build-second-brain

API documentation, OpenAPI/Swagger generation, versioning, SDK generation, and developer portal patterns for multi-tenant SaaS NestJS APIs. Auto-generates docs from decorators, maintains changelog, produces TypeScript SDK for frontend consumption. Trigger when documenting APIs, setting up Swagger, versioning endpoints, generating SDKs, creating Postman collections, or building a developer portal.

Analyze one or more git repositories commit-by-commit from the very first commit using maximum parallel agents to extract engineering patterns, architecture decisions, debugging approaches, scaling strategies, and coding conventions — then build a structured "second brain" knowledge base with a personalized engineer profile and hybrid global/local Claude memory injection. Supports multi-repo analysis (frontend + backend, microservices) to capture cross-repo patterns. Use this skill when the user mentions "second brain", "analyze my repo", "extract my patterns", "learn from my commits", "build my brain", "reverse engineer my thinking", "learn how I code", "analyze git history", or wants to capture their engineering decision-making from a codebase. Also trigger when the user wants to create an engineer profile, extract architecture patterns from commits, build a knowledge base from code history, or analyze multiple repositories together.

Exhaustive code review checklist for multi-tenant SaaS covering backend (NestJS), frontend (Next.js/React), security, performance, multi-tenancy, and MSSP compliance. Provides PR review templates, code smell detection, and severity-based feedback. Trigger when reviewing PRs, conducting code reviews, checking code quality, or preparing code for review.

Production deployment, CI/CD, Docker, monitoring, and database migration patterns for multi-tenant SaaS. Covers NestJS backend + Next.js frontend + PostgreSQL + TimescaleDB + Redis + BullMQ. Zero-downtime deployments, feature flags, rollback strategies, and observability. Trigger when deploying, setting up CI/CD, configuring Docker, managing database migrations, setting up monitoring, or planning production infrastructure.

Unified frontend architect for Next.js 16 + React 19 + TypeScript 5 + Tailwind 4 + Zustand 5 + TanStack Query 5 + TanStack Table + Better Auth. Transforms feature requirements into production-grade, multi-tenant, component-driven frontend implementations with mock/real API adapter pattern. Trigger when building any frontend feature, page, component, form, wizard, table, dashboard, or UI module. Also for state management decisions, API integration, data table config, form validation, wizard patterns, mock data setup, or any React/Next.js architecture question.

Exhaustive 5-phase audit of any module against UC1/UC2/UC3 multi-tenant requirements — covering data model, API, frontend, integration, and deployment. 48 checks across backend and frontend. Generates gap reports with severity scoring. Also enforces 10 mandatory planning questions before any new feature. Trigger when auditing a module for MSSP readiness, planning a new feature, reviewing architecture for multi-tenant compliance, or generating gap analysis reports.

Performance optimization patterns for multi-tenant SaaS at scale — backend (query optimization, N+1 detection, caching, connection pooling, BullMQ tuning), frontend (bundle analysis, React profiling, virtualization, lazy loading), and database (indexing, query plans, TimescaleDB optimization). Trigger when diagnosing slow queries, optimizing page load, reducing bundle size, tuning job queues, or planning for scale. If the user mentions "slow", "performance", "latency", "bundle size", "N+1", "cache", "pool", "EXPLAIN", "index", "profiling", "virtualization", "pagination", "memory leak", "CPU", "p95", "p99", "throughput", or "bottleneck" — use this skill.

Unified enterprise SaaS backend architect skill for NestJS + Drizzle ORM + PostgreSQL + TimescaleDB + BullMQ + Redis. Converts frontend code into production-grade, multi-tenant, multi-product backend APIs. Use this skill whenever: building any backend feature for a SaaS product, designing database schemas with tenant hierarchy, working with shared modules across multiple products, implementing custom fields, bulk operations, file imports, SSE progress, job queues, audit logging, admin panels, SSO/identity providers, or subscription enforcement. Also trigger when converting React/Vue components into NestJS APIs, designing Drizzle schemas, choosing between libraries for a backend concern, or asking about multi-tenancy patterns. Trigger even for simple CRUD — the multi-tenant hierarchy means every feature has hidden complexity this skill catches. If the user mentions "backend", "API", "schema", "endpoint", "NestJS", "Drizzle", "multi-tenant", "workspace", "domain", "recipient", "bulk", "import", "SSO", "admin",

Enterprise security architect for multi-tenant SaaS on NestJS + Next.js + PostgreSQL + Redis. Use when designing authentication/authorization, reviewing security posture, hardening APIs, handling tenant isolation, encrypting data, managing secrets, responding to incidents, or auditing OWASP compliance. Trigger on: auth guards, JWT, RBAC, ABAC, CASL, XSS, CSRF, SSRF, SQL injection, rate limiting, CORS, CSP, file upload security, encryption at rest/transit, PII handling, secret rotation, vulnerability scanning, penetration testing, SOC 2 compliance, admin impersonation security, cross-workspace data leak prevention, or any security concern in a multi-tenant context. Also trigger when the user says "is this secure?", "security audit", "harden", "vulnerability", or "threat model".

Exhaustive testing patterns for multi-tenant SaaS — unit tests (Vitest), integration tests, E2E tests (Playwright), multi-tenant isolation tests, negative security tests, test data factories, and CI integration. Covers both NestJS backend and Next.js frontend. Trigger when writing tests, setting up test infrastructure, reviewing test coverage, or asking about testing strategies for multi-tenant applications.