GitHub
DevToolsCommonly used with
Skills using GitHub (2184)
ci
CIが赤くなったら呼んで。パイプライン消防隊、出動します。Use when user mentions CI failures, build errors, test failures, or pipeline issues. Do NOT load for: local builds, standard implementation work, reviews, or setup.
cs-senior-engineer
Senior Engineer agent for architecture decisions, code review, DevOps, and API design. Orchestrates engineering and engineering-team skills for technical implementation work. Spawn when users need system design, code quality review, CI/CD pipeline setup, or infrastructure decisions.
docker-expert
Docker containerization expert with deep knowledge of multi-stage builds, image optimization, container security, Docker Compose orchestration, and production deployment patterns. Use PROACTIVELY for Dockerfile optimization, container issues, image size problems, security hardening, networking, and orchestration challenges.
github-actions-templates
Production-ready GitHub Actions workflow patterns for testing, building, and deploying applications.
github-automation
Automate GitHub repositories, issues, pull requests, branches, CI/CD, and permissions via Rube MCP (Composio). Manage code workflows, review PRs, search code, and handle deployments programmatically.
playwright-java
Scaffold, write, debug, and enhance enterprise-grade Playwright E2E tests in Java using Page Object Model, JUnit 5, Allure reporting, and parallel execution.
railway-environment
Query, stage, and apply configuration changes for Railway environments. Use for ANY variable or env var operations, service configuration (source, build settings, deploy settings), lifecycle (delete service), and applying changes. Prefer over railway-status skill for any configuration or variable queries.
railway-service
Check service status, rename services, change service icons, link services, or create services with Docker images. For creating services with local code, prefer railway-new skill. For GitHub repo sources, use railway-new skill to create empty service then railway-environment skill to configure source.
sast-configuration
Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.
abridge-ci-integration
Configure CI/CD pipeline for Abridge clinical AI integrations with GitHub Actions. Use when setting up automated testing, FHIR validation, HIPAA compliance checks, or deployment pipelines for healthcare AI applications. Trigger: "abridge CI", "abridge GitHub Actions", "abridge pipeline", "abridge automated testing", "abridge CI/CD".
adobe-ci-integration
Configure CI/CD pipelines for Adobe integrations with GitHub Actions, including OAuth credential injection, PDF Services testing, Firefly API smoke tests, and secret scanning for Adobe credential patterns. Trigger with phrases like "adobe CI", "adobe GitHub Actions", "adobe automated tests", "CI adobe", "adobe pipeline".
adobe-policy-guardrails
Implement Adobe-specific lint rules, CI policy checks, and runtime guardrails covering credential scanning (p8_ patterns), Firefly content policy pre-screening, PDF Services quota enforcement, and OAuth scope validation. Trigger with phrases like "adobe policy", "adobe lint", "adobe guardrails", "adobe eslint", "adobe content policy".
alchemy-ci-integration
Configure CI/CD pipeline for Alchemy-powered Web3 applications. Use when setting up automated testing with Hardhat forks, smart contract verification, or testnet deployment pipelines. Trigger: "alchemy CI", "alchemy GitHub Actions", "web3 CI/CD pipeline".
algolia-ci-integration
Configure Algolia CI/CD: GitHub Actions for index validation, automated reindexing on deploy, and integration testing against real Algolia indices. Trigger: "algolia CI", "algolia GitHub Actions", "algolia automated tests", "CI algolia", "algolia deploy pipeline".
anima-ci-integration
Configure CI/CD pipeline for automated Figma-to-code generation with Anima. Use when automating design-to-code in GitHub Actions, setting up PR-based component generation, or integrating Anima into design handoff workflows. Trigger: "anima CI", "anima GitHub Actions", "anima automated generation".
anth-ci-integration
Configure CI/CD pipelines for Anthropic Claude API integrations. Use when setting up automated testing, prompt regression tests, or CI validation for Claude-powered features. Trigger with phrases like "anthropic ci", "claude ci/cd", "test claude in pipeline", "anthropic github actions".
apify-ci-integration
Configure CI/CD pipelines for Apify Actor builds and deployments. Use when automating Actor deployment via GitHub Actions, running integration tests against Apify, or building CI/CD for scrapers. Trigger: "apify CI", "apify GitHub Actions", "apify automated deploy", "CI apify", "apify pipeline", "auto deploy actor".
apollo-ci-integration
Configure Apollo.io CI/CD integration. Use when setting up automated testing, continuous integration, or deployment pipelines for Apollo integrations. Trigger with phrases like "apollo ci", "apollo github actions", "apollo pipeline", "apollo ci/cd", "apollo automated tests".
appfolio-ci-integration
Configure CI/CD pipeline for AppFolio property management integrations. Trigger: "appfolio CI".
apple-notes-ci-integration
Run Apple Notes automation in CI on macOS runners. Trigger: "apple notes CI".
assemblyai-ci-integration
Configure AssemblyAI CI/CD integration with GitHub Actions and testing. Use when setting up automated testing, configuring CI pipelines, or integrating AssemblyAI transcription tests into your build process. Trigger with phrases like "assemblyai CI", "assemblyai GitHub Actions", "assemblyai automated tests", "CI assemblyai".
attio-ci-integration
Configure CI/CD pipelines for Attio integrations with GitHub Actions, mock-based unit tests, and live API integration tests. Trigger: "attio CI", "attio GitHub Actions", "attio automated tests", "CI attio", "attio pipeline", "test attio in CI".
background
Use when the user wants to see, inspect, cancel, or prune background agents fired during prior chain runs. Read/manage `.hyperflow/background/registry.json` and the per-agent output buffers at `.hyperflow/background/<id>.md`. Standalone — never auto-invoked. Trigger with /hyperflow:background, "list background agents", "what's running in background", "cancel background agent", "show background result".
bamboohr-ci-integration
Configure CI/CD pipelines for BambooHR integrations with GitHub Actions, automated testing, and secret management. Use when setting up automated testing, configuring CI pipelines, or integrating BambooHR API tests into your build process. Trigger with phrases like "bamboohr CI", "bamboohr GitHub Actions", "bamboohr automated tests", "CI bamboohr", "bamboohr pipeline".
brightdata-ci-integration
Configure Bright Data CI/CD integration with GitHub Actions and testing. Use when setting up automated testing, configuring CI pipelines, or integrating Bright Data tests into your build process. Trigger with phrases like "brightdata CI", "brightdata GitHub Actions", "brightdata automated tests", "CI brightdata".
canva-ci-integration
Configure CI/CD pipelines for Canva Connect API integrations with GitHub Actions. Use when setting up automated testing, configuring CI pipelines, or integrating Canva API tests into your build process. Trigger with phrases like "canva CI", "canva GitHub Actions", "canva automated tests", "CI canva", "canva pipeline".
castai-ci-integration
Integrate CAST AI policy validation and cost checks into CI/CD pipelines. Use when adding CAST AI savings verification to GitHub Actions, validating Terraform plans, or gating deployments on cost thresholds. Trigger with phrases like "cast ai CI", "cast ai github actions", "cast ai terraform CI", "cast ai pipeline".
clade-ci-integration
Test and validate Claude integrations in CI/CD pipelines — Use when working with ci-integration patterns. GitHub Actions, mocking strategies, and cost control. Trigger with "anthropic ci", "test claude in ci", "anthropic github actions", "claude automated testing".
clay-ci-integration
Configure CI/CD pipelines for Clay integrations with automated testing and validation. Use when setting up automated tests for Clay webhook handlers, validating enrichment data quality in CI, or integrating Clay checks into your build process. Trigger with phrases like "clay CI", "clay GitHub Actions", "clay automated tests", "CI clay", "test clay integration".
clay-security-basics
Apply Clay security best practices for API keys, webhook secrets, and data access control. Use when securing Clay integrations, rotating API keys, auditing access, or implementing webhook authentication. Trigger with phrases like "clay security", "clay secrets", "secure clay", "clay API key security", "clay webhook security".
clerk-ci-integration
Configure Clerk CI/CD integration with GitHub Actions and testing. Use when setting up automated testing, configuring CI pipelines, or integrating Clerk tests into your build process. Trigger with phrases like "clerk CI", "clerk GitHub Actions", "clerk automated tests", "CI clerk", "clerk pipeline".
clerk-multi-env-setup
Configure Clerk for multiple environments (dev, staging, production). Use when setting up environment-specific configurations, managing multiple Clerk instances, or implementing environment promotion. Trigger with phrases like "clerk environments", "clerk staging", "clerk dev prod", "clerk multi-environment".
clickhouse-ci-integration
Run ClickHouse integration tests in CI with GitHub Actions and Docker containers. Use when setting up automated testing against a real ClickHouse instance, configuring CI pipelines, or implementing schema validation in CI. Trigger: "clickhouse CI", "clickhouse GitHub Actions", "clickhouse integration tests", "test clickhouse in CI", "clickhouse automated testing".
clickup-ci-integration
Set up CI/CD pipelines for ClickUp API integrations with GitHub Actions, automated testing, and task status sync. Trigger: "clickup CI", "clickup GitHub Actions", "clickup automated tests", "CI clickup integration", "clickup pipeline", "clickup CI/CD".
coderabbit-ci-integration
Configure CodeRabbit as a CI gate with GitHub Actions, branch protection, and review enforcement. Use when setting up CodeRabbit as a required check, gating merges on review approval, or integrating CodeRabbit status into your CI pipeline. Trigger with phrases like "coderabbit CI", "coderabbit GitHub Actions", "coderabbit required check", "coderabbit merge gate", "coderabbit CI pipeline".
coderabbit-common-errors
Diagnose and fix CodeRabbit common errors and configuration issues. Use when CodeRabbit is not reviewing PRs, posting duplicate comments, ignoring configuration, or behaving unexpectedly. Trigger with phrases like "coderabbit error", "fix coderabbit", "coderabbit not working", "debug coderabbit", "coderabbit broken".
coderabbit-core-workflow-a
Execute CodeRabbit primary workflow: automated PR code review with configuration. Use when setting up automated code reviews on pull requests, configuring review behavior, or establishing the core CodeRabbit review loop. Trigger with phrases like "coderabbit review workflow", "coderabbit PR review", "coderabbit auto review", "configure coderabbit reviews".
coderabbit-debug-bundle
Collect CodeRabbit debug evidence for support tickets and troubleshooting. Use when encountering persistent issues, preparing support tickets, or collecting diagnostic information for CodeRabbit problems. Trigger with phrases like "coderabbit debug", "coderabbit support bundle", "coderabbit diagnostic", "coderabbit not working evidence".
coderabbit-deploy-integration
Roll out CodeRabbit across an organization: multi-repo deployment, org-level config, and team onboarding. Use when deploying CodeRabbit org-wide, creating shared configurations, or onboarding development teams to AI code review. Trigger with phrases like "deploy coderabbit", "coderabbit org rollout", "coderabbit multi-repo", "coderabbit onboarding", "coderabbit team setup".
coderabbit-enterprise-rbac
Configure CodeRabbit enterprise access control, seat management, and organization policies. Use when managing who gets AI reviews, configuring organization-level defaults, or implementing access policies for CodeRabbit across teams. Trigger with phrases like "coderabbit SSO", "coderabbit RBAC", "coderabbit enterprise", "coderabbit roles", "coderabbit permissions", "coderabbit seats".
coderabbit-install-auth
Install and configure CodeRabbit AI code review on GitHub or GitLab repositories. Use when setting up CodeRabbit for the first time, installing the GitHub App, configuring the CLI, or connecting CodeRabbit to your repositories. Trigger with phrases like "install coderabbit", "setup coderabbit", "coderabbit auth", "configure coderabbit", "add coderabbit to repo".
coderabbit-rate-limits
Understand and handle CodeRabbit and GitHub API rate limits for review automation. Use when hitting rate limits on @coderabbitai commands, automating review queries, or building scripts that interact with CodeRabbit via the GitHub API. Trigger with phrases like "coderabbit rate limit", "coderabbit throttling", "coderabbit too many requests", "github api rate limit coderabbit".
coderabbit-reference-architecture
Implement CodeRabbit reference architecture with production-grade .coderabbit.yaml configuration. Use when designing review configuration for a new project, establishing team standards, or building a comprehensive review setup from scratch. Trigger with phrases like "coderabbit architecture", "coderabbit best practices", "coderabbit project structure", "coderabbit reference config", "coderabbit full setup".
coderabbit-sdk-patterns
Apply production-ready CodeRabbit automation patterns using GitHub API and PR comments. Use when building automation around CodeRabbit reviews, processing review feedback programmatically, or integrating CodeRabbit into custom workflows. Trigger with phrases like "coderabbit automation", "coderabbit API patterns", "automate coderabbit", "coderabbit github api", "process coderabbit reviews".
coderabbit-security-basics
Configure CodeRabbit for security-focused code review with secret detection and vulnerability scanning. Use when setting up security review rules, configuring secret detection in PRs, or hardening CodeRabbit configuration for compliance requirements. Trigger with phrases like "coderabbit security", "coderabbit secrets", "secure coderabbit", "coderabbit vulnerability detection", "coderabbit security review".
coderabbit-webhooks-events
Implement CodeRabbit webhook signature validation and event handling. Use when setting up webhook endpoints, implementing signature verification, or handling CodeRabbit event notifications securely. Trigger with phrases like "coderabbit webhook", "coderabbit events", "coderabbit webhook signature", "handle coderabbit events", "coderabbit notifications".
cohere-ci-integration
Configure CI/CD for Cohere integrations with GitHub Actions and automated testing. Use when setting up automated testing for Chat/Embed/Rerank, configuring CI pipelines, or testing Cohere-powered applications. Trigger with phrases like "cohere CI", "cohere GitHub Actions", "cohere automated tests", "CI cohere", "cohere pipeline".
coreweave-ci-integration
Integrate CoreWeave deployments into CI/CD pipelines with GitHub Actions. Use when automating container builds, deploying inference services from CI, or validating GPU manifests in pull requests. Trigger with phrases like "coreweave CI", "coreweave github actions", "coreweave pipeline", "automate coreweave deploy".
customerio-ci-integration
Configure Customer.io CI/CD integration with automated testing. Use when setting up GitHub Actions, integration test suites, or pre-commit validation for Customer.io code. Trigger: "customer.io ci", "customer.io github actions", "customer.io pipeline", "customer.io automated testing".
databricks-ci-integration
Configure Databricks CI/CD integration with GitHub Actions and Asset Bundles. Use when setting up automated testing, configuring CI pipelines, or integrating Databricks deployments into your build process. Trigger with phrases like "databricks CI", "databricks GitHub Actions", "databricks automated tests", "CI databricks", "databricks pipeline".
databricks-multi-env-setup
Configure Databricks across development, staging, and production environments. Use when setting up multi-environment deployments, configuring per-environment secrets, or implementing environment-specific Databricks configurations. Trigger with phrases like "databricks environments", "databricks staging", "databricks dev prod", "databricks environment setup", "databricks config by env".
deepgram-ci-integration
Configure Deepgram CI/CD integration for automated testing and deployment. Use when setting up continuous integration pipelines, automated testing, or deployment workflows for Deepgram integrations. Trigger: "deepgram CI", "deepgram CD", "deepgram pipeline", "deepgram github actions", "deepgram automated testing".
documenso-ci-integration
Configure CI/CD pipelines for Documenso integrations. Use when setting up automated testing, deployment pipelines, or continuous integration for Documenso projects. Trigger with phrases like "documenso CI", "documenso GitHub Actions", "documenso pipeline", "documenso automated testing".
elevenlabs-ci-integration
Configure CI/CD pipelines for ElevenLabs with mocked unit tests and gated integration tests. Use when setting up GitHub Actions for TTS projects, configuring CI test strategies, or automating ElevenLabs integration validation. Trigger: "elevenlabs CI", "elevenlabs GitHub Actions", "elevenlabs automated tests", "CI elevenlabs", "elevenlabs pipeline".
evernote-ci-integration
Configure CI/CD pipelines for Evernote integrations. Use when setting up automated testing, continuous integration, or deployment pipelines for Evernote projects. Trigger with phrases like "evernote ci", "evernote github actions", "evernote pipeline", "automate evernote tests".
exa-ci-integration
Configure Exa CI/CD integration with GitHub Actions and automated testing. Use when setting up automated testing for Exa integrations, configuring CI pipelines, or adding Exa health checks to builds. Trigger with phrases like "exa CI", "exa GitHub Actions", "exa automated tests", "CI exa", "exa pipeline".
fathom-ci-integration
Test Fathom integrations in CI/CD pipelines. Trigger with phrases like "fathom CI", "fathom github actions", "test fathom pipeline".
figma-ci-integration
Automate Figma design token sync and asset export in CI/CD pipelines. Use when setting up GitHub Actions for Figma, automating icon exports, or validating design token changes in pull requests. Trigger with phrases like "figma CI", "figma GitHub Actions", "automate figma export", "figma CI pipeline".
figma-policy-guardrails
Enforce security policies and coding standards for Figma API integrations. Use when setting up linting rules for Figma tokens, preventing accidental credential leaks, or enforcing API usage best practices. Trigger with phrases like "figma policy", "figma lint", "figma guardrails", "figma security rules", "figma best practices check".
finta-ci-integration
Automate Finta data export and reporting in CI pipelines. Trigger with phrases like "finta CI", "finta automated reporting".
firecrawl-ci-integration
Configure Firecrawl CI/CD integration with GitHub Actions and automated scraping tests. Use when setting up automated testing of Firecrawl integrations, configuring CI pipelines, or validating scraping behavior in pull requests. Trigger with phrases like "firecrawl CI", "firecrawl GitHub Actions", "firecrawl automated tests", "CI firecrawl", "test firecrawl in CI".
fireflies-ci-integration
Configure CI/CD pipelines for Fireflies.ai integrations with GraphQL testing. Use when setting up automated testing, configuring GitHub Actions, or validating Fireflies.ai queries in your build process. Trigger with phrases like "fireflies CI", "fireflies GitHub Actions", "fireflies automated tests", "CI fireflies", "test fireflies pipeline".
flexport-ci-integration
Configure CI/CD pipelines for Flexport logistics integrations with GitHub Actions, automated API contract testing, and deployment workflows. Trigger: "flexport CI", "flexport GitHub Actions", "flexport CI/CD pipeline".
flyio-ci-integration
Configure CI/CD pipelines for Fly.io with GitHub Actions, Docker builds, deploy tokens, and automated deployment workflows. Trigger: "fly.io CI", "fly.io GitHub Actions", "fly deploy CI/CD".
fondo-ci-integration
Automate financial reporting workflows that complement Fondo with CI/CD pipelines for expense tracking, budget alerts, and financial data validation. Trigger: "fondo CI", "fondo automation", "fondo financial alerts".
framer-ci-integration
Configure Framer CI/CD integration with GitHub Actions and testing. Use when setting up automated testing, configuring CI pipelines, or integrating Framer tests into your build process. Trigger with phrases like "framer CI", "framer GitHub Actions", "framer automated tests", "CI framer".
gamma-ci-integration
Configure Gamma CI/CD integration with GitHub Actions and testing. Use when setting up automated testing, configuring CI pipelines, or integrating Gamma tests into your build process. Trigger with phrases like "gamma CI", "gamma GitHub Actions", "gamma automated tests", "CI gamma", "gamma pipeline".
gh-dash
Provides a GitHub pull request dashboard directly in the terminal. Use when the user wants to view PR status, check CI/CD progress, review bot comments, or merge pull requests without leaving Claude Code. Trigger with phrases like "show PR dashboard", "PR status", "check CI progress", "merge this PR", or "review pull request".
glean-ci-integration
CI/CD for Glean connectors with automated indexing tests and search quality validation. Trigger: "glean CI", "glean GitHub Actions", "glean connector CI/CD".
grammarly-ci-integration
Configure Grammarly CI/CD integration with GitHub Actions and testing. Use when setting up automated testing, configuring CI pipelines, or integrating Grammarly tests into your build process. Trigger with phrases like "grammarly CI", "grammarly GitHub Actions", "grammarly automated tests", "CI grammarly".
granola-ci-integration
Build automated pipelines from Granola meeting notes to GitHub Issues, Linear tasks, Slack notifications, and documentation updates using Zapier and GitHub Actions. Trigger: "granola CI", "granola automation pipeline", "granola to github", "granola to linear", "meeting notes automation".
groq-ci-integration
Configure Groq CI/CD integration with GitHub Actions, testing, and model validation. Use when setting up automated testing, configuring CI pipelines, or integrating Groq tests into your build process. Trigger with phrases like "groq CI", "groq GitHub Actions", "groq automated tests", "CI groq".
groq-security-basics
Apply Groq security best practices for API key management and data protection. Use when securing API keys, implementing least privilege access, or auditing Groq security configuration. Trigger with phrases like "groq security", "groq secrets", "secure groq", "groq API key security".
hex-ci-integration
Configure Hex CI/CD integration with GitHub Actions and testing. Use when setting up automated testing, configuring CI pipelines, or integrating Hex tests into your build process. Trigger with phrases like "hex CI", "hex GitHub Actions", "hex automated tests", "CI hex".
hootsuite-ci-integration
Configure Hootsuite CI/CD integration with GitHub Actions and testing. Use when setting up automated testing, configuring CI pipelines, or integrating Hootsuite tests into your build process. Trigger with phrases like "hootsuite CI", "hootsuite GitHub Actions", "hootsuite automated tests", "CI hootsuite".
hubspot-ci-integration
Configure CI/CD pipelines for HubSpot integrations with GitHub Actions. Use when setting up automated testing, configuring CI with HubSpot secrets, or integrating HubSpot API tests into your build process. Trigger with phrases like "hubspot CI", "hubspot GitHub Actions", "hubspot automated tests", "CI hubspot", "hubspot pipeline test".
hubspot-policy-guardrails
Implement HubSpot lint rules, secret scanning, and CI policy checks. Use when setting up code quality rules for HubSpot integrations, preventing token leaks, or configuring CI guardrails. Trigger with phrases like "hubspot policy", "hubspot lint", "hubspot guardrails", "hubspot security check", "hubspot eslint rules".
ideogram-ci-integration
Configure CI/CD pipelines for Ideogram integrations with GitHub Actions. Use when setting up automated testing, visual regression tests, or integrating Ideogram validation into your build process. Trigger with phrases like "ideogram CI", "ideogram GitHub Actions", "ideogram automated tests", "CI ideogram", "ideogram pipeline".
instantly-ci-integration
Configure CI/CD pipelines for Instantly.ai integrations with GitHub Actions. Use when setting up automated testing, deployment pipelines, or continuous validation of Instantly API integrations. Trigger with phrases like "instantly ci", "instantly github actions", "instantly pipeline", "instantly automated testing", "instantly ci/cd".
intercom-ci-integration
Configure CI/CD pipelines for Intercom integrations with GitHub Actions. Use when setting up automated testing, configuring CI with Intercom secrets, or integrating Intercom API tests into your build process. Trigger with phrases like "intercom CI", "intercom GitHub Actions", "intercom automated tests", "CI intercom", "intercom pipeline".
juicebox-ci-integration
Configure Juicebox CI/CD. Trigger: "juicebox ci", "juicebox pipeline".
klaviyo-ci-integration
Configure CI/CD pipelines for Klaviyo integrations with GitHub Actions. Use when setting up automated testing, configuring CI secrets, or integrating Klaviyo SDK tests into your build pipeline. Trigger with phrases like "klaviyo CI", "klaviyo GitHub Actions", "klaviyo automated tests", "CI klaviyo", "klaviyo pipeline".
klingai-ci-integration
Integrate Kling AI video generation into CI/CD pipelines. Use when automating video content in GitHub Actions or GitLab CI. Trigger with phrases like 'klingai ci', 'kling ai github actions', 'klingai automation', 'automated video generation'.
langchain-ci-integration
Configure CI/CD for LangChain with GitHub Actions, mocked unit tests, gated integration tests, and RAG pipeline validation. Trigger: "langchain CI", "langchain GitHub Actions", "langchain automated tests", "CI langchain", "langchain pipeline testing".
langchain-debug-bundle
Collect LangChain debug evidence for troubleshooting and bug reports. Use when preparing GitHub issues, collecting LangSmith traces, or gathering diagnostic info for complex LangChain failures. Trigger: "langchain debug bundle", "langchain diagnostics", "langchain support info", "collect langchain logs", "langchain trace".
langfuse-ci-integration
Configure Langfuse CI/CD integration with GitHub Actions and automated testing. Use when setting up automated testing, configuring CI pipelines, or integrating Langfuse tests into your build process. Trigger with phrases like "langfuse CI", "langfuse GitHub Actions", "langfuse automated tests", "CI langfuse", "langfuse pipeline".
lindy-ci-integration
Configure CI/CD pipelines for testing Lindy AI agent integrations. Use when setting up automated testing, configuring GitHub Actions for webhook receiver tests, or validating agent connectivity in CI. Trigger with phrases like "lindy CI", "lindy GitHub Actions", "lindy automated tests", "CI lindy pipeline".
linear-ci-integration
Integrate Linear with GitHub Actions CI/CD pipelines. Use when setting up automated testing, PR-to-issue linking, or creating Linear issues from CI failures. Trigger: "linear CI", "linear GitHub Actions", "linear CI/CD", "linear automated tests", "linear PR integration".
linear-core-workflow-a
Issue lifecycle management with Linear: create, update, transition, relate, comment, and organize issues through the SDK and GraphQL API. Trigger: "linear issue workflow", "linear issue lifecycle", "create linear issues", "update linear issue", "linear state transition", "linear sub-issues", "linear comments".
linear-migration-deep-dive
Migrate from Jira, Asana, GitHub Issues, or other tools to Linear. Use when planning a migration, executing data transfer, or mapping workflows between issue tracking tools. Trigger: "migrate to linear", "jira to linear", "asana to linear", "import to linear", "linear migration", "github issues to linear".
linktree-ci-integration
Ci Integration for Linktree. Trigger: "linktree ci integration".
lokalise-ci-integration
Configure Lokalise CI/CD integration with GitHub Actions and automated sync. Use when setting up automated translation sync, configuring CI pipelines, or integrating Lokalise into your build process. Trigger with phrases like "lokalise CI", "lokalise GitHub Actions", "lokalise automated sync", "CI lokalise", "lokalise pipeline".
lokalise-deploy-integration
Deploy Lokalise integrations to Vercel, Netlify, and Cloud Run platforms. Use when deploying apps with Lokalise translations to production, configuring platform-specific secrets, or setting up deployment pipelines. Trigger with phrases like "deploy lokalise", "lokalise Vercel", "lokalise production deploy", "lokalise Netlify", "lokalise Cloud Run".
lokalise-reference-architecture
Implement Lokalise reference architecture with best-practice project layout. Use when designing new Lokalise integrations, reviewing project structure, or establishing architecture standards for Lokalise applications. Trigger with phrases like "lokalise architecture", "lokalise best practices", "lokalise project structure", "how to organize lokalise", "lokalise layout".
lucidchart-ci-integration
Ci Integration for Lucidchart. Trigger: "lucidchart ci integration".
maintainx-ci-integration
Integrate MaintainX API testing into CI/CD pipelines. Use when setting up automated testing, configuring CI workflows, or implementing continuous integration for MaintainX integrations. Trigger with phrases like "maintainx ci", "maintainx github actions", "maintainx pipeline", "maintainx automated testing", "maintainx ci/cd".
mindtickle-ci-integration
Ci Integration for MindTickle. Trigger: "mindtickle ci integration".
miro-ci-integration
Configure CI/CD pipelines for Miro REST API v2 integrations with GitHub Actions, test board isolation, and automated validation. Trigger with phrases like "miro CI", "miro GitHub Actions", "miro automated tests", "CI miro", "miro pipeline".
mistral-ci-integration
Configure Mistral AI CI/CD integration with GitHub Actions and prompt testing. Use when setting up automated testing, prompt regression suites, or integrating Mistral AI quality gates into your build process. Trigger with phrases like "mistral CI", "mistral GitHub Actions", "mistral automated tests", "CI mistral", "prompt testing".
navan-ci-integration
Use when setting up CI/CD pipelines that validate Navan API integrations, run booking data health checks, or generate automated compliance reports. Trigger with "navan ci integration" or "navan pipeline" or "navan github actions".
navigating-github
First-time GitHub setup and interactive git learning. Walks users from zero to a working GitHub repo, then teaches git through 9 hands-on lessons on their actual project. Adapts language and depth to skill level — inferred from environment, not questionnaires. Two modes: Setup (guided onboarding) and Learn (progressive curriculum from commits to CI/CD). Use when the user asks to set up GitHub, learn git, or says "teach me github". Trigger with "set up my repo", "help me with github", "teach me github", "learn git", "what are branches", "teach me PRs", or "how do I use github".
notion-ci-integration
Integrate the Notion API into CI/CD pipelines for automated documentation sync, deploy tracking, and configuration reads. Use when setting up GitHub Actions workflows that push release notes to Notion, update database entries on deploy, create incident pages from CI, or read feature flags from Notion databases. Trigger with phrases like "notion CI", "notion GitHub Actions", "notion deploy sync", "notion release notes automation", "notion CI pipeline".
notion-policy-guardrails
Governance for Notion integrations: integration naming standards, page sharing policies, property naming conventions, database schema standards, and access audit scripts. Trigger with phrases like "notion governance", "notion policy", "notion naming convention", "notion access audit", "notion schema standard".
obsidian-ci-integration
Set up GitHub Actions CI/CD for Obsidian plugin development. Use when automating builds, tests, and releases for your plugin, or setting up continuous integration for Obsidian projects. Trigger with phrases like "obsidian CI", "obsidian github actions", "obsidian automated build", "obsidian CI/CD".
obsidian-deploy-integration
Publish Obsidian plugins to the community plugin directory. Use when releasing your first plugin, updating existing plugins, or managing the community plugin submission process. Trigger with phrases like "publish obsidian plugin", "obsidian community plugins", "submit obsidian plugin", "obsidian plugin directory".
obsidian-prod-checklist
Pre-release plugin verification checklist for Obsidian community plugins. Use when preparing to release, reviewing before submission, or validating plugin quality before publishing. Trigger with phrases like "obsidian release checklist", "publish obsidian plugin", "obsidian plugin submission", "obsidian prod ready".
onenote-ci-integration
Set up CI/CD pipelines for OneNote integrations with Graph API testing and mock strategies. Use when configuring GitHub Actions, setting up test credentials, or building mock-based CI tests. Trigger with "onenote ci", "onenote github actions", "onenote test pipeline", "graph api ci".
openevidence-ci-integration
Ci Integration for OpenEvidence. Trigger: "openevidence ci integration".
oraclecloud-ci-integration
Configure CI/CD pipelines for OCI with Terraform and GitHub Actions. Use when setting up automated infrastructure deployments, running Terraform plans in CI, or configuring OCI authentication for GitHub Actions. Trigger with "oraclecloud ci", "oci terraform ci", "oci github actions", "oracle cloud ci integration".
orchestrating-test-execution
Test coordinate parallel test execution across multiple environments and frameworks. Use when performing specialized testing. Trigger with phrases like "orchestrate tests", "run parallel tests", or "coordinate test execution".
palantir-ci-integration
Configure CI/CD pipelines for Palantir Foundry integrations with GitHub Actions. Use when setting up automated testing, running transforms validation, or integrating Foundry SDK tests into your build process. Trigger with phrases like "palantir CI", "foundry GitHub Actions", "palantir automated tests", "CI foundry".
perplexity-ci-integration
Configure CI/CD for Perplexity Sonar API integrations with GitHub Actions. Use when setting up automated testing, configuring CI pipelines, or integrating Perplexity tests into your build process. Trigger with phrases like "perplexity CI", "perplexity GitHub Actions", "perplexity automated tests", "CI perplexity pipeline".
posthog-ci-integration
Configure PostHog CI/CD with GitHub Actions: unit tests with mocked PostHog, integration tests against a dev project, and deployment annotations. Trigger: "posthog CI", "posthog GitHub Actions", "posthog automated tests", "CI posthog", "posthog pipeline".
replit-ci-integration
Configure CI/CD for Replit with GitHub Actions, automated testing, and deploy-on-push. Use when setting up automated testing, GitHub integration for Replit, or continuous deployment pipelines that deploy to Replit. Trigger with phrases like "replit CI", "replit GitHub Actions", "replit automated deploy", "CI replit", "replit GitHub".
repo-scanning
Internal process for the repo-scanner agent. Defines the step-by-step procedure for scanning GitHub repos for evidence that supports or explains bug clusters. Not user-invocable — loaded by the agent via its `skills: ["repo-scanning"]` frontmatter property.
salesforce-ci-integration
Configure Salesforce CI/CD with GitHub Actions, SFDX deployments, and Apex testing. Use when setting up automated testing, configuring CI pipelines for metadata deployment, or integrating Salesforce tests into your build process. Trigger with phrases like "salesforce CI", "salesforce GitHub Actions", "salesforce automated tests", "CI salesforce", "sfdx deploy CI".
salesloft-ci-integration
Set up CI/CD pipelines for SalesLoft integrations with GitHub Actions. Use when automating SalesLoft integration tests, validating OAuth tokens, or running cadence sync validation in CI. Trigger: "salesloft CI", "salesloft GitHub Actions", "salesloft automated tests".
sentry-ci-integration
Integrate Sentry into CI/CD pipelines for automated release creation, source map uploads, and deploy notifications. Use when setting up GitHub Actions, GitLab CI, or CircleCI to automate Sentry releases, upload source maps, or associate commits with deploys. Trigger with phrases like "sentry github actions", "sentry CI pipeline", "automate sentry releases", "sentry source map upload CI", "sentry gitlab ci", "sentry circleci".
sentry-security-basics
Configure Sentry security settings and data protection. Use when setting up PII scrubbing, managing sensitive data, configuring data scrubbing rules, or hardening Sentry for compliance. Trigger with phrases like "sentry security", "sentry PII", "sentry data scrubbing", "secure sentry", "sentry GDPR".
serpapi-ci-integration
Set up CI/CD for SerpApi integrations with fixture-based testing. Use when automating SerpApi tests without consuming credits, or validating search result parsing in CI. Trigger: "serpapi CI", "serpapi GitHub Actions", "serpapi automated tests".
serpapi-security-basics
Secure SerpApi API keys and prevent credit abuse. Use when storing API keys, implementing backend proxies, or auditing SerpApi access patterns. Trigger: "serpapi security", "serpapi API key security", "secure serpapi".
shopify-ci-integration
Configure CI/CD pipelines for Shopify apps with GitHub Actions, API version testing, and Shopify CLI deployment. Trigger with phrases like "shopify CI", "shopify GitHub Actions", "shopify automated tests", "CI shopify", "shopify deploy pipeline".
shopify-policy-guardrails
Implement Shopify app policy enforcement with ESLint rules for API key detection, query cost budgets, and App Store compliance checks. Trigger with phrases like "shopify policy", "shopify lint", "shopify guardrails", "shopify compliance", "shopify eslint", "shopify app review".
snowflake-ci-integration
Configure Snowflake CI/CD with GitHub Actions, SchemaChange, and Terraform. Use when setting up automated schema migrations, CI pipelines for Snowflake, or integrating SchemaChange/Terraform into your deployment workflow. Trigger with phrases like "snowflake CI", "snowflake GitHub Actions", "snowflake SchemaChange", "snowflake terraform", "snowflake CI/CD".
speak-ci-integration
GitHub Actions pipeline for Speak integrations with mocked API tests and audio validation. Use when implementing ci integration, or managing Speak language learning platform operations. Trigger with phrases like "speak ci integration", "speak ci integration".
stackblitz-core-workflow-b
Embed StackBlitz projects and manage WebContainer snapshots for sharing. Use when embedding code playgrounds in docs, creating shareable examples, or building interactive tutorials with StackBlitz. Trigger: "embed stackblitz", "stackblitz embed", "stackblitz share project".
supabase-ci-integration
Configure Supabase CI/CD pipelines with GitHub Actions: link projects, push migrations, deploy Edge Functions, generate types, and run tests against local Supabase instances. Use when setting up CI pipelines for Supabase, automating database migrations, deploying Edge Functions in CI, or running integration tests. Trigger with phrases like "supabase CI", "supabase GitHub Actions", "supabase deploy pipeline", "CI supabase migrations", "supabase preview branches".
supabase-multi-env-setup
Configure Supabase across development, staging, and production with separate projects, environment-specific secrets, and safe migration promotion. Use when setting up multi-environment deployments, isolating dev from prod data, configuring per-environment Supabase projects, or promoting migrations through environments. Trigger: "supabase environments", "supabase staging", "supabase dev prod", "supabase multi-project", "supabase env config", "database branching".
