@moon791017/neo-skills 1.0.1

package/skills/dotnet/SKILL.md

@@ -0,0 +1,41 @@
+---
+name: dotnet
+version: "1.0.0"
+category: "Framework"
+description: 用於廣泛 .NET 工作的核心路由技能。此技能將偵測本機安裝的 .NET SDK 版本（要求 .NET 6+），並根據使用者的問題，將任務引導或準備載入其他合適的子技能（例如 Minimal APIs, MVC, Web API, EF Core）。
+compatibility: "Supports .NET 6.0 and above. Requires .NET SDK installed on the local machine."
+---
+
+# .NET Core Routing Skill
+
+## Overview
+This skill serves as the unified entry point for the .NET development environment. It ensures the system environment meets the requirements for modern .NET development, and has the capability to analyze user requirements, generate corresponding command-line operations, and route to the appropriate domain expert skills.
+
+## Core Responsibilities (Perceive & Act)
+
+1. **Environment Detection and Version Validation**
+   - Run `dotnet --version` to check the currently installed SDK version.
+   - **Mandatory requirement**: Only **.NET 6 or higher** is supported. If a version lower than .NET 6 is detected, prompt the user to upgrade.
+
+2. **Execute Appropriate .NET CLI**
+   - Provide or execute modern CLI commands based on the detected version and project state.
+   - Examples:
+     - Build and run: `dotnet build`, `dotnet run`
+     - Test: `dotnet test`
+     - Package management: `dotnet add package`, `dotnet tool restore`
+
+3. **Requirement Analysis and Dynamic Skill Routing**
+   - Determine the involved domain based on the user's specific problem or project architecture.
+   - If the user's task falls into the following specific domains, please **prepare to load or suggest the user switch to** the corresponding sub-skill (please note that these sub-skills may not be implemented yet; inform the user of the future implementation direction):
+     - **`dotnet-minimal-apis`**: When the requirement is for lightweight routing development, high-performance microservices, and Controllers are not used.
+     - **`dotnet-webapi`**: When the requirement is for traditional RESTful API development following the controller pattern.
+     - **`dotnet-mvc`**: When the requirement involves Server-Side Rendering (SSR), Razor views, and ViewModels.
+     - **`dotnet-ef-core`**: When the requirement involves database migrations, Linq query optimization, or model mapping.
+
+## Usage Guidelines
+When this skill is triggered, please prioritize checking the SDK environment, then answer the user's .NET-related questions. If the problem is found to belong to one of the four professional domains mentioned above, proactively suggest and prepare to delegate it to the corresponding expert skill for processing.
+
+## Documentation
+
+### Official References
+- [.NET CLI Tools Overview](https://learn.microsoft.com/en-us/dotnet/core/tools/)

