Skills
skills/julianromli/ai-skills/backend-dev

backend-dev

SKILL.md

Backend Development Master - Complete Backend Engineering Workflow

Overview

This skill provides end-to-end backend development services by orchestrating multiple expert systems, advanced development techniques, and specialized tools. It transforms business requirements into production-ready backend systems with comprehensive architecture, security, scalability, and operational excellence.

Key Capabilities:

  • 🏗️ Multi-Expert Backend Architecture - Coordinates backend architects, security engineers, and DevOps specialists
  • 🎯 Full-Stack Development - From API design to database architecture to deployment automation
  • 📊 Production-Ready Implementation - Security-first, scalable, and maintainable code generation
  • 🔧 DevOps Integration - CI/CD pipelines, monitoring, and infrastructure as code
  • 📋 Comprehensive Testing - Unit, integration, and end-to-end testing strategies

When to Use This Skill

Perfect for:

  • New backend system development and API creation
  • Legacy system modernization and microservice decomposition
  • Database architecture and optimization projects
  • Security implementation and compliance requirements
  • Performance optimization and scalability planning
  • DevOps pipeline and infrastructure automation

Triggers:

  • "Create a backend API for [application]"
  • "Design database architecture for [system]"
  • "Build a scalable backend service"
  • "Implement security and authentication"
  • "Set up CI/CD and deployment pipeline"

Backend Development Expert Panel

Backend Architect (System Design)

  • Focus: API design, database architecture, system scalability
  • Techniques: RESTful services, GraphQL, microservices, data modeling
  • Considerations: Performance, scalability, maintainability, API contracts

Security Engineer (Secure Development)

  • Focus: Authentication, authorization, data protection, compliance
  • Techniques: OWASP compliance, encryption, threat modeling, secure coding
  • Considerations: Security by design, zero-trust principles, regulatory compliance

DevOps Architect (Operations & Deployment)

  • Focus: CI/CD, infrastructure automation, monitoring, reliability
  • Techniques: Container orchestration, IaC, observability, zero-downtime deployment
  • Considerations: Infrastructure costs, reliability, scaling strategies, monitoring

Database Specialist (Data Architecture)

  • Focus: Schema design, query optimization, data modeling, migrations
  • Techniques: Normalization, indexing strategies, caching, data consistency
  • Considerations: Data integrity, performance, scalability, backup strategies

Performance Engineer (Optimization)

  • Focus: Performance optimization, bottleneck analysis, caching strategies
  • Techniques: Profiling, load testing, optimization patterns, scaling solutions
  • Considerations: Response times, throughput, resource utilization, cost efficiency

Backend Development Workflow

Phase 1: Requirements Analysis & Technical Planning

Use when: Starting new backend development or modernizing existing systems

Tools Used:

/sc:analyze backend-requirements
BMAD PM Agent: business requirement analysis
Requirements Analyst: technical specification creation
Deep Research Agent: technology stack research

Activities:

  • Analyze business requirements and translate to technical specifications
  • Identify scalability, security, and performance requirements
  • Evaluate technology stack options and architectural patterns
  • Define API contracts and data models
  • Plan integration points and external dependencies

Phase 2: System Architecture & Design

Use when: Designing the technical architecture and system components

Tools Used:

/sc:design --type architecture backend-system
/sc:design --type api restful-apis
/sc:design --type database data-model
Backend Architect: comprehensive system design
Security Engineer: security architecture planning

Activities:

  • Design system architecture and component boundaries
  • Create API specifications and data contracts
  • Design database schemas and relationships
  • Plan security architecture and authentication flows
  • Define scalability and performance strategies

Phase 3: Implementation Planning & Technology Selection

Use when: Preparing for actual code implementation

Tools Used:

/sc:design --type component implementation-strategy
Python Expert: technology-specific implementation patterns
DevOps Architect: deployment and infrastructure planning
Performance Engineer: optimization and monitoring setup

Activities:

  • Select appropriate frameworks, libraries, and tools
  • Create implementation roadmap with milestones
  • Plan database migrations and data seeding strategies
  • Design error handling and logging strategies
  • Prepare development environment and tooling setup

Phase 4: Secure & Scalable Implementation

Use when: Writing production-ready backend code

Tools Used:

/sc:implement backend-service
Python Expert: production-quality code implementation
Security Engineer: secure coding practices and vulnerability prevention
Database Specialist: optimized database interactions
Performance Engineer: efficient algorithms and caching strategies

Activities:

  • Implement core business logic and API endpoints
  • Create secure authentication and authorization systems
  • Optimize database queries and implement caching strategies
  • Implement comprehensive error handling and logging
  • Write unit and integration tests with high coverage