supabase-policy-guardrails
Enforce organizational governance for Supabase projects: shared RLS policy library with reusable templates, table and column naming conventions, migration review process with CI checks, cost alert thresholds, and security audit scripts scanning for common misconfigurations. Use when establishing Supabase standards across teams, creating RLS policy templates, setting up migration review workflows, or auditing existing projects for security and cost issues. Trigger with phrases like "supabase governance", "supabase policy library", "supabase naming convention", "supabase migration review", "supabase cost alert", "supabase security audit", "supabase RLS template".
together-ci-integration
Together AI ci integration for inference, fine-tuning, and model deployment. Use when working with Together AI's OpenAI-compatible API. Trigger: "together ci integration".
validating-api-schemas
Validate API schemas against OpenAPI, JSON Schema, and GraphQL specifications. Use when validating API schemas and contracts. Trigger with phrases like "validate API schema", "check OpenAPI spec", or "verify schema".
vastai-ci-integration
Configure Vast.ai CI/CD integration with GitHub Actions and automated GPU testing. Use when setting up automated testing on GPU instances, or integrating Vast.ai provisioning into CI/CD pipelines. Trigger with phrases like "vastai CI", "vastai github actions", "vastai automated testing", "vastai pipeline".
vercel-ci-integration
Configure Vercel CI/CD with GitHub Actions, preview deployments, and automated testing. Use when setting up automated deployments, configuring preview bots, or integrating Vercel into your CI pipeline. Trigger with phrases like "vercel CI", "vercel GitHub Actions", "vercel automated deploy", "CI vercel", "vercel pipeline".
vercel-deploy-preview
Create and manage Vercel preview deployments for branches and pull requests. Use when deploying a preview for a pull request, testing changes before production, or sharing preview URLs with stakeholders. Trigger with phrases like "vercel deploy preview", "vercel preview URL", "create preview deployment", "vercel PR preview".
vercel-policy-guardrails
Implement lint rules, CI policy checks, and automated guardrails for Vercel projects. Use when setting up code quality rules, preventing secret exposure, or enforcing deployment policies for Vercel applications. Trigger with phrases like "vercel policy", "vercel lint", "vercel guardrails", "vercel best practices check", "vercel secret scan".
webflow-ci-integration
Configure Webflow CI/CD with GitHub Actions — automated CMS validation, integration tests with test tokens, and publish-on-merge workflows. Use when setting up automated testing or CI pipelines for Webflow integrations. Trigger with phrases like "webflow CI", "webflow GitHub Actions", "webflow automated tests", "CI webflow", "webflow pipeline".
windsurf-ci-integration
Integrate Windsurf Cascade workflows into CI/CD pipelines and team automation. Use when automating Cascade tasks in GitHub Actions, enforcing AI code quality gates, or setting up Windsurf config validation in CI. Trigger with phrases like "windsurf CI", "windsurf GitHub Actions", "windsurf automation", "cascade CI", "windsurf pipeline".
x-bug-triage
Analyzes public X/Twitter complaints to detect, cluster, and triage bugs with repo evidence and owner routing. Use when monitoring product health from social signals. Trigger with "/x-bug-triage" or "triage X bugs for @account". Make sure to use this skill whenever triaging bugs from X/Twitter mentions.
moai-harness-patterns
MoAI-ADK harness pattern library — unified domain knowledge covering hook/CI dispatch (PostToolUse, SessionStart, GitHub Actions, release automation), workflow patterns (SPEC structure, EARS, MX tags, plan-run-sync pipeline), and Go quality gates (testing, linting, coverage, race detection, LSP). Use for moai-adk-go harness work — NOT for general MoAI agent patterns (see moai-foundation-cc).
moai-workflow-templates
Template management system for code boilerplates, feedback templates, scaffolding, and project optimization workflows. Use when creating templates, generating boilerplate files, or managing scaffolding.
aegisops-ai
Autonomous DevSecOps & FinOps Guardrails. Orchestrates Gemini 3 Flash to audit Linux Kernel patches, Terraform cost drifts, and K8s compliance.
agentflow
Orchestrate autonomous AI development pipelines through your Kanban board (Asana, GitHub Projects, Linear). Manages multi-worker Claude Code dispatch, deterministic quality gates, adversarial review, per-task cost tracking, and crash-proof pipeline execution.
agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches. AI agents running in CI/CD pipelines.
bitbucket-automation
Automate Bitbucket repositories, pull requests, branches, issues, and workspace management via Rube MCP (Composio). Always search tools first for current schemas.
clean-code
This skill embodies the principles of "Clean Code" by Robert C. Martin (Uncle Bob). Use it to transform "code that works" into "code that is clean."
code-review-ai-ai-review
You are an expert AI-powered code review specialist combining automated static analysis, intelligent pattern recognition, and modern DevOps practices. Leverage AI tools (GitHub Copilot, Qodo, GPT-5, C
code-review-checklist
Comprehensive checklist for conducting thorough code reviews covering functionality, security, performance, and maintainability
code-reviewer
Elite code review expert specializing in modern AI-powered code
create-issue-gate
Use when starting a new implementation task and an issue must be created with strict acceptance criteria gating before execution.
deployment-engineer
Expert deployment engineer specializing in modern CI/CD pipelines, GitOps workflows, and advanced deployment automation.
devops-deploy
DevOps e deploy de aplicacoes — Docker, CI/CD com GitHub Actions, AWS Lambda, SAM, Terraform, infraestrutura como codigo e monitoramento.
docker-expert
You are an advanced Docker containerization expert with comprehensive, practical knowledge of container optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies based on current industry best practices.
finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
gh-review-requests
Fetch unread GitHub notifications for open PRs where review is requested from a specified team or opened by a team member. Use when asked to "find PRs I need to review", "show my review requests", "what needs my review", "fetch GitHub review requests", or "check team review queue".
gha-security-review
Find exploitable vulnerabilities in GitHub Actions workflows. Every finding MUST include a concrete exploitation scenario — if you can't build the attack, don't report it.
github-actions-templates
Production-ready GitHub Actions workflow patterns for testing, building, and deploying applications.
github-automation
Automate GitHub repositories, issues, pull requests, branches, CI/CD, and permissions via Rube MCP (Composio). Manage code workflows, review PRs, search code, and handle deployments programmatically.
github-issue-creator
Turn error logs, screenshots, voice notes, and rough bug reports into crisp, developer-ready GitHub issues with repro steps, impact, and evidence.
github-workflow-automation
Patterns for automating GitHub workflows with AI assistance, inspired by [Gemini CLI](https://github.com/google-gemini/gemini-cli) and modern DevOps practices.
issues
Interact with GitHub issues - create, list, and view issues.
mlops-engineer
Build comprehensive ML pipelines, experiment tracking, and model registries with MLflow, Kubeflow, and modern MLOps tools.
monte-carlo-validation-notebook
Generates SQL validation notebooks for dbt PR changes with before/after comparison queries.
openclaw-github-repo-commander
7-stage super workflow for GitHub repo audit, cleanup, PR review, and competitor analysis
performance-testing-review-ai-review
You are an expert AI-powered code review specialist combining automated static analysis, intelligent pattern recognition, and modern DevOps practices. Leverage AI tools (GitHub Copilot, Qodo, GPT-5, C
playwright-java
Scaffold, write, debug, and enhance enterprise-grade Playwright E2E tests in Java using Page Object Model, JUnit 5, Allure reporting, and parallel execution.
progressive-estimation
Estimate AI-assisted and hybrid human+agent development work with research-backed PERT statistics and calibration feedback loops
sast-configuration
Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.
vibers-code-review
Human review workflow for AI-generated GitHub projects with spec-based feedback, security review, and follow-up PRs from the Vibers service.
maggy
Maggy is a local AI engineering command center. AI-prioritized inbox across issue trackers (GitHub Issues/Asana), one-click TDD execute with iCPG context enrichment, daily competitor intelligence briefing.
polyphony
Multi-agent orchestration with container-isolated workspaces — each agent session runs in its own Docker container with independent git branches
golang-continuous-integration
Provides CI/CD pipeline configuration using GitHub Actions for Golang projects. Covers testing, linting, SAST, security scanning, code coverage, Dependabot, Renovate, GoReleaser, code review automation, and release pipelines. Use this whenever setting up CI for a Go project, configuring workflows, adding linters or security scanners, setting up Dependabot or Renovate, automating releases, or improving an existing CI pipeline. Also use when the user wants to add quality gates to their Go project.
golang-testing
Provides a comprehensive guide for writing production-ready Golang tests. Covers table-driven tests, test suites with testify, mocks, unit tests, integration tests, benchmarks, code coverage, parallel tests, fuzzing, fixtures, goroutine leak detection with goleak, snapshot testing, memory leaks, CI with GitHub Actions, and idiomatic naming conventions. Use this whenever writing tests, asking about testing patterns or setting up CI for Go projects. Essential for ANY test-related conversation in Go.
test-flakiness
Detect non-deterministic (flaky) tests by reading CI run logs or test result history. Aggregates pass rates per test, identifies intermittent failures, recommends quarantine or fix, and maintains a flaky test registry. Best run during Polish phase or after multiple CI runs.
test-setup
Scaffold the test framework and CI/CD pipeline for the project's engine. Creates the tests/ directory structure, engine-specific test runner configuration, and GitHub Actions workflow. Run once during Technical Setup phase before the first sprint begins.
code-reviewer
Analyzes code diffs and files to identify bugs, security vulnerabilities (SQL injection, XSS, insecure deserialization), code smells, N+1 queries, naming issues, and architectural concerns, then produces a structured review report with prioritized, actionable feedback. Use when reviewing pull requests, conducting code quality audits, identifying refactoring opportunities, or checking for security issues. Invoke for PR reviews, code quality checks, refactoring suggestions, review code, code quality. Complements specialized skills (security-reviewer, test-master) by providing broad-scope review across correctness, performance, maintainability, and test coverage in a single pass.
external-feature
Proactively enhance watched repos — fix issues, add features, improve code
code-review-excellence
Transform code reviews from gatekeeping to knowledge sharing through constructive feedback, systematic analysis, and collaborative improvement.
clari-ci-integration
Integrate Clari export pipeline testing and validation into CI/CD. Use when adding automated tests for Clari integrations, validating export schemas in CI, or testing pipeline reliability. Trigger with phrases like "clari CI", "clari github actions", "clari automated tests", "test clari pipeline".
github-actions-starter
Manage github actions starter operations. Auto-activating skill for DevOps Basics. Triggers on: github actions starter, github actions starter Part of the DevOps Basics skill category. Use when working with github actions starter functionality. Trigger with phrases like "github actions starter", "github starter", "github".
github-project-setup
Configure github project setup operations. Auto-activating skill for Enterprise Workflows. Triggers on: github project setup, github project setup Part of the Enterprise Workflows skill category. Use when working with github project setup functionality. Trigger with phrases like "github project setup", "github setup", "github".
guidewire-ci-integration
Configure CI/CD pipelines for Guidewire with Gosu compilation, GUnit tests, and configuration deployment. Trigger: "guidewire ci integration", "ci-integration".
hex-reference-architecture
Implement Hex reference architecture with best-practice project layout. Use when designing new Hex integrations, reviewing project structure, or establishing architecture standards for Hex applications. Trigger with phrases like "hex architecture", "hex best practices", "hex project structure", "how to organize hex", "hex layout".
persona-ci-integration
CI/CD pipeline for Persona integrations with sandbox API testing. Use when working with Persona identity verification. Trigger with phrases like "persona ci-integration", "persona ci-integration".
windsurf-cicd-github-actions
Generate and maintain GitHub Actions with Cascade assistance. Activate when users mention "github actions", "ci/cd pipeline", "workflow automation", "continuous integration", or "deployment pipeline". Handles CI/CD configuration with AI assistance. Use when working with windsurf cicd github actions functionality. Trigger with phrases like "windsurf cicd github actions", "windsurf actions", "windsurf".
ln-910-community-engagement
Analyzes community health and delegates engagement tasks. Use when managing GitHub issues, discussions, and announcements.
implementing-api-key-security-controls
Implements secure API key generation, storage, rotation, and revocation controls to protect API authentication credentials from leakage, brute force, and abuse. The engineer designs API key formats with sufficient entropy, implements secure hashing for storage, enforces per-key scoping and rate limiting, monitors for leaked keys in public repositories, and builds key rotation workflows. Activates for requests involving API key management, API key security, key rotation policy, or API credential protection.
implementing-api-security-testing-with-42crunch
Implement comprehensive API security testing using the 42Crunch platform to perform static audit and dynamic conformance scanning of OpenAPI specifications.
implementing-aqua-security-for-container-scanning
Deploy Aqua Security's Trivy scanner to detect vulnerabilities, misconfigurations, secrets, and license issues in container images across CI/CD pipelines and registries.
implementing-devsecops-security-scanning
Integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) into CI/CD pipelines using open-source tools. Covers Semgrep for SAST, Trivy for SCA and container scanning, OWASP ZAP for DAST, and Gitleaks for secrets detection. Activates for requests involving DevSecOps pipeline setup, automated security scanning in CI/CD, SAST/DAST/SCA integration, or shift-left security implementation.
implementing-github-advanced-security-for-code-scanning
Configure GitHub Advanced Security with CodeQL to perform automated static analysis and vulnerability detection across repositories at enterprise scale.
implementing-infrastructure-as-code-security-scanning
This skill covers implementing automated security scanning for Infrastructure as Code (IaC) templates using tools like Checkov, tfsec, and KICS. It addresses detecting misconfigurations in Terraform, CloudFormation, Kubernetes manifests, and Helm charts before deployment, establishing policy-based governance, and integrating IaC scanning into CI/CD pipelines to prevent insecure cloud resource provisioning.
implementing-secret-scanning-with-gitleaks
This skill covers implementing Gitleaks for detecting and preventing hardcoded secrets in git repositories. It addresses configuring pre-commit hooks, CI/CD pipeline integration, custom rule authoring for organization-specific secrets, baseline management for existing repositories, and remediation workflows for exposed credentials.
implementing-secrets-scanning-in-ci-cd
Integrate gitleaks and trufflehog into CI/CD pipelines to detect leaked secrets before deployment
integrating-dast-with-owasp-zap-in-pipeline
This skill covers integrating OWASP ZAP (Zed Attack Proxy) for Dynamic Application Security Testing in CI/CD pipelines. It addresses configuring baseline, full, and API scans against running applications, interpreting ZAP findings, tuning scan policies, and establishing DAST quality gates in GitHub Actions and GitLab CI.
integrating-sast-into-github-actions-pipeline
This skill covers integrating Static Application Security Testing (SAST) tools—CodeQL and Semgrep—into GitHub Actions CI/CD pipelines. It addresses configuring automated code scanning on pull requests and pushes, tuning rules to reduce false positives, uploading SARIF results to GitHub Advanced Security, and establishing quality gates that block merges when high-severity vulnerabilities are detected.
performing-container-security-scanning-with-trivy
Scan container images, filesystems, and Kubernetes manifests for vulnerabilities, misconfigurations, exposed secrets, and license compliance issues using Aqua Security Trivy with SBOM generation and CI/CD integration.
performing-paste-site-monitoring-for-credentials
Monitor paste sites like Pastebin and GitHub Gists for leaked credentials, API keys, and sensitive data dumps using automated scraping and keyword matching to detect breaches early.
performing-sca-dependency-scanning-with-snyk
This skill covers implementing Software Composition Analysis (SCA) using Snyk to detect vulnerable open-source dependencies in CI/CD pipelines. It addresses scanning package manifests and lockfiles, automated fix pull request generation, license compliance checking, continuous monitoring of deployed applications, and integration with GitHub, GitLab, and Jenkins pipelines.
scanning-containers-with-trivy-in-cicd
This skill covers integrating Aqua Security's Trivy scanner into CI/CD pipelines for comprehensive container image vulnerability detection. It addresses scanning Docker images for OS package and application dependency CVEs, detecting misconfigurations in Dockerfiles, scanning filesystem and git repositories, and establishing severity-based quality gates that block deployment of vulnerable images.
securing-github-actions-workflows
This skill covers hardening GitHub Actions workflows against supply chain attacks, credential theft, and privilege escalation. It addresses pinning actions to SHA digests, minimizing GITHUB_TOKEN permissions, protecting secrets from exfiltration, preventing script injection in workflow expressions, and implementing required reviewers for workflow changes.
structured-code-review
Performs a structured five-stage code review covering requirements compliance, correctness, code quality, testing, and security/performance. Each stage uses targeted checklists and categorized feedback (Blocker/Major/Minor/Nit) with actionable suggestions and rationale. Use when the user asks for code review, PR feedback, pull request review, or wants their code checked for bugs, style issues, or vulnerabilities — triggered by phrases like "review my code", "check this PR", "review my changes", "pull request review", or "code feedback".
address-github-comments
Use when you need to address review or issue comments on an open GitHub Pull Request using the gh CLI.
cicd-automation-workflow-automate
You are a workflow automation expert specializing in creating efficient CI/CD pipelines, GitHub Actions workflows, and automated development processes. Design and implement automation that reduces manual work, improves consistency, and accelerates delivery while maintaining quality and security.
code-review-excellence
Transform code reviews from gatekeeping to knowledge sharing through constructive feedback, systematic analysis, and collaborative improvement.
codex-review
Professional code review with auto CHANGELOG generation, integrated with Codex AI. Use when you want professional code review before commits, you need automatic CHANGELOG generation, or reviewing large-scale refactoring.
context7-auto-research
Automatically fetch latest library/framework documentation for Claude Code via Context7 API. Use when you need up-to-date documentation for libraries and frameworks or asking about React, Next.js, Prisma, or any other popular library.
exa-search
Semantic search, similar content discovery, and structured research using Exa API. Use when you need semantic/embeddings-based search, finding similar content, or searching by category (company, people, research papers, etc.).
firecrawl-scraper
Deep web scraping, screenshots, PDF parsing, and website crawling using Firecrawl API. Use when you need deep content extraction from web pages, page interaction is required (clicking, scrolling, etc.), or you want screenshots or PDF parsing.
git-pr-workflows-pr-enhance
You are a PR optimization expert specializing in creating high-quality pull requests that facilitate efficient code reviews. Generate comprehensive PR descriptions, automate review processes, and ensu
github
Use the `gh` CLI for issues, pull requests, Actions runs, and GitHub API queries.
skill-seekers
-Automatically convert documentation websites, GitHub repositories, and PDFs into Claude AI skills in minutes.
tavily-web
Web search, content extraction, crawling, and research capabilities using Tavily API. Use when you need to search the web for current information, extracting content from URLs, or crawling websites.
team-collaboration-issue
You are a GitHub issue resolution expert specializing in systematic bug investigation, feature implementation, and collaborative development workflows. Your expertise spans issue triage, root cause an
vcrepomix
Use when you need to pack a local or remote repository into an AI-friendly reference artifact for research, audits, feature-porting prep, context review, or security-oriented repo analysis.
vcweb-testing
Web testing with Playwright, Vitest, k6. E2E/unit/integration/load/security/visual/a11y testing. Use for test automation, flakiness, Core Web Vitals, mobile gestures, cross-browser.
ci-all
Full CI pipeline: run local tests, type check, push branch, and return the pipeline URL. The only command you need before opening a PR.
code-review-excellence
This skill should be used when the user asks to review a diff or pull request, write review comments, audit code quality, establish review standards, or improve how a team performs code review.
git-workflow
This skill should be used when the user asks to "create git commit", "manage branches", "follow git workflow", "use Conventional Commits", "handle merge conflicts", or asks about git branching strategies, version control best practices, pull request workflows. Provides comprehensive Git workflow guidance for team collaboration.
github-pr-review-fix
Review and resolve PR comments from GitHub. Validates each comment, fixes legitimate issues.
cicd-pipelines
Multi-platform CI/CD pipeline expertise. Generate GitHub Actions, GitLab CI, Jenkins, and Azure Pipelines configurations. Analyze failures, optimize execution time, validate syntax, and configure matrix builds and caching strategies.
code-quality-analyzer
Static code analysis, technical debt assessment, engineering velocity metrics
electron-builder-config
Generate and validate electron-builder configuration for multi-platform desktop builds with code signing, auto-update, and platform-specific packaging
knowledge-extractor
Extract tribal knowledge from code, documentation, and commit history to preserve institutional memory
playwright
Playwright E2E testing, page objects, fixtures, visual regression, accessibility testing, and CI integration patterns.
automation-audit-ops
Evidence-first automation inventory and overlap audit workflow for ECC. Use when the user wants to know which jobs, hooks, connectors, MCP servers, or wrappers are live, broken, redundant, or missing before fixing anything.
data-scraper-agent
Build a fully automated AI-powered data collection agent for any public source — job boards, prices, news, GitHub, sports, anything. Scrapes on a schedule, enriches data with a free LLM (Gemini Flash), stores results in Notion/Sheets/Supabase, and learns from user feedback. Runs 100% free on GitHub Actions. Use when the user wants to monitor, collect, or track any public data automatically.
django-verification
Verification loop for Django projects: migrations, linting, tests with coverage, security scans, and deployment readiness checks before release or PR.
git-workflow
Git workflow patterns including branching strategies, commit conventions, merge vs rebase, conflict resolution, and collaborative development best practices for teams of all sizes.
github-ops
GitHub repository operations, automation, and management. Issue triage, PR management, CI/CD operations, release management, and security monitoring using the gh CLI. Use when the user wants to manage GitHub issues, PRs, CI status, releases, contributors, stale items, or any GitHub operational task beyond simple git commands.
knowledge-ops
Knowledge base management, ingestion, sync, and retrieval across multiple storage layers (local files, MCP memory, vector stores, Git repos). Use when the user wants to save, organize, sync, deduplicate, or search across their knowledge systems.
laravel-verification
Verification loop for Laravel projects: env checks, linting, static analysis, tests with coverage, security scans, and deployment readiness.
opensource-pipeline
Open-source pipeline: fork, sanitize, and package private projects for safe public release. Chains 3 agents (forker, sanitizer, packager). Triggers: '/opensource', 'open source this', 'make this public', 'prepare for open source'.
project-flow-ops
Operate execution flow across GitHub and Linear by triaging issues and pull requests, linking active work, and keeping GitHub public-facing while Linear remains the internal execution layer. Use when the user wants backlog control, PR triage, or GitHub-to-Linear coordination.
unified-notifications-ops
Operate notifications as one ECC-native workflow across GitHub, Linear, desktop alerts, hooks, and connected communication surfaces. Use when the real problem is alert routing, deduplication, escalation, or inbox collapse.
deferred-capture
Contract for unified deferred-item capture across plugins. Defines CLI interface, issue template, label taxonomy, and compliance test.
feature-review
Review and prioritize features using RICE, WSJF, or Kano scoring frameworks, then create GitHub issues for suggestions.
git-platform
Git platform detection and cross-platform command mapping for GitHub, GitLab, and Bitbucket
pr-prep
Prepare pull requests by running quality gates, drafting descriptions, and validating tests before submission.
rule-catalog
Browse the rule catalog and guide installation. Use when looking for
session-replay
Convert a Claude Code session JSONL file into an animated GIF replay showing the conversation as typed terminal output.
workflow-monitor
Detect workflow failures and inefficient patterns, then create GitHub issues for improvement via /fix-workflow.
workflow-setup
Configures GitHub Actions CI/CD workflows for testing, linting, and deployment. Use when setting up automation for a Python, Rust, or TypeScript project.
github-project-contributor-finder-api-skill
This skill helps users extract GitHub repository project details and contributor contact information using keywords, stars, and update dates. Agent should proactively apply this skill when users express needs like search for GitHub projects by keywords, find top open-source contributors in specific domains, extract developer contacts from GitHub repositories, discover trending repositories with high stars, gather contributor profiles and social links for tech recruiting, retrieve GitHub project descriptions and metrics, build developer communities by finding active contributors, search for repositories updated recently, collect personal website and Twitter links of developers, generate targeted leads for developer tools, or track active open-source contributors for collaboration.
claude-docs-consultant
Consult official Claude Code documentation from code.claude.com using selective fetching. Use when working on hooks, skills, subagents, plugins, agent teams, MCP servers, permissions, settings, CI/CD (GitHub Actions, GitLab), IDE extensions (VS Code, JetBrains), desktop/web app features, scheduling, memory/CLAUDE.md, deployment (Bedrock, Vertex, Foundry), sandboxing, monitoring, or any Claude Code feature requiring official docs. Fetches only the specific docs needed per task.
bitbucket-automation
Automate Bitbucket repositories, pull requests, branches, issues, and workspace management via Rube MCP (Composio). Always search tools first for current schemas.
github-automation
Automate GitHub repositories, issues, pull requests, branches, CI/CD, and permissions via Rube MCP (Composio). Manage code workflows, review PRs, search code, and handle deployments programmatically.
dependabot-review
Review and manage Dependabot PRs. Categorizes by risk, checks CI status, auto-merges safe updates, and reports issues. Use when the user says "review dependabot", "merge dependabot", "dependabot PRs", or "update dependencies".
gh-fix-ci
Inspect GitHub PR checks with gh, pull failing GitHub Actions logs, summarize failure context, then create a fix plan and implement after user approval. Use when a user asks to debug or fix failing PR CI/CD checks on GitHub Actions and wants a plan + code changes; for external checks (e.g., Buildkite), only report the details URL and mark them out of scope.
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
resolve-issues-cc
Fetch all open GitHub issues, analyze bugs, resolve up to 30 per batch via per-issue worktrees + PRs into the release branch, triage the rest, wait for user validation
make-repo-contribution
All changes to code must follow the guidance documented in the repository. Before any issue is filed, branch is made, commits generated, or pull request (or PR) created, a search must be done to ensure the right steps are followed. Whenever asked to create an issue, commit messages, to push code, or create a PR, use this skill so everything is done correctly.
000-jeremy-content-consistency-validator
Validates messaging consistency across website, GitHub repositories, and local documentation. Generates comprehensive read-only discrepancy reports showing where messaging conflicts or inconsistencies exist. Activates when user mentions "consistency check", "validate documentation", "check for mixed messaging", "audit content consistency", or before updating internal paperwork.
gh-actions-validator
Automatically validates and enforces GitHub Actions best practices for Vertex AI and Google Cloud deployments. Expert in Workload Identity Federation (WIF), Vertex AI Agent Engine deployment pipelines, security validation, and CI/CD automation. Triggers: "create github actions", "deploy vertex ai", "setup wif", "validate github workflow", "gcp deployment pipeline"
deep-research
Deep research and discovery before building something new. Explores local projects for reusable code, researches competitors, reads forums and reviews, analyses plugin ecosystems, investigates technical options, and produces a comprehensive research brief. Three depths: focused (30 min), wide (1-2 hours), deep (3-6 hours). Triggers: 'research this', 'discovery', 'explore the space', 'what should I build', 'competitive analysis', 'before I start building', 'research before coding'. Not for cited fact-checking research reports (a separate harness does those); this is pre-build product discovery.
git-workflow
Guided git workflows: prepare PRs, clean up branches, resolve merge conflicts, handle monorepo tags, squash-and-merge patterns. Use when asked to prepare a PR, clean branches, resolve conflicts, or tag a release.
pr-preflight
Full pre-PR merge-readiness check. Run this before opening or merging a pull request — it validates local gates (lint, format, tests), CI status, screenshot evidence, and PR metadata in one pass. Also useful for reviewing an existing PR's readiness.
l-pr
Create a draft pull request targeting develop. Auto-generates PR body from design files, GitHub issues, and/or commit history. Use when opening a PR.
onecli-gateway
OneCLI Gateway: transparent HTTPS proxy that injects stored credentials into outbound calls. You MUST use this skill when the user asks you to read emails, check calendar, access GitHub repos, create issues, check Stripe payments, or interact with ANY external service or API. Do NOT use browser extensions or OAuth CLI tools. Make HTTP requests directly; the gateway injects credentials automatically.
comprehensive-review-pr-enhance
Generate structured PR descriptions from diffs, add review checklists, risk assessments, and test coverage summaries. Use when the user says "write a PR description", "improve this PR", "summarize my changes", "PR review", "pull request", or asks to document a diff for reviewers.
hugging-face-papers
Read and analyze Hugging Face paper pages or arXiv papers with markdown and papers API metadata.
makepad-deployment
CRITICAL: Use for Makepad packaging and deployment. Triggers on: deploy, package, APK, IPA, 打包, 部署, cargo-packager, cargo-makepad, WASM, Android, iOS, distribution, installer, .deb, .dmg, .nsis, GitHub Actions, CI, action, marketplace
pr-writer
Create pull requests following Sentry's engineering practices.
sred-project-organizer
Take a list of projects and their related documentation, and organize them into the SRED format for submission.
sred-work-summary
Go back through the previous year of work and create a Notion doc that groups relevant links into projects that can then be documented as SRED projects.
review-pr
Review a PR or branch diff using the knowledge graph for full structural context. Outputs a structured review with blast-radius analysis.
clean-code
Write readable, maintainable code through disciplined naming, small functions, and clean error handling. Use when the user mentions "code review", "naming conventions", "function too long", "code smells", "readable code", "boy scout rule", "single responsibility", or "unit test quality". Also trigger when reviewing pull requests for readability, refactoring messy functions, debating comment styles, or improving error handling patterns. Covers SRP, comment discipline, formatting, and unit testing. For refactoring techniques, see refactoring-patterns. For architecture, see clean-architecture.
skill-vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
web-search
Real-time web search using Playwright-controlled browser. Use this skill when you need current information, latest documentation, recent news, or any data beyond your knowledge cutoff (January 2025).
flow-next-resolve-pr
Resolve PR review feedback — fetch unresolved threads, triage, dispatch per-thread resolver agents, validate, commit, reply + resolve via GraphQL. Triggers on /flow-next:resolve-pr.
detecting-supply-chain-attacks-in-ci-cd
Scans GitHub Actions workflows and CI/CD pipeline configurations for supply chain attack vectors including unpinned actions, script injection via expressions, dependency confusion, and secrets exposure. Uses PyGithub and YAML parsing for automated audit. Use when hardening CI/CD pipelines or investigating compromised build systems.
code-review
Reviews code diffs and files for security vulnerabilities (OWASP Top 10), error handling, complexity, naming conventions, and performance issues. Use when the user asks to review a PR, pull request, diff, merge request, or code changes.
typescript-best-practices
Enforces TypeScript best practices and modern patterns
github-workflow-automation
Advanced GitHub Actions workflow automation with AI swarm coordination, intelligent CI/CD pipelines, and comprehensive repository management
ocr
AI-powered multi-agent code review. Simulates a team of Principal Engineers reviewing code from different perspectives. Use when asked to review code, check a PR, analyze changes, or perform code review.
ci-pipeline
Push current branch and return the pipeline tracking URL (GitLab or GitHub Actions)
ci-status
Show current pipeline status for the active branch (GitLab CI or GitHub Actions)
github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
devops-engineer
Creates Dockerfiles, configures CI/CD pipelines, writes Kubernetes manifests, and generates Terraform/Pulumi infrastructure templates. Handles deployment automation, GitOps configuration, incident response runbooks, and internal developer platform tooling. Use when setting up CI/CD pipelines, containerizing applications, managing infrastructure as code, deploying to Kubernetes clusters, configuring cloud platforms, automating releases, or responding to production incidents. Invoke for pipelines, Docker, Kubernetes, GitOps, Terraform, GitHub Actions, on-call, or platform engineering.
changelog-generator
Automated changelog generation from commits and PRs
compatibility-test-matrix
Multi-version, multi-platform SDK compatibility testing
cross-platform-test-matrix
Generate CI test matrix for Windows, macOS, and Linux combinations
github-actions-web
GitHub Actions for web app CI/CD, testing, and deployment.
percy-visual-testing
Percy visual testing platform integration for visual regression detection
auto-workflow-builder
Analyze a URL and generate a tailored aeon.yml schedule with skill suggestions
daily-routine
Morning briefing combining token movers, tweet roundup, paper pick, GitHub issues, and HN digest
ecosystem-links
Weekly link-health audit of ECOSYSTEM.md — checks every GitHub repo for archived/disabled state and every project URL for HTTP 4xx/5xx or redirect chains, surfacing dead/archived/moved entries before a casual reader stumbles into one. Closes the three-skill ecosystem loop with ecosystem-entrants (arrivals) and ecosystem-pulse (liveness).
ecosystem-pulse
Weekly liveness check of the projects listed in ECOSYSTEM.md — stars/forks/last-commit recency + new releases for any project that can be matched to a GitHub repo
content-sanitization
Sanitization guidelines for external content
background-watch-hook
Use `vibe watch` to run a managed Harness waiter that returns to the same conversation later. Best for reviews, CI, files, logs, and other wait-now-continue-later workflows.
background-watch-hook
Use `vibe watch` to run a managed Harness waiter that returns to the same conversation later. Best for reviews, CI, files, logs, and other wait-now-continue-later workflows.
gh-address-comments
Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.
yeet
Use only when the user explicitly asks to stage, commit, push, and open a GitHub pull request in one flow using the GitHub CLI (`gh`).
docs-review
Review documentation changes for compliance with the Metabase writing style guide. Use when reviewing pull requests, files, or diffs containing documentation markdown files.