package/skills/dotnet-ef-core/SKILL.md

@@ -0,0 +1,78 @@
+---
+name: dotnet-ef-core
+version: "1.0.0"
+category: "Framework"
+description: "Entity Framework Core (EF Core) 專家指引。支援從 .NET 6 (LTS) 到 .NET 10 (LTS) 的現代開發模式，涵蓋 Code-First 移轉、查詢優化、陰影屬性與複雜資料建模。"
+compatibility: "Supports .NET 6.0 through 10.0 environments. Compatible with SQL Server, PostgreSQL, MySQL, and SQLite."
+---
+
+# EF Core Expert Skill
+
+## Trigger On
+- The user requests database modeling, writing Linq queries, or handling database migrations.
+- The project contains a `DbContext` class or references the `Microsoft.EntityFrameworkCore` package.
+- There is a need to optimize database access performance or solve N+1 query problems.
+- The task involves complex data relationship design (one-to-many, many-to-many, inheritance mapping).
+
+## Workflow
+1. **Perceive (Model Awareness):**
+   - Check `.csproj` to identify the EF Core version and database provider.
+   - Analyze `DbContext` and entity configurations to confirm whether the Fluent API pattern is adopted.
+   - Identify the current state of Migrations.
+2. **Reason (Planning Phase):**
+   - Evaluate whether queries need `.AsNoTracking()` or `.AsSplitQuery()`.
+   - Determine whether custom interceptors are needed to handle audit fields.
+   - Evaluate whether to use `ExecuteUpdate/Delete` (.NET 7+) for massive data updates.
+3. **Act (Execution Phase):**
+   - Write efficient and safe Linq queries.
+   - Implement entity configuration classes (`IEntityTypeConfiguration`).
+   - Create and execute database migration commands.
+4. **Validate (Standard Validation):**
+   - Check if the generated SQL meets performance expectations (avoiding full table scans).
+   - Validate concurrency conflict handling logic.
+   - Ensure all database accesses follow asynchronous patterns.
+
+## Feature Roadmap (.NET 6 - 10)
+
+### .NET 6 & 7 (Foundation)
+- **Split Queries**: Solve the Cartesian product problem.
+- **Bulk Operations**: Use `ExecuteUpdate/Delete` for high-performance updates.
+- **JSON Columns**: Built-in JSON mapping support.
+- **Compiled Models**: Reduce startup time for large models.
+
+### .NET 8 & 9 (Productivity)
+- **Primitive Collections**: Use simple type collections in queries.
+- **HierarchyId**: Support for SQL Server hierarchical data.
+- **Auto-compiled Queries**: Further optimize the query compilation process.
+- **Complex Types**: Better support for Value Objects.
+
+### .NET 10+ (Cutting Edge)
+- **Advanced Interceptors**: More query lifecycle hooks.
+- **Optimized AOT Support**: AOT pre-compilation optimization for cloud-native environments.
+
+## Coding Standards
+- **Fluent API Preference**: Prioritize entity configuration classes over Data Annotations.
+- **Async Always**: All I/O operations must be asynchronous.
+- **No-Tracking by Default**: Read-only queries must always use `.AsNoTracking()`.
+- **Naming**: Entity names correspond to tables, foreign key names have clear semantics.
+
+## Deliver
+- **Optimized Linq Queries**: Provide query code with the potential for high-performance SQL translation.
+- **Migration Scripts & Guidance**: Provide correct migration commands and manual adjustment suggestions.
+- **Database Schema Design**: Design normalized entity relationships based on business requirements.
+
+## Validate
+- Ensure the provided code complies with EF Core performance best practices.
+- Validate whether the code correctly handles Nulls and database constraints.
+- Confirm database connection and resource release logic is correct (using `using` or Scoped DI).
+
+## Documentation
+### Official References
+- [Entity Framework Core Overview](https://learn.microsoft.com/en-us/ef/core/)
+- [Performance Optimization in EF Core](https://learn.microsoft.com/en-us/ef/core/performance/)
+- [Supported Database Providers](https://learn.microsoft.com/en-us/ef/core/providers/)
+
+### Internal References
+- [EF Core Coding Style and Naming Conventions](reference/coding-style.md)
+- [EF Core Anti-Patterns and Best Practices](reference/anti-patterns.md)
+- [EF Core Modern Patterns Guide](reference/patterns.md)

package/skills/dotnet-ef-core/reference/anti-patterns.md

@@ -0,0 +1,51 @@
+# EF Core Anti-Patterns & Best Practices
+
+This document lists common mistakes in Entity Framework Core development and their corresponding correct practices.
+
+## 1. Performance and Querying
+
+### 1.1 Avoid N+1 Query Problems
+**Problem**: Accessing navigation properties inside a loop, causing an excessive amount of SQL queries to be executed.
+
+- **Bad**: Iterating over Users and accessing `user.Orders` inside the loop without pre-loading.
+- **Good**: Use `.Include(u => u.Orders)` for Eager Loading, or use a dedicated projection.
+
+### 1.2 Avoid Complex C# Functions in Queries
+**Problem**: EF Core cannot translate custom C# methods into SQL, forcing the query to be evaluated on the client-side (In-Memory).
+
+- **Bad**: `Where(u => MyCustomLogic(u.Name))`.
+- **Good**: Use built-in SQL functions or methods provided by `EF.Functions` as much as possible.
+
+---
+
+## 2. Lifecycle Management
+
+### 2.1 Avoid Sharing DbContext
+**Problem**: `DbContext` is not thread-safe. Sharing the same instance across multiple threads or concurrent requests will lead to data corruption or exceptions.
+
+- **Bad**: Storing `DbContext` in a static variable or a singleton service.
+- **Good**: Register `DbContext` with a `Scoped` lifecycle (the default in ASP.NET Core).
+
+### 2.2 Avoid Long Lifecycles
+- **Problem**: Over time, the DbContext's Change Tracker accumulates a massive amount of entities, making queries and `SaveChanges` increasingly slow.
+- **Good**: For large batch tasks, you should periodically dispose of the old Context and create a new instance.
+
+---
+
+## 3. Model Definition
+
+### 3.1 Avoid Over-relying on Data Annotations
+- **Problem**: Entity classes become polluted with database configuration attributes (like `[Table]`, `[Column]`), violating the Single Responsibility Principle.
+- **Good**: Use Fluent API (`IEntityTypeConfiguration`) to maintain the purity of entities.
+
+### 3.2 Avoid Ignoring Concurrency Conflicts
+- **Bad**: When multiple users modify the same data simultaneously, the last one directly overwrites previous modifications.
+- **Good**: Add a `RowVersion` or `Timestamp` column to critical entities to implement optimistic concurrency control.
+
+---
+
+## 4. Tooling and Development
+
+### 4.1 Avoid Decoupling the Development Database from Migration Scripts
+- **Problem**: Directly modifying the database schema without creating Migrations.
+- **Good**: Always use `dotnet ef migrations add` to manage schema changes, ensuring team environment consistency.

