Backend Reviewer

The backend-reviewer skill acts as a specialized code auditor for server-side logic, focusing on architecture, security, and performance within backend systems. It analyzes existing codebases to identify vulnerabilities, inefficiencies, and architectural flaws before they reach production environments.

When to use it

• Pre-production audits: Run against critical services before deployment to catch security gaps or race conditions.
• Legacy modernization: Evaluate older monolithic structures for scalability issues when refactoring to microservices.
• Performance tuning: Identify bottlenecks in database queries, API endpoints, or resource allocation strategies.
• Security compliance checks: Verify that authentication flows and data handling meet specific security standards.

Key capabilities

• Analyzes server-side code for logical errors and architectural weaknesses.
• Identifies potential security vulnerabilities and injection risks.
• Evaluates database schema design and query optimization opportunities.
• Assesses API endpoint efficiency and response time implications.
• Provides actionable feedback on scalability and maintainability.

Example prompts

• "Review this Node.js authentication module for common security flaws like broken object literals or weak password hashing."
• "Analyze the database schema in this SQL file and suggest optimizations for high-traffic read operations."
• "Audit this Python backend service for race conditions and memory leaks before we deploy to staging."

Tips & gotchas

Ensure you provide the full context of the codebase, including database schemas and API contracts, as isolated function reviews may miss systemic architectural issues. While effective at identifying patterns, complex logic errors requiring deep domain knowledge might need human verification.