python-backend-development

Generate Python FastAPI code following project design patterns. Use when creating models, schemas, repositories, services, controllers, database migrations, authentication, or tests. Enforces layered architecture, async patterns, OWASP security, and Alembic migration naming conventions (yyyymmdd_HHmm_feature).

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "python-backend-development" with this command: npx skills add lct1407/sidcorp-skills/lct1407-sidcorp-skills-python-backend-development

Python Backend Development Standards

Architecture Overview

Router/Controller → Service → Repository → Database
      ↓                ↓            ↓
   Schemas         Business      SQLAlchemy
  (Pydantic)        Logic         Models

Layer Responsibilities

LayerLocationPurpose
Modelsapp/models/SQLAlchemy ORM, database schema
Schemasapp/schemas/Pydantic DTOs (request/response)
Repositoriesapp/repositories/Database CRUD operations
Servicesapp/services/Business logic orchestration
Controllersapp/api/v1/FastAPI routes, thin handlers
Migrationsalembic/versions/Database migrations

Naming Conventions

Files

  • All lowercase with underscores: user_profile.py
  • One entity per file
  • Match filename to class: user.pyclass User

Classes

  • Models: User, BlogPost (PascalCase, singular)
  • Schemas: UserCreate, UserResponse, UserUpdate
  • Repositories: UserRepository
  • Services: UserService

Database

  • Table names: plural snake_case (users, blog_posts)
  • Column names: snake_case (created_at, user_id)

Alembic Migrations

File Naming Convention

yyyymmdd_HHmm_<feature>.py

Examples:

  • 20260117_0930_create_users_table.py
  • 20260117_1045_add_email_to_users.py
  • 20260117_1400_create_api_keys_table.py

Create Migration Command

# Generate with autogenerate
alembic revision --autogenerate -m "description"

# Then rename the file to follow convention:
# FROM: xxxx_description.py
# TO:   yyyymmdd_HHmm_description.py

Code Standards

Async Everything

  • All database operations must be async
  • Use async def for all handlers, services, repositories
  • Use await for all I/O operations

Dependency Injection

  • Use FastAPI Depends() for dependencies
  • Inject database sessions into services
  • Services inject repositories

Error Handling

  • Use custom exceptions in app/core/exceptions.py
  • Let FastAPI exception handlers convert to HTTP responses
  • Never catch and swallow exceptions silently

Security

  • Argon2id for password hashing
  • Parameterized queries (SQLAlchemy ORM)
  • Input validation (Pydantic)
  • Rate limiting on auth endpoints

Reference Navigation

Core Patterns:

Security & Auth:

Quality & Operations:

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

agent-bom

Security scanner for AI infrastructure and supply chain — discovers MCP clients and servers, scans for CVEs, maps blast radius, generates SBOMs, runs CIS ben...

Registry SourceRecently Updated
0799
msaad00
Security

Skill Guard

Skill Security Scanner - Scan for risks before download/use. Check: code execution, file ops, network requests, command injection, vulnerabilities, permissio...

Registry SourceRecently Updated
014
Profile unavailable
Security

aig-scanner

Comprehensive OpenClaw security scanning powered by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). Use when the user asks to start a security health check or sec...

Registry SourceRecently Updated
0142
Profile unavailable