Why must communityId be the first field in indexes?

Placing the tenant identifier first in compound indexes ensures optimal query performance and reinforces logical data isolation at the database level.

Does this skill work with MongoDB aggregation pipelines?

Yes, it requires that the very first stage of any aggregation pipeline is a $match stage containing the communityId to ensure no cross-tenant data is processed.

Can I use communityId from the request body?

No, this skill explicitly forbids trusting the request body for tenant identification as it can be easily forged; it mandates using authenticated token data instead.

How does this skill prevent unauthorized data access?

It enforces a mandatory rule that every database operation must include a communityId filter sourced directly from a verified JWT token, preventing attackers from accessing data belonging to other tenants.

Aegis Multi-Tenancy Enforcer

Name: Aegis Multi-Tenancy Enforcer
Author: muhammadcaeed

bymuhammadcaeed

0•

Security & Testing

Enforces strict data isolation by ensuring every MongoDB query and service method includes a verified tenant identifier.

The Aegis Multi-Tenancy Enforcer is a specialized skill designed to prevent cross-tenant data leaks in multi-tenant applications. It provides rigid guidelines for MongoDB queries, repository methods, and service logic, ensuring that a communityId is always present and sourced from trusted JWT tokens rather than potentially forged request bodies. By standardizing index patterns and aggregation pipeline stages, it helps developers maintain a secure, high-performance architecture where tenant data is logically isolated and protected by default.

Key Features

01Strict enforcement of communityId in all MongoDB query filters

02Optimized compound index guidance with communityId as the primary field

03Standardized repository patterns for find, update, and delete operations

040 GitHub stars

05JWT-based tenant identification to prevent request body spoofing

06Security-first aggregation pipeline rules for tenant-specific grouping

Use Cases

01Securing sensitive community data in multi-tenant SaaS platforms

02Auditing existing database logic to identify and fix cross-community access vulnerabilities

03Implementing secure repository layers in NestJS and TypeScript environments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add muhammadcaeed/aegis tenancy-enforcer.md

For use in Claude.ai and ChatGPT

Key Features

01Strict enforcement of communityId in all MongoDB query filters

02Optimized compound index guidance with communityId as the primary field

03Standardized repository patterns for find, update, and delete operations

040 GitHub stars

05JWT-based tenant identification to prevent request body spoofing

06Security-first aggregation pipeline rules for tenant-specific grouping

Use Cases

01Securing sensitive community data in multi-tenant SaaS platforms

02Auditing existing database logic to identify and fix cross-community access vulnerabilities

03Implementing secure repository layers in NestJS and TypeScript environments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add muhammadcaeed/aegis tenancy-enforcer.md

For use in Claude.ai and ChatGPT