AI-first engineering workflows for Java and Spring Boot
The same discipline that powers my Drupal AI system —
now built for the Spring Boot ecosystem.
Inconsistent codebase patterns across PRs
Security gaps that pass code review
Technical debt that compounds with every feature
Each skill file encodes deep expertise for one area of the Spring ecosystem. The AI loads only what it needs — no bloated context, no guessed patterns.
Agents are task-specific. Each one knows its domain, loads the right skills, and applies a precise quality bar before returning results.
General Java/Spring code review — correctness, patterns, N+1 risks, missing null checks, performance.
Deep security audit — JWT implementation, Spring Security config, OWASP Top 10, dependency CVEs.
Test quality review — JUnit 5/Mockito correctness, coverage gaps, missing edge and security cases.
REST API design — endpoint naming, HTTP methods, response codes, OpenAPI documentation completeness.
Rules are always-on. They apply to every agent, every task, every output — without being loaded explicitly. No discipline required from the engineer calling the AI.
Hooks are shell scripts that execute automatically on Claude Code events. Tests run. Style is checked. The spec is validated. No manual setup required per-session.
Runs mvn test (or Gradle) after Java file edits. Build failure blocks the next action.
Runs Checkstyle against the project ruleset. Enforces code style without a human in the loop.
Generates the OpenAPI spec and validates it with Redocly. Catches undocumented endpoints and schema errors.
Hooks execute outside the AI context — deterministic, not probabilistic. Configured in .claude/settings.json.
Run from any Spring Boot project. Reviews the current branch diff against main, or a specific PR by number.
These are actual files from the repository. Drop them into your Spring Boot project and they work immediately.
# N+1 Prevention
## Bad: triggers N+1 when accessing user.getOrders()
List<User> users = userRepository.findAll();
## Good: JOIN FETCH
@Query("SELECT u FROM User u LEFT JOIN FETCH u.orders WHERE u.status = 'ACTIVE'")
List<User> findActiveUsersWithOrders();
## Good: EntityGraph
@EntityGraph(attributePaths = {"orders", "orders.items"})
List<User> findAll();
# Transactions
@Service
@Transactional(readOnly = true) // default for reads
public class OrderService {
@Transactional // override for writes
public OrderResponse createOrder(CreateOrderRequest request) {
// all saves here run in one transaction
}
}
## Security checklist
**Authentication**
- [ ] JWT secret loaded from environment variable, not hardcoded
- [ ] Token expiry validated on every request
- [ ] Refresh token rotation implemented
**Authorization**
- [ ] All endpoints explicitly permitted or protected
- [ ] @PreAuthorize used for method-level control
- [ ] No privilege escalation paths
**Input Validation**
- [ ] All request bodies validated with @Valid
- [ ] No string concatenation in JPQL or native SQL
- [ ] File upload size limits enforced
**Data Security**
- [ ] Passwords hashed with BCrypt (strength ≥ 12)
- [ ] PII never logged at any level
- [ ] `password` field excluded from JSON responses# PR Review — feature/add-order-endpoint
## Summary
Adds the POST /api/v1/orders endpoint and the associated
OrderService and OrderRepository. Architecture is correct.
Two blocking issues must be resolved before merge.
## Risk Level
Medium
## JPA / Database Review
⚠ BLOCKER — OrderService.createOrder() lacks @Transactional.
If the save() fails after the status update, the DB is left
in a partially-written state.
## Architecture Review
⚠ BLOCKER — OrderController.getOrder() returns the Order entity
directly. Expose OrderResponse DTO to decouple the DB schema
from the API contract.
## Testing Review
Missing: createOrder_whenUserNotFound_throwsNotFoundException
Missing: getOrder_whenUnauthenticated_returns401
## Final Recommendation
REQUEST CHANGESSenior Software Engineer and international speaker focused on Java, Spring Boot, Drupal, and AI-assisted engineering workflows.
Use it. Fork it. Adapt it to your stack. Or use it as a reference to build your own AI engineering system.
Sponsored by heydru! — Enterprise backend engineering and AI-assisted development workflows.