Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

rzyfront/vendix-prisma-migrations

Name: vendix-prisma-migrations
Author: rzyfront

skills/vendix-prisma-migrations/SKILL.md

npx skillsauth add rzyfront/vendix vendix-prisma-migrations

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

When to Use

Creating or reviewing apps/backend/prisma/migrations/**/migration.sql.
Adding enum values, columns, indexes, constraints, or tables.
Any migration that mutates existing rows.
Recovering from P3009, P3006, P3008, P3012, enum conflicts, or checksum mismatches.

Current Runtime Reality

The current backend Dockerfile runs node dist/src/main.js; it does not currently run npx prisma migrate deploy in the container CMD. Do not claim startup migrations unless deployment pipeline code confirms it.

Production deploys still must run prisma migrate deploy somewhere in the release process. Migration failures can still block deploys and must be resolved at database/migration level.

Commands

npm run db:migrate:dev -w apps/backend
npm run db:migrate:prod -w apps/backend
npm run prisma:generate -w apps/backend

For SQL-first review:

npx prisma migrate dev --create-only --name describe_change

Mandatory Safety Rules

Never commit bare ALTER TYPE ... ADD VALUE; use IF NOT EXISTS or guarded DO $$.
Never edit an already-applied migration; create a new corrective migration.
Never use TRUNCATE ... CASCADE.
Never use DELETE FROM table or UPDATE table SET ... without WHERE.
Never drop populated columns/tables without explicit user approval and backup/snapshot.
Never add ON DELETE CASCADE to business parent tables without explicit approval.
Data-mutating migrations require explicit user approval, DATA IMPACT header, FK/cascade analysis, and representative dry-run.

DATA IMPACT Header

Use this pattern for any migration that modifies rows or has non-trivial production risk:

-- DATA IMPACT:
-- Tables affected: subscription_invoices
-- Expected row changes: remap state partially_paid -> issued if present
-- Destructive operations: none
-- FK/cascade risk: none
-- Idempotency: guarded by WHERE and IF EXISTS checks
-- Approval: documented in chat/PR

Idempotent SQL Patterns

ALTER TYPE "my_enum" ADD VALUE IF NOT EXISTS 'new_value';

ALTER TABLE "my_table" ADD COLUMN IF NOT EXISTS "new_col" TEXT;

CREATE INDEX IF NOT EXISTS "idx_my_table_new_col" ON "my_table"("new_col");

DO $$
BEGIN
  IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'my_enum') THEN
    CREATE TYPE "my_enum" AS ENUM ('a', 'b');
  END IF;
END $$;

Recent migrations also use guarded pg_attribute, pg_constraint, pg_enum, ON CONFLICT DO NOTHING, and pre-flight validation before enum conversion. Follow those existing patterns.

Enum Rule

Postgres enum additions can be problematic when the same migration later uses the new value. If needed, split into two migrations:

Add enum values idempotently.
Use new values in data/schema changes.

Failed Migration Recovery

General workflow:

Inspect _prisma_migrations for finished_at IS NULL.
Determine which SQL was partially applied using catalog queries.
Apply missing changes idempotently or mark migration rolled back/applied with Prisma CLI or DB update only when safe.
Never “fix” by editing an already-applied migration file.

Use prisma migrate resolve --applied <migration> or --rolled-back <migration> when appropriate and safe.

Destructive Table Cleanup Pattern

If clearing a table with inbound FKs is explicitly approved:

Identify inbound FKs through pg_constraint.
Drop inbound FKs first.
Null/repoint child rows if preserving them.
Delete/truncate target without CASCADE.
Recreate FKs with explicit ON DELETE behavior.

Related Skills

vendix-prisma-schema
vendix-prisma-scopes
vendix-prisma-seed
git-workflow

rzyfront/vendix-prisma-migrations

skills/vendix-prisma-migrations/SKILL.md

Production-safe Prisma migration patterns for Vendix: idempotent SQL, enum handling, data-impact headers, destructive-operation bans, failed migration recovery, and Prisma 7 config. Trigger: When creating migrations, editing migration SQL, deploying migrations, or recovering from failed Prisma migrations.

5 stars

devops

Updated May 16, 2026

$ install --global

skillsauth

npx skillsauth add rzyfront/vendix vendix-prisma-migrations

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 16, 2026, 5:10 AM58.5s1 file scanned

SKILL.md

name:: vendix-prisma-migrations
description:: >
Production-safe Prisma migration patterns for Vendix:: idempotent SQL, enum handling,
config. Trigger:: When creating migrations, editing migration SQL, deploying migrations,
license:: Apache-2.0
author:: rzyfront
version:: 2.1
scope:: [root]
auto_invoke:: Creating migrations, editing migration SQL, deploying migrations to production, recovering from P3009, failed migration recovery, ALTER TYPE ADD VALUE, checksum mismatch, modified migration after apply

When to Use

Creating or reviewing apps/backend/prisma/migrations/**/migration.sql.
Adding enum values, columns, indexes, constraints, or tables.
Any migration that mutates existing rows.
Recovering from P3009, P3006, P3008, P3012, enum conflicts, or checksum mismatches.

