nestjs-best-practices
kadajett/agent-nestjs-skills
40 NestJS best practices rules across architecture, DI, security, and performance for production-ready applications.
What is nestjs-best-practices?
A comprehensive guide to NestJS patterns and best practices organized into 10 priority categories (Architecture, Dependency Injection, Error Handling, Security, Performance, Testing, Database, API Design, Microservices, DevOps). Use this skill when writing, reviewing, or refactoring NestJS code to ensure proper module structure, dependency injection, security, and performance patterns.
- 40 prioritized rules across 10 categories with CRITICAL, HIGH, and MEDIUM impact levels
- Architecture guidance: circular dependencies, feature modules, repository patterns, event-driven design
- Dependency Injection best practices: constructor injection, interface segregation, scope awareness
- Security patterns: JWT authentication, input validation, guards, rate limiting, output sanitization
- Performance optimization: async hooks, caching strategies, database query optimization, lazy loading
- Testing, database transactions, API design with DTOs, microservices patterns, and DevOps configuration
How to install nestjs-best-practices
npx skills add https://github.com/kadajett/agent-nestjs-skills --skill nestjs-best-practicesHow to use nestjs-best-practices
- 1.Reference the rule categories table to identify relevant rules by priority and impact
- 2.Read individual rule files (e.g., rules/arch-avoid-circular-deps.md) for detailed explanations
- 3.Review incorrect and correct code examples provided in each rule file
- 4.Apply the patterns to your code during development or refactoring
- 5.Consult the full compiled document (AGENTS.md) for comprehensive guidance on all 40 rules
Use cases
- Writing new NestJS modules, controllers, or services with proper architecture
- Reviewing code for architecture and security issues before production deployment
- Refactoring existing NestJS codebases to follow established patterns
- Implementing authentication, authorization, and security guards
- Optimizing database queries and avoiding N+1 problems
- NestJS developers building production applications
- Backend engineers reviewing or refactoring NestJS code
- Teams establishing coding standards for NestJS projects
- Developers implementing authentication, security, or performance optimizations
nestjs-best-practices FAQ
Rules are organized into 10 categories by priority: Architecture (CRITICAL), Dependency Injection (CRITICAL), Error Handling (HIGH), Security (HIGH), Performance (HIGH), Testing (MEDIUM-HIGH), Database & ORM (MEDIUM-HIGH), API Design (MEDIUM), Microservices (MEDIUM), and DevOps & Deployment (LOW-MEDIUM). Each rule has a prefix (e.g., arch-, di-, security-) for easy reference.
Start by reading the rule categories table to understand the priority levels. Then focus on CRITICAL rules (Architecture and Dependency Injection) before moving to HIGH and MEDIUM priority rules. Reference individual rule files for code examples and detailed explanations.
Yes. Use the rule prefixes and categories to systematically review code for architecture, security, and performance issues. Each rule file includes incorrect and correct code examples to guide your review.
Yes. Category 9 covers microservices patterns including message/event patterns, health checks for orchestration, and background job processing with queues.
Yes. Each rule file contains a brief explanation, an incorrect code example with explanation, and a correct code example with explanation, plus additional context and references.
Full instructions (SKILL.md)
Source of truth, from kadajett/agent-nestjs-skills.
name: nestjs-best-practices description: NestJS best practices and architecture patterns for building production-ready applications. This skill should be used when writing, reviewing, or refactoring NestJS code to ensure proper patterns for modules, dependency injection, security, and performance. license: MIT metadata: author: Kadajett version: "1.1.0"
NestJS Best Practices
Comprehensive best practices guide for NestJS applications. Contains 40 rules across 10 categories, prioritized by impact to guide automated refactoring and code generation.
