type-safety-validation
Build Type-Safe TypeScript Apps
TypeScript teams often lose type safety between validation, APIs, database models, and UI code. This skill shows how to connect Zod, tRPC, Prisma, and TypeScript patterns into one typed workflow.
Download the skill ZIP
Upload in Claude
Go to Settings → Capabilities → Skills → Upload skill
Toggle on and start using
Agent-readable resources
Use these links when an AI agent, crawler, or script needs clean context instead of reading the full page.
Test it
Using "type-safety-validation". A product team needs safer user registration input handling.
Expected outcome:
- A registration schema with email, password, role, and optional profile fields.
- A typed result model for successful validation and structured validation errors.
- Guidance to keep password policy, normalization, and user-facing messages consistent.
Using "type-safety-validation". An engineering team wants a typed posts API.
Expected outcome:
- A recommended tRPC procedure structure for list and create operations.
- Input boundaries for pagination, titles, and optional content.
- A reminder to add authentication to write procedures before production use.
Using "type-safety-validation". A TypeScript codebase has duplicated API and database types.
Expected outcome:
- A review of redundant type definitions and likely drift points.
- A plan to derive types from schemas or router definitions.
- Migration steps that reduce manual casting and unsafe any usage.
Security Audit
Low RiskThe static analyzer flagged many high-risk patterns, but review shows they are markdown code fences, TypeScript examples, documentation URLs, and relative imports. No malicious behavior or prompt injection was found. One low-risk documentation issue remains because a sample tRPC mutation uses publicProcedure without showing authentication.
Low Risk Issues (4)
Risk Factors
⚙️ External commands (25)
🌐 Network access (6)
📁 Filesystem access (3)
Detected Patterns
Quality Score
What You Can Build
Design a Typed API
Plan request validation, response types, and client usage before implementing a new TypeScript API.
Improve Form And Input Validation
Convert informal validation rules into reusable Zod schemas with clear error handling.
Audit Full-Stack Type Boundaries
Review where database, API, and UI types diverge, then create a safer shared contract.
Try These Prompts
Help me define a Zod schema for this user input shape. Include inferred TypeScript types and safe error handling.
Design a tRPC procedure for this feature. Include input validation, output shape, and client usage guidance.
Review this Prisma model and suggest matching validation schemas for create, update, and query operations.
Audit this TypeScript feature for type-safety gaps across UI, API, validation, and database layers. Prioritize fixes by risk.
Best Practices
- Validate data at every external boundary, including forms, APIs, webhooks, and environment variables.
- Derive TypeScript types from validation schemas or API routers instead of duplicating contracts.
- Add authentication and authorization checks around write operations before using examples in production.
Avoid
- Do not rely only on compile-time types for untrusted runtime input.
- Do not copy public write procedure examples into production without access control.
- Do not silence type errors with any when a schema or type guard can model the data.