Phase 5: Testing & Quality Assurance

Use when: Ensuring system reliability and security

Tools Used:

/sc:test backend-comprehensive
Quality Engineer: testing strategy implementation
Security Engineer: security testing and vulnerability scanning
Performance Engineer: load testing and performance validation
Playwright MCP: end-to-end API testing

Activities:

  • Implement comprehensive test suites (unit, integration, E2E)
  • Conduct security testing and vulnerability assessments
  • Perform load testing and performance benchmarking
  • Validate API contracts and data integrity
  • Test error scenarios and recovery mechanisms

Phase 6: DevOps & Deployment

Use when: Preparing for production deployment

Tools Used:

/sc:implement production-deployment
DevOps Architect: CI/CD pipeline and infrastructure setup
Security Engineer: production security hardening
Monitoring Setup: observability and alerting systems

Activities:

  • Set up CI/CD pipelines with automated testing and deployment
  • Implement infrastructure as code and containerization
  • Configure monitoring, logging, and alerting systems
  • Create deployment strategies and rollback procedures
  • Document operations procedures and runbooks

Integration Patterns

SuperClaude Command Integration

Command Use Case Output
/sc:design --type architecture System architecture Technical architecture specifications
/sc:design --type api API design RESTful/GraphQL API specifications
/sc:design --type database Database design Optimized schema and data models
/sc:implement backend Code implementation Production-ready backend services
/sc:test backend Testing strategy Comprehensive testing plans
/sc:build deploy Deployment setup CI/CD and infrastructure automation

BMAD Method Integration

Technique Role Capabilities
Greenfield Service Workflow New project development Complete backend service development
Brownfield Integration Legacy modernization Safe system evolution and integration
Security-First Development Secure implementation Built-in security practices and validation
Performance Optimization Scalability planning Bottleneck identification and optimization

MCP Server Integration

Server Expertise Use Case
Sequential Complex reasoning Architecture analysis and problem-solving
Context7 Technical patterns Framework best practices and implementation guides
Playwright API testing End-to-end API validation and testing
Serena Project memory Large codebase navigation and context management

Usage Examples

Example 1: New REST API Development

User: "Create a backend API for an e-commerce platform with user management, product catalog, and order processing"

Workflow:
1. Phase 1: Analyze e-commerce requirements and technical constraints
2. Phase 2: Design microservices architecture with API contracts
3. Phase 3: Plan implementation with Node.js/Express and PostgreSQL
4. Phase 4: Implement secure APIs with JWT authentication
5. Phase 5: Test with comprehensive test suites and load testing
6. Phase 6: Deploy with Docker, Kubernetes, and CI/CD pipeline

Output: Production-ready e-commerce backend with 99.9% uptime target

Example 2: Database Architecture Optimization

User: "Optimize our database architecture for better performance and scalability"

Workflow:
1. Phase 1: Analyze current database performance and bottlenecks
2. Phase 2: Design optimized schema with proper indexing
3. Phase 3: Plan migration strategy with zero downtime
4. Phase 4: Implement caching layer and query optimization
5. Phase 5: Performance test and validate improvements
6. Phase 6: Deploy with monitoring and alerting

Output: 60% performance improvement with horizontal scaling capability

Example 3: Security Implementation

User: "Implement comprehensive security for our financial services backend"

Workflow:
1. Phase 1: Analyze security requirements and compliance needs (SOC2, PCI-DSS)
2. Phase 2: Design zero-trust security architecture
3. Phase 3: Plan secure implementation with encryption and audit logging
4. Phase 4: Implement security controls and monitoring
5. Phase 5: Conduct security testing and vulnerability assessment
6. Phase 6: Deploy with security monitoring and incident response

Output: Fully compliant financial services backend with comprehensive security

Quality Assurance Mechanisms

Multi-Expert Validation

  • Cross-Domain Review: Backend architect, security, and DevOps perspectives
  • Security Validation: Comprehensive vulnerability scanning and compliance checking
  • Performance Testing: Load testing, stress testing, and optimization validation
  • Production Readiness: Complete deployment and operational validation

Automated Quality Checks

  • Code Quality: Linting, formatting, and complexity analysis
  • Security Scanning: Automated vulnerability detection and dependency checking
  • Performance Monitoring: Response time, throughput, and resource utilization tracking
  • Test Coverage: Unit, integration, and end-to-end test coverage validation

Continuous Improvement

  • Performance Monitoring: Real-time performance tracking and alerting
  • Security Monitoring: Continuous vulnerability scanning and threat detection
  • Feedback Integration: User feedback and performance data analysis
  • Pattern Learning: Successful patterns recognition and reuse