When to Apply
Reference these guidelines when:
- Writing new NestJS modules, controllers, or services
- Implementing authentication and authorization
- Reviewing code for architecture and security issues
- Refactoring existing NestJS codebases
- Optimizing performance or database queries
- Building microservices architectures
Rule Categories by Priority
| Priority | Category | Impact | Prefix |
|---|---|---|---|
| 1 | Architecture | CRITICAL | arch- |
| 2 | Dependency Injection | CRITICAL | di- |
| 3 | Error Handling | HIGH | error- |
| 4 | Security | HIGH | security- |
| 5 | Performance | HIGH | perf- |
| 6 | Testing | MEDIUM-HIGH | test- |
| 7 | Database & ORM | MEDIUM-HIGH | db- |
| 8 | API Design | MEDIUM | api- |
| 9 | Microservices | MEDIUM | micro- |
| 10 | DevOps & Deployment | LOW-MEDIUM | devops- |
Quick Reference
1. Architecture (CRITICAL)
arch-avoid-circular-deps- Avoid circular module dependenciesarch-feature-modules- Organize by feature, not technical layerarch-module-sharing- Proper module exports/imports, avoid duplicate providersarch-single-responsibility- Focused services over "god services"arch-use-repository-pattern- Abstract database logic for testabilityarch-use-events- Event-driven architecture for decoupling
2. Dependency Injection (CRITICAL)
di-avoid-service-locator- Avoid service locator anti-patterndi-interface-segregation- Interface Segregation Principle (ISP)di-liskov-substitution- Liskov Substitution Principle (LSP)di-prefer-constructor-injection- Constructor over property injectiondi-scope-awareness- Understand singleton/request/transient scopesdi-use-interfaces-tokens- Use injection tokens for interfaces
3. Error Handling (HIGH)
error-use-exception-filters- Centralized exception handlingerror-throw-http-exceptions- Use NestJS HTTP exceptionserror-handle-async-errors- Handle async errors properly
4. Security (HIGH)
security-auth-jwt- Secure JWT authenticationsecurity-validate-all-input- Validate with class-validatorsecurity-use-guards- Authentication and authorization guardssecurity-sanitize-output- Prevent XSS attackssecurity-rate-limiting- Implement rate limiting
5. Performance (HIGH)
perf-async-hooks- Proper async lifecycle hooksperf-use-caching- Implement caching strategiesperf-optimize-database- Optimize database queriesperf-lazy-loading- Lazy load modules for faster startup
6. Testing (MEDIUM-HIGH)
test-use-testing-module- Use NestJS testing utilitiestest-e2e-supertest- E2E testing with Supertesttest-mock-external-services- Mock external dependencies
7. Database & ORM (MEDIUM-HIGH)
db-use-transactions- Transaction managementdb-avoid-n-plus-one- Avoid N+1 query problemsdb-use-migrations- Use migrations for schema changes
8. API Design (MEDIUM)
api-use-dto-serialization- DTO and response serializationapi-use-interceptors- Cross-cutting concernsapi-versioning- API versioning strategiesapi-use-pipes- Input transformation with pipes
9. Microservices (MEDIUM)
micro-use-patterns- Message and event patternsmicro-use-health-checks- Health checks for orchestrationmicro-use-queues- Background job processing
10. DevOps & Deployment (LOW-MEDIUM)
devops-use-config-module- Environment configurationdevops-use-logging- Structured loggingdevops-graceful-shutdown- Zero-downtime deployments
How to Use
Read individual rule files for detailed explanations and code examples:
rules/arch-avoid-circular-deps.md
rules/security-validate-all-input.md
rules/_sections.md
Each rule file contains:
- Brief explanation of why it matters
- Incorrect code example with explanation
- Correct code example with explanation
- Additional context and references
Full Compiled Document
For the complete guide with all rules expanded: AGENTS.md
Related skills
More from kadajett/agent-nestjs-skills and the wider catalog.
find-skills
Discover and install agent skills to extend your coding agent's capabilities on demand
frontend-design
Build visually distinctive UI with opinionated aesthetic direction, typography, and layout choices that avoid templated defaults.
vercel-react-best-practices
70 React/Next.js performance rules from Vercel Engineering, prioritized by impact for writing, reviewing, and refactoring code.
agent-browser
Fast browser automation CLI for AI agents — navigate, click, scrape, screenshot, and test via Chrome CDP
web-design-guidelines
Review UI code against Web Interface Guidelines for accessibility, UX, and design best practices
finetuning
Fine-tune models on Azure AI Foundry with SFT, DPO, or RFT training methods.