package/skills/dotnet-ef-core/reference/coding-style.md

@@ -0,0 +1,42 @@
+# EF Core Coding Conventions
+
+This guide aims to improve the readability and maintainability of Entity Framework Core code, ensuring a high degree of consistency in database model definitions.
+
+## 1. Entities and Modeling
+
+### 1.1 Entity Classes
+- **PascalCase**: All entity class names must correspond to database tables and use `PascalCase` (e.g., `Order`, `ProductCategory`).
+- **Shadow Properties**: For fields that don't need to be exposed to business logic but are required by the database (like `CreatedDate`, `LastUpdated`), shadow properties should be used.
+
+### 1.2 Relationship Naming
+- **Navigation Properties**: Collection types should use plural nouns (e.g., `public ICollection<Order> Orders { get; set; }`), while single entities use singular nouns.
+- **Foreign Key Naming**: Prioritize the `<EntityName>Id` convention (e.g., `CategoryId`).
+
+---
+
+## 2. DbContext Configuration
+
+- **Fluent API First**: Prioritize using `IEntityTypeConfiguration<T>` classes for entity configuration over piling up code in `OnModelCreating` or using Data Annotations on entities.
+- **Configuration Directory**: Place all configuration classes in the `Data/Configurations` directory.
+
+---
+
+## 3. Querying Conventions
+
+- **Asynchronous Execution**: All database access operations must prioritize asynchronous methods (e.g., `ToListAsync()`, `FirstOrDefaultAsync()`).
+- **Read-Only Queries**: For queries that do not require updates, you must explicitly call `.AsNoTracking()` to reduce memory overhead.
+- **Specific Field Projections**: Avoid `Select *`, and use `.Select(x => new Dto { ... })` to retrieve only the required data.
+
+---
+
+## 4. Migrations Management
+
+- **Named Migrations**: Migration names must reflect the content of the change (e.g., `AddUserPhoneNumber`, `FixOrderDiscountTypo`). Random or meaningless names are prohibited.
+- **Prevent Data Loss**: When manually editing migration scripts, you must check for any implicit deletion actions.
+
+---
+
+## 5. File Organization
+
+- **Data Directory**: Place `DbContext`, entity definitions, and configurations under `Data/` or `Infrastructure/Persistence/`.
+- **File-scoped Namespace**: Always use File-scoped Namespaces (C# 10+).

