DevOps & Security
Data Model Reviewer
Reviews proposed data models for normalization, indexing strategy, constraints, soft-delete patterns, audit fields, and multi-tenancy, returning a structured review with a normalized ERD. Useful for preventing expensive data model rework. Backend engineers proposing new tables or significant schema changes, tech leads reviewing data models before they ship, and startup CTOs whose teams lack a senior database specialist. They are also the most expensive to reverse — every wrong table shape accretes application code, migrations, and analytics queries that depend on it. AI-generated schemas frequently miss baseline concerns that experienced engineers treat as reflexive: audit timestamps, soft-delete patterns, tenant isolation in multi-tenant systems, enum-as-string vs. enum-as-check-constraint, and index strategy for the known query workload. A pre-merge review catches these before they ossify.
One-Time Purchase
$19.99
Data Model Review — projects + tasks (FinTrack Platform)
Engine: Postgres 15 · Tenancy: Shared-schema multi-tenant · Status: Conditional approval
Verdict
Two criticals must land before merge: missing tenant_id on tasks, and missing FK + cascade rule from tasks.project_id to projects.id. Four mediums and two minors round out the review. The shape is fundamentally sound — the changes below are additive and do not require rework of the proposed columns.
Findings by area
Findings Table
| # | Area | Issue | Severity |
|---|---|---|---|
| 1 | Tenancy | tasks has no tenant_id column — relies on projects.tenant_id via join | Critical |
| 2 | Integrity | tasks.project_id has no FK or ON DELETE rule | Critical |
| 3 | Indexes | Workload filters tasks WHERE tenant_id AND status but no composite exists | High |
| 4 | Audit fields | No created_at, updated_at on either table | Medium |
| 5 | Soft delete | deleted_at proposed but no partial unique index protects against name reuse | Medium |
| 6 | Enums | status text accepts any string — no CHECK constraint or enum | Medium |
| 7 | Indexes | projects(slug) unique, but not scoped per-tenant — collisions across tenants impossible | Medium |
| 8 | Naming | task.priority stored as int 1..5 without comment or check | Minor |
| 9 | Naming | projects.archived boolean overlaps with deleted_at semantics | Minor |
Critical 1 — Missing tenant_id on tasks
Every multi-tenant table must carry tenant_id directly. Relying on a join through projects to scope reads means a single missing WHERE clause leaks data across tenants. Postgres RLS policies also require a tenant column on the row itself to be enforceable.
ALTER TABLE tasks ADD COLUMN tenant_id uuid NOT NULL;
CREATE INDEX tasks_tenant_id_idx ON tasks (tenant_id);
-- Backfill from projects, then enforce
UPDATE tasks t SET tenant_id = p.tenant_id FROM projects p WHERE t.project_id = p.id;
-- Add a CHECK that tenant_id matches the parent project
ALTER TABLE tasks ADD CONSTRAINT tasks_tenant_matches_project
CHECK (true) NOT VALID; -- enforced via app trigger or RLS
Critical 2 — Missing FK + cascade on tasks.project_id
tasks references projects.id by convention only. Deleting a project leaves orphan tasks; bulk-deleting tenants via cascade is impossible.
ALTER TABLE tasks
ADD CONSTRAINT tasks_project_id_fkey
FOREIGN KEY (project_id) REFERENCES projects (id) ON DELETE CASCADE;
Normalize vs Denormalize — task.status
Proposed
`status text`
Free-form string column
Recommended
`status text` + CHECK constraint
Allowlist enforced in the database
Prefer the CHECK constraint over a Postgres ENUM type. ENUMs are harder to reorder, harder to remove from, and harder to introspect from ORMs — the CHECK approach pays a tiny insert-time cost in exchange for far cheaper schema evolution.
ALTER TABLE tasks
ADD CONSTRAINT tasks_status_allowed
CHECK (status IN ('todo', 'in_progress', 'blocked', 'done', 'cancelled'));
Recommended Indexes
Match the known query workload
Audit / Soft Delete Pattern
Apply to both tables:
ALTER TABLE projects
ADD COLUMN created_at timestamptz NOT NULL DEFAULT now(),
ADD COLUMN updated_at timestamptz NOT NULL DEFAULT now(),
ADD COLUMN deleted_at timestamptz;
-- Partial unique index so a deleted project's slug can be reused
CREATE UNIQUE INDEX projects_tenant_slug_active_idx
ON projects (tenant_id, slug)
WHERE deleted_at IS NULL;
Drop the proposed projects.archived boolean — deleted_at IS NOT NULL covers the same semantics with one less column and one less code path.
Migration Risk
Backfill on tasks
Adding tenant_id to an existing tasks table requires a backfill. The UPDATE above is safe but takes ShareUpdateExclusive per row. Chunk in 50k-row batches with a 100ms sleep between batches. Expect ~15 minutes on a 5M-row tasks table at medium load.
FK addition is online but takes ShareRowExclusive
ADD CONSTRAINT … FOREIGN KEY with no NOT VALID clause validates every row under ShareRowExclusiveLock — blocks other DDL but not DML. On 5M rows expect 30–90 seconds. If that's unacceptable, add the constraint NOT VALID first, then VALIDATE CONSTRAINT in a separate transaction.
RLS opt-in is a separate workstream
This review does not include enabling Postgres Row-Level Security. Add tenant_id now; design and roll out RLS policies as a follow-up — RLS without a tenant column on every row is impossible.
Before / After Summary
| Area | Proposed | After review |
|---|---|---|
| Tenant isolation | Join-scoped only | tenant_id on every row + index |
| Referential integrity | No FK | FK with ON DELETE CASCADE |
| Workload indexes | PK only | 4 composite + 1 partial |
| Audit | None | created_at / updated_at / deleted_at |
| Enums | Free text | CHECK allowlist |
| Slug uniqueness | Global | Per-tenant partial unique |
Review against a hypothetical schema for illustration. Run the additive migration on a staging copy before scheduling production cutover.
This sample illustrates the skill's output format. Names, metrics, and operational details are illustrative unless the artifact explicitly analyzes public information.
View full sample →
All sales final. No refunds on digital products.
Includes support for Claude Code, Codex, OpenClaw, and Google Antigravity in the same license.
Also in Database Reliability
Bundle price: $55. Compare this skill with the full workflow bundle or Pro access.
Best for
Tech leads reviewing a proposed new table or significant schema change before merge, and startup CTOs whose teams don’t have a senior database specialist to lean on. Most valuable on multi-tenant SaaS schemas where tenant isolation, audit fields, and soft-delete patterns need to be applied consistently and tend to get skipped.
Not ideal for
Highly specialized data stores — time-series, graph, vector — where the normalization and constraint heuristics don’t apply. Also a poor fit for schemas already in heavy production use where the review would recommend changes too expensive to make; in that case the conversation is about evolution planning, not pre-merge review.
Included in this purchase
- Claude Code, Codex, OpenClaw, and Google Antigravity skill files.
- Setup guidance for the right adapter in your workspace.
- One-time license for the purchased skill version.
Setup
Plan for a short setup in the repository or workspace where the skill will run. Some coding familiarity helps for implementation-heavy outputs.
Related Skills
$19.99
One-time license
$19.99
One-time license
$19.99
One-time license
Future Updates
This purchase includes the current version of the skill. If you want future adapter updates — meaning compatibility and packaging updates as supported platforms evolve — plus new catalog additions included automatically, upgrade to Pro.