skills.homes logoskills.homescapability registry
home/categories/backend
category focus

Backend

Server-side logic, APIs, and microservices.

1742 スキルall categories
sorting
stars
current ordering strategy
query
all entries
refine the visible subset
backend
1.2K

graphql-design

GraphQL schema design, resolver patterns, subscriptions, DataLoader for N+1 prevention, and error handling

rohitg00
rohitg00
development
open
backend
1.2K

serving-llms-vllm

Serves LLMs with high throughput using vLLM's PagedAttention and continuous batching. Use when deploying production LLM APIs, optimizing inference latency/throughput, or serving models with limited GPU memory. Supports OpenAI-compatible endpoints, quantization (GPTQ/AWQ/FP8), and tensor parallelism.

math-inc
math-inc
development
open
backend
1.2K

linear

Manage Linear issues, projects, and teams via the GraphQL API. Create, update, search, and organize issues. Uses API key auth (no OAuth needed). All operations via curl — no dependencies.

math-inc
math-inc
development
open
backend
1.2K

setup-portless

Sets up Portless for a project to replace port numbers with stable named .localhost URLs. Use when configuring local development routing, fixing port conflicts, or setting up monorepo dev environments.

qdhenry
qdhenry
development
open
backend
1.1K

golang-samber-oops

Structured error handling in Golang with samber/oops — error builders, stack traces, error codes, error context, error wrapping, error attributes, user-facing vs developer messages, panic recovery, and logger integration. Apply when using or adopting samber/oops, or when the codebase already imports github.com/samber/oops.

samber
samber
development
open
backend
1.1K

ctf-reverse

CTF 逆向工程技术。当挑战提供未知二进制文件需要分析算法逻辑、游戏客户端需要破解验证、混淆代码需要还原、自定义 VM 需要解释执行时使用。覆盖 Ghidra/IDA 静态分析、GDB/Frida 动态调试、反调试绕过、WASM/.NET/APK/Python 字节码/Go/Rust 多平台逆向

wgpsec
wgpsec
development
open
backend
1.1K

api-fuzz

REST/GraphQL API 安全测试方法论。当目标有 API 端点(/api/、JSON 响应)、Swagger/OpenAPI 文档暴露、通过 js-api-extract 或目录扫描获得端点列表时使用。覆盖 API 发现、认证测试、框架识别、语义分析智能 Fuzz(根据端点语义推断参数名/类型/业务含义构造精准 payload)、Prototype Pollution、请求走私。IDOR → idor-methodology | GraphQL → graphql-methodology | CSRF → csrf-methodology。任何涉及 API 端点安全测试、参数发现、权限边界测试的场景都应使用此 skill

wgpsec
wgpsec
development
open
backend
1.1K

mobile-backend

移动 App 后端 API 安全测试。当目标是移动应用的后端接口、发现 /api/v1/ 等移动端 API 路径、或需要测试 App 与服务器之间的通信安全时使用。覆盖 API 端点发现、认证机制测试、业务逻辑漏洞、移动端特有的安全问题

wgpsec
wgpsec
development
open
backend
1.1K

database-lateral-pivot

数据库横向移动与跨库攻击。当已获取一个数据库权限(PostgreSQL/MySQL/MSSQL)需要横向到其他数据库或内网服务时使用。覆盖 PostgreSQL dblink 跨库连接、MSSQL Linked Server 横向、MySQL 联邦引擎跨库、数据库→SSRF→内网探测。当目标网络隔离但数据库可通信时(数据库通常有比应用服务器更宽松的网络策略),这是突破隔离的关键路径。发现任何数据库间通信需求、内网数据库横向、跨库查询场景都应使用此技能

wgpsec
wgpsec
development
open
backend
1.1K

browser-xterm-interaction

Playwright Browser MCP 与 xterm.js 终端交互方法论。当需要通过浏览器操作网页内嵌终端、CTF 靶场伪终端、Cloud Shell、在线 IDE 中的终端时使用。覆盖终端内容读取(5 种方法)、命令执行、输出捕获、screenshot 降级策略。只要目标页面中有任何形式的 Web 终端(xterm.js/hterm/jQuery Terminal),就应使用此技能

wgpsec
wgpsec
development
open
backend
1.1K

iox-proxy

使用 iox 进行端口转发和内网穿透。当需要把内网端口转发到外网、建立 SOCKS5 隧道、或做流量中转时使用。iox 是单二进制零依赖的端口转发/代理工具,支持正向代理、反向代理、端口映射、SOCKS5 代理,特别适合内网渗透中的流量隧道搭建。比 frp/nps 轻量,比 socat 功能更全。涉及端口转发、内网穿透、SOCKS5 代理、流量中转、隧道搭建的场景使用此技能

