Boilerplate built for AI coding agents, tools, CLI
# Add to your Claude Code skills
git clone https://github.com/CodeGuide-dev/codeguide-starter-fullstackGuides for using ai agents skills like codeguide-starter-fullstack.
Last scanned: 5/30/2026
{
"issues": [
{
"type": "npm-audit",
"message": "@esbuild-kit/core-utils: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@esbuild-kit/esm-loader: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ajv: ajv has ReDoS when using `$data` option",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "better-auth: Better Auth affected by external request basePath modification DoS",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "defu: defu: Prototype pollution via `__proto__` key in defaults argument",
"severity": "high"
},
{
"type": "npm-audit",
"message": "drizzle-kit: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "drizzle-orm: Drizzle ORM has SQL injection via improperly escaped SQL identifiers",
"severity": "high"
},
{
"type": "npm-audit",
"message": "esbuild: esbuild enables any website to send any requests to the development server and read the response",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "flatted: flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"severity": "high"
},
{
"type": "npm-audit",
"message": "js-yaml: js-yaml has prototype pollution in merge (<<)",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "kysely: SQL Injection via unsanitized JSON path keys when ignoring/silencing compilation errors or using `Kysely<any>`.",
"severity": "high"
},
{
"type": "npm-audit",
"message": "lodash: Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions",
"severity": "high"
},
{
"type": "npm-audit",
"message": "minimatch: minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"severity": "high"
},
{
"type": "npm-audit",
"message": "next: Next.js is vulnerable to RCE in React flight protocol",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
"severity": "high"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "tar: node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Traversal",
"severity": "high"
}
],
"status": "FAILED",
"scannedAt": "2026-05-30T16:14:36.934Z",
"npmAuditRan": true,
"pipAuditRan": true
}codeguide-starter-fullstack is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by CodeGuide-dev. Boilerplate built for AI coding agents, tools, CLI. It has 141 GitHub stars.
codeguide-starter-fullstack failed SkillsLLM's automated security scan, which flagged one or more high-severity issues. Review the Security Report section carefully before using it.
Clone the repository with "git clone https://github.com/CodeGuide-dev/codeguide-starter-fullstack" and add it to your Claude Code skills directory (see the Installation section above).
codeguide-starter-fullstack is primarily written in TypeScript. It is open-source under CodeGuide-dev on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh codeguide-starter-fullstack against similar tools.
No comments yet. Be the first to share your thoughts!
Requires a passing catalog security scan. Resolve the flagged issues and resubmit to enable featuring.
A modern web application starter template built with Next.js 15, featuring authentication, database integration, and dark mode support.
Before you begin, ensure you have the following:
Clone the repository
git clone <repository-url>
cd codeguide-starter-fullstack
Install dependencies
npm install
# or
yarn install
# or
pnpm install
Environment Variables Setup
.env.example file to .env:
cp .env.example .env
Start the development server
npm run dev
# or
yarn dev
# or
pnpm dev
Open http://localhost:3000 with your browser to see the result.
Start PostgreSQL with Docker:
npm run db:up
This starts PostgreSQL in a Docker container with default credentials.
Push database schema:
npm run db:push
.env:
DATABASE_URL=postgresql://username:password@localhost:5432/database_name
POSTGRES_DB=your_database_name
POSTGRES_USER=your_username
POSTGRES_PASSWORD=your_password
npm run db:push
Create a .env file in the root directory with the following variables:
# Database Configuration (defaults work with Docker)
DATABASE_URL=postgresql://postgres:postgres@localhost:5433/postgres
POSTGRES_DB=postgres
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
# Authentication
BETTER_AUTH_SECRET=your_secret_key_here
BETTER_AUTH_URL=http://localhost:3000
NEXT_PUBLIC_BETTER_AUTH_URL=http://localhost:3000
codeguide-starter-fullstack/
├── app/ # Next.js app router pages
│ ├── globals.css # Global styles with dark mode
│ ├── layout.tsx # Root layout with providers
│ └── page.tsx # Main page
├── components/ # React components
│ └── ui/ # shadcn/ui components (40+)
├── db/ # Database configuration
│ ├── index.ts # Database connection
│ └── schema/ # Database schemas
├── docker/ # Docker configuration
│ └── postgres/ # PostgreSQL initialization
├── hooks/ # Custom React hooks
├── lib/ # Utility functions
│ ├── auth.ts # Better Auth configuration
│ └── utils.ts # General utilities
├── auth-schema.ts # Authentication schema
├── docker-compose.yml # Docker services configuration
├── Dockerfile # Application container definition
├── drizzle.config.ts # Drizzle configuration
└── components.json # shadcn/ui configuration
This starter includes modern database integration:
npm run dev - Start development server with Turbopacknpm run build - Build for production with Turbopacknpm start - Start production servernpm run lint - Run ESLintnpm run db:up - Start PostgreSQL in Dockernpm run db:down - Stop PostgreSQL containernpm run db:dev - Start development PostgreSQL (port 5433)npm run db:dev-down - Stop development PostgreSQLnpm run db:push - Push schema changes to databasenpm run db:generate - Generate Drizzle migration filesnpm run db:studio - Open Drizzle Studio (database GUI)npm run db:reset - Reset database (drop all tables and recreate)npx shadcn@latest add [component-name]npm run docker:build - Build application Docker imagenpm run docker:up - Start full application stack (app + database)npm run docker:down - Stop all containersnpm run docker:logs - View container logsnpm run docker:clean - Stop containers and clean up volumes# Start the entire stack (recommended for new users)
npm run docker:up
# View logs
npm run docker:logs
# Stop everything
npm run docker:down
# Option 1: Database only (develop app locally)
npm run db:up # Start PostgreSQL
npm run dev # Start Next.js development server
# Option 2: Full Docker stack
npm run docker:up # Start both app and database
The docker-compose.yml includes:
--profile dev# Start development database on port 5433
docker-compose --profile dev up postgres-dev -d
# Or use the npm script
npm run db:dev
Clone and setup on your server:
git clone <your-repo>
cd codeguide-starter-fullstack
cp .env.example .env
Configure environment variables:
# Edit .env with production values
DATABASE_URL=postgresql://postgres:your_secure_password@postgres:5432/postgres
POSTGRES_DB=postgres
POSTGRES_USER=postgres
POSTGRES_PASSWORD=your_secure_password
BETTER_AUTH_SECRET=your-very-secure-secret-key
BETTER_AUTH_URL=https://yourdomain.com
NEXT_PUBLIC_BETTER_AUTH_URL=https://yourdomain.com
Deploy:
npm run docker:up
Build and push image:
# Build the image
docker build -t your-registry/codeguide-starter-fullstack:latest .
# Push to registry
docker push your-registry/codeguide-starter-fullstack:latest
Deploy using your cloud provider's container service
Deploy to Vercel:
npm i -g vercel
vercel
Add environment variables in Vercel dashboard:
DATABASE_URL: Your managed PostgreSQL connection stringBETTER_AUTH_SECRET: Generate a secure secretBETTER_AUTH_URL: Your Vercel deployment URLSetup database:
# Push schema to your managed database
npm run db:push
# Required for production
DATABASE_URL=postgresql://user:password@host:port/database
BETTER_AUTH_SECRET=generate-a-very-secure-32-character-key
BETTER_AUTH_URL=https://yourdomain.com
# Optional optimizations
NODE_ENV=production
The application includes basic health checks. You can extend them:
# In Dockerfile, add health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD curl -f http://localhost:3000/api/health || exit 1
This starter is optimized for AI coding agents:
Contributions are welcome! Please feel free to submit a Pull Request.