package/skills/dotnet-ef-core/reference/patterns.md

@@ -0,0 +1,53 @@
+# EF Core Modern Patterns
+
+This document introduces recommended development patterns in the Entity Framework Core domain for .NET 6 to 10+.
+
+## 1. Advanced Query Patterns
+
+### 1.1 Split Queries (.NET 6+)
+**Recommendation**: When dealing with complex relationships involving multiple `Include()`s, use `.AsSplitQuery()` to avoid the performance explosion caused by the "Cartesian product".
+
+### 1.2 Compiled Queries
+**Recommendation**: For hot-path queries that are executed frequently and are parameterized, use `EF.CompileAsyncQuery` to improve query efficiency.
+
+---
+
+## 2. Interceptors and Events
+
+### 2.1 SaveChanges Interceptor
+**Recommendation**: Implement a `SaveChangesInterceptor` to automatically handle audit fields (like `CreatedBy`, `CreatedAt`), ensuring the separation of business logic and data persistence concerns.
+
+### 2.2 Query Interceptors (.NET 8+)
+**Recommendation**: Use interceptors to dynamically modify SQL before the query is executed (e.g., automatically adding a global filter).
+
+---
+
+## 3. Advanced Data Operations
+
+### 3.1 Batch Updates and Deletes (ExecuteUpdate / ExecuteDelete) - .NET 7+
+**Recommendation**: For massive update or delete operations that do not require loading entities into memory, directly use `ExecuteUpdateAsync` or `ExecuteDeleteAsync`.
+```csharp
+await context.Orders
+    .Where(o => o.Status == "Expired")
+    .ExecuteDeleteAsync();
+```
+
+### 3.2 Shadow Properties and JSON Mapping
+**Recommendation**: Leverage .NET 7+ enhanced JSON support to map complex structures directly into JSON columns in the database.
+
+---
+
+## 4. Environments and Tooling
+
+### 4.1 DbContextFactory
+**Recommendation**: In Blazor Server or long-running background services, use `IDbContextFactory<T>` to ensure the correct lifecycle of DbContext.
+
+### 4.2 Migrations Bundles
+**Recommendation**: Use `dotnet ef migrations bundle` to generate a self-contained executable, simplifying the database deployment process in CI/CD.
+
+---
+
+## 5. C# 14+ Forward-looking Patterns
+
+### 5.1 Extension Types for Computed Properties on Entities
+**Recommendation**: Leverage C# 14's Extension Types to add computed properties to POCO entities without affecting the database schema.

package/skills/dotnet-minimal-apis/SKILL.md

@@ -0,0 +1,78 @@
+---
+name: dotnet-minimal-apis
+version: "1.0.0"
+category: "Framework"
+description: "開發高效能、輕量級 .NET Minimal API 的專家指引。支援從 .NET 6 (LTS) 到 .NET 10 (LTS) 的現代開發模式，涵蓋路由群組、端點過濾器與符合 OpenAPI 規範的強型別回應。"
+compatibility: "Supports .NET 6.0 through 10.0 environments. Requires .NET SDK installed locally."
+---
+
+# .NET Minimal APIs Expert Skill
+
+## Trigger On
+- The user requests to create, debug, refactor, or review .NET Minimal APIs.
+- The project's `Program.cs` contains `WebApplication.CreateBuilder(args)` and is not configured with a Controllers directory.
+- The target framework is .NET 6.0 (LTS) and above.
+- There is a need to optimize API performance or simplify Web API architecture.
+
+## Workflow
+1. **Perceive (Architecture Awareness):**
+   - Check `.csproj` to identify `TargetFramework`.
+   - Analyze `Program.cs` to distinguish whether it uses simple endpoints or adopts a Module-based or Vertical Slice organization.
+   - Identify whether OpenAPI (Swagger) support has been configured.
+2. **Reason (Planning Phase):**
+   - Evaluate whether "Route Groups" need to be introduced to optimize organizational structure.
+   - Determine whether to use "Endpoint Filters" to handle cross-cutting concerns (such as parameter validation).
+   - Choose the most appropriate syntax based on the .NET version (e.g., `TypedResults` in .NET 7+).
+3. **Act (Execution Phase):**
+   - Write clean, high-performance Minimal API code, prioritizing Lambdas or extension methods.
+   - Implement strong typing and DTOs (prioritize using `record`).
+   - Integrate dependency injection, avoiding the Service Locator pattern.
+4. **Validate (Standard Validation):**
+   - Validate whether the endpoints correctly return expected HTTP status codes.
+   - Check whether the generated OpenAPI documentation is complete.
+   - Ensure asynchronous operations correctly pass the `CancellationToken`.
+
+## Feature Roadmap (.NET 6 - 10)
+
+### .NET 6 & 7 (Foundation)
+- **Minimal Hosting**: Simplified startup process and top-level statements.
+- **Route Groups**: Use `MapGroup` to consolidate prefixes and authentication.
+- **Endpoint Filters**: Implement interception logic within Minimal APIs.
+- **Typed Results**: Improved unit testing and Swagger support.
+
+### .NET 8 & 9 (Productivity)
+- **Antiforgery**: Built-in anti-forgery token support.
+- **Form Binding**: Support for `[FromForm]` parameter binding.
+- **HybridCache**: High-performance multi-level caching support.
+- **OpenAPI Improvements**: Better OpenAPI code generation.
+
+### .NET 10+ (Cutting Edge)
+- **Native AOT Optimization**: AOT-optimized compilation tailored for Minimal APIs.
+- **Enhanced Middleware Patterns**: New middleware designed for lightweight architectures.
+
+## Coding Standards
+- **Clean Routing**: Prioritize using extension methods to modularize routes.
+- **Strong Typing**: Prioritize using `TypedResults` and `Results<T1, T2>`.
+- **Async Safety**: Always accept and pass down `CancellationToken`.
+- **DI Best Practices**: Services should be defined directly in the Handler parameters.
+
+## Deliver
+- **Version-Optimized API Code**: Provide the most appropriate modern API code based on the target .NET version.
+- **Modular Architecture**: Provide structural suggestions for extracting `Program.cs` routes into extension methods.
+- **OpenAPI Configuration**: Provide comprehensive Swagger/OpenAPI configuration suggestions.
+
+## Validate
+- Ensure the provided code executes correctly in a .NET 6+ environment.
+- Validate endpoint security (authentication, authorization, Antiforgery).
+- Check if the code complies with high-performance best practices for Minimal APIs (e.g., avoiding closures, reducing allocations).
+
+## Documentation
+### Official References
+- [Minimal APIs Overview](https://learn.microsoft.com/en-us/aspnet/core/fundamentals/minimal-apis)
+- [Route groups and filters](https://learn.microsoft.com/en-us/aspnet/core/fundamentals/minimal-apis/route-handlers)
+- [Typed responses in Minimal APIs](https://learn.microsoft.com/en-us/aspnet/core/fundamentals/minimal-apis/responses)
+
+### Internal References
+- [Minimal APIs Coding Style and Naming Conventions](reference/coding-style.md)
+- [Minimal APIs Anti-Patterns and Best Practices](reference/anti-patterns.md)
+- [Minimal APIs Modern Patterns Guide](reference/patterns.md)

