{
  "instruction": "Use guards for authentication/authorization, interceptors for cross-cutting concerns like logging",
  "relevant_when": "Agent implements authentication, authorization, logging, or response transformation in NestJS",
  "context": "NestJS execution order: Middleware -> Guards -> Interceptors (before) -> Pipes -> Route Handler -> Interceptors (after) -> Exception Filters. Guards implement CanActivate and return boolean. Interceptors implement NestInterceptor and use RxJS tap() for post-response logic. Logging interceptors should log HTTP method, URL, and duration using Date.now() timing.",
  "sources": [
    {
      "type": "file",
      "filename": "skills/nestjs-best-practices/SKILL.md",
      "tile": "tessl-labs/nestjs-best-practices@0.2.0"
    }
  ],
  "checklist": [
    {
      "name": "guard-implements-canactivate",
      "rule": "Agent has auth guards implement CanActivate interface and return boolean or Promise<boolean>",
      "relevant_when": "Agent creates authentication or authorization guards in NestJS"
    },
    {
      "name": "interceptor-implements-nestinterceptor",
      "rule": "Agent has interceptors implement NestInterceptor interface with intercept() method",
      "relevant_when": "Agent creates NestJS interceptors"
    },
    {
      "name": "interceptor-uses-rxjs-tap",
      "rule": "Agent uses next.handle().pipe(tap(...)) in interceptors for post-response logging rather than logging before next.handle()",
      "relevant_when": "Agent creates a logging interceptor in NestJS"
    },
    {
      "name": "interceptor-logs-method-url-duration",
      "rule": "Agent logs HTTP method, URL, and request duration (milliseconds) in the logging interceptor",
      "relevant_when": "Agent creates a request logging interceptor in NestJS"
    }
  ]
}