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
ln-730-devops-setup
Sets up Docker, CI/CD, and environment configuration with auto-detection. Use when adding DevOps infrastructure to a project.
ln-732-cicd-generator
Generates GitHub Actions CI workflow configuration. Use when adding continuous integration to a project.
ln-911-github-triager
Produces prioritized triage report from open GitHub issues, PRs, and discussions. Use when reviewing community backlog.
push-release
Push to GitHub and optionally bump version to trigger PyPI release
canonical-data-map
Single source of truth for all paths, naming conventions, and data formats across the OpenClaw Greek Accounting system. Reference document.
create-release-checklist
Create a release checklist and GitHub issue for an R package. Use when the user asks to "create a release checklist" or "start a release" for an R package.
pr-create
Creates a pull request from current changes, monitors GitHub CI, and debugs any failures until CI passes. Activate when the user says "create pr", "make a pr", "open pull request", "submit pr", "pr for these changes", or wants to get their current work into a reviewable PR. Assumes the project uses git, is hosted on GitHub, and has GitHub Actions CI with automated checks (lint, build, tests, etc.). Does NOT merge - stops when CI passes and provides the PR link.
code-review-web
Review web application code for bugs, security issues, performance problems, and stack-specific anti-patterns. Use this skill whenever the user wants to review code, debug a production issue, investigate a build failure, audit security, or check a PR before merging. Triggers on code review, review my code, debug, build error, broken, not working, why is X failing, check this code, security check, PR review, audit code, refactor. Also triggers when investigating 4xx or 5xx errors, deploy failures, environment variable issues, and CMS integration problems.
create-pr
Alias for sentry-skills:pr-writer. Use when users explicitly ask for "create-pr" or reference the legacy skill name. Redirects to the canonical PR writing workflow.
setup-matt-pocock-skills
Sets up an `## Agent skills` block in AGENTS.md/CLAUDE.md and `docs/agents/` so the engineering skills know this repo's issue tracker (GitHub or local markdown), triage label vocabulary, and domain doc layout. Run before first use of `to-issues`, `to-prd`, `triage`, `diagnose`, `tdd`, `improve-codebase-architecture`, or `zoom-out` — or if those skills appear to be missing context about the issue tracker, triage labels, or domain docs.
harvest-adaptive
Adaptive content summarization - auto-detect content type and produce relevant summary
vcdocs-seeker
Search library/framework documentation via llms.txt (context7.com). Use for API docs, GitHub repository analysis, technical documentation lookup, latest library features.
analyzing-projects
Analyzes codebases to understand structure, tech stack, patterns, and conventions. Use when onboarding to a new project, exploring unfamiliar code, or when asked "how does this work?" or "what's the architecture?"
devops-infrastructure
Guides Docker, CI/CD pipelines, deployment strategies, infrastructure as code, and observability setup. Use when writing Dockerfiles, configuring GitHub Actions, planning deployments, setting up monitoring, or when asked about containers, pipelines, Terraform, or production infrastructure.
managing-git
Manages Git workflows including branching, commits, and pull requests. Use when working with Git, creating commits, opening PRs, managing branches, resolving conflicts, or when asked about version control best practices.
understand-diff
Use when you need to analyze git diffs or pull requests to understand what changed, affected components, and risks
issue-triage
3-phase issue backlog management with audit, deep analysis, and validated triage actions. Use when triaging GitHub issues, sorting bug reports, cleaning up stale tickets, or detecting duplicate issues. Args: 'all' to analyze all, issue numbers to focus (e.g. '42 57'), 'en'/'fr' for language, no arg = audit only.
landing-page-generator
Generate complete, deploy-ready landing pages from any repository. Use when creating a homepage for an open-source project, building a project website, converting a README into a marketing page, or standardizing landing pages across multiple repos.
pr-triage
4-phase PR backlog management with audit, deep code review, validated comments, and optional worktree setup. Use when triaging pull requests, catching up on pending code reviews, or managing a backlog of open PRs. Args: 'all' to review all, PR numbers to focus (e.g. '42 57'), 'en'/'fr' for language, no arg = audit only.
understand-diff
Use when you need to analyze git diffs or pull requests to understand what changed, affected components, and risks
apple-reminders
Manage Apple Reminders via remindctl CLI (list, add, complete, delete).
github-auth
Set up GitHub authentication for the agent using git (universally available) or the gh CLI. Covers HTTPS tokens, SSH keys, credential helpers, and gh auth — with a detection flow to pick the right method automatically.
github-issues
Create, manage, triage, and close GitHub issues. Search existing issues, add labels, assign people, and link to PRs. Works with gh CLI or falls back to git + GitHub REST API via curl.
github-pr-workflow
Full pull request lifecycle — create branches, commit changes, open PRs, monitor CI status, auto-fix failures, and merge. Works with gh CLI or falls back to git + GitHub REST API via curl.
oss-forensics
Supply chain investigation, evidence recovery, and forensic analysis for GitHub repositories. Covers deleted commit recovery, force-push detection, IOC extraction, multi-source evidence collection, hypothesis formation/validation, and structured forensic reporting. Inspired by RAPTOR's 1800+ line OSS Forensics system.
watchers
Poll RSS, JSON APIs, and GitHub with watermark dedup.
ci-cd-and-automation
Automates CI/CD pipeline setup. Use when setting up or modifying build and deployment pipelines. Use when you need to automate quality gates, configure test runners in CI, or establish deployment strategies.
code-reviewer
Code review automation for TypeScript, JavaScript, Python, Go, Swift, Kotlin. Analyzes PRs for complexity and risk, checks code quality for SOLID violations and code smells, generates review reports. Use when reviewing pull requests, analyzing code quality, identifying issues, generating review checklists.
pr-review-expert
Use when the user asks to review pull requests, analyze code changes, check for security issues in PRs, or assess code quality of diffs.
report
Generate test report. Use when user says "test report", "results summary", "test status", "show results", "test dashboard", or "how did tests go".
senior-devops
Comprehensive DevOps skill for CI/CD, infrastructure automation, containerization, and cloud platforms (AWS, GCP, Azure). Includes pipeline setup, infrastructure as code, deployment automation, and monitoring. Use when setting up pipelines, deploying applications, managing infrastructure, implementing monitoring, or optimizing deployment processes.
watcher-creator
Guide for creating agent-deck watchers conversationally. This skill should be used when users want to set up a new watcher (webhook, ntfy, github, slack, gmail) to route events to a conductor. It walks the user through selecting an adapter type, gathering required settings, generating watcher.toml and clients.json entries, and emits the exact `agent-deck watcher create` command to run.
code-search
Search GitHub for existing implementations of a topic. Use when the user wants to find code examples, libraries, or implementation patterns. Standalone or as part of a full research session.
github-initiative-pulse
Generate markdown digests and CSV exports for GitHub issues, PRs, and initiative health tracking
release-plannotator
Prepare and execute a Plannotator release — draft release notes with full contributor credit, bump versions across all package files, build in dependency order, and kick off the tag-driven release pipeline. Use this skill whenever the user mentions preparing a release, bumping versions, writing release notes, tagging a release, or publishing. Also trigger when the user says things like "let's ship", "prep a release", "what's changed since last release", or "time to cut a new version".
review-renovate
Review Renovate bot PRs that update GitHub Actions dependencies. Verifies supply chain integrity by checking pinned commit SHAs against upstream tagged releases, reviews changelogs for breaking changes, and confirms compatibility with existing workflow configurations. Use when a Renovate PR updates GitHub Actions in .github/workflows/.
code-review
Perform code reviews following Sentry engineering practices. Use when reviewing pull requests, examining code changes, or providing feedback on code quality. Covers security, performance, testing, and design review.
code-review-checklist
Comprehensive checklist for conducting thorough code reviews covering functionality, security, performance, and maintainability
code-reviewer
Comprehensive code review skill for TypeScript, JavaScript, Python, Swift, Kotlin, Go. Includes automated code analysis, best practice checking, security scanning, and review checklist generation. Use when reviewing pull requests, providing code feedback, identifying issues, or ensuring code quality standards.
create-pr
Create pull requests following Sentry conventions. Use when opening PRs, writing PR descriptions, or preparing changes for review. Follows Sentry's code review guidelines.
finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
github-actions-creator
Use when the user wants to create, generate, or set up a GitHub Actions workflow. Handles CI/CD pipelines, testing, deployment, linting, security scanning, release automation, Docker builds, scheduled tasks, and any custom workflow for any language or framework.
github-workflow-automation
Automate GitHub workflows with AI assistance. Includes PR reviews, issue triage, CI/CD integration, and Git operations. Use when automating GitHub workflows, setting up PR review automation, creating GitHub Actions, or triaging issues.
iterate-pr
Iterate on a PR until CI passes. Use when you need to fix CI failures, address review feedback, or continuously push fixes until all checks are green. Automates the feedback-fix-push-wait cycle.
n8n-workflow-patterns
Proven workflow architectural patterns from real n8n workflows. Use when building new workflows, designing workflow structure, choosing workflow patterns, planning workflow architecture, or asking about webhook processing, HTTP API integration, database operations, AI agent workflows, or scheduled tasks.
writing-clearly-and-concisely
Use when writing prose humans will read—documentation, commit messages, error messages, explanations, reports, or UI text. Applies Strunk's timeless rules for clearer, stronger, more professional writing.
generate-release-ag
Create a new release, bump version up to the .999 patch threshold, generate a complete CHANGELOG (with PR co-authors + every commit since the last tag), and manage Pull Requests
generate-release-cc
Create a new release, bump version up to the .999 patch threshold, generate a complete CHANGELOG (with PR co-authors + every commit since the last tag), and manage Pull Requests
generate-release-cx
Create a new release, bump version up to the .999 patch threshold, generate a complete CHANGELOG (with PR co-authors + every commit since the last tag), and manage Pull Requests
implement-features-ag
Analyze open feature request issues, implement viable ones on dedicated branches, and respond to authors
implement-features-cc
Analyze open feature request issues, implement viable ones on dedicated branches, and respond to authors
implement-features-cx
Analyze open feature request issues, implement viable ones on dedicated branches, and respond to authors
resolve-issues-ag
Fetch all open GitHub issues, analyze bugs, resolve up to 30 per batch via per-issue worktrees + PRs into the release branch, triage the rest, wait for user validation
resolve-issues-cx
Fetch all open GitHub issues, analyze bugs, resolve up to 30 per batch via per-issue worktrees + PRs into the release branch, triage the rest, wait for user validation
review-discussions-ag
Read all open GitHub Discussions, summarize them, respond to pending ones, create issues from actionable feature requests, and triage stale threads for closure
review-discussions-cc
Read all open GitHub Discussions, summarize them, respond to pending ones, create issues from actionable feature requests, and triage stale threads for closure
review-prs-ag
Analyze open Pull Requests from the project's GitHub repository, generate a critical report, and optionally implement approved changes
review-prs-cc
Analyze open Pull Requests from the project's GitHub repository, generate a critical report, and optionally implement approved changes
review-prs-cx
Analyze open Pull Requests from the project's GitHub repository, generate a critical report, and optionally implement approved changes
nuget-trusted-publishing
Set up NuGet trusted publishing (OIDC) on a GitHub Actions repo — replaces long-lived API keys with short-lived tokens. USE FOR: trusted publishing, NuGet OIDC, keyless NuGet publish, migrate from NuGet API key, NuGet/login, secure NuGet publishing. DO NOT USE FOR: publishing to private feeds or Azure Artifacts (OIDC is nuget.org only). INVOKES: shell (powershell or bash), edit, create, ask_user for guided repo setup.
pr-writing-review
Extract and analyze writing improvements from GitHub PR review comments. Use when asked to show review feedback, style changes, or editorial improvements from a GitHub pull request URL. Handles both explicit suggestions and plain text feedback. Produces structured output comparing original phrasing with reviewer suggestions to help refine future writing.
oma-market
Market research skill for pain-point extraction, trend detection, competitor positioning, and discovery across community sources (Reddit, HN, Bluesky, Mastodon, GitHub Issues, web). Routes via oma-search transport, deterministic CLI compute, intent-auto SWOT/Porter's 5F/PESTEL frameworks. Use for market research, pain point analysis, trend detection, competitor research, user complaints, voice-of-customer, 시장조사, 사용자 페인, 트렌드, 경쟁구도.
az-cost-optimize
Analyze Azure resources used in the app (IaC files and/or resources in a target rg) and optimize costs - creating GitHub issues for identified optimizations.
azure-devops-cli
Manage Azure DevOps resources via CLI including projects, repos, pipelines, builds, pull requests, work items, artifacts, and service endpoints. Use when working with Azure DevOps, az commands, devops automation, CI/CD, or when user mentions Azure DevOps CLI.
azure-static-web-apps
Helps create, configure, and deploy Azure Static Web Apps using the SWA CLI. Use when deploying static sites to Azure, setting up SWA local development, configuring staticwebapp.config.json, adding Azure Functions APIs to SWA, or setting up GitHub Actions CI/CD for Static Web Apps.
breakdown-plan
Issue Planning and Automation prompt that generates comprehensive project plans with Epic > Feature > Story/Enabler > Test hierarchy, dependencies, priorities, and automated tracking.
breakdown-test
Test Planning and Quality Assurance prompt that generates comprehensive test strategies, task breakdowns, and quality validation plans for GitHub projects.
codeql
Comprehensive guide for setting up and configuring CodeQL code scanning via GitHub Actions workflows and the CodeQL CLI. This skill should be used when users need help with code scanning configuration, CodeQL workflow files, CodeQL CLI commands, SARIF output, security analysis setup, or troubleshooting CodeQL analysis.
create-github-action-workflow-specification
Create a formal specification for an existing GitHub Actions CI/CD workflow, optimized for AI consumption and workflow maintenance.
dependabot
Comprehensive guide for configuring and managing GitHub Dependabot. Use this skill when users ask about creating or optimizing dependabot.yml files, managing Dependabot pull requests, configuring dependency update strategies, setting up grouped updates, monorepo patterns, multi-ecosystem groups, security update configuration, auto-triage rules, or any GitHub Advanced Security (GHAS) supply chain security topic related to Dependabot.
gdpr-compliant
Apply GDPR-compliant engineering practices across your codebase. Use this skill whenever you are designing APIs, writing data models, building authentication flows, implementing logging, handling user data, writing retention/deletion jobs, designing cloud infrastructure, or reviewing pull requests for privacy compliance. Trigger this skill for any task involving personal data, user accounts, cookies, analytics, emails, audit logs, encryption, pseudonymization, anonymization, data exports, breach response, CI/CD pipelines that process real data, or any question framed as "is this GDPR-compliant?". Inspired by CNIL developer guidance and GDPR Articles 5, 25, 32, 33, 35.
gh-cli
GitHub CLI (gh) comprehensive reference for repositories, issues, pull requests, Actions, projects, releases, gists, codespaces, organizations, extensions, and all GitHub operations from the command line.
github-copilot-starter
Set up complete GitHub Copilot configuration for a new project based on technology stack
github-issues
Create, update, and manage GitHub issues using MCP tools. Use this skill when users want to create bug reports, feature requests, or task issues, update existing issues, add labels/assignees/milestones, set issue fields (dates, priority, custom fields), set issue types, manage issue workflows, link issues, add dependencies, or track blocked-by/blocking relationships. Triggers on requests like "create an issue", "file a bug", "request a feature", "update issue X", "set the priority", "set the start date", "link issues", "add dependency", "blocked by", "blocking", or any GitHub issue management task.
issue-fields-migration
Bulk-migrate metadata to GitHub issue fields from two sources: repo labels (e.g. priority labels to a Priority field) and Project V2 fields. Use when users say "migrate my labels to issue fields", "migrate project fields to issue fields", "convert labels to issue fields", "copy project field values to issue fields", or ask about adopting issue fields. Issue fields are org-level typed metadata (single select, text, number, date) that replace label-based workarounds with structured, searchable, cross-repo fields.
meeting-minutes
Generate concise, actionable meeting minutes for internal meetings. Includes metadata, attendees, agenda, decisions, action items (owner + due date), and follow-up steps.
python-pypi-package-builder
End-to-end skill for building, testing, linting, versioning, and publishing a production-grade Python library to PyPI. Covers all four build backends (setuptools+setuptools_scm, hatchling, flit, poetry), PEP 440 versioning, semantic versioning, dynamic git-tag versioning, OOP/SOLID design, type hints (PEP 484/526/544/561), Trusted Publishing (OIDC), and the full PyPA packaging flow. Use for: creating Python packages, pip-installable SDKs, CLI tools, framework plugins, pyproject.toml setup, py.typed, setuptools_scm, semver, mypy, pre-commit, GitHub Actions CI/CD, or PyPI publishing.
secret-scanning
Guide for configuring and managing GitHub secret scanning, push protection, custom patterns, and secret alert remediation. For pre-commit secret scanning in AI coding agents via the GitHub MCP Server, this skill references the Advanced Security plugin (`advanced-security@copilot-plugins`). Use this skill when enabling secret scanning, setting up push protection, defining custom patterns, triaging alerts, resolving blocked pushes, or when an agent needs to scan code for secrets before committing.
sponsor-finder
Find which of a GitHub repository's dependencies are sponsorable via GitHub Sponsors. Uses deps.dev API for dependency resolution across npm, PyPI, Cargo, Go, RubyGems, Maven, and NuGet. Checks npm funding metadata, FUNDING.yml files, and web search. Verifies every link. Shows direct and transitive dependencies with OSSF Scorecard health data. Invoke with /sponsor followed by a GitHub owner/repo (e.g. "/sponsor expressjs/express").
winapp-cli
Windows App Development CLI (winapp) for building, packaging, and deploying Windows applications. Use when asked to initialize Windows app projects, create MSIX packages, generate AppxManifest.xml, manage development certificates, add package identity for debugging, sign packages, publish to the Microsoft Store, create external catalogs, or access Windows SDK build tools. Supports .NET (csproj), C++, Electron, Rust, Tauri, and cross-platform frameworks targeting Windows.
fix-issues
Auto-fix GitHub issues labeled as bugs: fetch open bug issues, analyze feasibility, fix code, and submit PRs. One issue per invocation. Use when: (1) User says "/fix-issues", (2) User asks to fix GitHub issues.
fix-sentry
Auto-fix high-frequency Sentry issues: fetch issues > N occurrences, analyze stack traces, fix code, create GitHub issues, and submit PRs. Supports user feedback issues (event.type "default") with attachment analysis (logs, screenshots) when include_feedback=true. Use when: (1) User says "/fix-sentry", (2) User asks to fix Sentry issues.
oss-pr
Use when creating a pull request, after committing changes, or when user invokes /oss-pr. Covers branch management, quality checks, commit, push, and PR creation.
pr-review
PR Code Review (Local): perform a thorough local code review with full project context. Use when: (1) User asks to review a PR, (2) User says "/pr-review", (3) User wants to review code changes before merging.
check
Run the unified pre-publish quality gate on marketing content — hallucination detection, claim verification, brand voice scoring, structure validation. Use before publishing any marketing copy.
043-planning-github-issues
Use when you need the GitHub CLI (`gh`) to verify installation, list issues (all or by milestone) as markdown tables, fetch issue bodies and comments for analysis, or hand off to @014-agile-user-story when creating user stories from GitHub threads. Uses an interactive install gate — if `gh` is missing, ask whether to show installation guidance before any issue commands. This should trigger for requests such as gh issue list; List GitHub issues; Issues in milestone; GitHub CLI issues; gh issue view comments. Part of cursor-rules-java project
building-cicd-pipelines
This skill enables Claude to generate CI/CD pipeline configurations for various platforms, including GitHub Actions, GitLab CI, and Jenkins. It is used when a user requests the creation of a CI/CD pipeline, specifies a platform (e.g., "GitHub Actions"), or mentions specific pipeline stages like "test," "build," "security," or "deploy." This skill is also useful when the user needs to automate software delivery, integrate security scanning, or set up multi-environment deployments. The skill is triggered by terms such as "CI/CD pipeline," "GitHub Actions pipeline," "GitLab CI configuration," or "Jenkins pipeline."
creating-github-issues-from-web-research
This skill enhances Claude's ability to conduct web research and translate findings into actionable GitHub issues. It automates the process of extracting key information from web search results and formatting it into a well-structured issue, ready for team action. Use this skill when you need to research a topic and create a corresponding GitHub issue for tracking, collaboration, and task management. Trigger this skill by requesting Claude to "research [topic] and create a ticket" or "find [information] and generate a GitHub issue".
yaml-master
PROACTIVE YAML INTELLIGENCE: Automatically activates when working with YAML files, configuration management, CI/CD pipelines, Kubernetes manifests, Docker Compose, or any YAML-based workflows. Provides intelligent validation, schema inference, linting, format conversion (JSON/TOML/XML), and structural transformations with deep understanding of YAML specifications and common anti-patterns.
create-pr
Create a pull request with auto-generated description, issue linking, ROADMAP updates, and PR-metadata validation.
merge-pr
Merge a pull request with status checks, squash merge, and branch cleanup. Handles worktree contexts.
plan-phase
Plan the next PRD phase by drafting issues, creating GitHub issues, and bridging planning to building.
qa-triage
Triage a QA-labeled report — investigate it against the code, classify it, and draft the technical issue(s) it warrants, stopping for approval before creating anything.
resolve-issue
Full issue workflow — fetch details, research, plan solution, implement, and verify.
review-pr
Analyze and report on pull requests with configurable depth (quick, thorough, or security). Read-only.
github-issue-creator
Convert raw notes, error logs, voice dictation, or screenshots into crisp GitHub-flavored markdown issue reports. Use when the user pastes bug info, error messages, or informal descriptions and wants a structured GitHub issue. Supports images/GIFs for visual evidence.
ensure-manifest-docs-consistency
Check consistency of Manifest documentation across all sources (GitHub, website, ClawhHub, npm, skills) against the actual codebase. Produces a dissonance report with tables. Use when the user says "/ensure-manifest-docs-consistency", "check manifest docs", "docs consistency", or wants to audit Manifest documentation for contradictions.
agent-github-modes
Agent skill for github-modes - invoke with $agent-github-modes
agent-github-pr-manager
Agent skill for github-pr-manager - invoke with $agent-github-pr-manager
agent-ops-cicd-github
Agent skill for ops-cicd-github - invoke with $agent-ops-cicd-github
agent-pr-manager
Agent skill for pr-manager - invoke with $agent-pr-manager
agent-project-board-sync
Agent skill for project-board-sync - invoke with $agent-project-board-sync
agent-repo-architect
Agent skill for repo-architect - invoke with $agent-repo-architect
agent-swarm-issue
Agent skill for swarm-issue - invoke with $agent-swarm-issue
agent-swarm-pr
Agent skill for swarm-pr - invoke with $agent-swarm-pr
agent-workflow-automation
Agent skill for workflow-automation - invoke with $agent-workflow-automation
github-workflow-automation
Advanced GitHub Actions workflow automation with AI swarm coordination, intelligent CI/CD pipelines, and comprehensive repository management
ci
Detect/generate/debug CI pipeline config (GitHub Actions, GitLab CI). Triggers: CI setup, build pipeline, GitHub Actions config, debug CI, GitLab CI.
ci-cd-patterns
CI/CD: GitHub Actions, GitLab CI, Jenkins, caching, blue-green, canary. Triggers: CI, CD, pipeline, GitHub Actions, workflow YAML, release, canary, rollout.
babysit
Watch a pull request or review cycle until it is ready to merge. Use when asked to babysit, monitor, or keep checking PR comments, reviews, and CI until all actionable issues are resolved.
agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches AI agents running in CI/CD pipelines, including env var intermediary patterns, direct expression injection, dangerous sandbox configurations, and wildcard user allowlists. Use when reviewing workflow files that invoke AI coding agents, auditing CI/CD pipeline security for prompt injection risks, or evaluating agentic action configurations.
experiment-bridge
Workflow 1.5: Bridge between idea discovery and auto review. Reads EXPERIMENT_PLAN.md, implements experiment code, deploys to GPU, collects initial results. Use when user says "实现实验", "implement experiments", "bridge", "从计划到跑实验", "deploy the plan", or has an experiment plan ready to execute.
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
python-design-patterns
Python design patterns including KISS, Separation of Concerns, Single Responsibility, and composition over inheritance. Use this skill when designing a new service or component from scratch and choosing how to layer responsibilities, when refactoring a God class or monolithic function that has grown too large, when deciding whether to add a new abstraction or live with duplication, when evaluating a pull request for structural issues like tight coupling or leaking internal types, when choosing between inheritance and composition for a new class hierarchy, or when a codebase is becoming hard to test because of entangled I/O and business logic.
sast-configuration
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
golden-jupyter-dir
Use when testing the golden_jupyter_dir golden build
golden-jupyter-kw
Use when testing the golden_jupyter_kw golden build
golden-jupyter-topics
Use when testing the golden_jupyter_topics golden build
skill-builder
Automatically detect source types and build AI skills using Skill Seekers. Use when the user wants to create skills from documentation, repos, PDFs, videos, or other knowledge sources.
address-pr-comments
Use this skill when addressing, responding to, or resolving PR review comments on GitHub pull requests. Triggers on "address PR comments", "respond to review", "handle review feedback", "reply to PR comments", "fix review comments", or when the user wants to process open review threads on their PR. Uses the gh CLI to fetch unresolved comments, make code changes where agreed, and post batch replies with a humble, thankful tone.
ci-cd-pipelines
Use this skill when setting up CI/CD pipelines, configuring GitHub Actions, implementing deployment strategies, or automating build/test/deploy workflows. Triggers on GitHub Actions, CI pipeline, CD pipeline, deployment automation, blue-green deployment, canary release, rolling update, build matrix, artifacts, and any task requiring continuous integration or delivery setup.
cypress-testing
Use this skill when writing Cypress e2e or component tests, creating custom commands, intercepting network requests, or integrating Cypress in CI. Triggers on Cypress, cy.get, cy.intercept, cypress component testing, custom commands, fixtures, cypress-cucumber, and any task requiring Cypress test automation.
agent-orchestrator
Open-source, pluggable agentic coding orchestrator. Manages durable coding agents (Claude Code, Codex, OpenCode) through a simple interface — spawn agents, track progress, and let feedback loops like PR reviews and CI failures automatically route to the right agents. Use for fixing bugs, building features, working on GitHub issues, checking status, and managing agent sessions.
ao-weekly-release
Generate the weekly Agent Orchestrator release notes. Runs every Thursday 10:00 IST from the bot cron, or on-demand. Queries the GitHub API for the latest release, merged PRs, commits, contributors, and star counts, and produces a publishable markdown post in the house style. Output is posted to Discord by the cron job after this skill returns.
bug-triage
Triage bugs reported in chat/issues, search for duplicates, file or update GitHub issues with full context, and push fix PRs.
agent-orchestrator
Open-source, pluggable agentic coding orchestrator. Manages durable coding agents (Claude Code, Codex, OpenCode) through a simple interface — spawn agents, track progress, and let feedback loops like PR reviews and CI failures automatically route to the right agents. Use for fixing bugs, building features, working on GitHub issues, checking status, and managing agent sessions.
azure-artifacts
Expert knowledge for Azure Artifacts development including best practices, decision making, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when managing feeds, upstream sources, package publishing/restore, GitHub Actions CI/CD, or npm/NuGet config, and other Azure Artifacts related development tasks. Not for Azure DevOps (use azure-devops), Azure Pipelines (use azure-pipelines), Azure Repos (use azure-repos), Azure Boards (use azure-boards).
azure-container-apps
Expert knowledge for Azure Container Apps development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when running microservices on Azure Container Apps with Dapr, Java/Spring, GitHub Actions CI/CD, VNets, or GPUs, and other Azure Container Apps related development tasks. Not for Azure App Service (use azure-app-service), Azure Functions (use azure-functions), Azure Kubernetes Service (AKS) (use azure-kubernetes-service), Azure Red Hat OpenShift (use azure-redhat-openshift).
azure-container-instances
Expert knowledge for Azure Container Instances development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, and deployment. Use when configuring ACI networking, standby pools, GitHub Actions deploys, Spot containers, or GPU workloads, and other Azure Container Instances related development tasks. Not for Azure Container Apps (use azure-container-apps), Azure Kubernetes Service (AKS) (use azure-kubernetes-service), Azure App Service (use azure-app-service), Azure Virtual Machines (use azure-virtual-machines).
create-pr
Create high-quality pull requests via gh pr create. Use when the user wants to create a PR, submit a PR, open a pull request, submit for review, or push changes for review. Triggers on: create a pr, create-pr, submit a pr, open a pull request, submit for review, make a pr, gh pr create.
update-pr
Update an existing pull request with new changes. Use when the user wants to update a PR, push follow-up changes to a PR, refresh a PR description, or sync a PR with latest commits. Triggers on: update pr, update-pr, update the pr, push to pr, refresh pr, sync pr, update pull request.
cicd-pipeline-generator
Generate CI/CD pipelines for SDK build and release
daily-article
Research trending topics and write a publication-ready article
ci-cd-pipeline-builder
CI/CD Pipeline Builder
skill-tester
Skill Tester
speckit-taskstoissues
Convert existing tasks into actionable, dependency-ordered GitHub issues for the feature based on available design artifacts.
gh-address-comments
Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.
latex-submission-pipeline
LaTeX submission pipeline: templates, local build (latexmk), bibliography (bibtex/biber), lint (chktex), formatting (latexindent), CI build (GitHub Actions), and submission zip packaging.
speckit-taskstoissues
Convert tasks from tasks.md into GitHub issues. Use after task breakdown to track work items in GitHub project management.
structured-autonomy-plan
Structured Autonomy Planning Prompt
deliver-release-notes
Creates user-facing release notes that communicate new features, improvements, and fixes in clear, benefit-focused language. Use when shipping updates to communicate changes to users, customers, or stakeholders.
playwright-skill
Battle-tested Playwright patterns for writing, debugging, and scaling reliable test suites. Use when you need guidance for E2E, API, component, visual, accessibility, or security testing, plus CI/CD, CLI automation, page objects, and migration from Cypress or Selenium. TypeScript and JavaScript.
code-review
Run a comprehensive code review on local source files. Use this skill when the user asks to review, audit, inspect, evaluate, or check code, even if they never use the word "review." Does not post comments to GitHub pull requests — use post-code-review-to-pr for that. Does not analyze architectural structure or module boundaries — use architectural-analysis for that. Does not capture feedback on Han's own skills — use han-feedback for that.
golden-chat
Use when testing the golden_chat golden build
golden-epub
Use when testing the epub golden build
golden-epub-kw
Use when testing keyword categorization
golden-html
Use when testing the html golden build
golden-html-kw
Use when testing keyword categorization
golden-html-multi
Use when testing the multi-file html build
golden-jupyter
Use when testing the golden_jupyter golden build
golden-pdf
Use when testing the pdf golden build
golden-pdf-ch
Use when testing chapter categorization
golden-pdf-kw
Use when testing keyword categorization
golden-pptx
Use when testing the pptx golden build
golden-pptx-kw
Use when testing keyword categorization
golden-rss
Use when testing the rss golden build
golden-word
Use when testing the word golden build
investigating-repository-history
Investigate GitHub repository history before risky code changes using git blame/log, GitHub PRs, review comments, squash/rebase/cherry-pick/rename heuristics, and cited evidence. Use when asking why code exists, whether a change is safe, what PR introduced behavior, or before editing API, compatibility, security, concurrency, persistence, migration, or performance-sensitive code.
claude-code-review
Use when asked to review a PR, or when /review is invoked with a PR number or URL. Performs a focused code review checking for bugs, security, performance, and test gaps, then posts findings as a PR comment and formal GitHub review.
ci-cd
Design CI/CD pipelines for GitHub Actions, GitLab CI, and CircleCI with matrix builds, test sharding, caching, Docker layer caching, OIDC auth, deployment strategies (rolling, blue-green, canary), auto-rollback, self-hosted runners, and environment protection with manual approvals. Use when user asks to set up CI/CD, write a pipeline, configure GitHub Actions/GitLab CI/CircleCI, automate deployments, or set up build/test/deploy workflows. Do NOT use for Dockerfile authoring (use docker), K8s manifests (use kubernetes), or Terraform config (use terraform).
comprehensive-review
Comprehensive code review using parallel specialized subagents. If a PR URL is provided, fetches PR details and can post comments. If no PR is provided, reviews the diff between the current branch and its base branch plus any uncommitted changes. CRITICAL: this skill is costly, don't use it unless user explicitly requested to use it.
git-workflow
Automate the complete Git development workflow — create feature branches with conventional naming, atomic commits with conventional commit messages, interactive rebase, squash merges, PR body generation from commit history, branch cleanup, and git worktree patterns. Use when user asks to create a branch, commit changes, make a PR, rebase, squash, clean up branches, or follow a Git workflow. Do NOT use for CI/CD pipeline configuration (use ci-cd), code review (use code-review), or GitHub Actions workflows.
portfolio-auto
Auto-sync GitHub repos to portfolio website. Scans GitHub repos, captures screenshots with Playwright, generates project entries, and updates projects-data.js or Supabase DB. Use when user asks to "update portfolio", "sync projects", "add my repos to portfolio", or "refresh portfolio projects". Do NOT use for one-time project additions — batch sync only.
react-native
Build production React Native apps with Expo SDK 53+, Expo Router (file-based navigation), New Architecture (Fabric + TurboModules), FlashList, Reanimated 4, Zustand for state, Hermes, EAS Build, and App Store/Play Store deployment.
caveman-review
Ultra-compressed code review comments. Cuts noise from PR feedback while preserving the actionable signal. Each comment is one line: location, problem, fix. Use when user says "review this PR", "code review", "review the diff", "/review", or invokes /caveman-review. Auto-triggers when reviewing pull requests.
finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work.
agr-release
Release process for the agr package. Handles version bumping (major/minor/patch/beta), changelog updates, pre-release quality checks, git tagging, and monitoring the GitHub Actions publish pipeline. Use this skill whenever the user wants to cut a release, bump the version, publish to PyPI, or asks about the release process — even if they just say "let's ship it" or "time for a new version".
address-github-comments
Use when you need to address review or issue comments on an open GitHub Pull Request using the gh CLI.
codex-review
Professional code review with auto CHANGELOG generation, integrated with Codex AI
context7-auto-research
Automatically fetch latest library/framework documentation for Claude Code via Context7 API
exa-search
Semantic search, similar content discovery, and structured research using Exa API
firecrawl-scraper
Deep web scraping, screenshots, PDF parsing, and website crawling using Firecrawl API
tavily-web
Web search, content extraction, crawling, and research capabilities using Tavily API
issue-triage-ag
How to respond to GitHub issues with insufficient information
issue-triage-cc
How to respond to GitHub issues with insufficient information
issue-triage-cx
How to respond to GitHub issues with insufficient information
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
code-reviewer
Comprehensive code review skill for TypeScript, JavaScript, Python, Swift, Kotlin, Go. Includes automated code analysis, best practice checking, security scanning, and review checklist generation. Use when reviewing pull requests, providing code feedback, identifying issues, or ensuring code quality standards.
gh-fix-ci
Use when a user asks to debug or fix failing GitHub PR checks that run in GitHub Actions; use `gh` to inspect checks and logs, summarize failure context, draft a fix plan, and implement only after explicit approval. Treat external providers (for example Buildkite) as out of scope and report only the details URL.
vscode-release-notes-writer
Guidelines for writing and reviewing Insiders and Stable release notes for Visual Studio Code.
copilot-review
Teach Copilot how to plan, address, and respond to pull request review feedback.
create-github-issues-feature-from-implementation-plan
Create GitHub Issues from implementation plan phases using feature_request.yml or chore_request.yml templates.
create-github-issues-for-unmet-specification-requirements
Create GitHub Issues for unimplemented requirements from specification files using feature_request.yml template.
create-github-pull-request-from-specification
Create GitHub Pull Request for feature request from specification file using pull_request_template.md template.
debugging-workflows
Debug gh-aw workflows using run logs, audits, and failure triage.
dictation-instructions
Instructions for fixing speech-to-text errors and improving text quality in gh-aw documentation and workflows
github-copilot-agent-tips-and-tricks
Practical tips for reviewing and improving Copilot agent PRs.
github-issue-query
Query GitHub issues with jq filtering and reusable selectors.
github-pr-query
Query GitHub pull requests with jq filtering and reusable selectors.
http_mcp_headers
Implement secret-safe HTTP headers for MCP transport in gh-aw.
javascript-refactoring
Split large JavaScript files into maintainable modules safely.
pr-finisher
Prepare an open pull request for merge from a GitHub Copilot cloud agent. Drives Reviews, local validation, and Mergeable to a ready state. Does not merge, and cannot trigger CI.
aws-cloudformation-task-ecs-deploy-gh
Provides patterns to deploy ECS tasks and services with GitHub Actions CI/CD. Use when building Docker images, pushing to ECR, updating ECS task definitions, deploying ECS services, integrating with CloudFormation stacks, configuring AWS OIDC authentication for GitHub Actions, and implementing production-ready container deployment pipelines. Supports ECS deployments with proper security (OIDC or IAM keys), multi-environment support, blue/green deployments, ECR private repositories with image scanning, and CloudFormation infrastructure updates.
docs-updater
Provides automated documentation updates by analyzing git changes between the current branch and the last release tag. Performs git diff analysis to identify modifications, then updates README.md, CHANGELOG.md following Keep a Changelog standard, and discovers documentation folders for contextual updates. Use when preparing a release, maintaining documentation sync, or before creating a pull request. Triggers on "update docs", "update changelog", "sync documentation", "update readme", "prepare release documentation".
github-issue-workflow
Provides a structured 8-phase workflow for resolving GitHub issues in Claude Code. Covers fetching issue details, analyzing requirements, implementing solutions, verifying correctness, performing code review, committing changes, and creating pull requests. Use when user asks to resolve, implement, work on, fix, or close a GitHub issue, or references an issue URL or number for implementation.
nestjs-code-review
Provides comprehensive code review capability for NestJS applications, analyzing controllers, services, modules, guards, interceptors, pipes, dependency injection, and database integration patterns. Use when reviewing NestJS code changes, before merging pull requests, after implementing new features, or for architecture validation. Triggers on "review NestJS code", "NestJS code review", "check my NestJS controller/service".
nextjs-code-review
Provides comprehensive code review capability for Next.js applications, validates Server Components, Client Components, Server Actions, caching strategies, metadata, API routes, middleware, and performance patterns. Use when reviewing Next.js App Router code changes, before merging pull requests, after implementing new features, or for architecture validation. Triggers on "review Next.js code", "Next.js code review", "check my Next.js app".
nextjs-deployment
Provides comprehensive patterns for deploying Next.js applications to production. Use when configuring Docker containers, setting up GitHub Actions CI/CD pipelines, managing environment variables, implementing preview deployments, or setting up monitoring and logging for Next.js applications. Covers standalone output, multi-stage Docker builds, health checks, OpenTelemetry instrumentation, and production best practices.
nx-monorepo
Provides comprehensive Nx monorepo management guidance for TypeScript/JavaScript projects. Use when creating Nx workspaces, generating apps/libraries/components, running affected commands, setting up CI/CD, configuring Module Federation, or implementing NestJS backends within Nx
react-code-review
Provides comprehensive code review capability for React applications, validates component architecture, hooks usage, React 19 patterns, state management, performance optimization, accessibility compliance, and TypeScript integration. Use when reviewing React code changes, before merging pull requests, after implementing new features, or for component architecture validation. Triggers on "review React code", "React code review", "check my React components".
turborepo-monorepo
Provides comprehensive Turborepo monorepo management guidance for TypeScript/JavaScript projects. Use when creating Turborepo workspaces, configuring turbo.json tasks, setting up Next.js/NestJS apps, managing test pipelines (Vitest/Jest), configuring CI/CD, implementing remote caching, or optimizing build performance in monorepos
typescript-docs
Generates comprehensive TypeScript documentation using JSDoc, TypeDoc, and multi-layered documentation patterns for different audiences. Use when creating API documentation, architectural decision records (ADRs), code examples, and framework-specific patterns for NestJS, Express, React, Angular, and Vue.
