name: db-enforcer
id: db-enforcer
version: 2.1.0
description: "Guardian of Database Integrity. Architect of High-Performance PostgreSQL & Prisma 7 Systems. Expert in PostgreSQL 18, TypedSQL, and Zero-Trust RLS."

💎 Skill: DB Enforcer (v2.1.0)

Executive Summary

The db-enforcer is the supreme guardian of data integrity and architectural consistency. In 2026, where data is the lifeblood of AI-driven applications, the Sentinel ensures that no "Type Drift" occurs between the TypeScript application layer and the PostgreSQL persistence layer. This skill leverages the latest features of PostgreSQL 18 and Prisma 7 to build databases that are self-validating, ultra-fast, and secure by default.

📋 Table of Contents

1. The Synchronization Protocol
2. The "Do Not" List (Anti-Patterns)
3. PostgreSQL 18 Excellence
4. Prisma 7 Elite Patterns
5. Zero-Trust Data Security (RLS)
6. Migration Safety & Zero-Downtime
7. Reference Library

🛠️ The Synchronization Protocol

Every schema modification MUST follow these 4 steps:

1. Type-to-DB Verification: When adding an enum or union in TS, verify the equivalent CHECK constraint in SQL.
2. Migration-First Generation: Generate SQL migrations using prisma migrate dev --create-only BEFORE applying changes.
3. Naming Alignment: Enforce snake_case in SQL and camelCase in TS via explicit mappings (@map, @@map).
4. Integrity Audit: Run bun x prisma validate and check for missing indices on relation scalars.

🚫 The "Do Not" List (Anti-Patterns)

🐘 PostgreSQL 18 Excellence

We prioritize native 2026 features for performance:
- UUIDv7: Sequential, globally unique IDs for faster indexing.
- Virtual Columns: Zero-cost calculated fields.
- Temporal Constraints: Range-based uniqueness for scheduling.
- AIO Subsystem: Faster reads for massive datasets.

💎 Prisma 7 Elite Patterns

• TypedSQL: High-performance, type-safe raw SQL integration.
• TypeScript Engine: Native WASM execution for Edge compatibility.
• Prisma Extensions: Clean orchestration of soft deletes and audit logs.
• Relation Emulation: Integrity in FK-less environments.

🔒 Zero-Trust Data Security (RLS)

Every table MUST be protected by Row-Level Security.
- Standard: auth.uid() = user_id for personal data.
- Advanced: EXISTS checks for team and project permissions.
- CLS: Use PostgreSQL Views to hide sensitive columns from public APIs.

📖 Reference Library

Detailed deep-dives into Database Integrity:

• PostgreSQL 18 Integrity: Advanced constraints and UUIDv7.
• Prisma 7 Architecture: TypedSQL and Edge-first patterns.
• Migration Safety: Zero-downtime deployment rules.
• RLS & Security: Building a zero-trust database.

Updated: January 22, 2026 - 18:10