The Agent Skills Directory

[SAFE]: The skill provides defensive coding standards focused on security, observability, and maintainability. It mandates a Backend Feasibility & Risk Index (BFRI) assessment before implementation to manage operational and data risks.
[SAFE]: Architectural guidelines enforce a strict layered architecture (Routes -> Controllers -> Services -> Repositories), ensuring a clear separation of concerns and reducing the risk of business logic leakage or unauthorized database access.
[SAFE]: Input validation using Zod is required for all external inputs (bodies, queries, params), which is a critical defense against injection attacks and malformed data processing.
[SAFE]: Configuration management patterns (UnifiedConfig) are used to centralize secrets and settings. The guidelines explicitly warn against hardcoding credentials or committing sensitive files like .env or config.ini to version control.
[SAFE]: Error handling and observability patterns ensure that all exceptions are captured in Sentry with appropriate context, preventing silent failures and facilitating rapid incident response.

backend-dev-guidelines