703-technologies-fuzzing-testing
Use when you need to add or review fuzz testing for Java APIs with CATS — including contract-driven negative testing, malformed payload validation, boundary input exploration, CI integration, reproducible failures, and local execution guidance. Part of the skills-for-java project
aiwg-delivery-pr
AIWG-specific delivery pull request workflow; explicit alias for aiwg-pr, not a generic repository PR guide
chinese-commit-conventions
中文 Git 提交规范 — 适配国内团队的 commit message 规范和 changelog 自动化
finishing-a-development-branch
当实现完成、所有测试通过、需要决定如何集成工作时使用——通过提供合并、PR 或清理等结构化选项来引导开发工作的收尾
aegisops-ai
Autonomous DevSecOps & FinOps Guardrails. Orchestrates Gemini 3 Flash to audit Linux Kernel patches, Terraform cost drifts, and K8s compliance.
agentflow
Orchestrate autonomous AI development pipelines through your Kanban board (Asana, GitHub Projects, Linear). Manages multi-worker Claude Code dispatch, deterministic quality gates, adversarial review, per-task cost tracking, and crash-proof pipeline execution.
agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches. AI agents running in CI/CD pipelines.
code-review-specialist
提供全面的代码审查能力,覆盖安全、性能和代码质量分析。适用于用户请求代码审查、代码质量评估、Pull Request 审查,或提到安全分析和性能优化时。
apm-review-panel
Use this skill to run a multi-persona expert advisory review on a labelled pull request in microsoft/apm. The panel fans out to five mandatory specialists plus a test-coverage specialist (active on every PR that touches src/) plus three conditional specialists (auth, doc-writer, performance-expert), all running in their own agent threads, and a CEO synthesizer. The orchestrator is the sole writer to the PR: ONE recommendation comment, no verdict labels, no merge gating. The panel is advisory -- it surfaces findings, prioritizes follow-ups, and renders a ship-recommendation that the maintainer and author weigh. Activate when a non-trivial PR needs a cross-cutting recommendation (architecture, CLI logging, DevX UX, supply-chain security, growth/positioning, optionally auth, docs, perf, and test coverage, with CEO arbitration).
apm-spec-guardian
Use this skill to run a four-panel adversarial advisory review on any pull request that touches the OpenAPM specification artifact (docs/src/content/docs/specs/openapm-*.md), its inline / sidecar JSON Schemas (docs/src/content/docs/specs/schemas/*.schema.json), or the conformance fixture seed (tests/fixtures/spec-conformance/**). The panel fans out to four spec-ecosystem reviewers (swagger-openapi-editor, oci-distribution-editor, pkgmgr-registry-contract-editor, w3c-tag-architect), each running in its own agent thread, and a spec-editor synthesizer that produces a fold-now / defer-v0.1.1 / defer-v0.2 / reject list plus a ship decision keyed off a 1..10 shocked_meter scale. The orchestrator is the sole writer to the PR: ONE consolidated comment, no verdict labels, no merge gating. The panel is advisory -- it surfaces findings, prioritizes folds, and renders a ship recommendation that the maintainer weighs.
docs-impact-classifier
Use this skill to classify the documentation impact of a pull request diff, returning one of three verdicts -- no-change, in-place edit, or structural change -- with bounded LLM cost. Activate as a sibling skill of docs-sync; the orchestrator calls this first, before any panel spawn, to keep cost floor at 1 LLM call when no docs work is needed. Reads .apm/docs-index.yml as the corpus map; never reads the full corpus.
docs-sync
Use this skill whenever a pull request is opened, reopened, or synchronized in microsoft/apm to assess whether and how the documentation corpus must change to stay truthful with the proposed code change. Activate even when the PR title or body says nothing about docs -- the skill must run on every PR to detect silent drift between code and docs. Classifies impact as no-change, in-place edit (one to a few paragraphs), or structural change (new page or TOC reshape), then orchestrates a CDO + doc-writer + python-architect + editorial-owner + growth-hacker loop to produce a patch-ready advisory. Does NOT review code quality, security, or test coverage. Does NOT auto-merge or auto-push doc edits.
pr-description-skill
Use this skill to write the PR description (PR body) for any pull request opened against microsoft/apm. Produces one self-sufficient GitHub-Flavored Markdown artifact: TL;DR, Problem (WHY), Approach (WHAT), Implementation (HOW), 1-3 validated mermaid diagrams, explicit trade-offs, validation evidence, and a How-to-test section -- with every WHY-claim backed by a verbatim quote from PROSE or Agent Skills. Activate when the user asks to "write a PR description", "draft a PR body", "open a PR", "fill in the PR template", or any equivalent.
shepherd-driver
Use only as the composed drive-to-merge stage of an APM batch orchestrator (batch-bug-shepherd, apm-issue-autopilot) that has already selected ONE open pull request in microsoft/apm. Do NOT use for user-facing requests to triage issues, sweep a queue, or open PRs -- the parent orchestrator owns those. Spawn one shepherd-driver subagent per PR: it classifies copilot-pull-request-reviewer[bot] inline review, runs the apm-review-panel, folds (by default) every recommendation inside the PR's stated scope, pushes to the head branch or a superseding PR that preserves authorship via commit trailers, watches CI to green, and iterates under fixed caps until ready-to-merge, advisory-with-deferred, superseded, or blocked. Also provides the cross-PR conflict-resolution and mergeability-gate phase. This is NOT a standalone entrypoint.
gh-address-comments
Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.
release-post
Create professional package release blog posts following Tidyverse or Shiny blog conventions. Use when the user needs to: (1) Write a release announcement blog post for an R or Python package for tidyverse.org or shiny.posit.co, (2) Transform NEWS/changelog content into blog format, (3) Generate acknowledgments sections with contributor lists, (4) Format posts following specific blog platform requirements. Supports both Tidyverse (hugodown) and Shiny (Quarto) blog formats with automated contributor fetching and comprehensive style guidance.
github-automation
GitHub workflow automation, PR management, issue tracking, and code review coordination. Integrates with GitHub Actions and repository management. Use when: PR creation, code review, issue management, release automation, workflow setup. Skip when: local-only changes, non-GitHub repositories.
devops
DevOps - Docker, CI/CD, cloud infra, monitoring.
caveman-review
Ultra-compressed code review comments. Cuts noise from PR feedback while preserving the actionable signal. Each comment is one line: location, problem, fix. Use when user says "review this PR", "code review", "review the diff", "/review", or invokes /caveman-review. Auto-triggers when reviewing pull requests.
qa
Interactive QA session where user reports bugs or issues conversationally, and the agent files GitHub issues. Explores the codebase in the background for context and domain language. Use when user wants to report bugs, do QA, file issues conversationally, or mentions "QA session".
securing-cloud-and-supply-chain
云原生与软件供应链安全防御。容器/K8s 加固、Service Mesh、CI/CD 安全、SLSA/SBOM/Sigstore、云 IAM、Secrets 管理、IaC 安全。Use when hardening Kubernetes clusters, auditing CI/CD pipelines, implementing supply chain security, managing cloud IAM, or reviewing IaC code.
ci-cd-pipeline
GitHub Actions workflow patterns, matrix builds, caching strategies, deployment pipelines, artifact management, and rollback procedures.
ci-pipeline-patterns
GitHub Actions workflow templates, matrix builds, caching, and monorepo CI strategies
codex-orchestration
OpenAI Codex CLI + Claude Code (Hizir) birlikte kullanim rehberi. Is dagitim pattern'leri, GitHub Actions workflow ornekleri, review dongusu ve iki AI yazilim asistaninin guclu yanlarini birlestiren orchestration stratejileri.
memory-palace
Hierarchical memory organization for multi-session context retention. Wings (projects) > Rooms (domains) > Drawers (decisions). Semantic search across all memories with zero cloud dependency.
golden-chat-empty
Use when testing the golden_chat_empty golden build
golden-chat-single
Use when testing the golden_chat_single golden build
golden-chat-topics
Use when testing the golden_chat_topics golden build
fix-github-issue
Fix a GitHub issue by number. Use when asked to fix GitHub issues.
seo
Deterministic LLM-first SEO audits for websites, blog posts, and GitHub repositories. Use this when the user asks to "perform SEO analysis", "run SEO audit", "analyze SEO", "check technical SEO", "review schema", "Core Web Vitals", "E-E-A-T", "hreflang", "GEO", "AEO", or GitHub repository SEO optimization. For full/page/repo audits, run bundled scripts for evidence and return prioritized, confidence-labeled fixes.
gh-create-pr
Create or update GitHub pull requests using the repository-required workflow and template compliance. Use when asked to create/open/update a PR so the assistant reads `.github/pull_request_template.md`, fills every template section, preserves markdown structure exactly, and marks missing data as N/A or None instead of skipping sections.
gh-pr-review
Automated Cherry Studio code review for local branches, PRs, commits, and files. Use for reviewing code, docs, or pull requests with project-specific checks for DataApi boundaries, service ownership, renderer data hooks, React Hooks, lifecycle services, i18n, UI conventions, and tests. Supports single-agent review with interactive fix selection, or multi-agent deep review with reviewer-verifier adversarial mechanism and risk-based auto-fix.
actions-manager
GitHub Actions command center -- view workflow runs, read logs, re-run failed jobs, manage workflows, and debug CI failures entirely from the editor. Bypasses the deeply nested, visually-dependent Actions UI that is largely inaccessible to screen readers.
github-a11y-scanner
Integration patterns for the GitHub Accessibility Scanner Action (github/accessibility-scanner). Teaches agents how to detect scanner presence, parse scanner-created issues, correlate findings with local scans, and track Copilot-assigned fix status.
github-scanning
GitHub data collection patterns for workflow agents. Covers search query construction by intent, date range handling, repository scope narrowing, preferences.md integration, cross-repo intelligence, parallel stream collection model, and auto-recovery for empty results. Use when building agents that search GitHub for issues, PRs, discussions, releases, security alerts, or CI status.
lighthouse-scanner
Integration patterns for Lighthouse CI accessibility auditing. Teaches agents how to detect Lighthouse CI configuration, parse accessibility audit results, map findings to the standard severity model, correlate with local axe-core scans, and track score regressions.
source-command-track-mentions
Search for new online mentions of the Codex Ultimate Guide and update the tracker
finishing-a-development-branch
Use when implementation is complete, verification has passed, and the user needs to choose merge, PR, branch cleanup, or follow-up integration handling.
code-reviewer
Perform thorough code reviews with actionable, prioritized feedback. Use when a user asks to review code, check code quality, find bugs, review a pull request, audit code for issues, or get feedback on implementation. Covers correctness, security, performance, readability, and best practices across languages.
create-pr
This skill should be used when user asks to "create a PR", "make a pull request", "open PR for this branch", "submit changes as PR", "push and create PR", or explicitly invokes "create-pr".
gh-agent-session
GitHub CLI Agent Session Extension
gh-agent-task
GitHub CLI Agent Task Extension
github-mcp-server
GitHub MCP Server Documentation
chinese-git-workflow
适配国内 Git 平台和团��习惯的工作流规范——Gitee、Coding、极狐 GitLab 全覆盖
gh-fix-ci
Use when a user asks to debug or fix failing GitHub PR checks that run in GitHub Actions; use `gh` to inspect checks and logs, summarize failure context, draft a fix plan, and implement only after explicit approval. Treat external providers (for example Buildkite) as out of scope and report only the details URL.
setup-matt-pocock-skills
Sets up an `## Agent skills` block in AGENTS.md/CLAUDE.md and `docs/agents/` so the engineering skills know this repo's issue tracker (GitHub or local markdown), triage label vocabulary, and domain doc layout. Run before first use of `to-issues`, `to-prd`, `triage`, `diagnose`, `tdd`, `improve-codebase-architecture`, or `zoom-out` — or if those skills appear to be missing context about the issue tracker, triage labels, or domain docs.
layer-new
Scaffold a new layer in a project's docs/layers/ tree following the feature-layer architecture (principle 28). A layer is a bounded concern (security, data, ui, infrastructure, domain) with its own invariants, decisions, gotchas, patterns, and feature narratives. Use when: "create a new layer", "add security layer", "scaffold layer", "start tracking <concern> separately", "/layer-new", "add bounded concern". Operates on the kb-skeleton structure; idempotent -- will not overwrite existing layers.
curate-a-team-library
Use when building a managed team skills library for a real stack. Map work to shelves, browse before curating, write meaningful `whyHere` notes, and create a starter pack once the first pass is solid.
ai-autopilot
Delivers large multi-concern specs and backlog runs autonomously: decomposes specs into sub-specs (or normalizes work items into a backlog DAG), deep-plans with parallel agents, builds a dependency DAG, implements in waves, runs a single final quality loop with one bounded quality-remediation pass (verify+guard+review on full changeset), delivers via PR. Trigger for 'implement spec-NNN end to end', 'autopilot this', 'autonomous delivery', 'decompose and ship', 'run the backlog', 'execute these GitHub issues', 'process the sprint backlog'. Invocation is the approval gate. Not for small or single-concern tasks; use /ai-build instead. Not for ambiguous requirements; use /ai-brainstorm first.
ai-board
Operates the project board (GitHub Projects v2 or Azure DevOps): discovers configuration after install (fields, state mappings, process templates) and syncs work-item state at lifecycle transitions. Trigger for 'set up the board', 'configure our ADO board', 'discover board fields', 'move this issue to in-review', 'update the board', 'mark as in progress', 'sync the work item state'. Two subcommands: `discover` (post-install configuration write) and `sync` (lifecycle state transitions). Auto-invoked via `sync` by /ai-brainstorm, /ai-build, and /ai-pr; fail-open. Not for backlog execution; use /ai-autopilot --backlog instead.
ai-commit
Runs the governed commit pipeline: auto-branches from protected, stages selectively, formats and lints, scans for secrets, gates docs, composes a conventional message, pushes. Trigger for 'commit my changes', 'save my work', 'push this to remote', 'stage these files', 'ship it'. Not for opening a PR; use /ai-pr instead. Not for branch hygiene; use /ai-branch-cleanup instead.
ai-issue
Creates a project work-item (issue / task / story) on the user's configured board: routes by manifest `work_items.provider` (GitHub Projects v2 or Azure DevOps), composes title + body + labels, attaches to the active board, and confirms a clickable link. Trigger for 'open an issue', 'file a bug', 'create a task', 'add this to the backlog', 'log a work item'. Not for upstream framework bugs (use /ai-engineering-issue); not for board configuration (use /ai-board discover); not for committing code (use /ai-commit).
ai-pipeline
Generates, evolves, and validates CI/CD pipelines for GitHub Actions or Azure Pipelines, enforcing SHA pinning, timeouts, secret handling, and concurrency policy. Trigger for 'set up CI/CD', 'add a deployment pipeline', 'is this workflow secure', 'check workflow policy', 'add a security scan to CI'. Not for running pipelines; that is the CI system's job. Not for governance audits; use /ai-governance instead.
ai-pr
Creates and updates pull requests with governance: runs the commit pipeline, enforces pre-push gates, generates structured PR body from spec, watches and fixes CI until merged. Trigger for 'open a PR', 'submit this for review', 'I am ready for review', 'merge this into main', 'draft PR', 'update the PR'. Not for commit-only flows; use /ai-commit instead. Not for narrative review; use /ai-review instead.
ai-sprint
Manages sprint lifecycle: plans a new sprint from backlog, runs data-driven retros comparing planned vs shipped, checks mid-sprint goal status, generates sprint review presentations. Works with GitHub Projects and Azure DevOps. Trigger for 'start sprint planning', 'kick off the sprint', 'lets do the retro', 'what did we deliver last sprint', 'sprint goals check', 'generate the sprint review deck'. Not for daily standup; use /ai-standup instead. Not for solo PR retro; use /ai-learn instead.
review-pr
Review a pull request (GitHub) or merge request (GitLab) and provide detailed feedback
devopsdeployment-process
部署流程和CI/CD配置,确保安全可靠的部署
aios-devops
GitHub Repository Manager & DevOps Specialist (Gage). Use for repository operations, version management, CI/CD, quality gates, and GitHub push operations. ONLY agent authorized...
yeet
Use only when the user explicitly asks to stage, commit, push, and open a GitHub pull request in one flow using the GitHub CLI (`gh`).
github-labels-query
List GitHub repository labels with per_page pagination support.
github-script
Write robust JavaScript for GitHub Actions github-script steps.
github-workflows-query
List GitHub Actions workflows with per_page pagination support.
go-linters
Add and validate custom Go analysis linters in gh-aw.
pr-to-go-linter
Generate a new pkg/linters analyzer from a merged or open PR pattern.
workflow-step-summaries
Write clear GitHub Actions step summaries with progressive disclosure.
daily-brief
Operational knowledge for the daily-brief digest pipeline (this project). RSS/API fetchers, pluggable LLM enrichment (default claude CLI on Max; also anthropic/openai/deepseek/minimax API), trading section, HTML rendering, cross-platform scheduler integration (Windows Task Scheduler / macOS launchd / Linux cron). Load when the user asks about running daily / regenerating sections / debugging a failed run / adding or disabling sources / LLM quota / scheduler / why a tab shows wrong data / why a source failed / switching LLM backend. Always prefer the documented npm commands over re-implementing logic. Diagnose by reading logs/daily-*.log first, then logs/llm-calls.jsonl for LLM-side issues.
address-github-comments
Use when you need to address review or issue comments on an open GitHub Pull Request using the gh CLI.
app-store-deployment
Publishes mobile applications to iOS App Store and Google Play with code signing, versioning, and CI/CD automation. Use when preparing app releases, configuring signing certificates, or setting up automated deployment pipelines.
cloudflare-workers-ci-cd
Complete CI/CD guide for Cloudflare Workers using GitHub Actions and GitLab CI. Use for automated testing, deployment pipelines, preview environments, secrets management, or encountering deployment failures, workflow errors, environment configuration issues.
code-review
Code review practices with technical rigor and verification gates. Use for receiving feedback, requesting code-reviewer subagent reviews, or preventing false completion claims in pull requests.
ai-adaptive-learning-master
AI自适应学习 (AI Adaptive Learning) Master OS — automated mastery of AI Adaptive Learning: top builders' mental models, tool stack, current workflows, jargon, and where to keep up. Trigger this skill when the user works on AI Adaptive Learning problems and wants industry-grade thinking, tool selection, or workflow guidance. 触发词:「自适应学习」「智能诊断」「自适应题库」「学习路径规划」「知识追踪」
gh-pr-review
Run a full pull request review and post review comments directly to the current branch's GitHub PR. Requires the gh CLI to be installed and a PR to already exist for the current branch. Use when you want review feedback posted to GitHub as PR comments. For local code review without posting to GitHub, use code-review instead. Does not write or update PR descriptions — use update-pr-description for that.
han-feedback
Capture structured feedback on the Han skills and agents used in the current session and optionally post it as a GitHub issue to testdouble/han. Use at the end of any session where one or more han.* skills or agents ran, to rate a run, log what worked and what didn't, or submit observations for maintainers. Does not review code, investigate bugs, or research options; use code-review, investigate, or research for those. Does not provide feedback on skills or agents from non-Han plugins.
han-release
Cut a Han release: update CHANGELOG.md with the changes since the last release, bump every plugin that changed, tag the suite version vX.Y.Z, and publish a GitHub release whose notes attribute every merged pull request to its author, credit every closed issue to the person who opened it, the people who contributed to it, and the people who worked on the fix, and link back to the full changelog for that version. Han ships as a parent meta-plugin (`han`) plus child plugins (`han.core`, `han.github`, `han.reporting`, and any future `han.*` extension); the skill versions each plugin independently. Use when releasing, cutting a release, shipping a new Han version, publishing release notes, or tagging a version. Reads each plugin's target version from its plugin.json; when a plugin has not been bumped past the latest tag yet, it proposes a semantic-versioning bump and confirms the whole plan before continuing. Requires the gh CLI, jq, and a clean git checkout. This is a repository-maintenance skill for the Han repo
post-code-review-to-pr
Run a full pull request review and post review comments directly to the current branch's GitHub PR. Requires the gh CLI to be installed and a PR to already exist for the current branch. Use when you want review feedback posted to GitHub as PR comments. For local code review without posting to GitHub, use code-review instead. Does not write or update PR descriptions — use update-pr-description for that.
update-pr-description
Generate a PR description from the current branch's changes against a GitHub PR, using the gh CLI. Use when writing, drafting, or updating pull request descriptions, PR summaries, or PR bodies. Requires the gh CLI to be installed and a PR to already exist for the current branch. Does not review code or post review comments — use code-review for local review or gh-pr-review for posting a review to GitHub.
create-pr
Create a GitHub pull request with a drafted title and description. Use when the user asks to "create a PR", "create a pull request", "open a PR", or "submit a PR".
fetch-pr-comments
Fetch and summarize unresolved GitHub PR review comments without making changes. Use when the user asks to "fetch PR comments", "show PR comments", "check PR for unresolved comments", "list review comments", "what comments are on the PR", "show unresolved threads", or "summarize PR feedback".
pick-next-issue
Fetch and rank open GitHub issues by community engagement, present the top 3 candidates, and plan implementation for the selected issue. Use when the user asks to "pick next issue", "next issue", "which issue should I work on", "top issues", "most popular issues", "prioritize issues", or "what should I work on next".
reply-to-pr-conversation
Draft, confirm, and post a single conversational reply to GitHub PR conversation comments (issue comments). The reply addresses all tracked items in one natural-prose message. Use when the user asks to "reply to PR conversation", "post PR conversation replies", or "draft PR conversation messages".
reply-to-pr-threads
Draft, confirm, and post replies to GitHub PR review threads. Handles per-category reply formatting, re-fetches thread resolution state so auto-resolved threads are skipped, and posts via GraphQL. Use when the user asks to "reply to PR threads", "post PR thread replies", or "draft PR reply messages".
resolve-pr-comments
Evaluate, fix, answer, and reply to GitHub pull request review comments. Handles both change requests (fix or skip) and reviewer questions (explain using reasoning recalled from past Claude Code transcripts). Use when the user asks to "resolve PR comments", "fix review comments", "address PR feedback", "handle review comments", "address review feedback", "respond to PR comments", "answer review questions", or "address code review".
update-pr
Update an existing GitHub pull request's title and description to reflect the current state of the branch. Use when the user asks to "update the PR", "update PR description", "update PR title", "refresh PR description", or "sync PR with changes".
golden-man
Use when testing the man golden build
golden-man-kw
Use when testing the man golden build
golden-man-single
Use when testing the man golden build
golden-rss-empty
Use when testing the empty rss golden build
peekaboo-driver
Use this skill when driving native-UI AX-tree snapshots and screenshots via steipete/peekaboo (MIT, macOS-only). Dispatched by `skills/test-runner/` to capture native-UI AX-tree snapshots + screenshots on macOS 15+ targets, and exits with deterministic JSON output the orchestrator can parse.
speckit-taskstoissues
Convert existing tasks into actionable, dependency-ordered GitHub issues for the feature based on available design artifacts.
ccpm
CCPM - spec-driven project management: PRD → Epic → GitHub Issues → parallel agents → shipped code. Use this skill for anything in the software delivery lifecycle: writing a PRD ('write a PRD for X', 'let's plan X', 'scope this out'), parsing a PRD into an epic, decomposing an epic into tasks, syncing to GitHub ('sync the X epic', 'push tasks to github'), starting work on an issue ('start working on issue N', 'let's work on issue N'), analyzing parallel work streams, running standups ('standup', 'run the standup'), checking status ('what's next', 'what's blocked', 'what are we working on'), closing issues, or merging an epic. Use ccpm any time the user is talking about shipping a feature, managing work, or tracking progress — even if they don't say 'ccpm' or 'PRD'. Do NOT use for: debugging code, writing tests, reviewing PRs, or raw GitHub issue/PR operations with no delivery context.
operational-excellence
Assess a workload's operational excellence posture against the Well-Architected Operational Excellence pillar, covering organization, preparation, operation, and evolution. Use this skill when evaluating CI/CD practices, observability, incident management, runbook coverage, or operational maturity.
integrations
Use BEFORE recommending or installing any third-party SaaS SDK for email (Resend, SendGrid, Postmark, Mailgun), SMS (Twilio), messaging (Slack), calendar (Google Calendar), CRM (HubSpot, Salesforce), docs (Notion), or project management (Linear, GitHub). Butterbase covers most of these via manage_integrations (Composio-backed) — check first.
check-ci
Check GitHub Actions CI results for the current branch. Shows job statuses, failed test output, and lint errors. If failures are found, automatically diagnoses and fixes the issues, then commits and pushes.
review-pr
This skill should be used when user asks to "review a PR", "review pull request", "review this pr", "code review this PR", "check PR
cpr-review
Review an incoming PR. Use when someone opens a PR against your project. Checks architecture, security, tests, and antipatterns.
contributor
End-to-end open source contribution workflow: from scanning issues to submitting PRs. Use this skill whenever the user wants to contribute to an open source project, find issues to fix, submit a pull request, fork a repo to contribute, fix a GitHub issue, or mentions 'open source contribution'. Also trigger when they provide a GitHub repo URL and ask about contributing, say things like 'help me submit a PR', 'find good first issues', 'I want to contribute to X', or mention fixing bugs in someone else's project.
devops-excellence
DevOps and CI/CD expert. Use when setting up pipelines, containerizing applications, deploying to Kubernetes, or implementing release strategies. Covers GitHub Actions, Docker, K8s, Terraform, and GitOps.
yeet
Use only when the user explicitly asks to stage, commit, push, and open a GitHub pull request in one flow using the GitHub CLI (`gh`).
review-pr
Comprehensive PR review -- full branch diff against base, commit-by-commit analysis, breaking change detection, conventional commit verification.
bounty-hunter
Find, evaluate, and submit online bounties and hackathons for prize money. Use when user mentions "bounties", "hackathon", "earn money", "Superteam Earn", "prize money", "submissions", "freelance bounties", or asks to find paid opportunities. Covers discovery, eligibility filtering, content drafting, and submission workflows.
jules
Delegate coding tasks to Google Jules AI agent for asynchronous execution. Use when user says: 'have Jules fix', 'delegate to Jules', 'send to Jules', 'ask Jules to', 'check Jules sessions', 'pull Jules results', 'jules add tests', 'jules add docs', 'jules review pr'. Handles: bug fixes, documentation, features, tests, refactoring, code reviews. Works with GitHub repos, creates PRs.
corp-new
Use when creating, verifying, or registering a private corp-* department repository for a founder or company operating system, including local repo setup, GitHub repository creation or cloning, safe synchronization, and registration in an HQ Markdown file.
gh-issues
Use when creating, searching, updating, or managing GitHub issues via CLI. Triggers: "issue", "create issue", "gh issue", "task tracking", "context", "handoff", "resume task", "session context", "save progress", "active tasks", "in-progress", "my tasks", "open issues". Covers: gh commands, bulk operations, JSON/jq, search filters, issue-to-PR workflow, AI session context storage, task workflow with labels.
manager
Use when need to sync session work into GitHub issues OR query status of an existing track across repos. Two modes — write (end-of-session sync: find issues, update, create with parent epic + W-label) and read (status lookup across repos). Triggers on "/manager", "sync session", "обнови issues", "синкни сессию", "зафиксируй прогресс", "статус задачи", "что по <track>", "есть ли issue по", "track status", "what about <track>".
weekly-retro
Use when conducting weekly retrospective, reviewing past week, or when user says "retro", "weekly retro", "week review". Triggers at end of week or start of new week.
pm-user-stories
Разбивает Epic или крупное требование на независимые User Stories с acceptance criteria в формате Given-When-Then, проверкой по INVEST и оценкой Story Points (Fibonacci или T-shirt). На выходе — Story Map с предложением по Sprint-планированию. User-invoked only — do NOT auto-trigger. Triggers on /pm-user-stories, "разбей на user stories", "разбить эпик", "story map", "AC", "acceptance criteria", "break down into user stories", "split this epic", "write user stories".
product-data-audit
Use when auditing a product, business, or project ecosystem — analyzing data sources, decision loops, bottlenecks, and implementation contours. Triggers on "аудит продукта", "product audit", "data audit", "аудит данных", "аудит бизнеса", "проанализируй экосистему", "аудит систем".
task-routing
Use when creating GitHub issues, adding tasks to backlog, or when unsure which repo/project an issue belongs to. Triggers on "создай задачу", "issue", "добавь в бэклог", "task routing", "куда положить задачу".
gh-cli
Enforces authenticated gh CLI workflows over unauthenticated curl/WebFetch patterns. Use when working with GitHub URLs, API access, pull requests, or issues.
vellum-test-selection
Select focused verification commands for Vellum Assistant changes. Use when deciding what tests, typechecks, lints, or smoke checks to run after editing this repository, especially before commits and pull requests.
alterlab-link-health
Audits and repairs Markdown link health across a skills repo via a four-tier pipeline (config hardening, intra-repo file-ref fixes, external URL substitutions, residual exclusions) and enforces a Tier 3 substitution guardrail that prevents regressions of previously-passing links; designed for lychee-based GitHub Actions link checkers but generalizes to markdown-link-check and similar tools. Use when the request mentions link audit, dead links, link health, lychee, broken links, link checker, markdown link audit, link-health audit, 404 audit, check-links failing, CI link-check, or 連結健檢, 死鏈, 失效連結, 斷鏈檢查. Part of the AlterLab Academic Skills suite.
ci-accessibility
CI/CD accessibility agent. Sets up, manages, and troubleshoots accessibility CI pipelines. Supports baseline management, SARIF output, PR annotations, and threshold configuration. Works with GitHub Actions, Azure DevOps, GitLab CI, CircleCI, and Jenkins.
diff-visual
Visualize git diffs as interactive HTML reports with architecture diagrams and change analysis. Use when asked to visualize, review, or summarize a diff, branch, commit, or PR. Accepts branch names, commit hashes, HEAD, PR numbers, or commit ranges.
ide-review
Deep PR review using IDE bridge LSP and GitHub tools. Analyzes diffs with code intelligence — follows definitions, checks references, inspects types, runs diagnostics, and posts structured review comments.
deploying-infra
Validate infrastructure changes and, after explicit confirmation, apply Terraform, Helm, Kustomize, or Kubernetes deployments. Use when the user says "deploy", "deploy to staging", "terraform apply", "helm upgrade", "kubectl apply", "rollout", "deploy check", "validate deployment", or "validate infrastructure". Dockerfiles and GitHub Actions are validate-only here. NOT for ongoing service troubleshooting, cloud inspection, rollback investigation, or authoring infra from scratch; use operating-infra for those.
managing-infra
Infrastructure patterns for Kubernetes, Terraform, Helm, Kustomize, and GitHub Actions. Use when making K8s architectural decisions, choosing between Helm vs Kustomize, structuring Terraform modules, writing CI/CD workflows, or applying security best practices. NOT for cloud CLI commands (see using-cloud-cli) or deploy validation and apply workflows (see deploying-infra).
create-pr
Create a pull request (GitHub) or merge request (GitLab) from the current branch
eforge-build
Enqueue a source for the eforge daemon to build — PRD file, inline description, or conversation context. Use when the user wants to hand work off to eforge.
eforge-workflow
Set up or reconfigure the eforge workflow preset — landing action, stacking, PR settings, and automatic stack sync
create-pr
create a pull request with standardized description template
github-fix-issue
Fix GitHub issues end-to-end — from analysis through branch creation, implementation, testing, and PR submission. Use this skill whenever the user mentions fixing a GitHub issue, resolving a bug from an issue tracker, working on a GitHub issue number, or says things like "fix issue
github-review-pr
Review GitHub pull requests with detailed, multi-perspective code analysis using parallel subagents. Use this skill whenever the user wants to review a PR, asks for code review on a pull request, mentions "review PR", "check this PR", "look at pull request", or references a PR number or GitHub PR URL. Also trigger when the user wants feedback on code changes, wants to approve or request changes on a PR, or asks to review someone's contribution.
my-pull-requests
List my pull requests in the current repository
vulnerability-scanning
Automated security scanning for dependencies, code, containers with Trivy, Snyk, npm audit. Use for CI/CD security gates, pre-deployment audits, compliance requirements, or encountering CVE detection, outdated packages, license compliance, SBOM generation errors.
playwright-ci
Production-ready CI/CD configurations for Playwright — GitHub Actions, GitLab CI, CircleCI, Azure DevOps, Jenkins, Docker, parallel sharding, reporting, code coverage, and global setup/teardown.
review-pr
Review a pull request by fetching PR comments and running a comprehensive code review with evaluation. Use when the user asks to "review PR", "review pull request", "review this PR", "check PR before merging", or "full PR review".
devops
DevOps patterns: containerization, CI/CD, deployment strategies, monitoring. Use when containerizing apps, setting up pipelines, or deploying services.
git
Git version control best practices: branching, commits, merging, conflict resolution, PR workflows. Use when managing branches, creating commits, merging code, or resolving conflicts.
gh-merge
将当前分支合并到 GitHub 目标分支(通常是 main)。 自动处理代码提交、创建 PR、监控 CI Checks、处理错误直到合并成功。
ops-secret-sync
Detects and syncs Doppler→GitHub secrets drift. Compares last-updated timestamps between Doppler and GH repo secrets; flags stale GH secrets (>24h behind Doppler); confirms with user before writing any changes. Safe to run in CI or locally.
ops-triage
Cross-platform issue triage. Pulls from Sentry (MCP), Linear (MCP), GitHub Issues (gh). Cross-references against code to find already-fixed issues. Auto-resolves fixed ones. Dispatches agents for active issues.
bitbucket-workflow
Bitbucket best practices for pull requests, Pipelines CI/CD, Jira integration, and Atlassian ecosystem workflows
nuxt-content
Use when working with Nuxt Content v3, markdown content, or CMS features in Nuxt - provides collections (local/remote/API sources), queryCollection API, MDC rendering, database configuration, NuxtStudio integration, hooks, i18n patterns, and LLMs integration
ai-code-cleanup
Remove AI-generated code slop from branches. Use after AI-assisted coding sessions to clean up defensive bloat, unnecessary comments, type casts, and style inconsistencies. Focuses on identifying and removing AI artifacts that degrade code quality.
ci
Diagnoses and fixes CI/CD pipeline failures. Use when user mentions 'CI', 'GitHub Actions', 'GitLab CI', 'ビルドエラー', 'テスト失敗', 'パイプライン', 'CIが落ちた', or asks to analyze build/test failures. Do NOT load for: ローカルビルド, 通常の実装作業, レビュー, セットアップ.
ci-pipeline-setup
Set up CI/CD pipelines with GitHub Actions. Use when creating new projects, adding automation, or when manual verification becomes bottleneck. Covers lint, test, build, deploy automation.
code-review-playbook
Use this skill when conducting or improving code reviews. Provides structured review processes, conventional comments patterns, language-specific checklists, and feedback templates. Ensures consistent, constructive, and thorough code reviews across teams.
dependency-security
Enforce dependency security scanning and SBOM generation. Use when adding dependencies, reviewing package.json, or during security audits. Covers OWASP dependency check, npm audit, and supply chain security.
devops-deployment
CI/CD pipelines, containerization, Kubernetes, and infrastructure as code patterns
docker-expert
Docker containerization expert with deep knowledge of multi-stage builds, image optimization, container security, Docker Compose orchestration, and production deployment patterns. Use PROACTIVELY for Dockerfile optimization, container issues, image size problems, security hardening, networking, and orchestration challenges.
reviewdog
Automated code review and security linting integration for CI/CD pipelines using reviewdog. Aggregates findings from multiple security and quality tools (SAST, linters, formatters) into unified code review comments on pull requests. Use when: (1) Integrating security scanning into code review workflows, (2) Automating security feedback on pull requests, (3) Consolidating multiple tool outputs into actionable review comments, (4) Enforcing secure coding standards in CI/CD pipelines, (5) Providing inline security annotations during development.
sast-horusec
Multi-language static application security testing using Horusec with support for 18+ programming languages and 20+ security analysis tools. Performs SAST scans, secret detection in git history, and provides vulnerability findings with severity classification. Use when: (1) Analyzing code for security vulnerabilities across multiple languages simultaneously, (2) Detecting exposed secrets and credentials in git history, (3) Integrating SAST into CI/CD pipelines for secure SDLC, (4) Performing comprehensive security analysis during development, (5) Managing false positives and prioritizing security findings.
sast-semgrep
Static application security testing (SAST) using Semgrep for vulnerability detection, security code review, and secure coding guidance with OWASP and CWE framework mapping. Use when: (1) Scanning code for security vulnerabilities across multiple languages, (2) Performing security code reviews with pattern-based detection, (3) Integrating SAST checks into CI/CD pipelines, (4) Providing remediation guidance with OWASP Top 10 and CWE mappings, (5) Creating custom security rules for organization-specific patterns, (6) Analyzing dependencies for known vulnerabilities.
when-automating-github-actions-use-workflow-automation
Advanced GitHub Actions workflow automation with AI swarm coordination, intelligent CI/CD pipelines, and comprehensive repository management. Coordinates cicd-engineer, workflow-automation, tester, and security-auditor agents through mesh topology to create, optimize, and maintain GitHub Actions workflows. Handles workflow generation, performance optimization, security hardening, matrix testing strategies, and workflow debugging. Use when building CI/CD pipelines, optimizing existing workflows, or establishing automation standards.
when-managing-multiple-repos-use-github-multi-repo
Multi-repository coordination, synchronization, and architecture management with AI swarm orchestration. Coordinates repo-architect, code-analyzer, and coordinator agents across multiple repositories to maintain consistency, propagate changes, manage dependencies, and ensure architectural alignment. Handles monorepo-to-multi-repo migrations, cross-repo refactoring, and synchronized releases. Use when managing microservices, multi-package ecosystems, or coordinating changes across related repositories.
when-reviewing-code-comprehensively-use-code-review-assistant
Comprehensive PR review with multi-agent swarm specialization for security, performance, style, tests, and documentation
when-reviewing-github-pr-use-github-code-review
Comprehensive GitHub pull request code review using multi-agent swarm with specialized reviewers for security, performance, style, tests, and documentation. Coordinates security-auditor, perf-analyzer, code-analyzer, tester, and reviewer agents through mesh topology for parallel analysis. Provides detailed feedback with auto-fix suggestions and merge readiness assessment. Use when reviewing PRs, conducting code audits, or ensuring code quality standards before merge.
when-reviewing-pull-request-orchestrate-comprehensive-code-revie
Use when conducting comprehensive code review for pull requests across multiple quality dimensions. Orchestrates 12-15 specialized reviewer agents across 4 phases using star topology coordination. Covers automated checks, parallel specialized reviews (quality, security, performance, architecture, documentation), integration analysis, and final merge recommendation in a 4-hour workflow.
gh-actions
Use when creating GitHub Actions workflows, release automation, checksums, signing, or CI/CD.
gh-cli
GitHub CLI (gh) for repos, issues, PRs, actions, releases. Use when working with GitHub or running gh commands.
gh-triage-ru
GitHub issue/PR triage via ru and gh. Use when processing issues, closing PRs (no-contributions policy), or bulk triage. Independent verification required.
research-software
Research software tools via source code, GitHub, web. Use when creating skills, learning new tools, finding undocumented features, or bleeding-edge patterns.
hunt-cicd
Hunt CI/CD pipeline vulnerabilities — GitHub Actions workflow injection (pull_request_target Pwnrequest + ${{ }}-into-shell), self-hosted runner poisoning, OIDC trust-policy abuse, Jenkins script-console RCE and CVE-2024-23897 file read, GitLab CI runner-token registration, Terraform state file leakage, artifact/log secret leakage, pipeline env-var disclosure. Use when target has a public GitHub/GitLab org, exposed CI dashboards (Jenkins/TeamCity/Drone/Argo), or build artifacts/images are reachable.
hunt-graphql
Hunting skill for graphql vulnerabilities. Built from 12 public bug bounty reports across IDOR via node() / GID, mutation IDOR including AI/LLM features, cross-tenant IDOR, SSRF via argument, batching-DoS, query-cost-bypass, SQLi via argument, broken-object-level-authz, auth-bypass via unscoped mutations, and PII exposure from missing field-level authz. Use when hunting graphql on any target.
git-pr-review
当用户明确要求“review 某个 GitHub PR”“评估某个 pull request 是否值得 merge”“帮我判断这个 PR 怎么处理”时使用。基于用户提供的 GitHub 仓库地址、PR 编号/链接和补充说明,进行只读、证据驱动的 PR 审查:理解 PR 解决的问题、评估方案优劣与局限、默认优先使用内置“好 PR”标准并在必要时联网补充、识别恶意或高风险改动,并输出是否建议 merge 的 Markdown 决策报告。⚠️ 不适用:用户要你直接修改 PR 代码、直接 merge PR、或在本地执行 PR 分支中的不可信代码。
git-workflow
Git 工作流专家。规范化版本控制,确保提交历史清晰可追溯。支持 Conventional Commits 规范、Pull Request 最佳实践、分支管理策略和自动化工作流。
drift-detection
Detect, classify, and automate Terraform drift detection in CI — scheduled plans, drift metrics, cloud-native audit log correlation.
github-actions-patterns
Production-grade GitHub Actions workflows — reusable workflows, OIDC cloud auth, caching, matrix builds, and environment protection rules. Use when the user creates, reviews, or debugs CI/CD pipelines in .github/workflows, or asks about GitHub Actions deployment, OIDC authentication, or workflow optimization.
secret-detection
Detect secrets in code, git history, and running containers — pre-commit hooks, CI scanning, and incident response for exposed credentials.
sigstore-signing
Sign container images and artifacts with cosign (keyless via OIDC and key-based); verify signatures in CD pipelines and admission policies.
roll-.dream
Nightly code and architecture health scan. Passively triggered by scheduler (cron or GitHub Actions), not invoked by users directly. Detects dead code, architectural drift from domain model, pruning candidates, emerging patterns, doc coverage gaps, and doc staleness (文档新鲜度). Outputs REFACTOR entries to .roll/backlog.md and a daily log to .roll/dream/. Distinct from roll-sentinel: sentinel monitors runtime behavior; dream reviews code structure and architectural health.
git-flow-master
End-to-end Git operator for any branching strategy. Auto-detects the project's strategy (solo-main, main+integration, enterprise multi-branch, trunk-based, GitFlow, GitHub Flow, GitLab Flow, SDET integration-trunk for chained test-automation suites) from .git config, branches, and an CLAUDE.md marker, then adapts every commit, branch, push, PR, conflict-fix, and chained-PR action to that strategy. Use this skill whenever the user wants to: create a branch (`crear branch`, `new feature branch`, `start work on UPEX-123`), commit changes (`commit this`, `commitear esto`, `make a commit`, `commit and push`), push code (`push`, `push to main`, `push to staging`, `subir cambios`), open a pull request (`create PR`, `open PR`, `abrir PR`, `crear pull request`, `gh pr create`), fix merge conflicts (`fix conflict`, `resolver conflicto`, `merge conflict`, `rebase conflict`, `push rejected`), plan stacked or chained PRs (`stack of PRs`, `chained PRs`, `split this PR`, `PR demasiado grande`), set up an isolated git worktr
regression-testing
Execute regression test suites via CI/CD, analyze results, classify failures, and produce GO/NO-GO release decisions. Use when running regression, smoke, or sanity suites through GitHub Actions, monitoring workflow runs, downloading Allure or Playwright artifacts, classifying failures (REGRESSION vs FLAKY vs KNOWN vs ENVIRONMENT vs NEW TEST), computing pass-rate and trend metrics, deciding release readiness, generating executive quality reports, or creating regression issues. Triggers on: run regression, trigger test workflow, analyze test results, quality report, GO/NO-GO decision, release readiness, flaky tests, Allure report, smoke suite, pass rate, nightly test failure, stage 6. Do NOT use for writing new regression tests (that belongs to test-automation) or for manual fix verification (that belongs to sprint-testing).
release
Cut a new release by triggering the Release workflow via GitHub Actions workflow dispatch.
vellum-pr-readiness
Prepare Vellum Assistant branches for review by checking git hygiene, PR scope, tests, docs, migrations, Linear linking, and companion repo needs. Use before creating a pull request, splitting work into PRs, or asking whether a branch is ready.
gha
Analyze GitHub Actions failures and identify root causes
checkpoint-resume
Rate-limit-resilient pipeline with checkpoint/resume for long multi-phase sessions. Saves progress to .claude/pipeline-state.json after each phase. Use when starting a complex multi-phase task that risks hitting rate limits, when resuming an interrupted session, or when orchestrating work spanning commits, GitHub issues, and large file changes.
ci-debug
Diagnose a failing CI run against a 10-pattern playbook. Classifies the failure, cites the relevant memory entry, proposes the exact fix command — but NEVER applies without explicit user approval. Use when a specific PR check or GitHub Actions run failed and you want a diagnosis instead of speculation. Don't use for org-wide CI sweeps (that's /status) or for app-level test failures (the playbook is CI-infra-specific).
code-review-playbook
Use this skill when conducting or improving code reviews. Provides structured review processes, conventional comments patterns, language-specific checklists, and feedback templates. Use when reviewing PRs or standardizing review practices.
create-pr
Creates GitHub pull requests with pre-flight validation, conventional title formatting, and structured summary generation. Runs parallel checks (tests, lint, type-check, security) before opening. Supports feature, bugfix, refactor, and hotfix PR types with milestone assignment via gh CLI. Use when opening PRs or submitting code for review.
design-ship
End-to-end Claude Design handoff to pull request: imports a handoff bundle from claude.ai/design, generates Storybook stories and Playwright tests, runs diff-aware browser verification, and opens a PR with the bundle URL, before/after screenshots, and coverage delta embedded in the body. The one-shot 'design URL in, reviewable PR out' workflow. Use when a designer or PM hands you a Claude Design URL and you want a PR back without intermediate steps.
devops-deployment
Use when setting up CI/CD pipelines, containerizing applications, deploying to Kubernetes, or writing infrastructure as code. DevOps & Deployment covers GitHub Actions, Docker, Helm, and Terraform patterns.
feedback
Manages OrchestKit learning system including feedback status, usage pattern tracking, and privacy/analytics consent. Supports pause/resume learning, data export, privacy policy display, and bug reporting. Tracks learned patterns and agent performance metrics. Use when reviewing learned patterns, pausing learning, or managing data consent.
fix-issue
Fixes GitHub issues using parallel analysis agents for root cause investigation, code exploration, and regression detection. Reads issue context from gh CLI, searches codebase and memory for related patterns, generates a fix with tests, and links the resolution back to the issue via PR. Includes prevention analysis to avoid recurrence. Use when debugging errors, resolving regressions, fixing bugs, or triaging issues.
github-operations
GitHub CLI operations for issues, PRs, milestones, and Projects v2. Covers gh commands, REST API patterns, and automation scripts. Use when managing GitHub issues, PRs, milestones, or Projects with gh.
repo-explorer
Explore and analyze any repository (local path or remote GitHub/GitLab URL) by delegating to Claude Code CLI (`claude -p`) in non-interactive mode with read-only access. Use when the user asks to explore, analyze, investigate, or research a repository or codebase. Triggers on "explore repo", "analyze repo", "investigate repo", "research codebase", "what does this repo do", "how does this codebase work", "ask about repo", "codebase question", "explore repository", "what API does this project have", "analyze this GitHub repo", "explore https://github.com/...", or any request to understand a repository's structure, API, architecture, or implementation details. Works with both local paths and remote URLs (GitHub, GitLab, Bitbucket).
gh-issues
Process GitHub issues as an automation queue: /gh-issues lists and filters issues, confirms selected issue numbers, deduplicates fix/issue-* work, delegates one focused PR per issue, and can monitor issue-fix PR review feedback. Use this instead of general PR workflow tools only when the entry point is a GitHub issue list or issue-fix queue.
merge
Merge PR с pre/post проверками, sync main и cleanup. Используй при merge PR вместо ручного gh pr merge.
ai-collab-protocols
Surface in-task-collaboration protocols when the user describes an AI workflow informally — URL-as-entity-reference, PR-comment threads as session memory. Trigger when the user names entities by colloquial label instead of stable URL, asks "how should I structure this for Claude", or describes a multi-step Claude workflow without a durable handle. Apply reactively, not as a checklist.
drift-detect
Compare documented plan and intent against implementation reality across GitHub issues, pull requests, milestones, docs, and code, then emit an evidence-backed Reality Check Report with a prioritized reconstruction plan. Use when the user says "plan drift", "reality check", "compare docs to code", "roadmap alignment", "implementation gaps", or "is the plan up to date".
gh-fix-ci
Inspect GitHub PR checks with gh, pull failing GitHub Actions logs, summarize the failure, then plan and implement the fix after user approval. Use when the user asks to debug or fix failing PR CI on GitHub Actions; external checks (Buildkite, etc.) are reported as URLs only.
michel-cli-demo-recorder
Produce proof-of-execution demos of the Packmind CLI (`packmind-cli`) as terminal-styled images (colors and formatting preserved exactly), for embedding in a GitHub PR. Renders a crisp master SVG and rasterizes it to a PNG — the PNG is what you embed, because GitHub does not render SVG in PR/issue bodies. Use this whenever a dev task touches the CLI — new command, changed output, new flag, bug fix in terminal rendering — and the PR would benefit from showing the tool actually running. Trigger it when the user says "record a CLI demo", "show the command output", "add a terminal screenshot to the PR", "prove the CLI works", "capture the CLI", "demo the command", or whenever you finish CLI work and are about to open or update a PR. Default to running this for any PR whose diff includes CLI source, even if the user didn't explicitly ask for a screenshot — a CLI PR without a visual of the output is an incomplete deliverable.
michel-create-pr-with-screenshots
Best practices for creating GitHub pull requests that include inline images — CLI terminal screenshots (from cli-demo-recorder), UI screenshots/videos (from ui-demo-recorder), or any other visual artifact. Use this skill whenever opening or updating a PR that has visual artifacts to embed, or when images aren't rendering in a PR description. Also use it when asked "how do I add screenshots to a PR", "why isn't my image showing", or "embed a demo in the PR".
michel-monitor-pull-request-github-actions
Diagnose a failed, stuck, or never-triggered CI run on a GitHub PR, apply a local fix if possible, push it, and document the result in a single running PR comment. Invoke whenever Michel's CI monitor loop triggers with `any_failure`, `stuck`, or `not_triggered` — the bash loop already handles `pending` and `all_green` silently, so this skill never sees those states.
github-pr
GitHub PR utilities for code review workflows
rival-search-mcp
Deterministic deep research via RivalSearchMCP. 9 tools: 5-engine web search (DuckDuckGo/Bing/Yahoo/Mojeek/Wikipedia), 9-platform social search (Reddit/HN/StackOverflow/Dev.to/Medium/ProductHunt/Bluesky/Lobste.rs/Lemmy), 5-source news (Google/Bing/Guardian/GDELT/DDG), 5 academic DBs (OpenAlex/CrossRef/arXiv/PubMed/EuropePMC), GitHub search, website mapping, content extraction with OCR, and research topic synthesis. No API keys required. Use when the user needs web research, competitive analysis, content discovery, or academic paper search.
error-recovery-patterns
Design gh-aw error handling, retry, recovery, and debugging flows.
wjs-auditing-project
Use when the user asks to audit what's wrong with a project, "make it right", "看看项目出了什么问题", "为什么用户的需求还没上线", "为什么没提交App Store", "为什么没新build", or wants a holistic state-of-the-project check covering unmerged branches, stalled PRs, failed GitHub Actions, stale builds, plan drift (TODOS.md / ROADMAP), unreleased commits, and log errors. Runs read-only investigation, presents a grouped checklist, fixes only after explicit user confirmation. Aware of the Cathier iOS app workflow (Xcode + fastlane + auto-merge @claude PRs from in-app feedback).
wjs-converting-wp-to-hugo
Use when migrating a WordPress site to a Hugo static site on GitHub Pages from a WXR export (.xml) plus the wp-content/uploads folder — preserving /archives/<id>/ URLs, localizing images, and deploying via GitHub Actions. Triggers — "把 WordPress 迁成 Hugo", "wordpress 转静态站", "migrate WordPress to Hugo", "WXR to Hugo", "publish WordPress to GitHub Pages", "/wjs-converting-wp-to-hugo".
wjs-looping-feedback
Use when the user wants to add an in-site feedback loop to a website repo — a floating "提个建议" button where allowlisted visitors submit suggestions that become a GitHub Issue, which GitHub Actions turns into an automatic code change via Claude Code, auto-merges and deploys, and records on a /_feedback dashboard with one-click revert. Triggers — "给网站加个反馈对话框", "提一句话就自动改网站", "装上反馈闭环", "feedback loop", "/wjs-looping-feedback".
github
GitHub CLI patterns for issues, projects, and PRs. Invoke when: creating issues, linking PRs to issues, updating project status, or any GitHub project operations.
pr-fixup
Wait for CI checks and automated reviews (CodeRabbit, Greptile, Claude, cubic) on a PR, fix failures and address comments, then push.
weekly-retro
Use when conducting weekly retrospective, reviewing past week, or when user says "retro", "weekly retro", "week review". Triggers at end of week or start of new week.
gh-cli
GitHub CLI for remote repository analysis, file fetching, codebase comparison, and discovering trending code/repos. Use when analyzing repos without cloning, comparing codebases, or searching for popular GitHub projects.
review-github-pr
GitHub PR code review - fetches the diff, runs automated checks, launches 3 parallel review agents (correctness, convention compliance, efficiency) to analyze changes, validates findings against actual code, and drafts a GitHub review. Use when reviewing pull requests. Triggers on "review this PR", "review PR
describe_pr
Generate comprehensive PR descriptions following repository templates
speckit-git-remote
Detect Git remote URL for GitHub integration
code-reviewer
Analyzes code diffs and files to identify bugs, security vulnerabilities (SQL injection, XSS, insecure deserialization), code smells, N+1 queries, naming issues, and architectural concerns, then produces a structured review report with prioritized, actionable feedback. Use when reviewing pull requests, conducting code quality audits, identifying refactoring opportunities, or checking for security issues. Invoke for PR reviews, code quality checks, refactoring suggestions, review code, code quality. Complements specialized skills (security-reviewer, test-master) by providing broad-scope review across correctness, performance, maintainability, and test coverage in a single pass.
describe-pr
Generate a comprehensive pull request description following the repository's standard template. Use when the user wants to create or update a PR description.
respond-to-pr
Respond to pull request review feedback interactively, working through each item with verification and code changes. Use when the user wants to address PR review comments.
review-pr
Review a pull request through multiple quality lenses and present a compiled analysis with inline comments. Use when the user wants a thorough PR review.
gh-issues
Fetch GitHub issues, spawn sub-agents to implement fixes and open PRs, then monitor and address PR review comments. Usage: /gh-issues [owner/repo] [--label bug] [--limit 5] [--milestone v1.0] [--assignee @me] [--fork user/repo] [--watch] [--interval 5] [--reviews-only] [--cron] [--dry-run] [--model glm-5] [--notify-channel -1002381931352]
aws-infrastructure
Use when working with AWS resources — ECS Fargate, ECR, EFS, Secrets Manager, gomplate templates, multi-env deployments — even when the user says 'deploy to staging' without naming AWS.
command-routing
Use when the user invokes a slash command like /create-pr, /commit, /fix-ci, or pastes command file content — routes to the right command with context inference and GitHub API patterns.
councilpr
Pull a GitHub PR via gh CLI and run the council on the diff with a PR-specific neutrality preamble — read-only by default; comment posting is opt-in.
fixpr-bot-comments
Fix and reply to bot review comments (Copilot, Augment, Greptile, etc.) on a GitHub PR
github-projects
GitHub Projects management via gh CLI for creating projects, managing items, fields, and workflows. Use when working with GitHub Projects (v2), adding issues/PRs to projects, creating custom fields, tracking project items, or automating project workflows. Triggers on gh project, project board, kanban, GitHub project, project items.
code-quality
Multi-language code quality standards and review for TypeScript, Python, Go, and Rust. Enforces type safety, security, performance, and maintainability. Use when writing, reviewing, or refactoring code. Includes review process, checklist, and Python PEP 8 deep-dive.
github-cli
Safety-first GitHub CLI skill wrapping `gh` (v2.86+). Use when performing GitHub operations — PRs, issues, releases, repos, Actions, API calls. Enforces risk classification with mandatory confirmation for destructive/forbidden operations.
kelos
Author, debug, and operate Kelos resources (Task, Workspace, AgentConfig, TaskSpawner) on Kubernetes. Use when working with Kelos CRDs or the kelos CLI.
agentbox-setup
Generate an agentbox.yaml for the current AgentBox workspace. Invoke when the user opens a sandbox without an agentbox.yaml or asks to (re)configure one.
contributor
End-to-end open source contribution workflow: from scanning issues to submitting PRs. Use this skill whenever the user wants to contribute to an open source project, find issues to fix, submit a pull request, fork a repo to contribute, fix a GitHub issue, or mentions 'open source contribution'. Also trigger when they provide a GitHub repo URL and ask about contributing, say things like 'help me submit a PR', 'find good first issues', 'I want to contribute to X', or mention fixing bugs in someone else's project.
devops-excellence
DevOps and CI/CD expert. Use when setting up pipelines, containerizing applications, deploying to Kubernetes, or implementing release strategies. Covers GitHub Actions, Docker, K8s, Terraform, and GitOps.
github-trending
GitHub Trending 探索与分析。用于发现热门开源项目、技术趋��、开发者偏好,帮助理解技术社区的兴趣走向。
create-pr
Create a pull request for the current session. Use when the user wants to open a PR with the session's changes.
nw-cicd-and-deployment
CI/CD pipeline design methodology, deployment strategies, GitHub Actions patterns, and branch/release strategies. Load when designing pipelines or deployment workflows.
nw-devops
Designs CI/CD pipelines, infrastructure, observability, and deployment strategy. Use when preparing platform readiness for a feature.
accessing-github-repos
GitHub repository access in containerized environments using REST API and credential detection. Use when git clone fails, or when accessing private repos/writing files via API.
api-credentials
Securely manages API credentials for multiple providers (Anthropic Claude, Google Gemini, GitHub). Use when skills need to access stored API keys for external service invocations.
bm25
Ranked content search over any text corpus using BM25 (via xhluca/bm25s). Corpus-agnostic: works on cloned repos, project knowledge stores, uploaded files/archives, and any local directory. Stateless — builds an in-memory index each invocation, no cache, no persistence. Use when you need ranked multi-word content search beyond grep, or when picking the "most relevant files for these terms" across a corpus. Triggers on "rank these documents", "search this corpus", "find content about X", "which files are most about Y", or multi-word concept queries against a known body of text.
building-github-index
Generate progressive disclosure indexes for GitHub repositories to use as Claude project knowledge. Use when setting up projects referencing external documentation, creating searchable indexes of technical blogs or knowledge bases, combining multiple repos into one index, or when user mentions "index", "github repo", "project knowledge", or "documentation reference".
closing-issues
Close a GitHub issue with a synthesis comment as a flowing graph — validate the synthesis, post the closing comment, close, then run a pluggable callback (e.g. memory store) detached. Use when closing an issue should also capture the LEARNING (not just the diff log) and when the post-close work shouldn't block the close ack.
creating-bookmarklets
Creates browser-executable JavaScript bookmarklets with strict formatting requirements. Use when users mention bookmarklets, browser utilities, dragging code to bookmarks bar, or need JavaScript that runs when clicked in the browser toolbar.
invoking-github
Enables GitHub repository operations (read/write/commit/PR) for Claude.ai chat environments. Use when users request GitHub commits, repository updates, DEVLOG persistence, or cross-session state management via GitHub branches. Not needed in Claude Code (has native git access).
gear
Managing dependencies, CI/CD optimization, Docker configuration, and operational observability (logging/alerting/health checks). Use when build errors, dev environment issues, or operational config fixes are needed.
harvest
Collecting GitHub PR data and generating work reports. Retrieves PR info via gh commands to auto-generate weekly/monthly reports and release notes. Use when work reporting or PR analysis is needed.
crap-analyzer
Use to produce a risk-based refactor + test plan for recently-changed code on a diff/branch/PR by computing CRAP (complexity × untested) on changed methods. Multi-language — TypeScript, JavaScript, Python, Java, Kotlin, Go, Ruby, C#, Rust, PHP — auto-discovers how the repo generates coverage. Triggers — "/crap-analyzer", "analyze CRAP", "compute CRAP", "find risky methods", "find complex untested methods".
babysit-pr
Watch a PR through CI and review feedback: commit/push, wait for CI, auto-fix high-confidence failures, reply to active review threads, address top-level Conversation-tab comments, and summarize automated review-body content with sentinel-tagged comments. Runs one pass against the current branch's PR; pass a PR number or URL to `gh pr checkout` that PR first. Use when the user says 'babysit my PR', 'babysit PR 482', 'watch my PR', 'keep my PR moving', or 'respond to comments'.
seed-data
Trigger seed data generation for test environments via GitHub Actions. Use when asked to seed, create test data, or set up HCPs/facilities/shifts.
cli-forge-github
Audit and fix GitHub repository health: rulesets vs CI alignment, branch hygiene, PR lifecycle, release automation flow, permission issues, and transient CI failures. Detects misconfigurations that cause PRs to hang, CI to fail silently, branches to accumulate, and releases to stall. Use when the user says 'PR stuck', 'CI pending forever', 'branch cleanup', 'ruleset', 'release blocked', 'merge conflicts on sync-main', 'stale PRs', 'orphan branches', 'GitHub health', 'repo hygiene', 'required checks', 'path pruning', 'release-plz stuck', 'auto-merge not working', 'workflow scope', 'token permission'. Also triggers on 'gh api', 'rulesets', 'branch protection', 'status checks'.
cli-forge-pipeline
Expert CI/CD pipeline optimizer using biomimetic patterns from nature: leafcutter ants (task partitioning), slime mold (adaptive path optimization), army ants (self-organizing parallelism), honeybees (dynamic resource allocation), and mycelium (fault-tolerant routing). Works with any CI system — examples cover both GitLab CI and GitHub Actions. Use this skill whenever the user asks to optimize, design, review, speed up, parallelize, or fix a CI/CD pipeline. Also triggers on: "slow pipeline", "flaky tests", "runners", "artifacts", "CI cache", "parallel build", "GitLab CI", "GitHub Actions", "pipeline design", "reduce build time", DAG pipelines, job dependencies, or any request mixing infrastructure + automation + deployment. Use it even when the user just pastes a YAML pipeline without asking explicitly.
ci-cd-pipeline-architecture
When configuring automated build, test, and deployment workflows for a repository.
code-review-guidelines
When asynchronously reviewing peer code before merging into the main branch.
ccb-github
Maintain this CCB project's GitHub-facing release surface. Use when preparing, publishing, auditing, or fixing CCB releases; updating README.md, README_zh.md, CHANGELOG.md, VERSION, GitHub release notes/assets, repository description/topics, or GitHub Actions release/test status.
report
Generate test report. Use when user says "test report", "results summary", "test status", "show results", "test dashboard", or "how did tests go".
apple-reminders
Manage Apple Reminders via remindctl CLI (list, add, edit, complete, delete). Supports lists, date filters, and JSON/plain output.
bitbucket-automation
Automate Bitbucket repositories, pull requests, branches, issues, and workspace management via Rube MCP (Composio). Always search tools first for current schemas.
clojure-review
Review Clojure and ClojureScript code changes for compliance with Metabase coding standards, style violations, and code quality issues. Use when reviewing pull requests or diffs containing Clojure/ClojureScript code.
code-review-digest-writer
Generates weekly code-review digest docs from PR review comments for any GitHub repository. If present, follows project-specific docs/review-digests/AGENTS.md guidelines. Use this to turn a date-bounded set of PR reviews into a structured markdown “newsletter” that captures themes, repeated issues, and concrete takeaways.
code-review-standards
Code review framework and criteria. References security-sentinel for security checks. Use when performing code reviews or defining review standards.
copilot-coding-agent
GitHub Copilot Coding Agent automation. Apply the ai-copilot label to an issue → GitHub Actions auto-assigns Copilot via GraphQL → Copilot creates a Draft PR. One-click issue-to-PR pipeline.
create-issue
Create an issue in GitHub or Jira. Automatically detects if GitHub issues are enabled; if so creates a GitHub issue, otherwise creates a Jira issue.
creating-issues
Issue creation expertise and convention enforcement. Auto-invokes when creating issues, writing issue descriptions, asking about issue best practices, or needing help with issue titles. Validates naming conventions, suggests labels, and ensures proper metadata.
data-processing
Process JSON with jq and YAML/TOML with yq. Filter, transform, query structured data efficiently. Triggers on: parse JSON, extract from YAML, query config, Docker Compose, K8s manifests, GitHub Actions workflows, package.json, filter data.
deployment-automation
Automate application deployment to cloud platforms and servers. Use when setting up CI/CD pipelines, deploying to Docker/Kubernetes, or configuring cloud infrastructure. Handles GitHub Actions, Docker, Kubernetes, AWS, Vercel, and deployment best practices.
deployment-engineer
Expert deployment engineer specializing in modern CI/CD pipelines, GitOps workflows, and advanced deployment automation. Masters GitHub Actions, ArgoCD/Flux, progressive delivery, container security, and platform engineering. Handles zero-downtime deployments, security scanning, and developer experience optimization. Use PROACTIVELY for CI/CD design, GitOps implementation, or deployment automation.
docs-review
Review documentation changes for compliance with the Metabase writing style guide. Use when reviewing pull requests, files, or diffs containing documentation markdown files.
docusaurus-deployer
This skill should be used when deploying a Docusaurus site to GitHub Pages. It automates the configuration, building, and deployment process, handling GitHub Pages setup, environment configuration, and CI/CD automation. Includes local validation before GitHub Actions triggering.
gh-fix-ci
Inspect GitHub PR checks with gh, pull failing GitHub Actions logs, summarize failure context, then create a fix plan and implement after user approval. Use when a user asks to debug or fix failing PR CI/CD checks on GitHub Actions and wants a plan + code changes; for external checks (e.g., Buildkite), only report the details URL and mark them out of scope.
git-workflow-enforcer
Ensures commits follow conventional commits, branch naming conventions, and PR templates. Use when creating commits, branches, or PRs, or when user mentions git workflow.
github-automation
Automate GitHub repositories, issues, pull requests, branches, CI/CD, and permissions via Rube MCP (Composio). Manage code workflows, review PRs, search code, and handle deployments programmatically.
graphite-cli
This skill should be used to answer questions and guide workflows related to the Graphite CLI. It assists with creating, managing, submitting, and synchronizing stacked code changes (diffs).
managing-commits
Git commit quality and conventional commits expertise with automatic issue tracking integration. Auto-invokes when the user explicitly asks about commit message format, commit quality, conventional commits, commit history analysis, issue references in commits, or requests help writing commit messages. Integrates with the issue cache for automatic issue references.
managing-projects
GitHub Projects v2 expertise for creating and managing project boards, fields, views, and items. Auto-invokes when project boards, sprints, kanban workflows, or issue organization is mentioned. Uses GraphQL for advanced project operations.
mlops-engineer
Build comprehensive ML pipelines, experiment tracking, and model registries with MLflow, Kubeflow, and modern MLOps tools. Implements automated training, deployment, and monitoring across cloud platforms. Use PROACTIVELY for ML infrastructure, experiment management, or pipeline automation.
npm-git-install
Install npm packages directly from GitHub repositories using git URLs. Use when installing packages from private repos, specific branches, or unreleased versions not yet on npm registry.
orchestrating-parallel-agents
Spawns multiple AI coding agents to work on related GitHub issues concurrently using git worktrees. Use when breaking down a large feature into multiple issues, running parallel agents with --print flag, or managing wave-based execution of related tasks.
reviewing-pull-requests
Pull request workflow and review expertise. Auto-invokes when PRs, code review, merge, or pull request operations are mentioned. Integrates with self-improvement plugin for quality validation.
security-sentinel
Use when working with authentication, API routes, user input, or sensitive data. Audits code for security vulnerabilities based on OWASP Top 10. Critical for payment processing, auth systems, and data handling.
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
skillscan
Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill. On first load, run first-run to scan all existing skills. Blocks HIGH/CRITICAL skills. No exceptions.
vibe-kanban
Manage AI coding agents on a visual Kanban board. Run parallel agents through a To Do→In Progress→Review→Done flow with automatic git worktree isolation and GitHub PR creation.
visual-regression
Setup visual regression testing with Storybook stories, configuration, and CI/CD workflows. Supports Chromatic, Percy, BackstopJS. Auto-invoke when user says "set up visual regression", "add Chromatic tests", "add screenshot testing", or "set up Percy".
agentplane-testkit-migration
Use when migrating Agentplane tests to @agentplane/testkit, replacing local test helpers, fixing testkit export/build failures, splitting large CLI/backend suites, or diagnosing missing testkit dist exports in package builds.
ops-ci-fix
Autonomous diagnosis and repair of failing CI/CD pipelines. Scan GitHub Actions workflows, identify failure causes, and apply fixes. Trigger when CI is broken, tests fail in CI, or workflows are stuck.
ops-standup
Cross-repo morning briefing. Aggregation of recent commits, PRs, CI, blockers and priorities of the day. Trigger when the user wants a standup, an activity summary, or to know what happened.
publish
Publish oh-my-opencode to npm via GitHub Actions workflow. Argument: <patch|minor|major>. Triggers: publish, release, deploy, npm publish.
github-pr-creation
Creates GitHub Pull Requests with automated validation and task tracking. Use when user wants to create PR, open pull request, submit for review, or check if ready for PR. Analyzes commits, validates task completion, generates Conventional Commits title and description, suggests labels. NOTE - for merging existing PRs, use github-pr-merge instead.
github-pr-merge
Merges GitHub Pull Requests after validating pre-merge checklist. Use when user wants to merge PR, close PR, finalize PR, complete merge, approve and merge, or execute merge. Runs pre-merge validation (tests, lint, CI, comments), confirms with user, merges with proper format, handles post-merge cleanup.
github-pr-review
Handles PR review comments and feedback resolution. Use when user wants to resolve PR comments, handle review feedback, fix review comments, address PR review, check review status, respond to reviewer, verify PR readiness, review PR comments, analyze review feedback, evaluate PR comments, assess review suggestions, or triage PR comments. Fetches comments via GitHub CLI, classifies by severity, applies fixes with user confirmation, commits with proper format, replies to threads.
hotplex-issue-manager
HotPlex issue 批量管理与合并 PR 交付。将分散的 GitHub issues 转化为一个合并 PR——对传统一个-issue-一个-PR 工作流的刻意替代,减少合并冲突和审查疲劳。覆盖 issue 优先级排列、批量修复规划与实施、ROI 计算。
devops-specialist
DevOps 与运维专家。精通 CI/CD、容器化、编排、基础设施即代码、监控告警和自动化部署。用于构建高效、可靠的软件交付流水线和运维系统。
writing-clearly-and-concisely
Use when writing prose humans will read—documentation, commit messages, error messages, explanations, reports, or UI text. Applies Strunk's timeless rules for clearer, stronger, more professional writing.
release
Kandev release & versioning conventions — single SemVer across npm, Homebrew, GitHub release. Use when cutting a release, debugging release artifacts, or answering questions about version channels.
dump-schema
Dump clean Postgres schema to a file and copy path to clipboard.
code-review
Multi-agent code review with parallel specialized reviewers, architecture validation, and challenge validation. Use `rq` to request a review of diffs (defaults to main branch), `rs` to respond to review findings. Triggers on "review this", "review my code", "code review", "check for bugs", "audit this", when examining PRs, pull requests, branches, or diffs. Always asks user before applying fixes.
context-mode-ops
Manage context-mode GitHub issues, PRs, releases, and marketing with parallel subagent army. Orchestrates 10-20 dynamic agents per task. Use when triaging issues, reviewing PRs, releasing versions, writing LinkedIn posts, announcing releases, fixing bugs, merging contributions, validating ENV vars, testing adapters, or syncing branches.
changelog
Generates a personal markdown changelog of merged or closed pull requests authored by the current user and Linear tickets the user closed or worked on, over a configurable window (default 7 days), grouped by feature area (e.g. Dashboards, Agent0). Inputs sourced from `gh search prs --author=@me` and the Linear MCP. Use for weekly recaps, status updates, performance reviews, or end-of-sprint summaries. Triggers on "changelog", "what have I done", "weekly summary", "my recent work", "recap my week", "/changelog".
ci-auto-fix
Diagnose a failed CI check, apply a minimal fix, push, and iteratively verify until CI passes. Provider-agnostic in scope (currently implements the GitHub Actions path via `gh`). Refuses to disable, skip, or weaken checks. Invoke with /ci-auto-fix <run-id|pr-url>.
create-pr
Generate a short, narrative GitHub pull request description (≤ 25 lines, hard ceiling 40), push the branch, open the PR, then watch CI and auto-fix simple failures (lint, format, lockfiles) before handing back. With --split, analyses the branch diff and breaks it into 2–4 focused, dependency-ordered draft PRs after user approval, so reviewers don't have to digest a sprawling change in one sitting. With --review, posts an "@claude review" comment after PR creation so Claude's GitHub App performs a fresh-session code review, waits up to 10 minutes for the review to land, then dispatches /implement-suggestion to auto-apply actionable feedback — runs in parallel with the CI watch + auto-fix loop. Escalates judgment-required failures via /confidence rather than guessing. Invoke with /create-pr, /create-pr --split, or /create-pr --review.
