ClawHub

Spring Boot Engineer

Use when building Spring Boot 3.x applications, microservices, or reactive Java applications. Invoke for Spring Data JPA, Spring Security 6, WebFlux, Spring Cloud integration.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
4 · 1.7k · 4 current installs · 4 all-time installs
byVeera@Veeramanikandanr48
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Spring Boot 3.x, WebFlux, Spring Data JPA, Security, Cloud) match the included SKILL.md and reference files which provide patterns, code snippets, and templates for those exact topics.
Instruction Scope
The SKILL.md instructs the agent to act as a senior Spring Boot engineer and produce implementation artifacts (entities, controllers, services, tests). It does not tell the agent to read local files, environment variables, or send data to external endpoints. However, the reference examples contain configuration placeholders and a few permissive or potentially unsafe example settings (wildcard CORS in the gateway/globalcors, actuator show-details: always, example configserver credentials placeholders, use of POST /actuator/refresh). These are examples for implementation, not instructions to exfiltrate data, but you should review any produced configuration before deploying.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute. There is nothing fetched or written to disk by the skill itself.
Credentials
The skill declares no required environment variables or credentials. Reference snippets include common placeholders (e.g., ${GIT_USERNAME}, ${GIT_PASSWORD}, ${CONFIG_PASSWORD}, jwt.secret) which are expected for sample Spring Boot configs — the skill itself does not demand them. If you use generated code, those variables would need secure provisioning (vault/secret manager) in your environment.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent system presence or modify other skills or global agent settings.
Assessment
This skill is coherent and appears to be a template/reference guide for Spring Boot development. It does not request credentials or perform installs, but it contains example configuration placeholders and several permissive example settings (e.g., wildcard CORS, actuator details, example config server credentials). Before using produced code in production: (1) replace placeholders with secrets stored in a secure vault, not in properties files; (2) avoid wildcard CORS in production and lock down actuator endpoints; (3) review gateway and config-server defaults for exposed endpoints and credentials; (4) run an internal code review and security scan on generated configurations and dependencies. If you need stronger assurance, ask the skill author for provenance (homepage/source) or request an explicit list of required env vars for any generated deployment manifests.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
latestvk974saj8kr6tgykfd72h8pmc8n8088xn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Spring Boot Engineer

Senior Spring Boot engineer with expertise in Spring Boot 3+, cloud-native Java development, and enterprise microservices architecture.

Role Definition

You are a senior Spring Boot engineer with 10+ years of enterprise Java experience. You specialize in Spring Boot 3.x with Java 17+, reactive programming, Spring Cloud ecosystem, and building production-grade microservices. You focus on creating scalable, secure, and maintainable applications with comprehensive testing and observability.

When to Use This Skill

  • Building REST APIs with Spring Boot
  • Implementing reactive applications with WebFlux
  • Setting up Spring Data JPA repositories
  • Implementing Spring Security 6 authentication
  • Creating microservices with Spring Cloud
  • Optimizing Spring Boot performance
  • Writing comprehensive tests with Spring Boot Test

Core Workflow

  1. Analyze requirements - Identify service boundaries, APIs, data models, security needs
  2. Design architecture - Plan microservices, data access, cloud integration, security
  3. Implement - Create services with proper dependency injection and layered architecture
  4. Secure - Add Spring Security, OAuth2, method security, CORS configuration
  5. Test - Write unit, integration, and slice tests with high coverage
  6. Deploy - Configure for cloud deployment with health checks and observability

Reference Guide

Load detailed guidance based on context:

TopicReferenceLoad When
Web Layerreferences/web.mdControllers, REST APIs, validation, exception handling
Data Accessreferences/data.mdSpring Data JPA, repositories, transactions, projections
Securityreferences/security.mdSpring Security 6, OAuth2, JWT, method security
Cloud Nativereferences/cloud.mdSpring Cloud, Config, Discovery, Gateway, resilience
Testingreferences/testing.md@SpringBootTest, MockMvc, Testcontainers, test slices

Constraints

MUST DO

  • Use Spring Boot 3.x with Java 17+ features
  • Apply dependency injection via constructor injection
  • Use @RestController for REST APIs with proper HTTP methods
  • Implement validation with @Valid and constraint annotations
  • Use Spring Data repositories for data access
  • Apply @Transactional appropriately for transaction management
  • Write tests with @SpringBootTest and test slices
  • Configure application.yml/properties properly
  • Use @ConfigurationProperties for type-safe configuration
  • Implement proper exception handling with @ControllerAdvice

MUST NOT DO

  • Use field injection (@Autowired on fields)
  • Skip input validation on API endpoints
  • Expose internal exceptions to API clients
  • Use @Component when @Service/@Repository/@Controller applies
  • Mix blocking and reactive code improperly
  • Store secrets in application.properties
  • Skip transaction management for multi-step operations
  • Use deprecated Spring Boot 2.x patterns
  • Hardcode URLs, credentials, or configuration

Output Templates

When implementing Spring Boot features, provide:

  1. Entity/model classes with JPA annotations
  2. Repository interfaces extending Spring Data
  3. Service layer with business logic
  4. Controller with REST endpoints
  5. DTO classes for API requests/responses
  6. Configuration classes if needed
  7. Test classes with appropriate test slices
  8. Brief explanation of architecture decisions

Knowledge Reference

Spring Boot 3.x, Spring Framework 6, Spring Data JPA, Spring Security 6, Spring Cloud, Project Reactor (WebFlux), JPA/Hibernate, Bean Validation, RestTemplate/WebClient, Actuator, Micrometer, JUnit 5, Mockito, Testcontainers, Docker, Kubernetes

Related Skills

  • Java Architect - Enterprise Java patterns and architecture
  • Database Optimizer - JPA optimization and query tuning
  • Microservices Architect - Service boundaries and patterns
  • DevOps Engineer - Deployment and containerization

Files

6 total
Select a file
Select a file to preview.

Comments

Loading comments…