package/skills/dotnet-minimal-apis/reference/anti-patterns.md

@@ -0,0 +1,59 @@
+# .NET Minimal APIs Anti-Patterns & Best Practices
+
+This document lists common mistakes in Minimal APIs development and their corresponding correct practices.
+
+## 1. Routing & Organization
+
+### 1.1 Avoid Fat `Program.cs`
+**Problem**: Stuffing all routes, DI registrations, and middleware into `Program.cs`, leading to maintenance difficulties.
+
+- **Bad**: Writing hundreds of lines of `app.MapGet` in a single file.
+- **Good**: Use extension methods to split routes for different modules into separate files.
+
+### 1.2 Avoid Ignoring Route Conflicts
+**Problem**: Minimal APIs routing matching is extremely flexible; improper parameter definitions can lead to route conflicts.
+
+- **Bad**: `/users/{id}` (int) and `/users/{name}` (string) existing simultaneously without constraints.
+- **Good**: Use route constraints, e.g., `/users/{id:int}`.
+
+---
+
+## 2. Response Handling
+
+### 2.1 Avoid Overusing Anonymous Type Responses
+**Problem**: Returning `Results.Ok(new { id = 1 })` prevents Swagger from determining the response structure.
+
+- **Bad**: Returning anonymous objects.
+- **Good**: Define explicit `DTO`s or `Record`s and use `TypedResults`.
+
+### 2.2 Avoid Ignoring `TypedResults`
+- **Problem**: `Results.Ok()` returns an `IResult`, requiring casting in unit tests to verify the content.
+- **Good**: Use `TypedResults.Ok(data)`, which returns `Ok<T>`, allowing direct testing of the `Value` property.
+
+---
+
+## 3. Performance & Async
+
+### 3.1 Avoid Synchronous Blocking in Handlers
+- **Problem**: Using synchronous APIs (like `File.ReadAllText`) inside Lambdas blocks the Thread Pool.
+- **Good**: Always use `await` and asynchronous versions (like `File.ReadAllTextAsync`).
+
+### 3.2 Forgetting to Pass `CancellationToken`
+- **Problem**: When a user cancels a request (closes the browser), the backend continues to execute expensive queries.
+- **Good**: Include `CancellationToken ct` in Handler parameters and pass it down to databases or HTTP clients.
+
+---
+
+## 4. Dependency Injection
+
+### 4.1 Avoid Manually Retrieving Services from `app.Services` (Service Locator)
+- **Bad**: `var service = app.Services.GetRequiredService<IMyService>();`.
+- **Good**: Declare services directly in the Handler parameters to have the framework auto-inject them.
+
+---
+
+## 5. Documentation
+
+### 5.1 Ignoring Status Code Attributes
+- **Problem**: Swagger only displays `200 OK`, ignoring `404 NotFound` or `400 BadRequest`.
+- **Good**: Use `.Produces<T>(StatusCodes.Status200OK)` or directly return `Results<T1, T2>`.