wgpsec
wgpsec
development
open
backend
1.1K

responder-poison

使用 Responder 进行 LLMNR/NBT-NS/MDNS 投毒和 NTLMv2 哈希捕获。当处于 Windows 域网络中、需要被动捕获凭据或进行中间人攻击时使用。Responder 监听网络中的名称解析广播请求(LLMNR/NBT-NS/MDNS),伪造响应诱使目标发送 NTLMv2 认证哈希。抓到的哈希可用 hashcat 离线破解或通过 ntlmrelayx 中继到其他服务。涉及 LLMNR 投毒、NBT-NS 投毒、WPAD 代理、NTLMv2 捕获、中间人攻击的场景使用此技能

wgpsec
wgpsec
development
open
backend
1.1K

zombie-brute

使用 zombie 进行多协议暴力破解。zombie 是 chainreactors 出品的高性能暴力破解工具,支持 SSH/FTP/MySQL/MSSQL/PostgreSQL/Redis/SMB/RDP/SNMP/LDAP/VNC 等 20+ 协议,内置智能字典生成和分布式模式。与 hydra 的区别:zombie 支持更多协议、更快的并发、以及基于规则的字典生成。当需要批量弱口令检测、凭据喷洒时使用此技能

wgpsec
wgpsec
development
open
backend
1.1K

mcp-builder

Guide for creating high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP) or Node/TypeScript (MCP SDK).

dp-archive
dp-archive
development
open
backend
1.1K

plan-route

Plan a route and return distance + ETA (schema + deterministic result).

trpc-group
trpc-group
development
open
backend
1.1K

weather

Get current weather and forecasts via wttr.in or Open-Meteo. Use when: user asks about weather, temperature, or forecasts for any location. NOT for: historical weather data, severe weather alerts, or detailed meteorological analysis. No API key needed.

trpc-group
trpc-group
development
open
backend
1.1K

alchemy

Blockchain API access via Alchemy. Use when an agent needs to query blockchain data (balances, token prices, NFT ownership, transfer history, transaction simulation, gas estimates) across Ethereum, Base, Arbitrum, BNB, Polygon, Solana, and more. Supports API key access ($ALCHEMY_API_KEY), x402 wallet-based pay-per-request (SIWE/SIWS + USDC), and MPP protocol (SIWE + Tempo/Stripe). Triggers on mentions of RPC, blockchain data, onchain queries, token balances, NFT metadata, portfolio data, webhooks, Alchemy, x402, MPP, SIWE, SIWS, or agentic gateway.

BankrBot
BankrBot
development
open
backend
1.1K

api-logging-guidelines

Best practices and guidelines for using logger in API routes. Defines appropriate logging levels, what to log, and when to avoid logging. Use when implementing or reviewing API route logging, debugging strategies, or optimizing log output.

inkeep
inkeep
development
open
backend
1K

dmr-from-django-ninja

Migrate an existing Django API from django-ninja/ninja-extra to django-modern-rest while preserving routes, request/response contracts, auth, throttling, and test coverage. Use when replacing NinjaExtraAPI/api_controller/http_* handlers/ninja.Schema with dmr controllers/routers and typed DTOs.

wemake-services
wemake-services
development
open
backend
1K

dmr-from-drf

Migrate an existing Django API from Django REST Framework to django-modern-rest while preserving routes, request/response contracts, auth, permissions, throttling, pagination, and test coverage. Use when replacing APIView/ViewSet/GenericAPIView and DRF serializers/routers with dmr controllers/routers and typed DTOs.

wemake-services
wemake-services
development
open
backend
1K

dmr-openapi-skeleton

Generate django-modern-rest transport-layer skeletons from OpenAPI 3.1+ specs. Use when Codex needs to turn an OpenAPI file, URL, or pasted document into typed DTOs, controllers, routers, Django URL wiring, and minimal tests for this repository or similar projects built on dmr. Trigger on requests to scaffold APIs, bootstrap apps, or map OpenAPI operations to Controller, Router, and OpenAPI view constructs without implementing business logic.

wemake-services
wemake-services
development
open
backend
1K

flutter-handling-http-and-json

Executes HTTP requests and handles JSON serialization in a Flutter app. Use when integrating with REST APIs or parsing structured data from external sources.

flutter
flutter
development
open
backend
1K

mcp-builder

Guide for creating high-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use when building MCP servers to integrate external APIs or services, whether in Python (FastMCP) or Node/TypeScript (MCP SDK).

platonai
platonai
development
open
backend
1K

spring-boot

Spring Boot 3.x development - REST APIs, JPA, Security, Testing, and Cloud-native patterns. Use for building enterprise Java applications with Spring Boot.

piomin
piomin
development
open
Previous
Page 22 / 73
Next