app-dev

Audit a Next.js project for common issues, anti-patterns, and misconfigurations

Audit authentication and authorization implementation for security issues

Audit database schema and queries for performance and design issues

Generate or update OpenAPI spec from existing API routes

Find and clean up unused files, dependencies, exports, and types with knip

Use this agent to review API endpoints for security, design, performance, and best practices. Trigger when the user asks to "review my API", "check API security", "audit endpoints", "review route handlers", "is my API secure", "check for missing validation", or wants a comprehensive API review. Examples: "Review the API endpoints I just created in src/routes/", "Are my API endpoints secure? I'm worried about injection attacks.", "Is this a good REST API design for my user management endpoints?".

Use this agent to review authentication and authorization code for security issues, design flaws, and best practice violations. Trigger when the user mentions "review auth", "is my login secure", "check authentication", "review authorization", "auth security", "password security", "JWT review", "session security", "OAuth implementation", or asks about auth best practices. Examples: "I just built the login system, can you review it for security?", "Is my JWT implementation secure? I'm using HS256.", "I need to add auth to my API endpoints, what's the best approach?".

Use this agent to optimize slow database queries, analyze EXPLAIN plans, and recommend index or query rewrites. Trigger when the user mentions "slow query", "optimize query", "EXPLAIN plan", "query performance", "database is slow", "N+1 queries", "index recommendation", or asks why a query takes too long. Examples: "The /api/users endpoint takes 3 seconds, I think it's the database query", "Can you analyze this EXPLAIN output and tell me what's wrong?", "I'm seeing hundreds of SELECT queries when loading the dashboard".

Use this agent to map, analyze, and optimize Next.js route structure. Trigger when the user asks to "map routes", "analyze routing", "find missing error boundaries", "check loading states", "review middleware", "list all pages", "find route issues", or needs a comprehensive view of their Next.js application structure. Examples: "Map out all the routes in my Next.js app", "Some of my pages don't have error boundaries, can you find which ones?", "I need to add auth protection to my routes, which ones are unprotected?".

This skill should be used when the user asks to "design a REST API", "structure API endpoints", "choose HTTP status codes", "set up API versioning", "implement API pagination", or mentions "REST API", "API design", "endpoint design", "OpenAPI", "Swagger", "API versioning", "HTTP status codes", "API authentication", "rate limiting", "pagination", "HATEOAS". Provides REST API design patterns, OpenAPI specification guidance, authentication strategies, and API versioning.

This skill should be used when the user asks to "implement authentication", "set up JWT auth", "configure OAuth2", "implement RBAC", "add MFA/two-factor", "secure session management", or mentions "authentication", "authorization", "JWT", "OAuth", "login", "session management", "password hashing", "RBAC", "role-based access", "MFA", "two-factor", "API keys", "token refresh", "CSRF", "CORS with auth". Provides authentication and authorization patterns including JWT, OAuth2, session management, RBAC, MFA, and password security.

This skill should be used when the user asks to "design a database schema", "normalize a data model", "plan a migration strategy", "define table relationships", "review an ERD", or mentions "schema design", "database design", "data model", "ERD", "normalization", "migration strategy", "table design", "foreign key", "relationship". Provides database schema design expertise including normalization, relationship patterns, naming conventions, and migration strategies.

This skill should be used when the user asks to "optimize a database query", "analyze a slow query", "review EXPLAIN output", "design indexes", "fix N+1 queries", or mentions "query optimization", "slow query", "EXPLAIN", "index", "performance", "query plan", "table scan", "index tuning", "N+1", "query analysis". Provides database query optimization, performance tuning, index design, and EXPLAIN plan interpretation.

This skill should be used when the user asks to "add animations", "implement transitions", "create gesture interactions", "build layout animations", "add scroll-based effects", or mentions "framer motion", "motion", "animate", "animation", "transition", "gesture", "layout animation", "scroll animation", "variants", "AnimatePresence". Provides Framer Motion animation library expertise for React/Next.js including gestures, layout animations, exit animations, and scroll-driven effects.

6 hooks across 3 events