Current Runtime Reality

Production deploys still must run prisma migrate deploy somewhere in the release process. Migration failures can still block deploys and must be resolved at database/migration level.

Commands

npm run db:migrate:dev -w apps/backend
npm run db:migrate:prod -w apps/backend
npm run prisma:generate -w apps/backend

For SQL-first review:

npx prisma migrate dev --create-only --name describe_change

Mandatory Safety Rules

Never commit bare ALTER TYPE ... ADD VALUE; use IF NOT EXISTS or guarded DO $$.
Never edit an already-applied migration; create a new corrective migration.
Never use TRUNCATE ... CASCADE.
Never use DELETE FROM table or UPDATE table SET ... without WHERE.
Never drop populated columns/tables without explicit user approval and backup/snapshot.
Never add ON DELETE CASCADE to business parent tables without explicit approval.
Data-mutating migrations require explicit user approval, DATA IMPACT header, FK/cascade analysis, and representative dry-run.

DATA IMPACT Header

Use this pattern for any migration that modifies rows or has non-trivial production risk:

-- DATA IMPACT:
-- Tables affected: subscription_invoices
-- Expected row changes: remap state partially_paid -> issued if present
-- Destructive operations: none
-- FK/cascade risk: none
-- Idempotency: guarded by WHERE and IF EXISTS checks
-- Approval: documented in chat/PR

Idempotent SQL Patterns

ALTER TYPE "my_enum" ADD VALUE IF NOT EXISTS 'new_value';

ALTER TABLE "my_table" ADD COLUMN IF NOT EXISTS "new_col" TEXT;

CREATE INDEX IF NOT EXISTS "idx_my_table_new_col" ON "my_table"("new_col");

DO $$
BEGIN
  IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'my_enum') THEN
    CREATE TYPE "my_enum" AS ENUM ('a', 'b');
  END IF;
END $$;

Recent migrations also use guarded pg_attribute, pg_constraint, pg_enum, ON CONFLICT DO NOTHING, and pre-flight validation before enum conversion. Follow those existing patterns.

Enum Rule

Postgres enum additions can be problematic when the same migration later uses the new value. If needed, split into two migrations:

Add enum values idempotently.
Use new values in data/schema changes.

Failed Migration Recovery

General workflow:

Inspect _prisma_migrations for finished_at IS NULL.
Determine which SQL was partially applied using catalog queries.
Apply missing changes idempotently or mark migration rolled back/applied with Prisma CLI or DB update only when safe.
Never “fix” by editing an already-applied migration file.

Use prisma migrate resolve --applied <migration> or --rolled-back <migration> when appropriate and safe.

Destructive Table Cleanup Pattern

If clearing a table with inbound FKs is explicitly approved:

Identify inbound FKs through pg_constraint.
Drop inbound FKs first.
Null/repoint child rows if preserving them.
Delete/truncate target without CASCADE.
Recreate FKs with explicit ON DELETE behavior.

Related Skills

vendix-prisma-schema
vendix-prisma-scopes
vendix-prisma-seed
git-workflow

Related Skills

rzyfront/mobile-dev

development

VerifiedTrustedCommunity

Mobile app development rules for Vendix Expo/React Native project. Trigger: When editing, creating, or modifying any file under apps/mobile, or when developing mobile-specific features.

5SKILL.mdUpdated May 29, 2026

rzyfront/vendix-subscription-gate

development

VerifiedTrustedCommunity

Feature gating by store subscription state: global store write guard, AI feature gate, Redis feature resolution, quota consumption, frontend paywall interceptor, banner, and subscription UI states. Trigger: When adding feature gates, paywalls, subscription-based access control, protecting store write operations, AI feature gates, or rollout flags.

5SKILL.mdUpdated May 16, 2026

rzyfront/vendix-subscription-gate

rzyfront/vendix-saas-billing

testing

VerifiedTrustedCommunity

SaaS subscription billing for Vendix stores: plan pricing, invoices, Wompi platform payments, manual payments, partner commissions, payouts, proration, and dunning. Trigger: When creating SaaS invoices, working with partner rev-share, margin/surcharge pricing, invoice sequence allocation, partner payout batches, subscription payments, manual payments, or dunning flows.

5SKILL.mdUpdated May 16, 2026

rzyfront/vendix-saas-billing

rzyfront/vendix-redis-quota

development

VerifiedTrustedCommunity

Periodic quota counters with Redis, UTC period keys, Lua-based idempotent AI quota consumption, request-id deduplication, and post-success consumption. Trigger: When building quota counters, enforcing monthly/daily feature caps, or reusing AI quota patterns for uploads, emails, exports, or rate-limited features.

5SKILL.mdUpdated May 16, 2026

rzyfront/vendix-redis-quota

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/rzyfront/vendix.git

# Copy into Claude Code skills folder (global)
cp -r vendix/skills/vendix-prisma-migrations ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

rzyfront/vendix

5 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT