nestjs
Installation
SKILL.md
NestJS Code Review Rules
Security (Critical)
- Validate all DTOs with
ValidationPipe - Use
@Exclude()to hide sensitive fields in responses - Implement rate limiting with
@nestjs/throttler - Sanitize user input before database queries to prevent injection attacks
- Never log sensitive data (passwords, tokens, API keys)
- Use parameterized queries or ORM methods to prevent SQL injection
- Avoid storing sensitive data or security-relevant instructions in HTML comments
Module Architecture
- One module per feature/domain
- Modules should export only what other modules need
- Use
forRoot/forRootAsyncfor configurable modules - Avoid circular dependencies between modules
Controllers
- Keep controllers thin (delegate to services)
Related skills
More from yldgio/codereview-skills
dotnet
ASP.NET Core patterns, dependency injection, middleware, async/await, and security
6github-actions
GitHub Actions workflow security, performance optimization, and best practices
6docker
Dockerfile best practices, security hardening, multi-stage builds, and image optimization
5react
React component patterns, hooks best practices, state management, and performance optimization
3nextjs
Next.js 14+ App Router patterns, Server Components, API routes, and performance optimization
1angular
Angular component architecture, RxJS patterns, change detection, and module organization
1