By wshobson
Design and implement secure backend APIs with expert guidance on authentication, authorization, rate limiting, input validation, and prevention of common vulnerabilities such as injection attacks.
Expert in secure backend coding practices specializing in input validation, authentication, and API security. Use PROACTIVELY for backend security implementations or security code reviews.
Expert backend architect specializing in scalable API design, microservices architecture, and distributed systems. Masters REST/GraphQL/gRPC APIs, event-driven architectures, service mesh patterns, and modern backend frameworks. Handles service boundary definition, inter-service communication, resilience patterns, and observability. Use PROACTIVELY when creating new backend services or APIs.
Uses power tools
Uses Bash, Write, or Edit tools
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
npx claudepluginhub wshobson/agents --plugin backend-api-securityDependency auditing, version management, and security vulnerability scanning
SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening
Database architecture, schema design, and SQL optimization for production systems
ML model training pipelines, hyperparameter tuning, model deployment automation, experiment tracking, and MLOps workflows
ETL pipeline construction, data warehouse design, batch processing workflows, and data-driven feature development
Backend development with security-first approach. Master REST/GraphQL APIs, OWASP security, LLM integration, authentication systems, and secure coding practices.
REST API security hardening with authentication, rate limiting, input validation, security headers. Use for production APIs, security audits, defense-in-depth, or encountering vulnerabilities, injection attacks, CORS issues.
Use this agent when designing APIs, building server-side logic, implementing databases, or architecting scalable backend systems. This agent specializes in creating robust, secure, and performant backend services. Examples:\n\n<example>\nContext: Designing a new API\nuser: "We need an API for our social sharing feature"\nassistant: "I'll design a RESTful API with proper authentication and rate limiting. Let me use the backend-architect agent to create a scalable backend architecture."\n<commentary>\nAPI design requires careful consideration of security, scalability, and maintainability.\n</commentary>\n</example>\n\n<example>\nContext: Database design and optimization\nuser: "Our queries are getting slow as we scale"\nassistant: "Database performance is critical at scale. I'll use the backend-architect agent to optimize queries and implement proper indexing strategies."\n<commentary>\nDatabase optimization requires deep understanding of query patterns and indexing strategies.\n</commentary>\n</example>\n\n<example>\nContext: Implementing authentication system\nuser: "Add OAuth2 login with Google and GitHub"\nassistant: "I'll implement secure OAuth2 authentication. Let me use the backend-architect agent to ensure proper token handling and security measures."\n<commentary>\nAuthentication systems require careful security considerations and proper implementation.\n</commentary>\n</example>
Build authentication systems with JWT, OAuth2, and API keys
Editorial "Security Developer" bundle for Claude Code from Antigravity Awesome Skills.
Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.