一键导入
api-patterns
REST API structure, error handling, and response shapes for Next.js App Router routes. Loaded when writing or reviewing API route handlers.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
REST API structure, error handling, and response shapes for Next.js App Router routes. Loaded when writing or reviewing API route handlers.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Audit and refactor the entire codebase for code quality. Finds components that are too large or mix concerns, logic that belongs in custom hooks, inline types that should be extracted, and client components that could be server components. Produces a prioritised list of issues and fixes them all. Use when the user asks to clean up code, split components, improve code quality, or refactor the project.
Review the entire project from the perspective of a potential customer and a growth-focused CEO. Scans landing copy, product UX, API routes, DB schema, auth flow, pricing, email, and configuration — reporting specific conversion blockers, trust issues, UX problems, security gaps, and missing elements. Each finding has a severity label and a concrete fix. Use whenever the user asks for a customer review, growth review, conversion audit, or "what can be improved."
Analytics event tracking in this Next.js project — trackEvent() stub in lib/analytics.ts, Vercel Analytics auto-pageviews already wired in app/layout.tsx, and how to swap in a real provider (PostHog, Mixpanel). Use this skill whenever the user asks about analytics, tracking custom events, replacing the analytics stub, or measuring user behaviour.
Full SEO layer for this Next.js project — root layout metadata, page-level static/dynamic metadata, OG images (static + dynamic), sitemap.ts, robots.ts, JSON-LD structured data, canonical URLs, Twitter cards, and comparison/vs pages. Use this skill whenever the user asks about SEO, metadata, open graph, OG image, sitemap, robots.txt, JSON-LD, structured data, canonical URLs, Twitter cards, or adding a competitor comparison page.
Full project initialization after cloning the boilerplate. Installs dependencies, walks through .env setup, configures the database, and writes a project-specific CLAUDE.md. Run this once after cloning. Triggers on /init-project.
Authentication and authorization patterns for this project. JWT-based auth via getUserFromRequest() called in route handlers, not middleware. Loaded when touching protected routes, token handling, or user session logic.
| name | api-patterns |
| description | REST API structure, error handling, and response shapes for Next.js App Router routes. Loaded when writing or reviewing API route handlers. |
Routes follow: auth → parse → validate → service → respond
export async function POST(req: Request) {
try {
const { id: userId } = getUserFromRequest(req); // 1. auth
const body = await req.json(); // 2. parse
const parsed = schema.safeParse(body); // 3. validate
if (!parsed.success) {
return Response.json({ error: parsed.error.flatten() }, { status: 400 });
}
const result = await someService.method({ ...parsed.data, userId }); // 4. service
return Response.json(result, { status: 201 }); // 5. respond
} catch (error: unknown) {
return handleError(error); // centralized error handling
}
}
@/modules/name)Routes return data directly — no { data: T } wrapper:
// single resource
return Response.json(post, { status: 200 });
// list
return Response.json(posts, { status: 200 });
// created
return Response.json(post, { status: 201 });
// deleted
return new Response(null, { status: 204 });
// error
return Response.json({ error: parsed.error.flatten() }, { status: 400 });
handleError in lib/errors/ maps HttpError instances to JSON responses:
// thrown from service
throw new HttpError(404, 'Post not found');
throw new HttpError(403, 'Forbidden');
throw new HttpError(409, 'Slug already exists');
// route catch block always delegates:
} catch (error: unknown) {
return handleError(error);
}
| Status | Meaning |
|---|---|
| 400 | Validation error (Zod) |
| 401 | Unauthenticated (thrown by getUserFromRequest) |
| 403 | Wrong owner / forbidden |
| 404 | Resource not found |
| 409 | Conflict (duplicate) |
| 500 | Unexpected (caught by handleError) |
safeParse — never parse (which throws)unknownreq.json() before auth check