Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

vuralserhat86/skills/backend_api

Name: skills/backend_api
Author: vuralserhat86

skills/backend_api/SKILL.md

npx skillsauth add vuralserhat86/antigravity-agentic-skills skills/backend_api

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

🌐 Backend API

REST API tasarımı ve güvenlik best practices.

📋 1. RESTful Endpoints

GET    /api/v1/users           # List
GET    /api/v1/users/:id       # Get one
POST   /api/v1/users           # Create
PATCH  /api/v1/users/:id       # Partial update
DELETE /api/v1/users/:id       # Delete

HTTP Status Codes

| Kod | Kullanım | |-----|----------| | 200 | GET, PATCH, PUT başarılı | | 201 | POST Created | | 204 | DELETE No Content | | 400 | Validation hatası | | 401 | Authentication gerekli | | 403 | Yetki yok | | 404 | Bulunamadı | | 429 | Rate limit |

✅ 2. Input Validation (Zod)

import { z } from 'zod';

const CreateUserSchema = z.object({
  email: z.string().email(),
  password: z.string().min(8),
  name: z.string().min(2).max(100),
});

type CreateUserDto = z.infer<typeof CreateUserSchema>;

🔐 3. Güvenlik

Security Headers

import helmet from 'helmet';
import rateLimit from 'express-rate-limit';

app.use(helmet());
app.use(rateLimit({
  windowMs: 15 * 60 * 1000,
  max: 100,
}));

JWT Authentication

function authMiddleware(req, res, next) {
  const token = req.headers.authorization?.replace('Bearer ', '');
  if (!token) return res.status(401).json({ error: 'Token required' });
  
  const decoded = jwt.verify(token, env.JWT_SECRET);
  req.user = decoded;
  next();
}

📦 4. Response Format

interface SuccessResponse<T> {
  success: true;
  data: T;
  meta?: { page, limit, total };
}

interface ErrorResponse {
  success: false;
  error: { code: string; message: string };
}

🔗 İlgili Skill'ler

backend-core - TypeScript, yapı
backend-database - Repository, caching

backend-database - Repository, caching

Backend API v1.2 - Verified

🔄 Workflow

Kaynak: Node.js Best Practices (Goldberg)

Aşama 1: Interface Design (Contract First)

[ ] Specs: OpenAPI (Swagger) veya Zod şeması ile input/output tanımla.
[ ] Roadmap: Endpoint listesini ve HTTP metodlarını belirle.

Aşama 2: Layered Implementation

[ ] Controller: Sadece HTTP request/response yönet, business logic yazma.
[ ] Service: Tüm iş mantığını buraya koy (Reusable).
[ ] DAL: Veritabanı erişimini soyutla.

Aşama 3: Security & Hardening

[ ] Middleware: Helmet, Rate Limiter ve CORS ayarlarını yap.
[ ] Validation: Gelen her veriyi (Body, Query, Params) Zod ile doğrula.
[ ] Error: Global Error Handler kur ve user-friendly mesaj dön.

Kontrol Noktaları

| Aşama | Doğrulama | |-------|-----------| | 1 | API dokümantasyonu koddan önce mi hazırlandı? | | 2 | Controller dosyasında hiç SQL/ORM kodu var mı? (Olmamalı) | | 3 | 500 hatası dönünce stack trace gizleniyor mu? |

vuralserhat86/skills/backend_api

skills/backend_api/SKILL.md

--- name: backend_api router_kit: FullStackKit description: REST uygulama, validation, security headers, auth patterns. ⚠️ Kod yazarken kullan. API tasarımı/GraphQL için → api-design. metadata: skillport: category: development tags: [accessibility, api integration, backend, backend api, browser apis, client-side, components, css3, debugging, deployment, frameworks, frontend, fullstack, html5, javascript, libraries, node.js, npm, performance optimization, responsive design, seo, state m

42 stars

tools

Updated Apr 21, 2026

$ install --global

skillsauth

npx skillsauth add vuralserhat86/antigravity-agentic-skills skills/backend_api

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 22, 2026, 1:14 AM72.4s1 file scanned

SKILL.md

name:: backend_api
router_kit:: FullStackKit
description:: REST uygulama, validation, security headers, auth patterns. ⚠️ Kod yazarken kullan. API tasarımı/GraphQL için → api-design.
category:: development
tags:: [accessibility, api integration, backend, backend api, browser apis, client-side, components, css3, debugging, deployment, frameworks, frontend, fullstack, html5, javascript, libraries, node.js, npm, performance optimization, responsive design, seo, state management, testing, typescript, ui/ux, web development] - backend-database

🌐 Backend API

REST API tasarımı ve güvenlik best practices.