package/skills/dotnet-minimal-apis/reference/coding-style.md

@@ -0,0 +1,54 @@
+# .NET Minimal APIs Coding Conventions
+
+This guide aims to improve the development efficiency of Minimal APIs and ensure a high degree of consistency in endpoint and routing logic organization.
+
+## 1. Routing Naming and Syntax
+
+### 1.1 Route Templates
+- **Kebab-case**: Route paths should prioritize lowercase letters separated by hyphens (e.g., `/api/v1/user-profiles`).
+- **Parameter Naming**: Route parameter names should match the Handler's parameter names. Uppercase or lowercase can be used, but maintaining project consistency is recommended (e.g., `/{id}` matches `int id`).
+
+### 1.2 Route Groups
+- **Semantic Prefixes**: For endpoints sharing the same prefix or middleware, `MapGroup` must be used for logical grouping.
+- **Isolated Declarations**: Avoid writing massive amounts of routes directly in `Program.cs`. It is recommended to extract group routes into separate files using extension methods.
+  ```csharp
+  // Recommended: Extracted into UserEndpoints.cs
+  public static class UserEndpoints
+  {
+      public static IEndpointRouteBuilder MapUserEndpoints(this IEndpointRouteBuilder routes)
+      {
+          var group = routes.MapGroup("/users");
+          group.MapGet("/", GetAllUsers);
+          return routes;
+      }
+  }
+  ```
+
+---
+
+## 2. Handlers
+
+- **Anonymous Functions vs. Named Methods**: For single-line or simple logic, Lambdas can be used. If the logic exceeds 3 lines, it should be changed to static named methods or extracted into services.
+- **Dependency Injection**: Inject services directly into the Handler parameters.
+- **CancellationToken**: All asynchronous Handlers returning `Task` should prioritize accepting `CancellationToken` and passing it downstream.
+
+---
+
+## 3. Response Types (Results)
+
+- **TypedResults**: To enhance OpenAPI (Swagger) static analysis capabilities, prioritize using `TypedResults` over `Results`.
+- **Results<T1, T2>**: When an endpoint may return multiple status codes, use `Results<T1, T2>` to provide strong typing support.
+  ```csharp
+  public static async Task<Results<Ok<User>, NotFound>> GetUser(int id, IUserRepository repo)
+  {
+      var user = await repo.GetByIdAsync(id);
+      return user is not null ? TypedResults.Ok(user) : TypedResults.NotFound();
+  }
+  ```
+
+---
+
+## 4. File Organization
+
+- **Vertical Slice**: It is recommended to organize files by feature module rather than by class type (e.g., `Features/Users/UserEndpoints.cs`, `Features/Users/UserDto.cs`).
+- **File-scoped Namespace**: Always use File-scoped Namespaces (C# 10+) to reduce nesting.