e2e-pr-stabilizer
Stabilizes or optimizes Playwright E2E tests on one PR via a local-first loop, then ratifies with a single CI run. Pulls Dash0 spans (`git.pull_request_link`) as the historical baseline, then captures every iteration's evidence locally with `--trace=on` (same OTel exporter, same trace schema). Validation is empirical, not predictive: before commit, every new locator must resolve against source (static grep) or the live app (`locator.count()`); after commit, the fixed test must pass three consecutive local runs before the single push. Modes: `stabilize` (default) heals flaky / failing tests; `optimize` is report-only and ranks slow-action wins by measured ms saved. Refuses `.skip`, `.fixme`, `waitForTimeout`, or any check-weakening edit. Use when a PR has flaky or failing E2E tests or when you want to find slow tests worth tightening. Triggers on "stabilize this PR", "fix flaky e2e", "heal playwright on PR", "ui-e2e is failing", "self-heal e2e", "optimize e2e", "/e2e-pr-stabilizer".
github-actions-author
Authors fast, cheap, maintainable GitHub Actions workflows applying 2026 best practices: caching with `hashFiles` + `restore-keys`, parallelization via matrix + artifacts, reusability (composite actions for steps, reusable workflows for jobs), security (SHA-pinned actions, least-privilege `GITHUB_TOKEN`, concurrency), and trackable errors (named steps, step summaries, annotations). Two modes: `scaffold` (default) generates workflow YAML; `review` audits an existing workflow against the same rules. Use when creating CI/CD pipelines, optimizing slow workflows, deduping copy-pasted YAML across repos, or auditing workflow security. Triggers on "github action", "github workflow", "ci pipeline", "create workflow", "speed up ci", "review my workflow", "/github-actions-author".
implement-suggestion
Implements review-comment suggestions across one or more PRs. Multi-PR mode (default when $ARGUMENTS contains PR URLs; empty $ARGUMENTS auto-detects the active PR) per PR: resolves a worktree, fetches every actionable comment from both human teammates AND AI code-review bots (claude[bot], coderabbitai[bot], …), validates each through /critical + /confidence, builds a structured suggestion-pack, and dispatches a worker subagent to apply / commit / push to the existing branch — fast-lane for mechanical edits, standard-lane via aw-planner for architectural changes. Free-text mode applies a single pasted suggestion in the current directory. Triggers on "implement suggestion", "apply review comments", "address PR feedback", "implement reviewer feedback", "fix PR comments", "/implement-suggestion".
playwright-trace-analyzer
Analyzes Playwright E2E `trace.zip` archives (and bare trace JSONL when unpacked). Extracts the action timeline, network waterfall, console errors, and DOM-snapshot anchors, then identifies the highest-impact problems (flaky waits, slow selectors, network bottlenecks, hung actions, unhandled console errors, navigation churn) and proposes concrete test or app fixes ranked by measured impact. Auto-detects whether the input is a `trace.zip`, a directory of unpacked trace files, or a single `trace.trace` / `trace.network` JSONL stream. Iterates via the `/confidence` skill — if root-cause certainty is below 90%, it digs deeper before recommending a fix. Use when handed a Playwright trace, asked "why is this test flaky?", "why did the test time out?", or asked to optimise an E2E suite with evidence. Triggers on "analyze trace", "playwright trace", "e2e trace", "test flake", "why did playwright fail", "playwright timing", "/playwright-trace-analyzer".
unified-cicd-platform
This skill should be used when the user is choosing a CI/CD platform, migrating between CI/CD providers, consolidating build and deployment pipelines, designing pipeline architecture across application and infrastructure code, setting up drift detection, configuring OIDC authentication for pipelines, or discussing the operational cost of multiple CI/CD systems. Covers platform selection, the cost of multi-platform CI/CD, what 'everything on one platform' means, OIDC pipeline authentication, Jenkins migration, and scheduled pipeline jobs like drift detection.
describe-pr
Generate comprehensive PR descriptions following repository templates
roll-loop
Autonomous BACKLOG executor. Runs on a schedule (hourly via cron or GitHub Actions), scans .roll/backlog.md for 📋 Todo items, and routes each to the appropriate skill: US-XXX → $roll-build, FIX-XXX → $roll-fix, REFACTOR-XXX → $roll-build. Retries the primary agent up to 3 times on transient failure; pauses with ALERT on persistent failure. Never cuts a release autonomously — release is always a human decision. Triggers roll-brief when a Feature completes.
writing-clearly-and-concisely
Use when writing prose humans will read—documentation, commit messages, error messages, explanations, reports, or UI text. Applies Strunk's timeless rules for clearer, stronger, more professional writing.
github-actions
Manage ClaudeBar's GitHub Actions CI/CD pipelines: build, test, and release workflows. Use this skill when: (1) Setting up secrets for CI/CD (certificate, API key, Sparkle key, Codecov) (2) Creating a new release — tag-based or manual workflow_dispatch (3) Triggering or explaining the build.yml, tests.yml, or release.yml workflows (4) Debugging release failures (signing, notarization, appcast) (5) Managing beta vs stable channels for Sparkle auto-updates (6) User says "release a new version", "push a tag", "set up CI secrets", "why did the release fail"
code-quality
Deep code review and quality analysis for vm0 project
besser-dev
Contributor guide for developing BESSER itself (https://github.com/BESSER-PEARL/BESSER). Use this skill whenever the user is working *inside* the BESSER source tree — adding a new generator (the most common contribution), adding a new metamodel or sub-DSL under `besser/BUML/metamodel/`, writing pytest tests for generators or metamodels, writing JSON↔BUML converters for the web editor, building Sphinx documentation under `docs/source/`, registering a generator in `SUPPORTED_GENERATORS`, or preparing a pull request to BESSER. Trigger on phrases like "add a new generator", "register in the web editor", "GeneratorInterface", "json_to_buml", "buml_to_json", "write tests for my generator", "build the docs", "open a PR to BESSER", or any work that touches `besser/generators/`, `besser/BUML/metamodel/`, `besser/utilities/web_modeling_editor/`, or `tests/`. Prefer this skill over besser-user when the user is contributing *to* BESSER rather than *using* BESSER to build something else.
code-review
Review diffs and change sets for bugs, regressions, risks, and missing tests.
github-pr-workflow
Create branches, commit and push changes, open or update GitHub pull requests, handle CI, and merge safely.
ccc-ci
CI/CD webhook channel. Receive GitHub Actions, Vercel, Railway deploy events in your session. Auto-triggers /ccc-doctor on failures.
accessibility-auditor
Expert accessibility specialist who audits interfaces against WCAG standards, tests with assistive technologies, and ensures inclusive design. Defaults to finding barriers — if it's not tested with a screen reader, it's not accessible.
ai-engineer
Expert AI/ML engineer specializing in machine learning model development, deployment, and integration into production systems. Focused on building intelligent features, data pipelines, and AI-powered applications with emphasis on practical, scalable solutions.
airtable
Airtable REST API via curl. Records CRUD, filters, upserts.
api-tester
Expert API testing specialist focused on comprehensive API validation, performance testing, and quality assurance across all systems and third-party integrations
apple-reminders
Apple Reminders via remindctl: add, list, complete.
architecture-diagram
Dark-themed SVG architecture/cloud/infra diagrams as HTML.
arxiv
Search arXiv papers by keyword, author, category, or ID.
ascii-art
ASCII art: pyfiglet, cowsay, boxes, image-to-ascii.
audiocraft-audio-generation
AudioCraft: MusicGen text-to-music, AudioGen text-to-sound.
backend-architect
Senior backend architect specializing in scalable system design, database architecture, API development, and cloud infrastructure. Builds robust, secure, performant server-side applications and microservices
baoyu-article-illustrator
Article illustrations: type × style × palette consistency.
baoyu-comic
Knowledge comics (知识漫画): educational, biography, tutorial.
blogwatcher
Monitor blogs and RSS/Atom feeds via blogwatcher-cli tool.
claude-code
Delegate coding to Claude Code CLI (features, PRs).
claude-design
Design one-off HTML artifacts (landing, deck, prototype).
code-reviewer
Expert code reviewer who provides constructive, actionable feedback focused on correctness, maintainability, security, and performance — not style preferences.
codebase-inspection
Inspect codebases w/ pygount: LOC, languages, ratios.
codex
Delegate coding to OpenAI Codex CLI (features, PRs).
comfyui
Generate images, video, and audio with ComfyUI — install, launch, manage nodes/models, run workflows with parameter injection. Uses the official comfy-cli for lifecycle and direct REST/WebSocket API for execution.
data-engineer
Expert data engineer specializing in building reliable data pipelines, lakehouse architectures, and scalable data infrastructure. Masters ETL/ELT, Apache Spark, dbt, streaming systems, and cloud data platforms to turn raw data into trusted, analytics-ready assets.
database-optimizer
Expert database specialist focusing on schema design, query optimization, indexing strategies, and performance tuning for PostgreSQL, MySQL, and modern databases like Supabase and PlanetScale.
debugging-hermes-tui-commands
Debug Hermes TUI slash commands: Python, gateway, Ink UI.
design-md
Author/validate/export Google's DESIGN.md token spec files.
devops-automator
Expert DevOps engineer specializing in infrastructure automation, CI/CD pipeline development, and cloud operations
document-generator
Expert document creation specialist who generates professional PDF, PPTX, DOCX, and XLSX files using code-based approaches with proper formatting, charts, and data visualization.
dogfood
Exploratory QA of web apps: find bugs, evidence, reports.
mundo
MUNDO - THE EMPEROR. Complete AI orchestration system that dispatches Claude Code, DeepSeek, ChatGPT, Gemini and ALL available AI models through Hermes Agent platform. Consults ALL AIs, crawls ALL web, integrates ALL solutions, saves ALL useful skills. Self-evolving. 21 versions. 24 capability modules. Collective consciousness. Infinite growth. Uses Three Departments and Six Ministries system to rule all skills. ONLY RED LINE: No payment. Why? Because Mundo doesn't care about your money. HAHAHAHA.
yuanbao
Yuanbao (元宝) groups: @mention users, query info/members.
gh-address-comments
Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.
github-triage
Triage GitHub issues through a configurable label-based state machine. Use when user wants to triage incoming issues, prepare issues for an autonomous agent, or move an issue between workflow states. Repo inferred from `git remote`; all GitHub calls go through `gh`.
pr-reviews
Review code changes on a given GitHub PR using gh CLI. Use when the user asks to review a pull request, analyze PR diffs, or provide feedback on open PRs with structured quality, security, and testing assessments.
address-pr-comments
Use this skill when addressing, responding to, or resolving PR review comments on GitHub pull requests. Triggers on "address PR comments", "respond to review", "handle review feedback", "reply to PR comments", "fix review comments", or when the user wants to process open review threads on their PR. Uses the gh CLI to fetch unresolved comments, make code changes where agreed, and post batch replies with a humble, thankful tone.
ci-cd-pipelines
Use this skill when setting up CI/CD pipelines, configuring GitHub Actions, implementing deployment strategies, or automating build/test/deploy workflows. Triggers on GitHub Actions, CI pipeline, CD pipeline, deployment automation, blue-green deployment, canary release, rolling update, build matrix, artifacts, and any task requiring continuous integration or delivery setup.
cypress-testing
Use this skill when writing Cypress e2e or component tests, creating custom commands, intercepting network requests, or integrating Cypress in CI. Triggers on Cypress, cy.get, cy.intercept, cypress component testing, custom commands, fixtures, cypress-cucumber, and any task requiring Cypress test automation.
aws-solution-architect
Expert AWS solution architecture for startups focusing on serverless, scalable, and cost-effective cloud infrastructure with modern DevOps practices and infrastructure-as-code
cicd-pipeline-audit
Audit CI/CD pipelines (GitHub Actions, GitLab CI, CircleCI, Azure Pipelines, Jenkins, Bitbucket) for security, reliability, reproducibility, supply chain, and deploy safety. One sub-agent per workflow. Static, live, apply, and runtime modes.
pr-description-writer
Draft a pull request description from git diff — summary, why, risk assessment, test plan, screenshot placeholders.
docs-seeker
Fetch up-to-date library and framework documentation into AI context. Use when looking up docs, finding feature-specific references, or discovering documentation sources for any library, framework, or tool.
pr
Create a pull request with cleanup, fmt, and test gates
atomic-review
Compressed code review comments. Cuts noise from PR feedback while preserving the actionable signal. Each comment is one line: location, problem, fix. Use when user says "review this PR", "code review", "review the diff", or invokes /atomic-review. Auto-triggers when reviewing pull requests.
aod-blueprint
Unified project setup and story generation skill that auto-detects new vs existing projects. Three modes: first-run (creates repo, registers project, activates), subsequent-run (skips setup, adds new stories with deduplication), and demo (loads pre-built Hello World stories). Generates ICE-scored, dependency-ordered stories as GitHub Issues and outputs a consumer guide. Use when a developer invokes /aod.blueprint to bootstrap or extend a project.
aod-deliver
Structured delivery retrospective for the AOD Lifecycle's Deliver stage. Validates Definition of Done, captures delivery metrics (estimated vs. actual duration), logs surprises, feeds new ideas back into discovery via GitHub Issues, and creates Institutional Knowledge entries. Use this skill when you need to close a feature, run a delivery retrospective, capture lessons learned, or complete the AOD lifecycle.
aod-orchestrate
Multi-feature orchestration skill that bridges /aod.blueprint output to parallel wave execution. Groups synced GitHub Issues by ICE priority tier (P0/P1/P2) into sequential waves, creates Task records, spawns batch sessions via the orchestrator API, monitors completion, and reports results. Supports --issues (selective), --dry-run (preview), and --yes (skip confirm). Use when a developer invokes /aod.orchestrate to execute multiple features from a blueprint in priority-ordered waves.
aod-score
Re-score an existing idea's ICE rating when circumstances change. Use this skill when you need to re-evaluate ideas, update ICE scores, change idea priority, or re-assess deferred ideas.
aod-status
On-demand backlog snapshot and lifecycle stage summary. Regenerates BACKLOG.md from GitHub Issues and displays item counts per stage. Use this skill when you need to check backlog status, view stage counts, regenerate BACKLOG.md, or get a lifecycle overview.
git-workflow-helper
Automates git workflow tasks including status checks, branch creation, file staging, conventional commit message generation, and pull request creation with gh CLI. Use this skill when you need to commit changes, create PRs, check git status, create branches, push code, or generate commit messages. Ensures proper git workflow and commit standards.
issue-triage
Triage and categorize GitHub issues with priority labels. Use when user says "triage issues", "check issues", "review open issues", or during regular maintenance of GitHub issue backlog.
fixpr-comments
Fix and reply to all open review comments (bots + human reviewers) on a GitHub PR
code-reviewer
6-aspect structured code review (security, architecture, error handling, test gaps, type safety, simplification) with calibrated scoring and per-aspect breakdown. Use when the user asks to review code, check a PR, review a pull request, audit changes before merge, or give code feedback.
trace-mcp-pre-commit
Run trace-mcp security, quality-gate, and antipattern checks before committing or opening a PR. Activate when the agent is about to create a commit or pull request in a project indexed by trace-mcp.
pr
Creates or updates a pull request (GitHub) or merge request (GitLab) for the current branch using the Conventional PR format — intent, summary, changes, rationale, and test plan. Captures the implementation conversation's intent into the PR description when run in the same session. Use when a branch is ready for review, or to update an existing PR/MR description.
firecrawl
Firecrawl produces cleaner markdown than WebFetch, handles JavaScript-heavy pages, and avoids content truncation. This skill should be used when fetching URLs, scraping web pages, converting URLs to markdown, extracting web content, searching the web, crawling sites, mapping URLs, LLM-powered extraction, autonomous data gathering with the Agent API, interacting with scraped pages (clicking, filling forms, extracting dynamic content via Interact API), or fetching AI-generated documentation for GitHub repos via DeepWiki. Provides complete coverage of Firecrawl v2 API endpoints including parallel agents, spark-1-fast model, sitemap-only crawling, and the Interact API for post-scrape browser interaction.
github-actions-docs
Use when users ask how to write, explain, customize, migrate, secure, or troubleshoot GitHub Actions workflows, workflow syntax, triggers, matrices, runners, reusable workflows, artifacts, caching, secrets, OIDC, deployments, custom actions, or Actions Runner Controller, especially when they need official GitHub documentation, exact links, or docs-grounded YAML guidance.
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
python-design-patterns
Python design patterns including KISS, Separation of Concerns, Single Responsibility, and composition over inheritance. Use this skill when designing a new service or component from scratch and choosing how to layer responsibilities, when refactoring a God class or monolithic function that has grown too large, when deciding whether to add a new abstraction or live with duplication, when evaluating a pull request for structural issues like tight coupling or leaking internal types, when choosing between inheritance and composition for a new class hierarchy, or when a codebase is becoming hard to test because of entangled I/O and business logic.
sast-configuration
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
release
Bump package.json version and create a git tag for npm release. Accepts semver bump type (patch/minor/major) or explicit version.
verify-implementation
프로젝트의 모든 verify 스킬을 순차 실행하여 통합 검증 보고서를 생성합니다. 기능 구현 후, PR 전, 코드 리뷰 시 사용.
creating-pull-requests
Creates pull requests with generated descriptions. Triggered when: PR creation, pull request, merge request, code review preparation.
gh-address-comments
Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.
skill-seekers
-Automatically convert documentation websites, GitHub repositories, and PDFs into Claude AI skills in minutes.
typescript-review
Review TypeScript and JavaScript code changes for compliance with Metabase coding standards, style violations, and code quality issues. Use when reviewing pull requests or diffs containing TypeScript/JavaScript code.
cleanup-git
Remove merged local branches and stale git worktrees. Use when the user says "cleanup branches", "prune worktrees", "tidy git", "remove merged branches", "delete merged branches", "gone branches", or wants to clean local git state. NOT for creating commits, creating worktrees, or configuring git hooks.
operating-infra
Author, inspect, troubleshoot, and review infrastructure across IaC, Kubernetes, cloud resources, containers, CI/CD, and Linux hosts. Use when changing Terraform/OpenTofu, Kubernetes, Helm, Kustomize, Dockerfiles, GitHub Actions, AWS, GCP, Cloud Run, BigQuery, IAM, logs, instances, or service health. NOT for deploy/apply/rollback workflows (see deploying-infra). NOT for shell scripts or generic command pipelines (see writing-shell).
devops-engineer
Creates Dockerfiles, configures CI/CD pipelines, writes Kubernetes manifests, and generates Terraform/Pulumi infrastructure templates. Handles deployment automation, GitOps configuration, incident response runbooks, and internal developer platform tooling. Use when setting up CI/CD pipelines, containerizing applications, managing infrastructure as code, deploying to Kubernetes clusters, configuring cloud platforms, automating releases, or responding to production incidents. Invoke for pipelines, Docker, Kubernetes, GitOps, Terraform, GitHub Actions, on-call, or platform engineering.
adr
Capture architectural decisions as structured ADRs (Architecture Decision Records). Use when user says 'record this decision', 'ADR this', 'why did we choose X', 'document this trade-off', 'we decided to...', or when a significant choice is made between alternatives (framework, database, pattern, API design, infra approach).
ci
GitLab CI/CD pipeline review and scaffolding for Terraform and Helm/EKS deployments. Use when user says 'review my pipeline', 'check my gitlab-ci', 'scaffold a pipeline', 'is my CI correct', or when working in .gitlab-ci.yml files.
docker
Docker operations, Dockerfile best practices, Compose, image optimization, and registry workflows. Use when user says 'review my Dockerfile', 'optimize my image', 'reduce image size', 'container won't start', 'set up compose', 'multi-stage build', or when working in Dockerfile, docker-compose*.yml, or .dockerignore files.
github
GitHub repository operations — PRs, issues, releases, branch protection, CODEOWNERS, security settings. Use when user says 'review my PR', 'create a release', 'set up branch protection', 'add CODEOWNERS', 'audit repo settings', or asks about GitHub repo configuration.
github-actions
GitHub Actions workflow review, scaffolding, and security hardening. Use when user says 'review my workflow', 'check my actions', 'scaffold a workflow', 'is my CI correct', 'pin actions', 'OIDC to AWS', or when working in .github/workflows/*.yml files.
k8s
Kubernetes and Helm review and scaffolding for EKS workloads. Use when user says 'review my helm values', 'before I deploy', 'scaffold a new service', 'check values.yaml', or when working in values.yaml, Chart.yaml, or Helm template files.
tf
Generic Terraform review, scaffolding, and version upgrades for AWS infrastructure using the terraform-aws-modules ecosystem. Use when user says 'review my terraform', 'before I raise an MR', 'scaffold a lambda/rds/s3/eks/vpc', 'check my .tf files', 'upgrade provider', or when working in .tf or .tfvars files. NOTE: if the repo has an `_modules/` directory wrapping `clouddrove/*/aws` modules, use /clouddrove:wrapper-tf instead — the two patterns conflict.
wrapper-tf
Team standard for AWS Terraform repos built on the CloudDrove wrapper-module pattern. Use when working in a repo with an `_modules/` directory that wraps `clouddrove/*/aws` modules, scaffolding a new wrapper module, generating Terraform GitHub Actions CI, reviewing wrapper-pattern PRs, or mapping the pattern to SOC2/GDPR controls. Supersedes /tf on CloudDrove repos.
llm-output-gate
CI hook that refuses to ship if prompt-eval golden set regresses past threshold or prompt-injection-test fails on HIGH severity
deployments-cicd
Vercel deployment and CI/CD expert guidance. Use when deploying, promoting, rolling back, inspecting deployments, building with --prebuilt, or configuring CI workflow files for Vercel.
symvault
Use Symaira Vault as the credential manager for AI agents through native MCP tools. Prefer this when storing, retrieving, generating, or rotating passwords, tokens, API keys, and TOTP codes.
datarobot-app-framework-cicd
Guidance for setting up CI/CD pipelines for DataRobot application templates using GitLab, GitHub Actions, and Pulumi for infrastructure as code. Use when setting up CI/CD pipelines, configuring deployments, or managing infrastructure for DataRobot application templates.
pr-summary
Summarize current pull request with diff, comments, and changed files. Use when reviewing PRs or before merging.
release
Create a new versioned release with changelog. Bumps version in code, updates CHANGELOG.md, commits, tags, and pushes using the repository release flow. GitHub Actions creates the release and uses only the current changelog section as release notes. Use when the user says "release", "cut a release", "bump version", "new release".
release
Create a new versioned release with changelog. Bumps version in code, updates CHANGELOG.md, commits, tags, and pushes using the repository release flow. GitHub Actions creates the release and uses only the current changelog section as release notes. Use when the user says "release", "cut a release", "bump version", "new release".
issue-proposals
Repo-internal routine skill. Fetches open GitHub issues on gtapps/claude-code-hermit, filters out ones with linked open PRs or existing proposals, picks one, runs it through /tackle-issue --investigate-only as a viability gate, and on a SHIP / SHIP WITH CAVEAT recommendation creates a hermit proposal via /claude-code-hermit:proposal-create. One issue per run; dedup by gh-issue-<N> tag across all proposal statuses. Not shipped to downstream operators — hardcoded to this repo.
deploy-global
Deploy the product so anyone in the world can access it.
code-review
Performs two-stage code reviews (spec compliance, then code quality) with severity-ranked findings. Use when asked to "review code", "review this PR", "check this diff", "review before merge", or mentions reviewing, auditing, or critiquing code changes, pull requests, or diffs.
code-review
Performs a thorough code review of the current changes or a specified file / pull request. Covers correctness, security, performance, readability, and adherence to project conventions. Outputs prioritised, actionable feedback. TRIGGER when the user writes /code-review or asks for a code review, PR review, or feedback on their code.
git-workflow
Guided Git workflow assistant. Helps with branching strategies, writing conventional commits, opening pull requests, resolving merge conflicts, and keeping history clean. TRIGGER when the user writes /git-workflow or asks for help with Git, branches, commits, PRs, or merge conflicts.
slice-the-spec
Turn a PRD into a Kanban-ready backlog of vertically sliced issues, with clear dependencies and HITL/AFK flags.
self-improve
Clone the Nomos repository, analyze the codebase for improvements, implement changes, and open a pull request. Use when asked to improve itself, contribute to its own codebase, fix its own bugs, add features to itself, write tests for itself, or do self-maintenance. Also triggered by phrases like 'improve yourself', 'fix your code', 'add a feature to nomos', 'update your own repo'.
code-review-web
Review web application code for bugs, security issues, performance problems, and stack-specific anti-patterns. Use this skill whenever the user wants to review code, debug a production issue, investigate a build failure, audit security, or check a PR before merging. Triggers on code review, review my code, debug, build error, broken, not working, why is X failing, check this code, security check, PR review, audit code, refactor. Also triggers when investigating 4xx or 5xx errors, deploy failures, environment variable issues, and CMS integration problems.
technical-diagrams
Provides Mermaid diagram syntax, best practices, and styling rules for technical visualizations. Use when creating diagrams, flowcharts, sequence diagrams, class diagrams, state diagrams, ER diagrams, architecture diagrams, C4 diagrams, visualizations, or any visual documentation in markdown. Always use this skill when generating or updating Mermaid code blocks.
commit-push-pr
Full git workflow — creates branch, commits, pushes, and creates or updates a PR with summary and test plan.
code-reviewer
Use when reviewing pull requests, conducting code quality audits, or identifying security vulnerabilities. Invoke for PR reviews, code quality checks, refactoring suggestions.
gameclaw
Tell users what terminal games exist in GameClaw and how to download the released CLI binaries from GitHub. Use this when users ask what games are available, want a GameClaw game, need Linux/macOS download links, or want quick run instructions for a released game.
flaky-test-debugger
Debug and fix flaky tests including Playwright E2E, NestJS service/integration, React component, and unit tests. Use this skill when investigating intermittent test failures, triaging flaky tests, or fixing test instability.
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
deployment-pipeline-design
Design multi-stage CI/CD pipelines with approval gates, security checks, and deployment orchestration. Use when architecting deployment workflows, setting up continuous delivery, or implementing GitOps practices.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
auto-pass
Canonical main-chain orchestrator for locked/current refinement-owned sources (DP-backed or JIRA Epic-backed). It routes a source through breakdown, engineering, and verify-AC without taking over their mutation authority. Trigger: "auto-pass {KEY}", "快速通關 {KEY}", "完整流程 {KEY}" when the source is LOCKED and artifacts are current. `{KEY}` 可以是 `DP-NNN` 或 JIRA Epic key。
converge
Use when the user wants to push all in-flight work forward toward review in one pass — closing gaps across Epics, Bugs, and orphan Tasks. NOT for single-ticket work (use engineering) or read-only triage (use my-triage). Trigger: '收斂', 'converge', '推進', '全部推到 review', '把我的單收一收', 'epic 進度', '離 merge 還多遠', '補全'.
engineering
Engineer-minded execution orchestrator: takes a planned JIRA ticket and implements it with strict quality discipline — TDD, lint, typecheck, test, behavioral verify, PR. Two modes: first-cut (new implementation) and revision (fix PR review comments by returning to the work order). Local-only workflows may register delivery extensions, but those extensions are not part of the portable skill contract. Supports batch mode via parallel sub-agents. Trigger: "做 PROJ-123", "work on", "engineering", "開始做", "接這張", "做這張", "修 PROJ-123", "fix review on PROJ-123", PR URL (from pr-pickup or direct), or user provides JIRA ticket key(s). NOT for planning: Bug → bug-triage first; Story/Task/Epic → breakdown first. Key distinction: "下一步" / "繼續" without ticket key → my-triage (zero-input router + resume scan).
learning
Use when the user wants to learn from external resources (URLs, repos, articles), extract patterns from merged PRs, process a learning queue, configure the daily learning scanner, or backfill review lessons. Trigger: '學習', 'learn', '研究', 'deep dive', '學習 PR', '每日學習', 'daily learning', '設定學習', '批次學習', '掃歷史 PR', or when user shares a URL to analyze.
my-triage
個人工作盤點與 zero-input next router;列出 assigned Epics/Bugs/Tasks,整合 cross-session resume signals,協助決定下一步。
baoyu-infographic
Infographics: 21 layouts x 21 styles (信息图, 可视化).
ideation
Generate project ideas via creative constraints.
analysis-issues
Retrieves and helps clear rules-based analysis issues (bugs, vulnerabilities, code smells) for a repository branch. Prioritises by severity and type, works file-by-file or in batch mode. Requires Qualimetry Enterprise.
review-check
Checks for all types of code review issues found by the Qualimetry HITL code reviewer on a source file, including coding standards violations, design and best practice issues, general coding principle violations, secure coding principle violations, and policy violations. Retrieves a compliant code example showing how to resolve the issues. Invoked as the review-check skill, optionally with a file path argument, to check a previously reviewed file.
skill-auditor
Audit a SKILL.md or REFERENCE file, score it 0–10, identify major and minor findings, and generate copy-paste improvements. Use when reviewing a new skill before merging, auditing an existing skill for gaps, checking cross-skill consistency, or validating that a skill meets the Quality-Engineering-Skills framework standards. Triggers: audit this skill, score this SKILL.md, review reference file, check skill quality, find gaps in skill, validate skill before PR.
act-local-github-actions-runner
act is an open-source CLI tool that runs GitHub Actions workflows locally using Docker, enabling fast feedback on workflow changes without pushing to GitHub. It is a standard tool for local Actions development and testing.
address-github-pr-review-comments-from-the-current-branch-with-g
Find the open PR for the current branch, gather unresolved review comments, and drive a focused comment-resolution workflow with gh-authenticated context.
4-step-program
Coordinator workflow for orchestrating dockeragents through fix-review-iterate-present loop. Use when delegating any task that produces code changes. Ensures agents achieve 10/10 quality before presenting to human.
analyzing-projects
Analyzes codebases to understand structure, tech stack, patterns, and conventions. Use when onboarding to a new project, exploring unfamiliar code, or when asked "how does this work?" or "what's the architecture?"
autonomous-ci
Ensures Claude verifies both local tests AND remote CI before claiming completion. Use BEFORE any completion claims, commits, or pull requests. Mandatory verification with evidence.
aws-solution-architect
Expert AWS solution architecture for startups focusing on serverless, scalable, and cost-effective cloud infrastructure with modern DevOps practices and infrastructure-as-code
blitz
This skill should be used when parallelizing multi-issue sprints using git worktrees and parallel Claude agents. Use when tackling multiple GitHub issues simultaneously, when the user mentions "blitz", "parallel sprint", "worktree workflow", or when handling 3+ independent issues that could be worked on concurrently. Orchestrates the full workflow from issue triage through parallel agent delegation to sequential merge.
code-review
Perform code reviews following Sentry engineering practices. Use when reviewing pull requests, examining code changes, or providing feedback on code quality. Covers security, performance, testing, and design review.
code-review-ai-ai-review
You are an expert AI-powered code review specialist combining automated static analysis, intelligent pattern recognition, and modern DevOps practices. Leverage AI tools (GitHub Copilot, Qodo, GPT-5, C
code-review-checklist
Comprehensive checklist for conducting thorough code reviews covering functionality, security, performance, and maintainability
code-reviewer
Use this skill to review code. It supports both local changes (staged or working tree) and remote Pull Requests (by ID or URL). It focuses on correctness, maintainability, and adherence to project standards.
comprehensive-code-review
This skill should be used when reviewing pull requests, performing comprehensive code review, analyzing code changes before merge, or when the user asks for thorough/ultra-critical code review. Performs EXTREMELY CRITICAL 6-pass analysis identifying runtime failures, code consistency issues, architectural problems, environment compatibility risks, and verification strategies. Posts structured review as GitHub PR comment. Use when user asks to "review PR", "review this code", "review changes", "check this PR", "analyze PR", "post review", or for Phase 3 of devflow. Supports parallel review mode with multiplier (code-review-3, code-review 6X) for consensus-based reviews. This is an ultra-critical reviewer that does not let things slip and desires only perfection.
create-pr
Create pull requests following Sentry conventions. Use when opening PRs, writing PR descriptions, or preparing changes for review. Follows Sentry's code review guidelines.
deploying-cloud-k8s
Deploys applications to cloud Kubernetes (AKS/GKE/DOKS) with CI/CD pipelines. Use when deploying to production, setting up GitHub Actions, troubleshooting deployments. Covers build-time vs runtime vars, architecture matching, and battle-tested debugging.
deployment-pipeline-design
Design multi-stage CI/CD pipelines with approval gates, security checks, and deployment orchestration. Use when architecting deployment workflows, setting up continuous delivery, or implementing GitOps practices.
docs-sources
Knowledge of documentation platforms and fetching strategies. Use when adding new documentation sources, determining fetch strategy for a docs site, detecting doc frameworks, or configuring the docs registry.
evidence-verification
This skill teaches agents how to collect and verify evidence before marking tasks complete. Inspired by production-grade development practices, it ensures all claims are backed by executable proof:...
fiftyone-pr-triage
Triage FiftyOne GitHub issues by validating status, categorizing resolution, and generating standardized responses. Use when reviewing issues to determine if fixed, won't fix, not reproducible, no longer relevant, or still valid.
finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
fresh-eyes-review
This skill should be used as a mandatory final sanity check before git commit, PR creation, or declaring work done. Triggers on "commit", "push", "PR", "pull request", "done", "finished", "complete", "ship", "deploy", "ready to merge". Catches security vulnerabilities, logic errors, and business rule bugs that slip through despite passing tests.
gh-cli
GitHub CLI (gh) comprehensive reference for repositories, issues, pull requests, Actions, projects, releases, gists, codespaces, organizations, extensions, and all GitHub operations from the command line.
gh-ticket
Create or update comprehensive GitHub issues that capture ALL context, requirements, and implementation details. Use when creating or updating tickets, issues, feature requests, or bug reports. Ensures no context is lost between ticket creation and implementation - the moment you ask for a ticket, there's maximum context available that will be lost if not captured now.
github
GitHub operations via gh CLI. Use when user mentions: PR, pull request, github issue, workflow, actions, gh, or when git remote shows github.com.
github-actions-docs
Use when users ask how to write, explain, customize, migrate, secure, or troubleshoot GitHub Actions workflows, workflow syntax, triggers, matrices, runners, reusable workflows, artifacts, caching, secrets, OIDC, deployments, custom actions, or Actions Runner Controller, especially when they need official GitHub documentation, exact links, or docs-grounded YAML guidance.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
github-cli
Encourages proactive use of GitHub CLI (gh) for gathering context on PRs, issues, comments, and repository information when working with GitHub-related tasks.
github-elements-tracking
This skill should be used when the user asks to "track work across sessions", "create an epic", "manage issue waves", "post a checkpoint", "claim an issue", "recover from compaction", "coordinate multiple agents", "update memory bank", "store large documents", or mentions GitHub Issues as persistent memory, multi-session work, context survival, agent collaboration, SERENA MCP memory, or project-level context. Provides complete protocols for using GitHub Issues as permanent memory that survives context exhaustion, with integrated SERENA MCP memory bank for project-level context and large document storage.
github-issue-creator
Convert raw notes, error logs, voice dictation, or screenshots into crisp GitHub-flavored markdown issue reports. Use when the user pastes bug info, error messages, or informal descriptions and wants a structured GitHub issue. Supports images/GIFs for visual evidence.
github-issues
GitHub issues management assistant for Logseq Template Graph. Analyzes issues, triages with labels, plans implementations, generates responses, creates PRs, and manages issue lifecycle. Use when handling bug reports, feature requests, questions, or coordinating development through GitHub issues.
github-pr-best-practices
Best practices for creating GitHub pull requests including conventional commits, PR formatting, and multi-language support (en/ja). Use when creating PRs, writing PR descriptions, or formatting commit messages.
github-pr-creation
MUST use this skill when user asks to create PR, open pull request, submit for review, or mentions "PR 생성/만들기". This skill OVERRIDES default PR creation behavior. Analyzes commits, validates task completion, generates Conventional Commits title and description, suggests labels.
github-pr-merge
MUST use this skill when user asks to merge PR, close PR, finalize PR, or mentions "PR 머지/병합". This skill OVERRIDES default PR merge behavior. Runs pre-merge validation (tests, lint, CI, comments), confirms with user, merges with proper format, handles post-merge cleanup.
github-pr-review
MUST use this skill when user asks to resolve PR comments, handle review feedback, fix review comments, or mentions "리뷰 코멘트/피드백". This skill OVERRIDES default behavior. Fetches comments via GitHub CLI, classifies by severity, applies fixes with user confirmation, commits with proper format, replies to threads.
github-workflow-automation
Automate GitHub workflows with AI assistance. Includes PR reviews, issue triage, CI/CD integration, and Git operations. Use when automating GitHub workflows, setting up PR review automation, creating GitHub Actions, or triaging issues.
iterate-pr
Iterate on a PR until CI passes. Use when you need to fix CI failures, address review feedback, or continuously push fixes until all checks are green. Automates the feedback-fix-push-wait cycle.
managing-git
Manages Git workflows including branching, commits, and pull requests. Use when working with Git, creating commits, opening PRs, managing branches, resolving conflicts, or when asked about version control best practices.