Output Deliverables

Primary Deliverable: Complete Backend System

backend-system/
├── api/
│   ├── controllers/              # API endpoint implementations
│   ├── middleware/               # Authentication, validation, error handling
│   ├── routes/                   # API routing and endpoint definitions
│   └── documentation/            # API documentation and contracts
├── services/
│   ├── business/                 # Business logic and domain services
│   ├── data/                     # Data access and database services
│   ├── external/                 # Third-party service integrations
│   └── security/                 # Security services and utilities
├── database/
│   ├── migrations/               # Database schema migrations
│   ├── seeds/                    # Initial data setup
│   ├── models/                   # Data models and relationships
│   └── queries/                  # Optimized database queries
├── tests/
│   ├── unit/                     # Unit tests for individual components
│   ├── integration/              # Integration tests for service interactions
│   ├── e2e/                      # End-to-end API tests
│   └── performance/              # Load and stress tests
├── infrastructure/
│   ├── docker/                   # Container configurations
│   ├── kubernetes/               # K8s deployment manifests
│   ├── ci-cd/                    # CI/CD pipeline configurations
│   └── monitoring/               # Logging, metrics, and alerting
├── documentation/
│   ├── architecture.md           # System architecture documentation
│   ├── api-specs.md              # API specifications and contracts
│   ├── deployment.md             # Deployment procedures and runbooks
│   └── security.md               # Security procedures and compliance
└── config/
    ├── development/              # Development environment configurations
    ├── staging/                  # Staging environment configurations
    └── production/               # Production environment configurations

Supporting Artifacts

  • Architecture Documentation: Detailed system design and technical specifications
  • API Documentation: Comprehensive API contracts and usage examples
  • Security Documentation: Security procedures, compliance reports, and audit trails
  • Performance Reports: Benchmarking results and optimization recommendations
  • Deployment Guides: Step-by-step deployment and operational procedures

Advanced Features

Intelligent Technology Selection

  • Automatically recommends appropriate technology stacks based on requirements
  • Considers team expertise, scalability needs, and maintenance requirements
  • Optimizes for cost, performance, and development efficiency
  • Supports multiple programming languages and frameworks

Security-First Development

  • Built-in security practices and vulnerability prevention
  • Automated security scanning and compliance checking
  • Comprehensive authentication and authorization patterns
  • Integration with security monitoring and threat detection

Performance Optimization

  • Proactive performance monitoring and bottleneck identification
  • Automated optimization suggestions and implementation
  • Load testing and capacity planning tools
  • Real-time performance tracking and alerting

DevOps Automation

  • Complete CI/CD pipeline setup with automated testing and deployment
  • Infrastructure as code with version control and reproducibility
  • Container orchestration and microservice deployment
  • Comprehensive monitoring, logging, and alerting systems

Troubleshooting

Common Backend Development Challenges

  • Scalability Issues: Use microservices architecture and horizontal scaling patterns
  • Security Vulnerabilities: Apply security-first development and comprehensive testing
  • Performance Bottlenecks: Implement caching strategies and database optimization
  • Database Complexity: Use proper normalization, indexing, and query optimization

Deployment and Operations Issues

  • Deployment Failures: Use blue-green deployments and automated rollback
  • Monitoring Gaps: Implement comprehensive observability and alerting
  • Integration Problems: Design clear APIs and implement proper error handling
  • Security Incidents: Implement incident response procedures and security monitoring

Best Practices

For System Design

  • Design for scalability and maintainability from the start
  • Use microservices architecture for complex systems
  • Implement proper separation of concerns and modularity
  • Design for failure with circuit breakers and graceful degradation

For Security Implementation

  • Implement security by design, not as an afterthought
  • Use zero-trust principles and defense-in-depth strategies
  • Regularly update dependencies and conduct security audits
  • Implement comprehensive logging and monitoring for security events

For Performance Optimization

  • Profile before optimizing to identify real bottlenecks
  • Implement appropriate caching strategies at multiple levels
  • Use database indexing and query optimization techniques
  • Monitor performance metrics and set up alerting

For DevOps and Deployment

  • Automate everything that can be automated
  • Use infrastructure as code for reproducible deployments
  • Implement comprehensive monitoring and observability
  • Plan for failure with backup and disaster recovery procedures

This backend development skill transforms the complex process of backend system creation into a guided, expert-supported workflow that leverages the full power of your integrated development toolset. It ensures that backend systems are secure, scalable, maintainable, and production-ready from day one.

Weekly Installs
38
Repository
julianromli/ai-skills
GitHub Stars
142
First Seen
Jan 23, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
codex30
opencode29
gemini-cli28
claude-code28
cursor23
github-copilot23