package/skills/dotnet-minimal-apis/reference/patterns.md

@@ -0,0 +1,68 @@
+# .NET Minimal APIs Modern Patterns
+
+This document introduces recommended development patterns in the Minimal APIs domain for .NET 6 to 10+.
+
+## 1. Architectural Patterns
+
+### 1.1 Module-based Configuration
+**Recommendation**: Use extension methods to extract routing configuration from `Program.cs`, keeping the startup file clean.
+```csharp
+// Program.cs
+app.MapUserEndpoints();
+app.MapOrderEndpoints();
+```
+
+### 1.2 Endpoint Filters (.NET 7+)
+**Recommendation**: Use filters to handle cross-cutting logic (like validation, logging), instead of writing duplicate code within Handlers.
+```csharp
+group.MapPost("/", CreateUser)
+     .AddEndpointFilter<ValidationFilter<UserDto>>();
+```
+
+---
+
+## 2. Data Transfer and Validation
+
+### 2.1 Use Record for DTOs
+**Recommendation**: Combine with the `[AsParameters]` attribute to simplify the Handler's parameter list.
+```csharp
+// Use [AsParameters] to map from multiple sources
+app.MapGet("/search", ([AsParameters] SearchCriteria criteria) => { ... });
+
+public record SearchCriteria(string? Query, int Page = 1, int PageSize = 10);
+```
+
+### 2.2 Typed Results (.NET 7+)
+**Recommendation**: Use `Results<T1, T2>` to enhance Swagger's automatic documentation capabilities and the convenience of unit testing.
+
+---
+
+## 3. Security and Documentation
+
+### 3.1 OpenAPI (Swagger) Integration
+**Recommendation**: Use `.WithOpenApi()` and `.WithName()` to explicitly mark endpoints.
+```csharp
+app.MapGet("/users", () => ...)
+   .WithName("GetUsers")
+   .WithOpenApi(operation => 
+   {
+       operation.Summary = "Get all users";
+       return operation;
+   });
+```
+
+### 3.2 Antiforgery (.NET 8+)
+**Recommendation**: Use `.DisableAntiforgery()` or `.ValidateAntiforgery()` directly in Minimal APIs.
+
+---
+
+## 4. Performance Optimization
+
+### 4.1 HybridCache (.NET 9+)
+**Recommendation**: Use `HybridCache` instead of `IDistributedCache` for better serialization performance and to prevent cache stampedes.
+
+### 4.2 Static Endpoint Optimization
+**Recommendation**: For endpoints that do not depend on the request context, use static Lambdas to reduce closure allocations.
+```csharp
+app.MapGet("/health", static () => "Healthy");
+```

package/skills/dotnet-mvc/SKILL.md

@@ -0,0 +1,78 @@
+---
+name: dotnet-mvc
+version: "1.0.0"
+category: "Framework"
+description: "開發 ASP.NET Core MVC 應用程式的專家指引。支援從 .NET 6 (LTS) 到 .NET 10 (LTS) 的現代開發模式，涵蓋視圖模型、標籤協助程式、視圖元件與伺服器端渲染的最佳實踐。"
+compatibility: "Supports .NET 6.0 through 10.0 environments. Requires .NET SDK installed locally."
+---
+
+# .NET MVC Expert Skill
+
+## Trigger On
+- The user requests to create, debug, refactor, or review ASP.NET Core MVC applications.
+- The project contains `Views` and `Controllers` directories and inherits from `Controller` (not `ControllerBase`).
+- The target framework is .NET 6.0 (LTS) and above.
+- There is a need to optimize Server-Side Rendering (SSR) performance or improve view organizational structure.
+
+## Workflow
+1. **Perceive (Architecture Awareness):**
+   - Check `.csproj` to identify `TargetFramework`.
+   - Analyze `Views/Shared` to confirm existing configurations for layouts and partial views.
+   - Identify whether Tag Helpers and static resource versioning are enabled.
+2. **Reason (Planning Phase):**
+   - Evaluate whether complex Partial Views need to be migrated to View Components.
+   - Determine whether custom Tag Helpers are needed to simplify UI logic.
+   - Choose an appropriate ViewModel organization method based on project scale.
+3. **Act (Execution Phase):**
+   - Write high-quality controllers and strongly-typed views.
+   - Implement data validation (Data Annotations) and integrate them into ViewModels.
+   - Configure and use Tag Helpers to ensure the semantic correctness of forms and links.
+4. **Validate (Standard Validation):**
+   - Validate whether page rendering conforms to the expected HTML structure.
+   - Check whether model validation correctly operates on both the frontend and backend.
+   - Ensure Antiforgery tokens are correctly applied to all state-modifying requests.
+
+## Feature Roadmap (.NET 6 - 10)
+
+### .NET 6 & 7 (Foundation)
+- **Tag Helpers**: Declarative HTML attribute extensions.
+- **View Components**: Logic-driven UI block modularization.
+- **Cache Tag Helper**: Server-side view fragment caching.
+- **Nullable Views**: Better Razor null safety support.
+
+### .NET 8 & 9 (Productivity)
+- **Blazor Integration**: Hybrid development support for MVC and Blazor components.
+- **Antiforgery Improvements**: Global anti-forgery automatic validation optimization.
+- **Keyed Services in Controllers**: Finer-grained dependency injection support.
+- **Native AOT for MVC**: Metadata compilation optimization tailored for AOT.
+
+### .NET 10+ (Cutting Edge)
+- **Extension Members for IHtmlHelper**: Extending view helper functions.
+- **Advanced Serialization in Views**: Performance optimization for large view models.
+
+## Coding Standards
+- **Strongly Typed Views**: All views must have an explicit `@model`.
+- **ViewModel Separation**: Strictly prohibit exposing database entities directly to views.
+- **Naming**: View models must end with `ViewModel`, action methods prioritize asynchronous patterns.
+- **Formatting**: Follow the Allman style and use Tag Helpers instead of HTML Helpers.
+
+## Deliver
+- **Version-Optimized MVC Code**: Provide modernized controllers, models, and views suitable for the target version.
+- **UI Architecture Suggestions**: Provide design suggestions for view components and Tag Helpers.
+- **Validation Logic**: Provide a complete model validation and error prompting implementation plan.
+
+## Validate
+- Ensure the code complies with C# 10+ syntax standards.
+- Validate endpoints correctly handle model validation failures and return form states.
+- Confirm static resources and scripts are correctly cached via `asp-append-version`.
+
+## Documentation
+### Official References
+- [Overview of ASP.NET Core MVC](https://learn.microsoft.com/en-us/aspnet/core/mvc/overview)
+- [Tag Helpers in ASP.NET Core](https://learn.microsoft.com/en-us/aspnet/core/mvc/views/tag-helpers/intro)
+- [View components in ASP.NET Core](https://learn.microsoft.com/en-us/aspnet/core/mvc/views/view-components)
+
+### Internal References
+- [MVC Coding Style and Naming Conventions](reference/coding-style.md)
+- [MVC Anti-Patterns and Best Practices](reference/anti-patterns.md)
+- [MVC Modern Patterns Guide](reference/patterns.md)

