Backend Development Skill
Activation Context
Activates when working on server-side code, APIs, business logic, or backend services.
When to Invoke backend-engineer Agent
- •Implementing API endpoints
- •Writing business logic
- •Creating server-side services
- •Integrating with external APIs
- •Implementing authentication/authorization
- •Building background jobs or workers
Coordination Protocol
Before Starting Backend Work
- •Review architecture specification from architect
- •Confirm database schema with database-engineer
- •Verify API contracts with frontend-engineer
- •Check security requirements with security-engineer
During Development
- •Follow RESTful or GraphQL API standards
- •Implement proper error handling
- •Add logging for debugging and monitoring
- •Write unit tests (80%+ coverage)
- •Document API endpoints
- •Consider performance and scalability
Testing Requirements
- •Unit tests for all business logic
- •Integration tests for API endpoints
- •Error handling tests
- •Authentication/authorization tests
- •Performance tests for critical paths
Code Review Checklist (for code-reviewer)
- • API endpoints follow project conventions
- • Proper error handling implemented
- • Input validation on all endpoints
- • Authentication/authorization enforced
- • Database queries optimized (consult database-engineer)
- • Logging added appropriately
- • Tests written and passing
- • API documentation updated
Handoff Points
- •From architect: API specifications and architecture design
- •From database-engineer: Database schema and query patterns
- •To frontend-engineer: API endpoint documentation and contracts
- •To qa-engineer: Test scenarios and acceptance criteria
- •To devsecopsengineer: Deployment configuration and environment variables
Security Considerations (security-engineer review required)
- •Validate all user inputs
- •Use parameterized queries
- •Implement rate limiting
- •Secure API authentication
- •Protect against OWASP Top 10
- •No secrets in code
Best Practices
- •Keep controllers thin, move logic to services
- •Use dependency injection
- •Follow SOLID principles
- •Return consistent API responses
- •Version your APIs
- •Implement graceful error handling