backend-controller-pattern-nestjs
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Standardizes NestJS controller implementations with robust security defaults, such as mandatory authorization base classes for Admin and Studio contexts.\n- [SAFE]: Promotes response serialization using Zod to prevent accidental exposure of internal database fields or sensitive metadata.\n- [SAFE]: Includes explicit instructions for validating input identifiers via UidValidationPipe and translating DTOs to internal payloads to maintain layer boundaries.\n- [SAFE]: Describes a secure pattern for user-scoped (Me) endpoints that utilizes token-based identity (ext_id) and enforces resource ownership during database queries.\n- [SAFE]: Documents an authenticated service-to-service communication pattern (Backdoor) using API keys, ensuring non-user-facing internal tools are properly guarded.
Audit Metadata