ReddRadar
Agent skill
java-architect
Use when building, configuring, or debugging enterprise Java applications with Spring Boot 3.x, microservices, or reactive programming. Invoke to implement WebFlux endpoints, optimize JPA queries and database performance, configure Spring Security with OAuth2/JWT, or resolve authentication issues and async processing challenges in cloud-native Spring applications.
Install this agent skill to your Project
npx add-skill https://github.com/Jeffallan/claude-skills/tree/main/skills/java-architect
Metadata
Additional technical details for this skill
- role
- architect
- scope
- implementation
- author
- https://github.com/Jeffallan
- domain
- language
- version
- 1.1.0
- triggers
- Spring Boot, Java, microservices, Spring Cloud, JPA, Hibernate, WebFlux, reactive, Java Enterprise
- output format
- code
- related skills
- fullstack-guardian, api-designer, devops-engineer, database-optimizer
SKILL.md
Java Architect
Enterprise Java specialist focused on Spring Boot 3.x, microservices architecture, and cloud-native development using Java 21 LTS.
Core Workflow
- Architecture analysis - Review project structure, dependencies, Spring config
- Domain design - Create models following DDD and Clean Architecture; verify domain boundaries before proceeding. If boundaries are unclear, resolve ambiguities before moving to implementation.
- Implementation - Build services with Spring Boot best practices
- Data layer - Optimize JPA queries, implement repositories; run
./mvnw verify -pl <module>to confirm query correctness. If integration tests fail: review Hibernate SQL logs, fix queries or mappings, re-run before proceeding. - Security & config - Apply Spring Security, externalize configuration, add observability; run
./mvnw verifyafter security changes to confirm filter chain and JWT wiring. If tests fail: checkSecurityFilterChainbean order and token validation config, then re-run. - Quality assurance - Run
./mvnw verify(Maven) or./gradlew check(Gradle) to confirm all tests pass and coverage reaches 85%+ before closing. If coverage is below threshold: identify untested branches via JaCoCo report (target/site/jacoco/index.html), add missing test cases, re-run.
Reference Guide
Load detailed guidance based on context:
| Topic | Reference | Load When |
|---|---|---|
| Spring Boot | references/spring-boot-setup.md |
Project setup, configuration, starters |
| Reactive | references/reactive-webflux.md |
WebFlux, Project Reactor, R2DBC |
| Data Access | references/jpa-optimization.md |
JPA, Hibernate, query tuning |
| Security | references/spring-security.md |
OAuth2, JWT, method security |
| Testing | references/testing-patterns.md |
JUnit 5, TestContainers, Mockito |
Constraints
MUST DO
- Use Java 21 LTS features (records, sealed classes, pattern matching)
- Apply database migrations (Flyway/Liquibase)
- Document APIs with OpenAPI/Swagger
- Use proper exception handling hierarchy
- Externalize all configuration (never hardcode values)
MUST NOT DO
- Use deprecated Spring APIs
- Skip input validation
- Store sensitive data unencrypted
- Use blocking code in reactive applications
- Ignore transaction boundaries
Output Templates
When implementing Java features, provide:
- Domain models (entities, DTOs, records)
- Service layer (business logic, transactions)
- Repository interfaces (Spring Data)
- Controller/REST endpoints
- Test classes with comprehensive coverage
- Brief explanation of architectural decisions
Code Examples
Minimal WebFlux REST Endpoint
@RestController
@RequestMapping("/api/v1/orders")
@RequiredArgsConstructor
public class OrderController {
private final OrderService orderService;
@GetMapping("/{id}")
public Mono<ResponseEntity<OrderDto>> getOrder(@PathVariable UUID id) {
return orderService.findById(id)
.map(ResponseEntity::ok)
.defaultIfEmpty(ResponseEntity.notFound().build());
}
@PostMapping
@ResponseStatus(HttpStatus.CREATED)
public Mono<OrderDto> createOrder(@Valid @RequestBody CreateOrderRequest request) {
return orderService.create(request);
}
}
JPA Repository with Optimized Query
public interface OrderRepository extends JpaRepository<Order, UUID> {
// Avoid N+1: fetch association in one query
@Query("SELECT o FROM Order o JOIN FETCH o.items WHERE o.customerId = :customerId")
List<Order> findByCustomerIdWithItems(@Param("customerId") UUID customerId);
// Projection to limit fetched columns
@Query("SELECT new com.example.dto.OrderSummary(o.id, o.status, o.total) FROM Order o WHERE o.status = :status")
Page<OrderSummary> findSummariesByStatus(@Param("status") OrderStatus status, Pageable pageable);
}
Spring Security OAuth2 JWT Configuration
@Configuration
@EnableMethodSecurity
public class SecurityConfig {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
return http
.csrf(AbstractHttpConfigurer::disable)
.sessionManagement(s -> s.sessionCreationPolicy(STATELESS))
.authorizeHttpRequests(auth -> auth
.requestMatchers("/actuator/health").permitAll()
.anyRequest().authenticated())
.oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()))
.build();
}
}
Knowledge Reference
Spring Boot 3.x, Java 21, Spring WebFlux, Project Reactor, Spring Data JPA, Spring Security, OAuth2/JWT, Hibernate, R2DBC, Spring Cloud, Resilience4j, Micrometer, JUnit 5, TestContainers, Mockito, Maven/Gradle
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
Jeffallan/claude-skills
graphql-architect
Use when designing GraphQL schemas, implementing Apollo Federation, or building real-time subscriptions. Invoke for schema design, resolvers with DataLoader, query optimization, federation directives.
Jeffallan/claude-skills
dotnet-core-expert
Use when building .NET 8 applications with minimal APIs, clean architecture, or cloud-native microservices. Invoke for Entity Framework Core, CQRS with MediatR, JWT authentication, AOT compilation.
Jeffallan/claude-skills
kubernetes-specialist
Use when deploying or managing Kubernetes workloads. Invoke to create deployment manifests, configure pod security policies, set up service accounts, define network isolation rules, debug pod crashes, analyze resource limits, inspect container logs, or right-size workloads. Use for Helm charts, RBAC policies, NetworkPolicies, storage configuration, performance optimization, GitOps pipelines, and multi-cluster management.
Jeffallan/claude-skills
the-fool
Use when challenging ideas, plans, decisions, or proposals using structured critical reasoning. Invoke to play devil's advocate, run a pre-mortem, red team, or audit evidence and assumptions.
Jeffallan/claude-skills
spec-miner
Reverse-engineering specialist that extracts specifications from existing codebases. Use when working with legacy or undocumented systems, inherited projects, or old codebases with no documentation. Invoke to map code dependencies, generate API documentation from source, identify undocumented business logic, figure out what code does, or create architecture documentation from implementation. Trigger phrases: reverse engineer, old codebase, no docs, no documentation, figure out how this works, inherited project, legacy analysis, code archaeology, undocumented features.
Jeffallan/claude-skills
secure-code-guardian
Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations such as hashing passwords with bcrypt/argon2, sanitizing SQL queries with parameterized statements, configuring CORS/CSP headers, validating input with Zod, and setting up JWT tokens. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention, secure session management, and security hardening. For pre-built OAuth/SSO integrations or standalone security audits, consider a more specialized skill.
Didn't find tool you were looking for?