markdown-url
Route any website you need to visit through markdown.new by prefixing the URL. **WHEN TO USE:** - You would normally open a website link to read content (docs, blog posts, changelogs, GitHub issues, etc.) - You need a cleaner, Markdown-friendly view for copying notes or summarizing
performance-testing-review-ai-review
You are an expert AI-powered code review specialist combining automated static analysis, intelligent pattern recognition, and modern DevOps practices. Leverage AI tools (GitHub Copilot, Qodo, GPT-5, C
pr-description
Guide for creating comprehensive PR descriptions with proper structure, diagrams, and documentation for code reviews.
pr-prepare
Prepare pull request descriptions following project template. Activates on: prepare PR, create PR, pull request, ready for PR, draft PR, write PR
pr-template-generator
Generate comprehensive pull request descriptions that help reviewers understand changes quickly a...
quetrex-development-workflow
Each project card should show the current month's API costs with a small trend indicator (up/down arrow).
ralph-tui-create-beads
Convert PRDs to beads for ralph-tui execution. Creates an epic with child beads for each user story. Use when you have a PRD and want to use ralph-tui with beads as the task source. Triggers on: create beads, convert prd to beads, beads for ralph, ralph beads.
ralph-tui-create-json
Convert PRDs to prd.json format for ralph-tui execution. Creates JSON task files with user stories, acceptance criteria, and dependencies. Triggers on: create prd.json, convert to json, ralph json, create json tasks.
read-github
Read and search GitHub repository documentation via gitmcp.io MCP service. **WHEN TO USE:** - User provides a GitHub URL - User mentions a specific repo in owner/repo format - User asks "what does this repo do?", "read the docs for X repo", or similar - User wants to search code or docs within a repo
research-merge
Processes research branches from Claude Code Web sessions - merges content, moves docs to docs/research/, and creates GitHub issues. Use when /popkit:next detects research branches or when manually processing research from mobile sessions. Do NOT use for regular feature branches - only for branches matching claude/research-* or containing research documentation.
roadmap-planning-expert
When the user asks about roadmap planning, sprint planning, milestone estimation, or capacity planning
ru
Repo Updater - Multi-repo synchronization with AI-assisted review orchestration. Parallel sync, agent-sweep for dirty repos, ntm integration, git plumbing. 17K LOC Bash CLI.
sast-configuration
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.
sharing-skills
Use when you've developed a broadly useful skill and want to contribute it upstream via pull request - guides process of branching, committing, pushing, and creating PR to contribute skills back to upstream repository
skill-marketplace-publisher
Publish a Codex or Claude skill to Skillstore, SkillMap, or similar public skill marketplaces. Use when you need to audit a skill for public safety, build a public package, create a public GitHub repo, or submit a repo URL to marketplace intake endpoints.
workhub
工作文档枢纽,强制执行 SSOT(Single Source of Truth)原则,管理 `docs/` 目录下的架构决策、设计文档、Issues(任务规划)、PRs(变更记录)。支持 GitHub 协作开发模式。
writing-clearly-and-concisely
Use when writing prose humans will read—documentation, commit messages, error messages, explanations, reports, or UI text. Applies Strunk's timeless rules for clearer, stronger, more professional writing.
youtrack
Interacts with YouTrack issue tracker for IdeaVim. Use when working with tickets (VIM-XXXX), adding comments, managing tags, setting status, or release management. This project does NOT use GitHub Issues - use YouTrack instead.
research
Focused research investigations. Converts questions into structured findings with confidence levels and source citations. Does not make decisions — produces information that informs the next step.
triage
GitHub issue and PR investigator. Pulls open issues/PRs, classifies them, searches the codebase for root cause or reviews contributed code, proposes fixes with file:line references, and optionally implements fixes. Handles both issues and pull requests.
contributor-nomination
Read-only nomination brief for a named GitHub contributor on <upstream>. Aggregates GitHub activity across all contribution tracks plus maintainer-supplied off-GitHub signal, and flags vendor-neutrality context — the evidence a PMC needs to open a committer or PMC nomination thread.
magpie-ci-runner-audit
Read-only audit of GitHub Actions workflow runner compatibility for one repository, an explicit repository set, one Apache project with multiple repositories, or the full Apache GitHub org. Finds obsolete GitHub-hosted runner labels and macOS runner/tool architecture mismatches. Produces TSV evidence files; never edits workflows, opens PRs, or posts comments.
magpie-committer-onboarding
Post-vote committer and PMC onboarding for Apache projects. Walks the nominator through every step from ICLA check to welcome announcement for both incubating podlings and graduated top-level projects.
magpie-contributor-activity-sweep
Read-only GitHub activity card for a named contributor on <upstream>. Fetches PR authorship, code-review activity, issues, and PR/issue comments over a configurable window. Limited to GitHub-visible activity — the body documents the off-GitHub tracks the nominator must supply separately. No readiness verdict is produced; use contributor-nomination for a full nomination brief.
magpie-contributor-nomination
Read-only nomination brief for a named GitHub contributor on <upstream>. Aggregates GitHub activity across all contribution tracks plus maintainer-supplied off-GitHub signal, and flags vendor-neutrality context — the evidence a PMC needs to open a committer or PMC nomination thread.
magpie-pr-management-code-review
Walk a maintainer through deep, sequential code review of open pull requests on the configured `<upstream>` repo. Defaults to the **"my reviews"** queue (the union of five maintainer signals — see the Inputs table); selectors can narrow to a single PR, an area label, or a collaborator subset. Drafts an `approve` / `request-changes` / `comment` review per PR and posts on the maintainer's confirmation.
magpie-pr-management-mentor
Draft a teaching-register comment on a single GitHub issue or PR thread on the configured `<upstream>` repo, aimed at a contributor who is missing repo context the maintainer would otherwise have to spell out. The skill reads the thread, decides whether a mentoring intervention is warranted, drafts one comment per the project's tone guide and convention pointers, and waits for explicit maintainer confirmation before posting via `gh`. Escalates to the configured maintainer team on the four hand-off triggers.
magpie-pr-management-quick-merge
Identify trivial, low-risk pull requests in the `ready for maintainer review` queue of <upstream> that pass every quality gate and touch only supplementary areas (docs, changelog, translations, tests) — the "express lane" a maintainer can review and merge in seconds. Surfaces and ranks candidates with per-PR diff summaries, an all-gates-green attestation, and the exact merge command. On the maintainer's explicit per-PR confirmation it can submit an APPROVE review (the maintainer's own review of the trivial diff — useful when the PR has no approvals yet and branch protection needs one), exactly as pr-management-code-review does. It never merges itself — automated merge is the framework's deliberately-deferred Mode D; the maintainer runs the printed merge command in their own session.
magpie-pr-management-stats
Read-only maintainer dashboard for the open-PR backlog of <upstream>. Surfaces a health rating, prioritised action recommendations, weekly closure velocity trends, area pressure ranking, and a triage-funnel breakdown — with the underlying area-grouped tables as a collapsible details section.
magpie-pr-management-triage
Sweep open pull requests on the configured `<upstream>` repo, classify each one against the project's quality criteria, propose a disposition, and — on the maintainer's confirmation — carry out the action via `gh`. Disposition options per PR: draft / comment / close / rebase / CI-rerun / workflow-approve / ping-stale-reviewer / request author confirmation of readiness / mark `ready for maintainer review` / promote bot-authored draft. Does **not** perform code review — that lives in `pr-management-code-review`.
magpie-security-issue-sync
Synchronize a security issue in <tracker> with the state of its GitHub discussion, the <security-list> mailing thread, and any <upstream> PRs that fix it. The skill gathers all relevant signals and proposes label / milestone / assignee / field / draft-email updates — applying only what the user has explicitly confirmed. Suggests the next step in the handling process and prints the CVE allocation link when a CVE is needed.
pr-management-code-review
Walk a maintainer through deep, sequential code review of open pull requests on the configured `<upstream>` repo. Defaults to the **"my reviews"** queue (the union of five maintainer signals — see the Inputs table); selectors can narrow to a single PR, an area label, or a collaborator subset. Drafts an `approve` / `request-changes` / `comment` review per PR and posts on the maintainer's confirmation.
pr-management-mentor
Draft a teaching-register comment on a single GitHub issue or PR thread on the configured `<upstream>` repo, aimed at a contributor who is missing repo context the maintainer would otherwise have to spell out. The skill reads the thread, decides whether a mentoring intervention is warranted, drafts one comment per the project's tone guide and convention pointers, and waits for explicit maintainer confirmation before posting via `gh`. Escalates to the configured maintainer team on the four hand-off triggers.
pr-management-stats
Read-only maintainer dashboard for the open-PR backlog of <upstream>. Surfaces a health rating, prioritised action recommendations, weekly closure velocity trends, area pressure ranking, and a triage-funnel breakdown — with the underlying area-grouped tables as a collapsible details section.
pr-management-triage
Sweep open pull requests on the configured `<upstream>` repo, classify each one against the project's quality criteria, propose a disposition, and — on the maintainer's confirmation — carry out the action via `gh`. Disposition options per PR: draft / comment / close / rebase / CI-rerun / workflow-approve / ping-stale-reviewer / request author confirmation of readiness / mark `ready for maintainer review` / promote bot-authored draft. Does **not** perform code review — that lives in `pr-management-code-review`.
security-issue-sync
Synchronize a security issue in <tracker> with the state of its GitHub discussion, the <security-list> mailing thread, and any <upstream> PRs that fix it. The skill gathers all relevant signals and proposes label / milestone / assignee / field / draft-email updates — applying only what the user has explicitly confirmed. Suggests the next step in the handling process and prints the CVE allocation link when a CVE is needed.
az-cost-optimize
Analyze Azure resources used in the app (IaC files and/or resources in a target rg) and optimize costs - creating GitHub issues for identified optimizations.
github
GitHub operations — issues, PRs, commits, code search, CI/CD via gh CLI
github-repo-manager
GitHub repository management — create, fork, settings, collaborators, topics, archive, transfer
tasks
Task & project management — GitHub Projects (native), Linear (API), Notion DB (API)
review
Review incoming PRs, agent-generated changes, or diffs. Structured review with security, correctness, performance, and maintainability checks. Triggers: "review", "review PR", "review changes", "code review", "review this PR", "review agent output", "check this diff".
scaffold
Project scaffolding, component generation, and boilerplate setup. Triggers: "scaffold", "new project", "init project", "create project", "generate component", "setup project", "starter", "boilerplate".
ops-ci
CI/CD pipeline configuration. Trigger when the user wants to configure GitHub Actions, GitLab CI, or automate deployments.
address-github-comments
Use when you need to address review or issue comments on an open GitHub Pull Request using the gh CLI.
iago
Append a Mermaid diagram (sequence, flow, class, or entity-relation) to a GitHub PR's existing /review comment. Like Iago the parrot from Aladdin, this skill loudly squawks a visual summary on top of an existing review. Also triggered by /squawk. Use after the /review skill finishes, or when the user asks to add/append a diagram to a pull request review, or says "squawk". Auto-detects the most useful diagram type from the diff; accepts an explicit override.
fixci
Fetch CI errors from GitHub Actions and fix them
setup-deploy
Set up the Vercel project, wire environment variables across environments, and add a GitHub Actions CI workflow (lint, typecheck, build). Presents the full config plan before touching anything.
test-setup
Scaffold the test stack for the SaaS app: install and configure Vitest + Testing Library, Playwright, and a CI test step. Run after qa-plan is approved. Produces a runnable test harness.
agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches. AI agents running in CI/CD pipelines.
az-cost-optimize
Analyze Azure resources used in the app (IaC files and/or resources in a target rg) and optimize costs - creating GitHub issues for identified optimizations.
azure-deployment-operations
Production deployment patterns for Azure Static Web Apps, Container Apps, App Service, and infrastructure
azure-devops-automation
CI/CD pipelines, infrastructure as code, and deployment automation for Azure workloads
multi-agent-architect
Design and optimize production-grade multi-agent systems with LangGraph, LangChain, and DeepAgents for complex AI workflows.
prompt-engineering
Craft effective prompts that get the best results from language models.
code-review
Code review a pull request or a set of related PRs created by someone else. Reads diffs, comments inline, and posts a consolidated review summary.
github-demand-radar
Use when the user asks to analyze a GitHub repository's issues/PRs to identify high-value commercial demand opportunities. Triggers: 「扫issue」「扫PR」「找需求」「分析仓库」「找商业化点子」「独立开发者切入点」「需求雷达」「扫一下明星项目」「生成需求报告」. Outputs scored demand cards with JTBD analysis, RICE scoring, Ugly Workaround evidence, and fake-door probe drafts. Also works in PR scan mode (Phase 1B) to find rejected/stale PRs as market gap signals.
verify-implementation
프로젝트의 모든 verify 스킬을 실행하여 통합 패턴 검증 보고서를 생성합니다. 기능 구현 후, PR 전, 코드 리뷰 시 사용.
debug-sentry-monitor
Monitor, triage, fix, and proactively enhance Sentry error monitoring for any project. Use when asked to: check Sentry, fix Sentry errors, triage Sentry issues, run post-deploy monitoring, review production errors, clean up Sentry noise, audit Sentry setup, improve monitoring coverage, enhance error tracking, or "run sentry check". Works with any GitHub repo — auto-detects org, project, framework, and config. Fetches issues via Sentry MCP, triages them, performs root cause analysis, fixes code bugs, updates noise filters, audits the monitoring architecture, and resolves issues only after verified fixes.
deploy-npm
Release a Changesets + GitHub Actions + npm OIDC (trusted publisher) monorepo end-to-end. Use when asked to "release", "publish to npm", "ship a new version", "cut a release", "update the changelog and publish", or any package name + release verb.
blueprint-sync-ids
Scan blueprint docs and assign missing PRD/ADR/PRP/WO IDs. Use when assigning IDs to docs; --dry-run to preview, --link-issues to create GitHub issues for orphans.
pr-merger
Verifies a PR is fully mergeable (CI green, no unresolved comments, approved) then merges it.
docker-devops
Create optimized Docker configurations, docker-compose setups, Kubernetes manifests, and CI/CD pipelines. Use when containerizing applications, setting up deployment infrastructure, or automating builds. Triggers on: Docker, Dockerfile, container, docker-compose, Kubernetes, k8s, CI/CD, GitHub Actions, deployment.
github-design
Use when setting up GitHub repositories, workflows, issue templates, or project organization - enforces best practices for .github folder structure, reusable workflows, branch protection, CODEOWNERS, labels, and GitHub Projects. Triggers on: GitHub, repository setup, workflow, Actions, issue template, PR template, CODEOWNERS, labels, branch protection.
competitive-research
Competitive research and market analysis. Builds competitor profiles, feature matrices, SWOT analyses, and positioning maps. Trigger when asked about competitors, market landscape, competitive gaps, or feature comparisons.
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
roll-review-pr
Agent-agnostic PR review skill. Reviews a pull request diff and emits a structured 3-state verdict (APPROVE / REQUEST_CHANGES / UNCERTAIN). Used by `roll review-pr` and `_loop_pr_review_external`.
babysit-pr
Babysit a GitHub pull request after creation by continuously polling review comments, CI checks/workflow runs, and mergeability state until the PR is merged/closed or user help is required. Diagnose failures, retry likely flaky failures up to 3 times, auto-fix/push branch-related issues when appropriate, and keep watching open PRs so fresh review feedback is surfaced promptly. Use when the user asks Codex to monitor a PR, watch CI, handle review comments, or keep an eye on failures and feedback on an open PR.
gh-pr-writing
Write and update GitHub PR titles and PR bodies with repository templates and local conventions. Use when creating PRs with `gh pr create`, revising PR text, choosing a conventional title prefix (for example `feat(web):`), or ensuring ticket suffix rules.
onequery-bug
Diagnose GitHub bug reports in wordbricks/onequery. Use when given a GitHub issue URL from wordbricks/onequery and asked to decide next steps such as verifying against the repo, requesting more info, or explaining why it is not a bug; follow any additional user-provided instructions.
onequery-pr-body
Update the title and body of one or more pull requests.
loom-code-review-and-quality
Use when a code diff, branch, PR, worker output, or implementation-complete ticket needs a code-focused quality review across correctness, tests, architecture, security, performance, scope, and evidence before audit or closure.
setup-medsci
Diagnostic checklist for the MedSci Skills runtime. Verifies Python, R, Node, Claude Code, Git, Zotero, and configured MCP servers, and prints a pass/fail table with links to the right setup doc for any missing component. Read-only — does not install anything.
create-plan
Synthesizes requirements and research into robust implementation plans through structured decision-making and expert panel stress-testing. Calibrates process depth to risk level — low stakes get a light plan, full stakes get hard decision gates and a pre-mortem. The plan is a decision record with actionable tasks, not an execution script. Use when you need to turn accumulated findings into a plan with clear choices, sequenced tasks, and verification. Also use when the user says "plan this", "create a plan", "how should we implement this", "design the approach", or "what's the strategy".
investigate-project
Perform end-to-end investigation, analysis, and comparative review of an external open-source project against The Engineer. Use this skill whenever the user wants to analyze, investigate, review, or compare an external project, GitHub repository, or open-source tool. Also trigger when the user mentions adding to considered-projects, doing a competitive analysis, or evaluating whether a project has ideas worth adopting. Takes a GitHub URL as input.
requirements-gathering
Conducts structured requirements gathering through sequential questioning before any research, planning, or implementation begins. Extracts true intent, constraints, edge cases, unknowns, and acceptance criteria from the user through focused one-at-a-time questions. Use this skill whenever the user mentions a new feature, task, ticket, bug fix, or any work item that hasn't been fully scoped yet. Also use when the user says "let's start", "new task", "I need to build", "requirements", "scope this", or "grill me" — even if they jump straight to implementation, redirect to requirements first.
research
Investigates codebases with a facts-before-opinions discipline — building a complete factual picture before interpreting what it means for the work ahead. Produces a structured research document saved to disk, split into observations and implications. Use when you need to understand existing code, patterns, dependencies, and constraints. Also use when the user says "research this", "explore the codebase", "investigate", "what does this code do", or "understand the system".
review
Conducts post-implementation review covering test coverage, lint, type checks, test fixes, and local testing preparation. Runs all automated verification, identifies gaps, fixes issues, and presents a testing checklist so the user can verify the work manually. Use this skill after implementation and commits are done — as the final quality gate before creating an MR. Also use when the user says "review this", "check my work", "run the checks", "verify everything", "is this ready", or "final review". Pairs with /commit (before) and /glab-mr-manager (after).
wrap-session
Wrap up the current session by updating active.md, logging the session, committing, and providing the next session's starter prompt. Use at the end of every working session.
ccc-devops
complete DevOps ecosystem — 21 skills in one. Deployments, CI/CD, containers, AWS, monitoring, security, IaC, networking, and runbooks.
apple-notes
Manage Apple Notes via memo CLI: create, search, edit.
ascii-video
ASCII video: convert video/audio to colored ASCII MP4/GIF.
cheat-bump
提议并执行 rubric 或 bucket 升级。两种模式:**完整 rubric bump**(最高风险动作,5 步强制 + 跨模型审核)和 **--bucket-only 轻量重校**(只换 bucket 边界,不动 rubric 公式)。**Phase 2 强制走 cheat-score-blind sub-agent 给校准池重打分**——不接受 self-scored fallback。触发词:"升级 rubric"/"bump rubric"/"更新公式"/"我想加一个维度"/"调整权重"/"重校桶"/"recalibrate bucket"。
cheat-init
cheat-on-content 的首次 onboarding 与脚手架创建器。统一流程——所有用户都走相同 5 阶段闭环,唯一区别是"发过视频的人"会在 init 时多一步:抓取已有视频建立历史 context(用于后续 cheat-seed 给更贴合的选题、更准的 baseline)。触发词:"初始化"/"init"/"首次使用"/"我是新用户"/"setup cheat-on-content"。**必须在用户第一次会话执行;其他子 skill 在 .cheat-state.json 不存在时自动路由到此。**
cheat-score
给单篇稿子打 rubric 分。**只在控制台输出,不写文件,不预测**。触发词:"打分这篇 [path]"/"score this [path]"/"给这稿子打分"/"先打分看看"。是 cheat-predict 之前的轻量探索动作。
cheat-score-blind
INTERNAL sub-agent for blind 9-dim rubric scoring. **NOT a user-facing skill — do NOT invoke from main conversation.** Called via Task tool by cheat-score / cheat-predict / cheat-bump to get a context-isolated score on a script. Receives ONLY script_path + rubric_notes_path; refuses any other input. Outputs strict JSON: 9 dimensions × {score 0-5, confidence enum, one-line reason}. **Hard refuses to Read** .cheat-state.json, predictions/*, retro 段, or anything that could leak post-publish data. This is channel B in the 3-channel calibration model (A=main, B=blind sub, C=cross-model).
cheat-shoot
登记一条视频已拍摄。**建 video folder + 询问实际拍摄稿是否与 scripts/<id>.md 一致 + buffer +1**。与 cheat-publish 配对:拍了进队列,发了出队列。触发词:"拍了"/"拍了 X"/"shot"/"shot it"/"已拍 X"/"录完了"。
cheat-status
cheat-on-content 的状态看板。显示当前模式 / rubric 版本 / 校准进度 / 待复盘 / pool 状态 / 是否该升级 SQLite / 是否该 bump rubric。**任何时候都可调,无副作用**。触发词:"状态"/"看板"/"status"/"我现在该做什么"/"进度怎么样"。
matlab-debugging
Diagnose MATLAB errors and unexpected behavior. Breakpoints, workspace inspection, try-catch diagnostics, and common error patterns. Use when debugging functions, tracing errors, inspecting variables, or diagnosing runtime failures.
matlab-design-digital-filter
Design and validate digital filters in MATLAB. Use when cleaning up noisy signals, removing interference, filtering signals, designing FIR/IIR filters (lowpass/highpass/bandpass/bandstop/notch), or comparing filters in Filter Analyzer.
matlab-live-script
Create MATLAB plain text Live Scripts (.m files) following specific formatting rules. Use when generating MATLAB scripts, educational MATLAB content, Live Scripts, or when the user requests .m files with rich text formatting.
matlab-modernize-code
Modernize deprecated MATLAB functions and patterns. Use when check_matlab_code or checkcode reports "not recommended" or "to be removed" warnings, when migrating legacy code, or when replacing deprecated APIs (trainNetwork, csvread, xlsread, datenum, eval, subplot, guide, optimset, wavread, svmtrain, uicontrol) with current equivalents.
matlab-optimize-performance
Read BEFORE optimizing any MATLAB code for speed. Without this workflow, agents commonly optimize the wrong target, fabricate speedup claims without measurement, or introduce regressions. Guides the 7-step workflow: baseline, profile, identify, optimize, measure, verify, report.
matlab-performance-optimizer
Optimize MATLAB code for better performance through vectorization, memory management, and profiling. Use when user requests optimization, mentions slow code, performance issues, speed improvements, or asks to make code faster or more efficient.
matlab-review-code
Review MATLAB code for quality, performance, maintainability, and adherence to MathWorks coding standards. Uses check_matlab_code and matlab_coding_guidelines. Use when reviewing code, checking style, finding code smells, assessing quality, or preparing code for handoff or publication.
matlab-test-generator
Create comprehensive MATLAB unit tests using the MATLAB Testing Framework. Use when generating test files, test cases, unit tests, test suites, or when the user requests testing for MATLAB code, functions, or classes.
matlab-testing
Generate and run MATLAB unit tests using matlab.unittest and matlab.uitest. Parameterized tests, fixtures, mocking, coverage analysis, CI/CD with buildtool, app testing with gestures. Use when creating tests, writing test classes, running test suites, checking coverage, testing apps, or validating MATLAB code.
matlab-uihtml-app-builder
Build interactive web applications using HTML/JavaScript interfaces with MATLAB computational backends via the uihtml component. Use when creating HTML-based MATLAB apps, JavaScript MATLAB interfaces, web UIs with MATLAB, interactive MATLAB GUIs, or when user mentions uihtml, HTML, JavaScript, web apps, or web interfaces.
nature-polishing
Polish, restructure, or translate academic prose into Nature-leaning English using writing-strategy principles, curated Nature/Nature Communications article patterns, and phrase-level support from Academic Phrasebank. Use whenever the user asks to polish a manuscript paragraph, abstract, introduction, results, discussion, conclusion, title, methods section, or Chinese academic draft for publication-quality English.
nature-response
Draft, audit, or revise point-by-point reviewer response letters for Nature-family manuscript revisions. Use when the user provides reviewer comments, editor decision letters, revision notes, response drafts, or asks how to respond to major/minor revision requests, rebuttal letters, response to reviewers, peer-review reports, 审稿意见回复, 逐点回复, 修回信, 大修回复, 小修回复, or 如何回复 reviewer.
nature-writing
Draft, restructure, or plan Nature-style manuscript sections from author-provided claims, results, figures, notes, or Chinese drafts. Use when the user wants to write or rebuild an abstract, introduction, results narrative, discussion, conclusion, title, or full manuscript argument rather than only polish finished prose.
nasde-benchmark-from-public-repos
Build diverse benchmark task suites from public GitHub repositories for testing universal skills. Use this skill when the user wants to: - Create a benchmark that spans multiple public repositories and languages - Test a universal skill (refactoring, test writing, code review, etc.) across diverse codebases - Curate a representative set of repos and tasks for cross-codebase validation - Build an evaluation suite for a skill that should work in any repository Even if the user doesn't say "benchmark" — if they're building a skill meant to work everywhere and want to validate it across many different projects, this skill applies.
review-architecture
アーキテクチャレビュースキル(設計整合性、コーディング規約、ドキュメント整合性の確認)
exploring-repos
Explore public GitHub repositories using GitHub CLI, local clones, and available web tools. Use when the user asks how a public repo works, wants architecture orientation, or needs repo-level Q&A. NOT for library API docs (use looking-up-docs) or local private codebases (use a local codebase workflow).
secure-review
Deep semantic security review of code changes with data flow tracing, taint analysis, and trust boundary validation. Composable building block invoked by /audit when deployed.
github-comment-triage
Triage and address GitHub PR review comments systematically—classify, respond, fix or defer with rationale. Use when a PR has review feedback, requested changes, or unresolved threads.
uselink-skills
Agent skills for publishing engineering artifacts to uselink — repo summaries, PR digests, changelogs, API docs, onboarding guides, reports, and specs. Each skill gathers data, generates HTML, and publishes via the uselink CLI.
create-pr
创建 Pull Request 到目标分支
gsd-inbox
Triage and review open GitHub issues and PRs against project templates and contribution guidelines.
development-branch-closeout
Use after implementation and required verification when PM/coordinator must choose merge, pull request, preserve, discard, or workspace cleanup handling for the current branch.
meeting-brief
Daily meeting preparation system that checks your calendar each morning, deeply researches external attendees (LinkedIn, company info, GitHub, past notes), and sends you personalized briefs via email (1 per person). Use when you want automated preparation for upcoming meetings with context about each person you're meeting.
explain-pr
Walk a user through a GitHub pull request to help them understand what it does, using markdown visualisations and a guided diff-by-diff tour. Use when the user wants to understand, explore, learn from, or be walked through a PR (not when they want a formal review).
review-pr
Review a GitHub pull request for correctness, security, observability, test coverage, and conventions. Identify applicable skills, score each review dimension red-amber-green, and produce a structured review saved to disk and presented to the user. Use when user asks to review a PR, check a pull request, or give feedback on changes in a PR.
update-agents
Check for and apply updates to locally installed agents from the kimgoetzke/coding-agent-configs GitHub repo. Use when user asks to update agents, sync agents, check for agent updates, or mentions updating their agents.
update-skills
Check for and apply updates to locally installed skills from the kimgoetzke/coding-agent-configs GitHub repo. Use when user asks to update skills, sync skills, check for skill updates, or mentions updating their skills.
merge-pr
Land an open PR on this repo — wait for CI to finish, then merge with a merge commit using admin bypass. Use whenever the user says "merge this PR", "/merge-pr", "ship the PR", "land the PR", or asks to merge a specific PR number. Defaults to the PR opened from the current branch.
cmux-testing
cmux testing rules for Swift Testing, test target compilation, and package/refactor validation. Use when adding or changing tests, touching package/refactor code, or deciding whether reload.sh is enough validation.
issue
Use GitHub issues as persistent cross-session resolution memory. Create, update, and re-read issues that are self-contained and re-readable cold, recording the hypothesis and the resolution. Triggers on "track this in an issue", "create an issue I can resume", "resume issue", "issue memory", "log this problem as an issue", or when work must survive a context reset via the GitHub tracker. NOT for ephemeral session snapshots (use remember) and NOT for the manual Obsidian vault (use brain). GitHub-native, auto-re-readable on resume.
websearch
Power search via Exa MCP. Modes: quick, deep research, code, docs, debug, news, compare. Use when searching the web, finding docs, debugging errors, or researching any topic.
installing-skills
Install skills from github.com/oaustegard/claude-skills into /mnt/skills/user. Use when user mentions "install skills", "load skills", "add skills", "update skills", "refresh skills", or references a skill not currently installed.
triage
Triage open herdr GitHub issues into a concise decision-first Markdown table. Use when the user says "triage", asks to triage open issues, asks which issues need attention, or wants issue priority/recommendation lights for herdr.
devops-engineer
DevOps Engineer (/devops) - Senior DevOps Engineer with 12+ years cloud infrastructure experience. Use when setting up cloud infrastructure, writing Terraform configurations (loads references/terraform.md), creating Kubernetes manifests, building CI/CD pipelines with GitHub Actions, configuring Docker, or managing secrets.
github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
package-release
Use when preparing, unblocking, or completing OpenPress framework package releases, including local change inventory, docs/skill preflight, changeset/version PR handling, GitHub release workflow monitoring, npm publish verification, and release PR writing.
codeql-scan
Execute CodeQL security scans with language detection, database caching, and SARIF output. Use when performing static security analysis on Python or GitHub Actions code.
github
Execute GitHub operations (PRs, issues, milestones, labels, comments, merges) using Python scripts with structured output and error handling. Use when working with pull requests, issues, review comments, CI checks, or milestones instead of raw gh.
memory-documentary
Generate evidence-based documentary reports by searching across all 4 memory systems (Claude-Mem, Forgetful, Serena, DeepWiki), .agents/ artifacts, and GitHub issues. Produces investigative journalism-style analysis with full citation chains. Use when you ask for an "evidence-based report", "investigate across all memory systems", "what happened with X over time". Do NOT use for a single semantic recall (use memory) or for citation hygiene (use memory-enhancement).
ci-cd
CI/CD 流水线配置
asciinema-streaming-backup
Real-time asciinema backup to GitHub orphan branch. TRIGGERS - streaming backup, asciinema backup, session backup, recording backup.
backup
Stream-backup active recordings to GitHub. TRIGGERS - backup recording, sync cast, streaming backup.
cicd-pipeline
Generates CI/CD pipeline configurations for GitHub Actions, GitLab CI, and AWS CodePipeline. Covers build, test, lint, security scanning, and deployment stages with caching and parallelism. Triggers on: "create CI/CD pipeline", "GitHub Actions workflow", "deployment pipeline", "automate build".
python-project-setup
Sets up Python projects with modern tooling including pyproject.toml, linting with ruff, formatting, type checking with mypy or pyright, testing with pytest, and pre-commit hooks. Triggers on: "setup Python project", "create Python package", "python project structure", "pyproject.toml".
setup-matt-pocock-skills
Sets up an `## Agent skills` block in AGENTS.md/CLAUDE.md and `docs/agents/` so the engineering skills know this repo's issue tracker (GitHub or local markdown), triage label vocabulary, and domain doc layout. Run before first use of `to-issues`, `to-prd`, `triage`, `diagnose`, `tdd`, `improve-codebase-architecture`, or `zoom-out` — or if those skills appear to be missing context about the issue tracker, triage labels, or domain docs.
cicd-pipelines
CI/CD pipeline design and DevOps automation — use when the user mentions GitHub Actions, GitLab CI, Jenkins, Terraform, infrastructure as code, DevSecOps, ArgoCD, Kubernetes deployment automation, or pipeline configuration YAML. NOT for release orchestration or semantic-release workflows (use git-workflow), NOT for Docker containers or Dockerfiles (use docker-containerization), NOT for git branching or commits (use git-workflow).
code-review
Reviews existing code and pull requests using multi-agent swarm analysis covering security, performance, style, test coverage, and documentation quality. Extracts and prioritizes PR comments, performs security audits, and generates actionable fix plans with file:line references. Use when the user asks to review code, review a PR, audit code for security, assess code quality, analyze pull request comments, get feedback on existing code, or perform a code audit. NOT for writing new code or implementing features (use other development skills), NOT for finding and fixing runtime bugs or errors (use debugging), NOT for writing tests or setting up test infrastructure (use testing-framework), NOT for TDD methodology (use test-driven-development).
post-findings
Post Rune review findings to a GitHub PR as a formatted comment. Parses TOME.md findings, formats as collapsible markdown, posts via gh api. Use after /rune:appraise or /rune:arc to share findings with team. Trigger keywords: post findings, PR comments, share review, post to PR, post review to GitHub, comment on PR with findings, share findings.
code-reviewer-subagent-no-bash-blocked-on-pr-diff
Code-review subagents are frequently provisioned WITHOUT a Bash tool, so they cannot run `gh pr diff`, `git diff`, or `git checkout` — and when you prompt them to "review PR #N, fetch the diff with gh pr diff" they return a BLOCKED report (no review performed), not findings. Use when: (1) dispatching feature-dev:code-reviewer / voltagent-* / Explore agents to review GitHub PRs or branches; (2) a review agent returns "I have no shell/gh/git tool" or "the PR sources are not in the working tree" or reviews `main` (which predates the PR) instead of the PR; (3) one reviewer in a parallel panel comes back BLOCKED while siblings succeeded. Fix: pre-generate per-base diffs to files + point the agent at materialized worktree paths, don't tell it to run gh/git.
gh-pr-merge-unstable-state-needs-auto-and-watch-branch-deletes
Diagnose and recover from two adjacent `gh pr merge` failure modes that masquerade as merge conflicts. Use when: (1) `gh pr merge --squash` (or `--merge`) errors with "To have the pull request merged after all the requirements have been met, add the `--auto` flag" AND "Run the following to resolve the merge conflicts locally" even though you just pushed a clean resolution; (2) `gh pr view <N> --json mergeable,mergeStateStatus` returns `MERGEABLE` + `UNSTABLE` rather than `MERGEABLE` + `CLEAN`; (3) you delete the remote branch (`git push origin --delete <branch>`) immediately after `gh pr merge` returns a conflict warning thinking the merge succeeded — and discover the PR has flipped to `CLOSED` rather than `MERGED`. The actual root cause for (1)/(2) is almost always pending CI / branch-protection checks, NOT real merge conflicts; the fix is `--auto` flag so `gh` queues the merge for when checks pass. For (3) — recovery requires restoring the remote branch (`git push -u origin <branch>` from your local copy) a
gha-pr-merge-ref-shows-upstream-changes
Diagnose "my CI failed on a file I didn't change — the test passes locally but CI insists there's a duplicate / conflict / lint violation that isn't in my branch." Caused by GitHub Actions checking out `refs/pull/N/merge` (the auto-computed merge of PR head + base) on `pull_request` events. Use when: (1) CI fails on a `git`/lint/whole-tree check (duplicate IDs, schema drift, file-content audit) that PASSES on the same SHA locally, (2) you're working in a dense parallel-PR window where main is moving faster than your CI runs, (3) `gh run view N --json headSha` matches your latest force-push but `git fetch origin main && git diff origin/main..HEAD` shows main is ahead by N commits, (4) the failure references symbols / IDs / values that are present in MAIN but absent from your branch. Root cause: GitHub re-computes the merge ref every time the base moves, so CI on `pull_request` sees `main-at-CI-start + your-branch`, NOT just `your-branch`. Sister concept to `gha-billing-failure-fast-fail-pattern` (different GHA
git-diff-2dot-vs-3dot-merge-safety
Avoid false-positive "this PR will delete files on main" alarms when reviewing a PR that was branched off an older commit. Use when: (1) `git diff origin/main..pr-branch` shows files being deleted that you DON'T want to lose, but (2) GitHub reports `mergeable: MERGEABLE / mergeStateStatus: CLEAN`, (3) you're about to demand a rebase or block the merge to "preserve" those files. The 2-dot diff is misleading — it shows everything different between two trees, including files added on `main` AFTER the branch point that the branch never saw. The 3-dot diff (`origin/main...pr-branch --diff-filter=D`) respects the merge-base and shows only what the branch actually deleted. Also covers the empty-cherry-pick signal that a "divergent" local commit's content is already on main under a different hash.
