system-design

📁 pluginagentmarketplace/custom-plugin-cloudflare 📅 Jan 31, 2026

总安装量

周安装量

#53934

全站排名

安装命令

npx skills add https://github.com/pluginagentmarketplace/custom-plugin-cloudflare --skill system-design

Agent 安装分布

opencode 3

claude-code 3

github-copilot 3

codex 3

continue 3

cursor 3

Skill 文档

System Design Skill

Quick Reference

Pattern	Best For	Complexity	Scaling
Monolith	Startups, MVPs	Low	Limited
Microservices	Large teams	High	Excellent
Serverless	Event-driven	Medium	Auto
Event-Driven	High throughput	High	Excellent

Scalability Progression

Level 1: Single Server
    â
    â¼ Bottleneck: CPU/Memory
Level 2: Load Balancer + Multiple Servers
    â
    â¼ Bottleneck: Database reads
Level 3: Caching Layer (Redis)
    â
    â¼ Bottleneck: Database writes
Level 4: Read Replicas
    â
    â¼ Bottleneck: Single DB limits
Level 5: Sharding / Partitioning
    â
    â¼ Bottleneck: Cross-shard queries
Level 6: CQRS + Event Sourcing

Architecture Decision Tree

What's your team size and product stage?
â
âââº Team < 10, product unclear
â   âââº Monolith (start simple)
â
âââº Team > 10, clear domain boundaries
â   âââº Microservices
â
âââº Variable workloads, pay-per-use
â   âââº Serverless
â
âââº High throughput, async workflows
    âââº Event-Driven

API Design

REST Best Practices

GET    /api/v1/users              # List
GET    /api/v1/users/{id}         # Get
POST   /api/v1/users              # Create
PUT    /api/v1/users/{id}         # Replace
PATCH  /api/v1/users/{id}         # Update
DELETE /api/v1/users/{id}         # Delete

GET    /api/v1/users/{id}/orders  # Nested

HTTP Status Codes

Code	Meaning	Use When
200	OK	GET/PUT/PATCH success
201	Created	POST success
204	No Content	DELETE success
400	Bad Request	Invalid input
401	Unauthorized	No/invalid auth
403	Forbidden	No permission
404	Not Found	Resource missing
429	Too Many Requests	Rate limited
500	Server Error	Server failure

Database Selection

Use Case	Best Choice	Notes
Transactions	PostgreSQL	ACID, most versatile
High write	Cassandra	Write-optimized
Caching	Redis	Sub-millisecond
Search	Elasticsearch	Full-text search
Analytics	BigQuery	Column-store
Time-series	TimescaleDB	Time-based data
Graph	Neo4j	Relationships

Security: OWASP Top 10 (2025)

#	Vulnerability	Prevention
1	Broken Access Control	Verify auth on every request
2	Cryptographic Failures	TLS 1.3, AES-256, Argon2
3	Injection	Parameterized queries
4	Insecure Design	Threat modeling
5	Security Misconfiguration	Harden defaults
6	Vulnerable Components	Dependency scanning
7	Auth Failures	MFA, rate limiting
8	Data Integrity	Sign data, verify sources
9	Logging Failures	Comprehensive logging
10	SSRF	Allowlist URLs

Encryption Standards

Layer	Standard	Notes
In Transit	TLS 1.3	HTTPS everywhere
At Rest	AES-256	Encrypt sensitive data
Passwords	Argon2id	bcrypt acceptable
API Keys	SHA-256	Store hashed

Threat Modeling: STRIDE

âââââââââââââââââââââââââââââââââââââââââââ
â              STRIDE MODEL                â
âââââââââââââââââââââââââââââââââââââââââââ¤
â  S - Spoofing                           â
â      â Strong auth, MFA                 â
â                                         â
â  T - Tampering                          â
â      â Integrity checks, signatures     â
â                                         â
â  R - Repudiation                        â
â      â Audit logging                    â
â                                         â
â  I - Information Disclosure             â
â      â Encryption, access control       â
â                                         â
â  D - Denial of Service                  â
â      â Rate limiting, DDoS protection   â
â                                         â
â  E - Elevation of Privilege             â
â      â Least privilege, RBAC            â
âââââââââââââââââââââââââââââââââââââââââââ

Compliance Requirements

Standard	Domain	Key Requirements
GDPR	EU Data	Consent, right to delete
HIPAA	Healthcare	PHI encryption, audit logs
SOC 2	Services	Security controls
PCI DSS	Payments	Card data protection
CCPA	CA Privacy	Consumer rights

Disaster Recovery

Strategy	RTO	RPO	Cost
Backup/Restore	Hours	Hours	Low
Pilot Light	10s min	Minutes	Medium
Warm Standby	Minutes	Seconds	High
Active-Active	Seconds	Zero	Very High

Troubleshooting

System not scaling?
âââº Database bottleneck? â Add caching, replicas
âââº Single point of failure? â Add redundancy
âââº Stateful services? â Make stateless
âââº Network limits? â CDN, optimize payloads

Security incident response?
âââº 1. CONTAIN: Isolate affected systems
âââº 2. IDENTIFY: Scope and entry point
âââº 3. ERADICATE: Remove threat, patch
âââº 4. RECOVER: Restore from clean backup
âââº 5. LEARN: Post-mortem, improve

Common Failure Modes

Symptom	Root Cause	Recovery
Cascading failures	Tight coupling	Circuit breakers
Works locally	Env differences	Containers, IaC
Data breach	Missing controls	Audit, RBAC
Audit failed	Missing compliance	Gap analysis

Next Actions

Describe your system requirements for architecture recommendations.

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台