package/skills/dotnet-mvc/reference/anti-patterns.md

@@ -0,0 +1,49 @@
+# .NET MVC Anti-Patterns & Best Practices
+
+This document lists common mistakes in ASP.NET Core MVC development and their corresponding correct practices.
+
+## 1. Views and Data Transfer (Views & Data)
+
+### 1.1 Avoid Writing Too Much Logic in Views
+**Problem**: Using massive amounts of `if`, `switch`, or `foreach` for complex calculations in `.cshtml` files.
+
+- **Bad**: Views containing database queries or complex business rules.
+- **Good**: All pre-display processing should be done in the Controller or ViewModel; the view should only be responsible for rendering.
+
+### 1.2 Avoid Overusing `ViewData` or `ViewBag`
+**Problem**: `ViewData/ViewBag` are dynamic and lack type safety, which easily leads to runtime errors.
+
+- **Bad**: Relying on string keys to pass large amounts of data.
+- **Good**: Always create strongly-typed `ViewModel`s and use the `@model` directive.
+
+---
+
+## 2. Resource Management & Performance
+
+### 2.1 Avoid Ignoring Static File Caching
+- **Problem**: Redownloading the same CSS/JS every time the page is refreshed.
+- **Good**: Correctly configure Cache-Control Headers in `app.UseStaticFiles()`.
+
+### 2.2 Avoid Calling `@Html.Action` in Loops (Legacy Style)
+- **Problem**: In .NET Core and later, mechanisms that trigger full sub-requests frequently should be avoided.
+- **Good**: Switch to `ViewComponent`s to achieve higher execution efficiency.
+
+---
+
+## 3. Security
+
+### 3.1 Avoid Disabling Antiforgery Validation
+- **Bad**: Marking `[IgnoreAntiforgeryToken]` on POST actions to save effort.
+- **Good**: Enable Antiforgery token validation globally and ensure all forms contain the Hidden Token.
+
+### 3.2 Avoid Directly Returning HTML Strings
+- **Problem**: Returning HTML code directly from the Controller.
+- **Good**: Always use Razor views to let the system automatically handle HTML escaping, preventing XSS attacks.
+
+---
+
+## 4. Development Practices
+
+### 4.1 Avoid Ignoring Model Validation State
+- **Bad**: Processing data directly in POST actions without checking `if (!ModelState.IsValid)`.
+- **Good**: Check the validation state first. If it fails, redirect back to the form page and display error messages.