email]
);
return result.rows[0];
},
async findById(id: number) {
const result = await pool.query(
'SELECT * FROM examples WHERE id = $1',
[id]
);
return result.rows[0] || null;
}
};
Key Concepts
| Concept | Usage | Example |
|---------|-------|---------|
| Route | HTTP endpoint definition | router.get('/items', handler) |
| Service | Business logic encapsulation | itemService.findById(id) |
| Middleware | Request preprocessing | authenticate, rateLimiter |
| Validator | Input validation | body('email').isEmail() |
| Pool | Database connection | pool.query(sql, params) |
Common Patterns
Protected Admin Route
router.use(authenticate); // All routes below require auth
router.get('/', async (req, res) => {
const adminId = (req as AuthenticatedRequest).adminId;
// ...
});
Optional Authentication
router.get('/public', optionalAuth, async (req, res) => {
const userId = (req as AuthenticatedRequest).userId; // May be undefined
// ...
});
File Upload with Processing
router.post('/', authenticate, upload.single('image'), async (req, res) => {
if (!req.file) {
return res.status(400).json({ message: 'No file provided' });
}
const processed = await sharp(req.file.buffer).webp().toBuffer();
// ...
});
See Also
- routes - Route organization and patterns
- services - Service layer architecture
- database - PostgreSQL query patterns
- auth - JWT authentication flow
- errors - Error handling patterns
Related Skills
- See the postgresql skill for database schema and query optimization
- See the typescript skill for type safety patterns
- See the node skill for Node.js runtime patterns
- See the zod skill for runtime validation (alternative to express-validator)
Related Skills
kaxuna1/zustand
tools
VerifiedTrustedCommunity
Zustand lightweight state management with persistence and middleware. Use when: managing client-side state (cart, auth, UI preferences), replacing React Context with simpler API, accessing state outside React components, implementing localStorage persistence
SKILL.mdUpdated Apr 16, 2026
kaxuna1/zod
development
VerifiedTrustedCommunity
Zod schema validation and TypeScript integration for runtime type safety. Use when: Validating API payloads, form inputs, environment variables, or any external data boundaries where TypeScript types alone cannot guarantee safety.
SKILL.mdUpdated Apr 16, 2026
kaxuna1/vite
tools
VerifiedTrustedCommunity
Configures Vite 5.x build tool, dev server, and frontend asset optimization for the Luxia e-commerce platform. Use when: configuring builds, adding environment variables, optimizing bundle size, setting up testing, debugging HMR issues, or adding Vite plugins.
SKILL.mdUpdated Apr 16, 2026
kaxuna1/typescript
development
VerifiedTrustedCommunity
Enforces strict TypeScript types across frontend and backend codebases. Use when: Writing new services, DTOs, interfaces, type guards, debugging type errors, or ensuring type safety at API boundaries.
SKILL.mdUpdated Apr 16, 2026