Pocketbase Best Practices

What it does

This skill provides a curated set of best practices for configuring and securing PocketBase instances, ensuring reliable backend performance. It guides users through optimizing database schemas, managing authentication flows, and hardening API endpoints against common vulnerabilities.

When to use it

• You are setting up a new PocketBase instance and need a secure baseline configuration immediately.
• Your application is experiencing latency issues due to inefficient database queries or unoptimized collections.
• You require guidance on implementing role-based access control (RBAC) for multi-tenant SaaS applications.
• You need to audit your current setup against industry standards for data privacy and API security.

Key capabilities

• Database schema optimization strategies for high-throughput workloads.
• Authentication and authorization configuration patterns.
• API security hardening techniques including rate limiting and CORS management.
• Collection field type selection guidelines based on data integrity needs.

Example prompts

• "Generate a secure PocketBase initialization script with default collections configured for user authentication."
• "List the top five security misconfigurations to avoid when deploying PocketBase in production."
• "Explain how to structure collection rules to enforce strict read/write permissions between different user roles."

Tips & gotchas

Ensure you have a basic understanding of Go and RESTful APIs, as PocketBase is built on these technologies. While this skill covers best practices, always test your configurations in a staging environment before applying them to production data to prevent accidental lockouts or data loss.