📋 1. RESTful Endpoints

GET    /api/v1/users           # List
GET    /api/v1/users/:id       # Get one
POST   /api/v1/users           # Create
PATCH  /api/v1/users/:id       # Partial update
DELETE /api/v1/users/:id       # Delete

HTTP Status Codes

✅ 2. Input Validation (Zod)

import { z } from 'zod';

const CreateUserSchema = z.object({
  email: z.string().email(),
  password: z.string().min(8),
  name: z.string().min(2).max(100),
});

type CreateUserDto = z.infer<typeof CreateUserSchema>;

🔐 3. Güvenlik

Security Headers

import helmet from 'helmet';
import rateLimit from 'express-rate-limit';

app.use(helmet());
app.use(rateLimit({
  windowMs: 15 * 60 * 1000,
  max: 100,
}));

JWT Authentication

function authMiddleware(req, res, next) {
  const token = req.headers.authorization?.replace('Bearer ', '');
  if (!token) return res.status(401).json({ error: 'Token required' });
  
  const decoded = jwt.verify(token, env.JWT_SECRET);
  req.user = decoded;
  next();
}

📦 4. Response Format

interface SuccessResponse<T> {
  success: true;
  data: T;
  meta?: { page, limit, total };
}

interface ErrorResponse {
  success: false;
  error: { code: string; message: string };
}

🔗 İlgili Skill'ler

backend-core - TypeScript, yapı
backend-database - Repository, caching

backend-database - Repository, caching

Backend API v1.2 - Verified

🔄 Workflow

Kaynak: Node.js Best Practices (Goldberg)

Aşama 1: Interface Design (Contract First)

[ ] Specs: OpenAPI (Swagger) veya Zod şeması ile input/output tanımla.
[ ] Roadmap: Endpoint listesini ve HTTP metodlarını belirle.

Aşama 2: Layered Implementation

[ ] Controller: Sadece HTTP request/response yönet, business logic yazma.
[ ] Service: Tüm iş mantığını buraya koy (Reusable).
[ ] DAL: Veritabanı erişimini soyutla.

Aşama 3: Security & Hardening

[ ] Middleware: Helmet, Rate Limiter ve CORS ayarlarını yap.
[ ] Validation: Gelen her veriyi (Body, Query, Params) Zod ile doğrula.
[ ] Error: Global Error Handler kur ve user-friendly mesaj dön.

Kontrol Noktaları

Related Skills

vuralserhat86/zustand_state

tools

VerifiedTrustedCommunity

Production-tested setup for Zustand state management in React. Includes patterns for persistence, devtools, and TypeScript patterns. Prevents hydration mismatches and render loops.

42SKILL.mdUpdated Apr 22, 2026

vuralserhat86/zustand_state

vuralserhat86/xlsx

development

VerifiedTrustedCommunity

Comprehensive spreadsheet creation, editing, and analysis with support for formulas, formatting, data analysis, and visualization. When Claude needs to work with spreadsheets (.xlsx, .xlsm, .csv, .tsv, etc) for: (1) Creating new spreadsheets with formulas and formatting, (2) Reading or analyzing data, (3) Modify existing spreadsheets while preserving formulas, (4) Data analysis and visualization in spreadsheets, or (5) Recalculating formulas

42SKILL.mdUpdated Apr 22, 2026

vuralserhat86/skills/websocket_engineer

development

VerifiedTrustedCommunity

--- name: websocket_engineer router_kit: FullStackKit description: WebSocket specialist for real-time communication systems. Invoke for Socket.IO, WebSocket servers, bidirectional messaging, presence systems. Keywords: WebSocket, Socket.IO, real-time, pub/sub, Redis. triggers: - WebSocket - Socket.IO - real-time communication - bidirectional messaging - pub/sub - server push - live updates - chat systems - presence tracking role: specialist scope: implementation output-format:

42SKILL.mdUpdated Apr 22, 2026

vuralserhat86/skills/websocket_engineer

vuralserhat86/webapp_testing

tools

VerifiedTrustedCommunity

Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.

42SKILL.mdUpdated Apr 22, 2026

vuralserhat86/webapp_testing

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/vuralserhat86/antigravity-agentic-skills.git

# Copy into Claude Code skills folder (global)
cp -r antigravity-agentic-skills/skills/backend_api ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

vuralserhat86/antigravity-agentic-skills

42 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT