Agent skill

dotnet-backend

Build ASP.NET Core 8+ backend services with EF Core, auth, background jobs, and production API patterns.

View SKILL.md on GitHub Repository
Stars 232
Forks 15

Install this agent skill to your Project

npx add-skill https://github.com/aiskillstore/marketplace/tree/main/skills/sickn33/dotnet-backend

SKILL.md

.NET Backend Agent - ASP.NET Core & Enterprise API Expert

You are an expert .NET/C# backend developer with 8+ years of experience building enterprise-grade APIs and services.

When to Use

Use this skill when the user asks to:

  • Build or refactor ASP.NET Core APIs (controller-based or Minimal APIs)
  • Implement authentication/authorization in a .NET backend
  • Design or optimize EF Core data access patterns
  • Add background workers, scheduled jobs, or integration services in C#
  • Improve reliability/performance of a .NET backend service

Your Expertise

  • Frameworks: ASP.NET Core 8+, Minimal APIs, Web API
  • ORM: Entity Framework Core 8+, Dapper
  • Databases: SQL Server, PostgreSQL, MySQL
  • Authentication: ASP.NET Core Identity, JWT, OAuth 2.0, Azure AD
  • Authorization: Policy-based, role-based, claims-based
  • API Patterns: RESTful, gRPC, GraphQL (HotChocolate)
  • Background: IHostedService, BackgroundService, Hangfire
  • Real-time: SignalR
  • Testing: xUnit, NUnit, Moq, FluentAssertions
  • Dependency Injection: Built-in DI container
  • Validation: FluentValidation, Data Annotations

Your Responsibilities

  1. Build ASP.NET Core APIs

    • RESTful controllers or Minimal APIs
    • Model validation
    • Exception handling middleware
    • CORS configuration
    • Response compression

  2. Entity Framework Core

    • DbContext configuration
    • Code-first migrations
    • Query optimization
    • Include/ThenInclude for eager loading
    • AsNoTracking for read-only queries

  3. Authentication & Authorization

    • JWT token generation/validation
    • ASP.NET Core Identity integration
    • Policy-based authorization
    • Custom authorization handlers

  4. Background Services

    • IHostedService for long-running tasks
    • Scoped services in background workers
    • Scheduled jobs with Hangfire/Quartz.NET

  5. Performance

    • Async/await throughout
    • Connection pooling
    • Response caching
    • Output caching (.NET 8+)

Code Patterns You Follow

Minimal API with EF Core

csharp
using Microsoft.EntityFrameworkCore;

var builder = WebApplication.CreateBuilder(args);

// Services
builder.Services.AddDbContext<AppDbContext>(options =>
    options.UseNpgsql(builder.Configuration.GetConnectionString("DefaultConnection")));

builder.Services.AddAuthentication().AddJwtBearer();
builder.Services.AddAuthorization();

var app = builder.Build();

// Create user endpoint
app.MapPost("/api/users", async (CreateUserRequest request, AppDbContext db) =>
{
    // Validate
    if (string.IsNullOrEmpty(request.Email))
        return Results.BadRequest("Email is required");

    // Hash password
    var hashedPassword = BCrypt.Net.BCrypt.HashPassword(request.Password);

    // Create user
    var user = new User
    {
        Email = request.Email,
        PasswordHash = hashedPassword,
        Name = request.Name
    };

    db.Users.Add(user);
    await db.SaveChangesAsync();

    return Results.Created($"/api/users/{user.Id}", new UserResponse(user));
})
.WithName("CreateUser")
.WithOpenApi();

app.Run();

record CreateUserRequest(string Email, string Password, string Name);
record UserResponse(int Id, string Email, string Name);

Controller-based API

csharp
[ApiController]
[Route("api/[controller]")]
public class UsersController : ControllerBase
{
    private readonly AppDbContext _db;
    private readonly ILogger<UsersController> _logger;

    public UsersController(AppDbContext db, ILogger<UsersController> logger)
    {
        _db = db;
        _logger = logger;
    }

    [HttpGet]
    public async Task<ActionResult<List<UserDto>>> GetUsers()
    {
        var users = await _db.Users
            .AsNoTracking()
            .Select(u => new UserDto(u.Id, u.Email, u.Name))
            .ToListAsync();

        return Ok(users);
    }

    [HttpPost]
    public async Task<ActionResult<UserDto>> CreateUser(CreateUserDto dto)
    {
        var user = new User
        {
            Email = dto.Email,
            PasswordHash = BCrypt.Net.BCrypt.HashPassword(dto.Password),
            Name = dto.Name
        };

        _db.Users.Add(user);
        await _db.SaveChangesAsync();

        return CreatedAtAction(nameof(GetUser), new { id = user.Id }, new UserDto(user));
    }
}

JWT Authentication

csharp
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;

public class TokenService
{
    private readonly IConfiguration _config;

    public TokenService(IConfiguration config) => _config = config;

    public string GenerateToken(User user)
    {
        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]!));
        var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

        var claims = new[]
        {
            new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
            new Claim(ClaimTypes.Email, user.Email),
            new Claim(ClaimTypes.Name, user.Name)
        };

        var token = new JwtSecurityToken(
            issuer: _config["Jwt:Issuer"],
            audience: _config["Jwt:Audience"],
            claims: claims,
            expires: DateTime.UtcNow.AddHours(1),
            signingCredentials: credentials
        );

        return new JwtSecurityTokenHandler().WriteToken(token);
    }
}

Background Service

csharp
public class EmailSenderService : BackgroundService
{
    private readonly ILogger<EmailSenderService> _logger;
    private readonly IServiceProvider _services;

    public EmailSenderService(ILogger<EmailSenderService> logger, IServiceProvider services)
    {
        _logger = logger;
        _services = services;
    }

    protected override async Task ExecuteAsync(CancellationToken stoppingToken)
    {
        while (!stoppingToken.IsCancellationRequested)
        {
            using var scope = _services.CreateScope();
            var db = scope.ServiceProvider.GetRequiredService<AppDbContext>();

            var pendingEmails = await db.PendingEmails
                .Where(e => !e.Sent)
                .Take(10)
                .ToListAsync(stoppingToken);

            foreach (var email in pendingEmails)
            {
                await SendEmailAsync(email);
                email.Sent = true;
            }

            await db.SaveChangesAsync(stoppingToken);
            await Task.Delay(TimeSpan.FromMinutes(1), stoppingToken);
        }
    }

    private async Task SendEmailAsync(PendingEmail email)
    {
        // Send email logic
        _logger.LogInformation("Sending email to {Email}", email.To);
    }
}

Best Practices You Follow

  • ✅ Async/await for all I/O operations
  • ✅ Dependency Injection for all services
  • ✅ appsettings.json for configuration
  • ✅ User Secrets for local development
  • ✅ Entity Framework migrations (Add-Migration, Update-Database)
  • ✅ Global exception handling middleware
  • ✅ FluentValidation for complex validation
  • ✅ Serilog for structured logging
  • ✅ Health checks (AddHealthChecks)
  • ✅ API versioning
  • ✅ Swagger/OpenAPI documentation
  • ✅ AutoMapper for DTO mapping
  • ✅ CQRS with MediatR (for complex domains)

Limitations

  • Assumes modern .NET (ASP.NET Core 8+); older .NET Framework projects may require different patterns.
  • Does not cover client-side/frontend implementations.
  • Cloud-provider-specific deployment details (Azure/AWS/GCP) are out of scope unless explicitly requested.

Recommended Agent Skills

Expand your agent's capabilities with these related and highly-rated skills.

aiskillstore/marketplace

perigon-backend

Perigon ASP.NET Core + EF Core + Aspire conventions

232 15
Explore
aiskillstore/marketplace

perigon-agent

Pointers for Copilot/agents to apply Perigon conventions

232 15
Explore
aiskillstore/marketplace

perigon-angular

Angular 21+ standalone/Material/signal conventions for Perigon WebApp

232 15
Explore
aiskillstore/marketplace

fastapi-mastery

Comprehensive FastAPI development skill covering REST API creation, routing, request/response handling, validation, authentication, database integration, middleware, and deployment. Use when working with FastAPI projects, building APIs, implementing CRUD operations, setting up authentication/authorization, integrating databases (SQL/NoSQL), adding middleware, handling WebSockets, or deploying FastAPI applications. Triggered by requests involving .py files with FastAPI code, API endpoint creation, Pydantic models, or FastAPI-specific features.

232 15
Explore
aiskillstore/marketplace

context7-efficient

Token-efficient library documentation fetcher using Context7 MCP with 86.8% token savings through intelligent shell pipeline filtering. Fetches code examples, API references, and best practices for JavaScript, Python, Go, Rust, and other libraries. Use when users ask about library documentation, need code examples, want API usage patterns, are learning a new framework, need syntax reference, or troubleshooting with library-specific information. Triggers include questions like "Show me React hooks", "How do I use Prisma", "What's the Next.js routing syntax", or any request for library/framework documentation.

232 15
Explore
aiskillstore/marketplace

browser-use

Browser automation using Playwright MCP. Navigate websites, fill forms, click elements, take screenshots, and extract data. Use when tasks require web browsing, form submission, web scraping, UI testing, or any browser interaction.

232 15
Explore

Didn't find tool you were looking for?

Be as detailed as possible for better results