Turn your coding agent into a senior production engineer.
Skill pack for FastAPI, PostgreSQL, Docker, deployment, and observability — works with Claude Code, Codex, and any AGENTS.md-compatible agent CLI.
Install · Commands · Skills · /production check · Architecture
Stop shipping demo-quality code. AI generates code fast — this skill pack makes it generate code that survives production.
| Metric | Source |
|---|---|
| 45% of AI-generated code has security vulnerabilities | State of Software Delivery 2025 |
| 67% of developers spend MORE time debugging AI code | Developer Survey 2025 |
| 78% of Fortune 500 companies are adopting AI coding | Enterprise AI Report 2026 |
The gap between "it works" and "it survives Black Friday at 3 AM" is what this skill pack closes.
Every Claude Code skill teaches how to build something. None teach how to make it survive production. Missing health checks, unsafe migrations, root containers, no graceful shutdown — these are the things that page you at 3 AM.
production-stack-skills is the senior engineer sitting next to you that catches these issues before they ship.
curl -fsSL https://raw.githubusercontent.com/vstorm-co/production-stack-skills/main/install.sh | bashThe installer mirrors skills into both ~/.claude/ and ~/.agents/ — so the same install works with Claude Code, Codex, or any AGENTS.md-compatible agent CLI without extra steps.
git clone https://github.com/vstorm-co/production-stack-skills.git
cd production-stack-skills
./install.sh- An agent CLI — Claude Code, Codex, or any AGENTS.md-compatible agent
- Python 3.10+ — for audit scripts
- Git — for cloning
curl -fsSL https://raw.githubusercontent.com/vstorm-co/production-stack-skills/main/uninstall.sh | bash| Command | What It Does |
|---|---|
/production check |
Full audit with 0-100 score and prioritized action plan |
/production score |
Quick 60-second headline score |
/production fastapi |
Apply FastAPI production patterns |
/production postgres |
Safe migrations, pooling, indexes |
/production docker |
Multi-stage builds, non-root, minimal images |
/production deploy |
Pre-deployment checklist |
/production monitoring |
OTEL traces, structured logging, metrics, alerts |
/production security |
Secrets, CORS, auth, rate limiting, OWASP checks |
/production errors |
Error taxonomy, retries, circuit breakers |
/production review |
Production-readiness code review |
/production plan |
Architecture planning with production constraints |
/production report |
Shareable Markdown readiness report |
The flagship command. Scans your entire project across six categories and scores it 0-100:
## Production Readiness Audit
Project: my-fastapi-app
Stack: Python 3.12 / FastAPI 0.115 / PostgreSQL 16 / Docker
Score: 34/100 — Grade F
| Category | Score | Weight | Weighted |
|-----------------------------|--------|--------|----------|
| Security Fundamentals | 40/100 | 25% | 10 |
| Error Handling & Resilience | 25/100 | 20% | 5 |
| Observability | 20/100 | 20% | 4 |
| Deployment Readiness | 50/100 | 15% | 7.5 |
| Database Patterns | 60/100 | 10% | 6 |
| Container Hygiene | 15/100 | 10% | 1.5 |
| Total | | | 34/100 |
Quick Wins (< 5 minutes each):
[+12 pts] Replace print() with structlog
[+8 pts] Add /health/live and /health/ready endpoints
[+6 pts] Add USER directive to Dockerfile
[+4 pts] Add .dockerignore
Fix these 4 items → score jumps from 34 to ~64.
| Skill | What It Teaches | Works With |
|---|---|---|
| production-check | Full audit with 0-100 scoring, parallel analysis, prioritized action plan | Any stack |
| production-review | Production-readiness code review — security, errors, logging, config, performance | Python, Node.js, Go, Java |
| production-planner | Architecture planning with scalability, failure modes, cost constraints | Any stack |
| production-fastapi | Lifespan, ASGI middleware, structured logging, health checks, Pydantic v2, async | Python / FastAPI |
| production-postgres | Zero-downtime migrations, indexing strategies, connection pooling, schema design | PostgreSQL |
| production-docker | Multi-stage builds, non-root, distroless, BuildKit secrets, security scanning | Docker / OCI |
| production-deploy | Pre-deployment checklist, migration classification, rollback playbook, CI/CD | Any CI/CD |
| production-monitoring | OpenTelemetry, structlog, Prometheus metrics, health endpoints, SLO definition | Any stack (OTEL) |
| production-security | Secrets management, CORS, JWT, rate limiting, security headers, OWASP Top 10 | Any stack |
| production-error-handling | Error taxonomy, retry with backoff, circuit breakers, graceful degradation, DLQ | Any stack |
Skills trigger automatically based on context and reinforce each other:
"Create a FastAPI endpoint"
→ production-fastapi activates: structured logging, health checks, error handling
"Write a migration to add a NOT NULL column"
→ production-postgres activates: 3-step safe pattern, lock_timeout, rollback script
"Create a Dockerfile"
→ production-docker activates: multi-stage, non-root, distroless, HEALTHCHECK
"Is this production ready?"
→ production-check activates: full 6-category audit with score
After completing one skill, related skills are suggested:
"Your FastAPI patterns are solid. Run
/production dockerto harden your container, and/production checkfor a full audit."
production/SKILL.md ← Orchestrator (routes /production subcommands)
│
├── skills/
│ ├── production-check/ ← Full audit with 0-100 scoring
│ ├── production-fastapi/ ← FastAPI production patterns
│ ├── production-postgres/ ← PostgreSQL safety & performance
│ ├── production-docker/ ← Container hardening
│ ├── production-deploy/ ← Pre-deployment validation
│ ├── production-monitoring/ ← Observability
│ ├── production-security/ ← Security hardening
│ ├── production-error-handling/ ← Resilience patterns
│ ├── production-review/ ← Code review
│ └── production-planner/ ← Architecture planning
│
├── agents/ ← Parallel audit subagents
├── checklists/ ← Reusable reference checklists
├── install.sh ← One-command installer
└── uninstall.sh
- Opinionated over generic — We recommend specific tools and patterns, not abstract advice
- Production-proven — Every pattern comes from real incident post-mortems
- Fail-safe defaults — When in doubt, the safer option wins
- Progressive adoption — Each skill works alone; together they cover the full stack
- LLM judges taste; scripts judge facts — Deterministic checks where possible, LLM judgment where needed
Pull requests welcome. Pattern to add new skills:
- Create skill directory in
skills/production-<name>/ - Add
SKILL.mdwith frontmatter (name, description) and content - Add to orchestrator router in
production/SKILL.md - Add auditor in
agents/if parallel audit needed - Optional: templates in
templates/, references inreferences/
production-stack-skills is part of a broader open-source ecosystem for production AI agents:
| Project | Description | |
|---|---|---|
| pydantic-deep | The batteries-included deep agent harness for Python. Terminal AI assistant or production agents with one function call. |  |
| full-stack-ai-agent-template | Zero to production AI app in 30 minutes. FastAPI + Next.js 15, 6 AI frameworks, RAG pipeline, 75+ config options. |  |
| content-skills | Claude Code content studio — blog, social, slides, video, infographics — all brand-aware. |  |
| pydantic-ai-shields | Drop-in guardrails for Pydantic AI agents. 5 infra + 5 content shields. |  |
| pydantic-ai-subagents | Declarative multi-agent orchestration with token tracking. |  |
| summarization-pydantic-ai | Smart context compression for long-running agents. |  |
| pydantic-ai-backend | Sandboxed execution for AI agents. Docker + Daytona. |  |
Browse all projects at oss.vstorm.co
MIT — see LICENSE