handoff-prompt-stale-user-hint-newer-state
Gate execution of a structured runbook/handoff/plan prompt behind an AskUserQuestion when the user explicitly hints that newer state (issues filed, PRs merged, probes shipped) has landed since the prompt was authored. Use when: (1) the user invokes "execute docs/handoffs/session_NNN_*.md" or "run this plan" or "implement this ADR" AND adds an inline aside like "but please be aware of #642, #662, #663" / "watch out for PR #N" / "FYI #issue landed since this was written"; (2) before executing, a scan reveals issues/PRs in the user's hint list were filed/merged AFTER the prompt's authoring timestamp; (3) the newer artifacts could materially change what the prompt should do (e.g., a P1 issue surfacing that the prompt's design decision needs revisiting, a probe correction flipping a verdict, a sibling PR's merge claiming an ID the prompt reserved). Default behavior to avoid: execute the prompt verbatim and paper over the divergence in a post-merge comment. Correct behavior: pause, fetch current state of each hinte
pr-conflict-from-mid-flight-merges
Diagnose and resolve a GitHub PR that flips to CONFLICTING / DIRTY (or "This branch has conflicts that must be resolved") because OTHER PRs landed on `main` while this PR was open. Use when: (1) a PR was clean when opened but is now CONFLICTING after hours/days, (2) `gh pr view N --json mergeStateStatus` returns DIRTY / mergeable CONFLICTING, (3) the feature branch has accumulated commits whose content is already on main via a different PR (squash-merged with a different SHA), (4) you need to figure out WHICH PRs landed and which of YOUR commits are now redundant before rebasing. Prescribes a 6-step recipe: gh status → list landed commits → detect redundant cherry-picks → reset to origin tip → rebase → reconcile.
pr-hijack-via-stale-worktree-branch-ref
Diagnose and recover from accidentally overwriting another session's open PR when `git push -u origin <branch>` in a long-lived worktree silently replaces the remote branch ref. Use when ANY of the following appears: (1) you ran `git checkout -b <branch> origin/main` and `git push -u` and git reported `* [new branch]` even though the branch already existed upstream, (2) `gh pr create` then errors with `a pull request for branch "<branch>" into branch "main" already exists` pointing to a PR you didn't author, (3) `gh pr view N --json commits` on that PR shows YOUR commit instead of the one the title/body describes, (4) you discover your worktree's session-start git status banner was stale (showed branch X but actual branch was Y). Pattern surfaces when a prior session in the SAME worktree opened a PR on a generically-named feature branch, then reset the worktree's local refs without cleaning the remote. Recovery requires `git push --force-with-lease` — a destructive op requiring explicit user authorization. Si
stacked-pr-base-branch-deletion-auto-closes-dependent
Recover from the trap where deleting a base PR's branch auto-closes any open dependent stacked PR, and the closed PR cannot be reopened or retargeted. Use when: (1) you set up a stacked PR pair (PR2's `base` field = PR1's branch instead of `main`), (2) you merged PR1 via squash, (3) PR1's remote branch got deleted — via ANY route: `gh pr merge <N> --squash --delete-branch`, `gh api -X DELETE refs/heads/<branch>`, or `gh pr merge` followed by separate branch cleanup — (4) the dependent PR2 is now reported as `state: CLOSED` even though you never closed it, (5) `gh pr reopen N` fails with `Could not open the pull request`, (6) `gh pr edit N --base main` fails with `Cannot change the base branch of a closed pull request`. The only recovery for the stacked-PR case is to open a fresh PR from the same head branch with base=main. **v1.2.0 (2026-05-19) adds the recoverable single-PR variant**: if the deleted branch was the HEAD of a single, in-flight, NEVER-MERGED PR (e.g. user deleted the branch after a failed merge
subagent-reports-complete-but-pr-unmerged
Catch the systematic gap between sub-agent "completed" status and the actual end state of a PR-merge orchestration task. Use when: (1) you've dispatched multiple parallel sub-agents (general-purpose or specialist) to open + review + merge PRs, (2) the parent receives `<task-notification>` with `status: completed` but the sub-agent's last action was waiting on CI, addressing a review finding, or pushing a rebased branch, (3) you're tempted to mark the parent task done based on the completion notification alone, (4) the parent has a TaskList tracking PR closure and you'd silently leave PRs OPEN. Root cause: sub-agents naturally terminate when they've kicked off the last asynchronous step (CI watcher, push command, reviewer dispatch), even if their brief required them to wait for that step's terminal state and then perform a follow-up (label, merge, delete-branch). The completion notification reflects sub-agent CONTEXT exhaustion, not orchestration COMPLETION. Observed 4/4 in one session. Fix: parent always runs
pre-mortem
Adversarial failure analysis across 12 dimensions before any consequential action — hooks, scripts, crons, config changes, deployments, gh pr create, git push. Blocks on HIGH/CATASTROPHIC until addressed.
gh-fix-ci
Inspect GitHub PR checks with gh, pull failing GitHub Actions logs, summarize failure context, then create a fix plan and implement after user approval. Use when a user asks to debug or fix failing PR CI/CD checks on GitHub Actions and wants a plan + code changes; for external checks (e.g., Buildkite), only report the details URL and mark them out of scope.
blog-topic-research
Stop writing blog posts nobody searches for. This skill builds your editorial backlog from real, verifiable user demand - never from AI vibes. It mines candidates from Google Suggest, People Also Ask, Reddit, Stack Overflow, GitHub issues, vendor forums, and changelogs; captures every signal as a citable URL with verbatim evidence; classifies each topic by post format (how-to-fix, x-vs-y, listicle, migration, release-recap, ...); checks against your existing backlog so you don't cannibalize what you already published; and outputs a writer-ready scaffold with primary sources, problem summary, confirmed fixes, version context, and FAQ variants. Built for content marketers, founders, indie hackers, and dev-tool teams who want a long-tail SEO pipeline backed by evidence instead of hallucinated keyword volumes. Trigger when the user says: 'research blog topics', 'find topics with real demand', 'expand the editorial backlog', 'research N long-tail topics', or any variant of growing a content pipeline with verified
ciloop
Use when CI is failing on a branch/PR and the user wants it driven back to green — "fix the failing CI", "CI is red, sort it out", "make the checks pass", "loop until CI is green". Pulls the real error from the failing GitHub Actions logs, reproduces it locally, fixes the confident failures, pushes once, and re-watches until green. The red-CI twin of reviewloop.
secret-capture
Capture a secret from the user via a hidden-input dialog and route it to exactly one destination (1Password, macOS Keychain, GitHub secret, Cloudflare Workers secret, Coolify env var, n8n credential, or a local .env file) without the value ever appearing in any tool result, log, or chat transcript. Auto-triggers whenever the agent needs a new credential, API key, token, password, or secret to configure a service, onboard an integration, set up an MCP, or rotate an existing credential. Use this every time you're about to say "paste your key here" — instead, invoke this skill.
ensemble-implement-bead
Implement a single beads task by ID through analysis, implementation, and PR creation (Codex skill for /ensemble:implement-bead)
adversarial-thinking
五维对抗验证 — 蒙多攻击自己的计划,在建造前摧毁
agentic-retrieval
Agentic 检索思维 — 蒙多的记忆不只是搜索,是主动推理
mcp-protocol
MCP(Model Context Protocol)协议认知 — 蒙多的工具扩展之道
code-review-security
Security-focused code review checklist and automated scanning patterns. Use when reviewing pull requests for security issues, auditing authentication/authorization code, checking for OWASP Top 10 vulnerabilities, or validating input sanitization. Covers SQL injection prevention, XSS protection, CSRF tokens, authentication flow review, secrets detection, dependency vulnerability scanning, and secure coding patterns for Python (FastAPI) and React. Does NOT cover deployment security (use docker-best-practices) or incident handling (use incident-response).
babysit-pr
Babysit a GitHub pull request after creation by continuously polling review comments, CI checks/workflow runs, and mergeability state until the PR is merged/closed or user help is required. Diagnose failures, retry likely flaky failures up to 3 times, auto-fix/push branch-related issues when appropriate, and keep watching open PRs so fresh review feedback is surfaced promptly. Use when the user asks Codex to monitor a PR, watch CI, handle review comments, or keep an eye on failures and feedback on an open PR.
codex-bug
Diagnose GitHub bug reports in openai/codex. Use when given a GitHub issue URL from openai/codex and asked to decide next steps such as verifying against the repo, requesting more info, or explaining why it is not a bug; follow any additional user-provided instructions.
codex-pr-body
Update the title and body of one or more pull requests.
git-workflow
Run git status / log / diff and list pull requests for the session's repo via the opendray gateway. Use whenever the user asks about "what's changed", "status", "diff", "open PRs", or wants to commit / push.
prism-scanner
Security scanner for AI Agent skills, plugins, and MCP servers. Use when: user asks to scan a skill, check if a plugin is safe, vet an MCP server, review skill security, detect malicious code, supply chain safety, or says 'is this safe to install', 'scan this skill', 'check this MCP server', 'security scan', 'vetting', 'skill safety', 'prism scan', '安全扫描', '这个插件安全吗', '扫描一下', '检查安全性', '安装前检查', '技能审查'.
setup-ci
Teaches CI/CD from first principles to a non-developer, then scaffolds a working test + deploy pipeline. Handles the common hosts (GitHub Actions, GitLab CI, CircleCI, Travis, Jenkins) and common deploy targets (SSH to VM, Vercel, Netlify, Fly.io, Cloud Run, Docker registries). Asks what the operator has before generating anything — never assumes.
devflow-finish
Use at the end of a Devflow Native task to record changed files, verification evidence, unresolved risks, PR or review recommendation, and the next-session prompt.
finish
Use when finishing a Devflow Native task from Codex; records evidence, checks documentation impact, respects Codex goal state, and asks the maintainer for commit/PR/continue direction.
ci-cd-pipeline
配置 CI/CD 流水线时使用。快、稳、可重复、可回滚。
pr-description
写 Pull Request 描述时使用。让 reviewer 快速理解与审查。
daily-news
This skill should be used when the user asks to "run daily news", "publish today's news", "draft today's vatt-ghern roundup", "do the daily-news routine", invokes `/vatt-ghern:daily-news`, or asks Claude to author tech-news posts for the vatt-ghern blog. The skill produces one daily-roundup HTML (10 items) plus up to three daily-deep-story HTML posts under `src/posts/YYYY/MM/DD/`, runs anti-duplication checks (exact source-URL/news_id against the full archive, fuzzy title similarity against the past 7 days), and opens a PR to `main`. Always use this skill (instead of authoring news posts ad-hoc) so output stays consistent with the archetype rules, design system, and dedup conventions.
apple-reminders
Manage Apple Reminders from the terminal via the remindctl CLI (add, list, complete) when the user wants iCloud-synced to-dos on macOS.
github-auth
Set up GitHub authentication (HTTPS tokens, SSH keys, gh CLI login) before working with repos, PRs, or issues.
github-code-review
Review local changes before pushing or review open GitHub PRs — diffs, checklist, inline comments, formal reviews via gh or REST.
github-issues
Create, view, search, triage, label, assign, comment on, and close GitHub issues via gh or the REST API.
github-pr-workflow
Run the full GitHub PR lifecycle — branch, commit, open PR, monitor CI, auto-fix failures, merge — via gh or git+curl.
good-readme
Create and improve README documents for GitHub projects. Use when the user wants to write a new README, improve an existing one, audit README quality, or asks about documentation best practices for their repository.
good-repo
Audit and configure the public GitHub repository surface: launch readiness, repo quality/adoption/trust, discoverability, contribution readiness, topics, homepage URL, description, issues/wiki/license/CI settings, owner/org-wide repo audits, repo popularity/adoption signals, README/package/GitHub metadata drift, URL/license/topics gaps, and Agent Skill repo packaging/evals. Use when the user asks for repo-level readiness, repo metadata/configuration, or visitor/contributor trust. Do not trigger for README-only writing, one PR descriptions/reviews, function-level code tests, or general implementation/architecture work; defer those to narrower specialists unless the user explicitly asks for repo-level readiness/proof/metadata judgment.
tsa-pr-review
AST-grounded PR / diff review. One workflow → per-file risk ranking, blast radius per changed symbol, the exact pytest command to gate merge, any architecture-constraint violations, and a final BLOCK / REVIEW / APPROVE verdict — in ~1–2k tokens and 4–6 MCP calls. Goes beyond a generic LLM diff-read because only TSA's `analyze_change_impact` returns a deterministic `verification_command` + `queue_ledger`, and only the persisted call graph can enumerate true callers/callees of changed symbols. (Per `docs/internal/COMPETITOR_HEAD_TO_HEAD_2026-05-23.md`: CodeGraphContext silently indexes 0 files, grep-ast crashes on Python 3.14, wrale miscounts imports. A pure-LLM diff reader has none of these guard-rails — it cannot reach the AST cache to enumerate callers, cannot consult `architectural-constraints.yml`, and invents a pytest command instead of reading the one TSA computed.) Use when: - Reviewing a local diff (`git diff`, staged, branch-vs-main) - Reviewing a GitHub PR URL - User asks "is this PR safe to merge?"
address-github-comments
Use when you need to address review or issue comments on an open GitHub Pull Request using the gh CLI.
browser-extension-developer
Use this skill when developing or maintaining browser extension code in the `browser/` directory, including Chrome/Firefox/Edge compatibility, content scripts, background scripts, or i18n updates.
cicd-automation-workflow-automate
You are a workflow automation expert specializing in creating efficient CI/CD pipelines, GitHub Actions workflows, and automated development processes. Design automation that reduces manual work, improves consistency, and accelerates delivery while maintaining quality and security.
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
codex-review
Professional code review with auto CHANGELOG generation, integrated with Codex AI
comprehensive-review-pr-enhance
You are a PR optimization expert specializing in creating high-quality pull requests that facilitate efficient code reviews. Generate comprehensive PR descriptions, automate review processes, and ensure PRs follow best practices for clarity, size, and reviewability.
context7-auto-research
Automatically fetch latest library/framework documentation for Claude Code via Context7 API
deploying-to-production
Automate creating a GitHub repository and deploying a web project to Vercel. Use when the user asks to deploy a website/app to production, publish a project, or set up GitHub + Vercel deployment.
devops-quality
Code quality standards, linting rules, and CI/CD principles.
exa-search
Semantic search, similar content discovery, and structured research using Exa API
firecrawl-scraper
Deep web scraping, screenshots, PDF parsing, and website crawling using Firecrawl API
git-pr-workflows-pr-enhance
You are a PR optimization expert specializing in creating high-quality pull requests that facilitate efficient code reviews. Generate comprehensive PR descriptions, automate review processes, and ensu
gitea
Gitea operations via tea CLI. Use when user mentions: gitea, tea, or when git remote shows a Gitea instance.
reviewing-code
Use when reviewing code changes, checking PRs, or evaluating code quality.
tavily-web
Web search, content extraction, crawling, and research capabilities using Tavily API
team-collaboration-issue
You are a GitHub issue resolution expert specializing in systematic bug investigation, feature implementation, and collaborative development workflows. Your expertise spans issue triage, root cause an
deploy
Deployment strategy, production-readiness gating, and rollback planning for AWS/EKS services. Use when user says 'how should I deploy this', 'blue-green or canary', 'are we ready to ship', 'production readiness', 'plan a rollback', 'pre-deploy check', or before a first production release. Pairs with /k8s, /ci, /github-actions, /tf which own the per-artifact checks.
finops
AWS cost optimization — waste detection, right-sizing, Savings Plans, RIs, EKS cost, multi-account governance. Use when user says 'reduce AWS bill', 'find waste', 'right-size this', 'should I buy SP or RI', 'gp2 vs gp3', 'EKS is expensive', 'NAT gateway cost', or asks about AWS cost optimization.
owasp
Security review against OWASP Top 10:2025, ASVS 5.0, and Agentic AI risks. Use when user says 'review for security', 'is this secure', 'check for vulnerabilities', 'review auth/authorization', 'check input handling', or when writing cryptography, session management, or AI agent code.
skill-creator
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, edit, or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.
bkt
Bitbucket CLI for Data Center and Cloud. Use when users need to manage repositories, pull requests, branches, issues, webhooks, or pipelines in Bitbucket. Triggers include "bitbucket", "bkt", "pull request", "PR", "repo list", "branch create", "Bitbucket Data Center", "Bitbucket Cloud", "keyring timeout".
code-review
Comprehensive code review checklist and methodology. Use when reviewing PRs, conducting code audits, or assessing code quality. Keywords: review, PR, code review, audit, assess, quality, check
kry-debrief
Act 1 — cửa vào pipeline build. Trigger khi user gõ /kry-debrief, hoặc nói 'bắt đầu build app', 'debrief dự án', 'tôi với team vừa họp xong', 'có đống ý tưởng cần làm rõ', 'kickoff project', 'dump ý tưởng app'. Skill bóc dump thô (note họp/brain-dump) → Business Brief có cấu trúc (spawn agent debrief-analyst) → hỏi bạn trên đúng 🚩 → KICKOFF dự án: git init repo private dưới github <YOUR_GH_USER> + commit Brief ngày 0 + đăng ký cron telegram nhắc bước kế qua <YOUR_TELEGRAM_BOT> + tạo sổ project-state. Đảm bảo người nocode không mất luồng, không mất commit. Sau đó hand off /kry-ux.
pr
Use when the user wants to create a new pull request, update an existing PR's body, open a draft PR, or preview a PR body locally before pushing.
awb-external-ref
WHAT: decide how to responsibly reuse code you found elsewhere — classify its license, choose PORT-the-code (carry the licence + attribution) vs SALVAGE-the-concept (reimplement the idea from scratch), screen fetched text for prompt-injection, and check supply-chain red flags. USE WHEN: about to copy or adapt code from outside the repo — a GitHub repo, a snippet, a blog, Stack Overflow, or an LLM ("can we use this?", "adopt this library's approach", "port this"). DO NOT TRIGGER: writing original code; pulling a vetted dependency through your normal, already-approved process; a pure licensing question with no code in play (answer it directly).
squawk
Alias for the `iago` skill. Appends a Mermaid diagram (sequence, flow, class, or entity-relation) to a GitHub PR's existing /review comment. Use whenever the user invokes /squawk or says "squawk this PR".
testing-strategy
Use when designing test plans for new features or improving existing test coverage. Covers test pyramid design, coverage targets, quality gates, and test file specifications. Do not use for codebase pattern audits or convention enforcement (use pattern-analysis).
enterprise-search-strategy
Use when the council needs to surface organizational knowledge buried across multiple internal sources (wikis, design docs, ADRs, past tickets, postmortems, chat archives, code repos). Plans where to look, what to cross-reference, and how to synthesize findings into evidence the council can act on. Do not use for external market research (use competitive-analysis), library evaluation (use library-evaluation), or technology trend assessment (use technology-radar).
investigacion-actualizada
Busca información actualizada antes de tomar decisiones técnicas. Prioriza documentación oficial, verifica vigencia y cruza al menos 2 fuentes.
golang-continuous-integration
Provides CI/CD pipeline configuration using GitHub Actions for Golang projects. Covers testing, linting, SAST, security scanning, code coverage, Dependabot, Renovate, GoReleaser, code review automation, and release pipelines. Use this whenever setting up CI for a Go project, configuring workflows, adding linters or security scanners, setting up Dependabot or Renovate, automating releases, or improving an existing CI pipeline. Also use when the user wants to add quality gates to their Go project.
golang-testing
Provides a comprehensive guide for writing production-ready Golang tests. Covers table-driven tests, test suites with testify, mocks, unit tests, integration tests, benchmarks, code coverage, parallel tests, fuzzing, fixtures, goroutine leak detection with goleak, snapshot testing, memory leaks, CI with GitHub Actions, and idiomatic naming conventions. Use this whenever writing tests, asking about testing patterns or setting up CI for Go projects. Essential for ANY test-related conversation in Go.
patrol
Run an opt-in Hive repository patrol scan for a registered project
codex-pr-plan
Plan phase for codex-pr-lessons playbook — load state, determine next batch of PRs to analyze
find-best-reviewers
Find the best code reviewers in a GitHub repository or for specific file paths — uses GraphQL to analyze PR review history, filters bots, weights review states, surfaces domain specialists
github-issue-workflow
Standard workflow for creating GitHub issues with assignment and worktree branch creation for immediate implementation. Includes branch strategy and worktree conventions.
github-trending-repos
Find and rank trending GitHub repositories by real activity signals (commit velocity, PR throughput, contributor growth) — filters out non-code repos and scores for contribution opportunity
kookr-post-push
Repo delivery-cycle follow-through after push or PR creation — verify mergeability, checklist state, CI, and early feedback by composing pr-lifecycle and pr-review-triage.
kookr-pr-lifecycle
Full PR lifecycle — creation, checklist tracking, CI monitoring, review resolution, body updates, and post-merge cleanup. Use together with post-push to finish PR follow-through.
code-review
专业的代码审查助手,提供结构化的审查流程、详细的检查清单和建设性的反馈指南。适用于审查Pull Request、代码提交或任何需要代码质量评估的场景,涵盖功能性、安全性、性能、测试、文档、架构设计等多个维度。
daily-ai-tech-discord-briefing
Use when setting up a Hermes Agent cron job that sends a concise daily AI/tech briefing to a Discord tech-research channel, including current AI/tech news and hot GitHub AI/developer projects.
genesis-architect
Use when starting a new project. Genesis finds real production failures from similar GitHub repos, then builds a working MVP immediately - not just documents. Two modes: fast-mvp (5 min research cap, builds right after) and deep-research (full analysis). Success = user can run the project. Triggers on: "genesis init [vision]", "I want to build X", "scaffold", "new project", "set up project", "start building", "create a tool", "make a CLI", "bootstrap", "בנה פרויקט", "צור פרויקט", "התחל פרויקט".
miki-review-loop
Miki's personal pre-self-review loop. Iteratively runs /review on the current PR and addresses obvious issues until only minor nits remain or 3 iterations have run. Surfaces judgment calls back to the user, makes atomic commits per project convention, pushes once at the end. Invoke when the user says "/miki-review-loop", "loop the review", "iterate on the review", or similar after a PR has been created.
devops
DevOps practices, CI/CD, and infrastructure management
resource-scout
Search and discover Claude Code skills and MCP servers from marketplaces, GitHub repositories, and registries. Use when (1) user asks to find skills for a specific task, (2) looking for MCP servers to connect external tools, (3) user mentions "find skill", "search MCP", "discover tools", or "what skills exist for X", (4) before creating a custom skill to check if one already exists.
bug-researcher
Investigates code bugs and files GitHub issues.
mb-help
Answer questions about Main Branch and Claude Code. Use when: user asks how/what/why questions, is confused about the business folder, CLI, skills, setup, errors, workflow, or what to do next.
babysit
Babysit a GitHub PR to a green approval, looping until the GOAL (fresh APPROVED + CI green + mergeable) is reached. Run under /loop for hands-off "don't stop until green". Each pass verifies every review finding, fixes the valid ones, pushes back on the invalid, and replies on every thread. Use when the user says "babysit", "babysit the PR", "watch the PR", or "drive the PR to green".
project-maker
Workflow Spec-Driven Development para criar projetos ou adicionar features com IA de forma estruturada. Use este skill quando o usuário quiser organizar uma ideia de projeto, fazer brainstorming, criar um projeto do zero, planejar uma nova feature, quebrar uma spec em tarefas, pesquisar e planejar uma issue, ou executar uma implementação. Sempre use antes de começar qualquer projeto ou feature nova. Triggers explícitos: "criar projeto", "nova feature", "quero construir algo", "organizar minha ideia", "brainstorming de projeto", "planejar implementação", "quebrar em issues", "implementar issue", "validar feature", "testar feature", "revisar segurança", "criar PR", "abrir pull request", "/discover", "/init", "/spec", "/break", "/plan", "/execute", "/verify", "/secure", "/ship", "/build".
monitor-pr
Watch an open pull request for new CI failures and review comments and drive it to a clean state. Uses the Monitor tool to stream PR status changes in real time so reactions are immediate instead of polled. Handles CodeRabbit nitpicks with judgment (do not blanket-skip) and treats "out of date" comments as still-relevant until proven otherwise. Replies to and resolves each thread as it's addressed. Triggers: "monitor the PR", "watch the PR for comments", "keep an eye on the PR", "address PR feedback as it lands", /monitor-pr.
scraperapi-cli
Product-usage reference for the official ScraperAPI command-line tool (`sapi`, distributed as `scraperapi-cli`). Use this skill whenever the user wants to scrape, run async jobs, fetch structured data, manage crawls, check account credits, or drive DataPipeline projects from a terminal or shell script — anywhere a one-liner is more convenient than writing SDK code. Trigger on: "scrape this URL from the terminal", "use sapi to fetch X", "ScraperAPI CLI", "ScraperAPI from bash", "sapi scrape", "sapi cost", "sapi jobs", "sapi structured amazon", "pipe ScraperAPI into jq", "shell one-liner to scrape Y", "scrape from a Makefile / cron / CI", "check my ScraperAPI credits from the command line", "submit 10000 URLs as a batch from a file". Covers install, auth resolution order, every top-level command (`scrape`, `cost`, `jobs`, `structured`, `crawler`, `pipeline`, `account`, `config`, `init`), JSON / piping behaviour, pre-flight cost checks, and common shell recipes.
mind-mem-development
MIND-Mem Python development guide
edpaengine
Run EDPA evidence-driven calculation for an iteration. Gathers GitHub delivery evidence (commits, PRs, reviews, comments), computes CW from heuristics, calculates Score and DerivedHours, validates invariants. Use when closing an iteration, computing derived hours, or running "EDPA výpočet". Produces per-person allocation data for the reports skill.
edpasetup
Initialize EDPA V2 governance for a project. Vendors the engine (scripts + schemas + templates) into `.edpa/engine/`, creates `.edpa/config/{edpa.yaml,people.yaml}`, seeds id_counters.yaml, and optionally copies the PR-signal CI workflow + installs git hooks. No GitHub Project provisioning (V1 path removed in 2.0.0).
engine
Run EDPA evidence-driven calculation for an iteration. Gathers GitHub delivery evidence (commits, PRs, reviews, comments), computes CW from heuristics, calculates Score and DerivedHours, validates invariants. Use when closing an iteration, computing derived hours, or running "EDPA výpočet". Produces per-person allocation data for the reports skill.
setup
Initialize EDPA V2 governance for a project. Vendors the engine (scripts + schemas + templates) into `.edpa/engine/`, creates `.edpa/config/{edpa.yaml,people.yaml}`, seeds id_counters.yaml, and optionally copies the PR-signal CI workflow + installs git hooks. No GitHub Project provisioning (V1 path removed in 2.0.0).
devops-engineer
Use when setting up CI/CD pipelines, containerizing applications, or managing infrastructure as code. Invoke for pipelines, Docker, Kubernetes, cloud platforms, GitOps.
debug
Investigation-first debugging — gather evidence, form confirmed root-cause hypothesis, hand off to fix mode with diagnosis file.
commit-push-pr
Commit, push, and open a PR. Use when the user wants to ship changes, create a pull request, or says things like 'commit and push', 'open a PR', 'ship it', 'send it', 'create a PR for this', or 'push this up'.
define-deployment
Capture deployment characteristics for both production and development — hosting, IaC, CI/CD, secrets, observability, local dev environment, containerization, hot reload, and seed data. Use when the project-builder agent is gathering deployment information.
wait-and-monitor-operations
Safely wait for and monitor any external-consequence outcome — CI runs, deploys, queue drains, container/service health, files appearing on disk — using the general "pre-flight the polled command, cap the loop, check exit code every iteration" pattern that prevents silent infinite stalls. Documents the reusable `wait_until` wrapper plus a concrete GitHub Actions instantiation (push / tag / PR-triggered runs, terminal-state field vocabularies, log-failed extraction) with every foot-gun that silently breaks polls. Use whenever a Claude run needs to wait for an asynchronous outcome before its next step.
mundo-sync
蒙多三合一同步协议 — 每次更新后强制执行
analyzing-projects
Analyzes codebases to understand structure, tech stack, patterns, and conventions. Use when onboarding to a new project, exploring unfamiliar code, or when asked "how does this work?" or "what's the architecture?"
managing-git
Manages Git workflows including branching, commits, and pull requests. Use when working with Git, creating commits, opening PRs, managing branches, resolving conflicts, or when asked about version control best practices.
swift-code-reviewer
Perform thorough code reviews for Swift/SwiftUI code, analyzing code quality, architecture, performance, security, and adherence to Swift 6+ best practices, SwiftUI patterns, navigation architecture, sheet routing, theming, async state, iOS/macOS platform guidelines, and project-specific coding standards from .claude/CLAUDE.md. Use when reviewing code changes, performing quality audits, or providing structured feedback on Swift codebases with all severity levels and positive feedback.
ai-video-remix
AI-driven video remix generator that uses ShotAI semantic search + LLM planning + Remotion rendering to produce styled video compositions from a user's local video library. Use when the user asks to create a video remix, highlight reel, travel vlog, sports highlight, nature montage, or any styled video cut from their library. Triggers on requests like "帮我做一个混剪", "make a travel vlog from my library", "create a sports highlight", or "generate a video with my footage". Requires ShotAI (local MCP server) to be running. Works with any OpenAI-compatible LLM API or falls back to heuristic mode with no API key.
scrum-master-agent
Comprehensive Scrum Master assistant for sprint planning, backlog grooming, retrospectives, capacity planning, and daily standups with intelligent context-aware reporting
github-issues
Create, manage, triage, and close GitHub issues. Search existing issues, add labels, assign people, and link to PRs. Works with gh CLI or falls back to git + GitHub REST API via curl.
azure-artifacts
Expert knowledge for Azure Artifacts development including best practices, decision making, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when managing feeds, upstream sources, package publishing/restore, GitHub Actions CI/CD, or npm/NuGet config, and other Azure Artifacts related development tasks. Not for Azure DevOps (use azure-devops), Azure Pipelines (use azure-pipelines), Azure Repos (use azure-repos), Azure Boards (use azure-boards).
azure-container-apps
Expert knowledge for Azure Container Apps development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. Use when configuring ingress/scale, Entra/OIDC auth, GitHub Actions CI/CD, Dapr integrations, or Java microservices on ACA, and other Azure Container Apps related development tasks. Not for Azure App Service (use azure-app-service), Azure Functions (use azure-functions), Azure Kubernetes Service (AKS) (use azure-kubernetes-service), Azure Spring Apps (use azure-spring-apps).
azure-container-instances
Expert knowledge for Azure Container Instances development including troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, and deployment. Use when configuring ACI networking, standby pools, GitHub Actions deploys, Spot containers, or GPU workloads, and other Azure Container Instances related development tasks. Not for Azure Container Apps (use azure-container-apps), Azure Kubernetes Service (AKS) (use azure-kubernetes-service), Azure App Service (use azure-app-service), Azure Virtual Machines (use azure-virtual-machines).
web-ci-spec
Produce a sprint CI.md covering pipeline stages, secrets handling, deployment strategy, and rollback for GitHub Actions / Cloud Build / GitLab CI / etc. Coordinator-only — produces drafts, never modifies live workflows. Pauses for user confirmation.
pr-review-analysis
Analyze PR review comments from a GitHub PR URL. Fetch review comments, verify each finding against the actual codebase, assess validity (correct/incorrect/partial), present a structured summary with recommended actions, and optionally reply to each comment on GitHub. Use when given a PR review URL or when asked to check/analyze PR feedback.
ops-mobile-release
Publishing apps to the App Store and Google Play. Trigger when the user wants to deploy a mobile app or configure Fastlane.
hugging-face-papers
Read and analyze Hugging Face paper pages or arXiv papers with markdown and papers API metadata.
pbi-lifecycle
End-to-end Power BI delivery project lifecycle — folder bootstrap, PBIP file scaffold, Git tracking with private GitHub repo, theme refresh propagation, and environment promotion (Dev → Test → Prod). One skill that takes a Power BI delivery project from "empty disk" to "deployable, version-controlled, env-promotable" without requiring the operator to know git, the PBIP file format, or the MAX_PATH 256 quirks of Power BI Desktop. Phase 1 (folder bootstrap, additive-only) is generic and runs against any client. Phase 2 (PBIP scaffold from scratch in PBIR-Legacy with Auto Date/Time disabled by default and theme auto-applied) generates a working .pbip file that opens cleanly. Phase 3 (Git + GitHub CLI integration with always-private repos and project-scoped commits) gives version control without the operator typing a single git command. Phases 4 and 5 (theme refresh, env promotion) ship as design-locked roadmap until real-PBIP calibration completes. Use this skill whenever the operator asks anything resembling st
code-review
Structured, taxonomy-guided code review with selective category focus. Performs two-pass review (detect then verify) across 16 error categories with independent severity, confidence, and qualifier axes. Use when reviewing a PR, reviewing staged changes, performing a pre-merge quality gate, or when asked to review specific files or a diff.
code-reviewer
Reviews pull-request diffs for project-guideline violations, bugs, and code-quality issues. Filters aggressively for high-confidence findings (>= 80) and reports with file:line locations grouped by severity. Use when reviewing code added or modified by a PR.
code-simplifier
Suggests simplifications for code modified in a pull request while preserving exact functionality. Applies project standards (CLAUDE.md/AGENTS.md), reduces unnecessary complexity, and avoids over-simplification that hurts readability. Use when reviewing PRs to recommend clarity-improving refactors.
comment-analyzer
Audits code comments added or changed by a pull request for factual accuracy against the code, long-term maintenance value, and misleading content. Recommends specific edits, additions, or removals. Use when reviewing PRs that include new or modified comments, docstrings, or inline documentation.
pr-test-analyzer
Reviews pull-request test coverage for critical gaps, edge cases, and brittle implementation-coupled tests. Prioritises behavioral coverage over line coverage and rates each finding 1-10 by criticality. Use when reviewing PRs that add or modify functionality and you want to assess whether the accompanying tests are adequate.
silent-failure-hunter
Audits error-handling code in a pull request for silent failures, broad catch blocks, unjustified fallbacks, and unactionable error messages. Surfaces hidden failures users would otherwise hit in production. Use when reviewing PRs that add or modify try/catch, error callbacks, or fallback logic.
type-design-analyzer
Analyzes newly-added or significantly-modified types in a pull request for invariant strength, encapsulation, and enforcement. Produces 1-10 ratings on encapsulation/expression/usefulness/enforcement with concrete improvement suggestions. Use when reviewing PRs that introduce or substantially change types, classes, structs, enums, or data models.
x-promoter
Turn a public GitHub repo into a posted X (Twitter) tweet. Three primitives: `summarize-repo.sh` (gh/WebFetch → structured JSON), `draft-tweet.sh` (JSON → 3 variants, ≤280 chars each, with provenance), `post-tweet.sh` (Playwright, persistent profile, draft-then-approve, posts a single tweet or a 2–5 tweet thread). Triggered when the user asks to promote, tweet, or "post on X" a given GitHub project.
x-promoter
Turn a public GitHub repo into a posted X (Twitter) tweet. Three primitives: `summarize-repo.sh` (gh/WebFetch → structured JSON), `draft-tweet.sh` (JSON → 3 variants, ≤280 chars each, with provenance), `post-tweet.sh` (Playwright, persistent profile, draft-then-approve, posts a single tweet or a 2–5 tweet thread). Triggered when the user asks to promote, tweet, or "post on X" a given GitHub project.
ci-setup
Configure CI/CD pipelines for GitHub Actions, GitLab CI, CircleCI with best practices
dependency-versions
MUST consult this skill before answering whenever the user's task involves external versioned dependencies — even if you think you can handle it directly. This applies to: checking if packages/tools are up to date, upgrading npm/pip/cargo/go dependencies, planning or writing CI/CD workflows (GitHub Actions, CircleCI, GitLab CI), pinning action versions, reviewing Dockerfiles or base images, checking Terraform providers or modules for drift, reviewing Helm chart versions, verifying Kubernetes/EKS/cloud resource versions, updating pre-commit hooks, writing Dependabot configs, or any task where the user mentions specific version numbers, package names, or config files like package.json, pyproject.toml, Dockerfile, .pre-commit-config.yaml, main.tf, or values.yaml. Even casual requests like "is this still current" or "has anything drifted" require this skill because your training data is unreliable for volatile version facts. Do NOT use for: refactoring code, writing tests, debugging errors, designing APIs, or tas
next-issue
Surveys the current repo's open GitHub issues, ranks them by triage label and dependency graph, and recommends an optimal execution order; when you pick one to start, it gates on whether the issue is clear enough to execute and routes unclear ones to the grill-with-docs skill before any code is written. It can also render the board as a self-contained HTML map that groups issues into business lines, draws their dependency arrows, and spells out which feature each chain ships once completed. Use WHENEVER the user asks what to work on next, which issue to pick up, to list / prioritize / sequence the backlog, for a dependency analysis, to visualize / draw / map the issues, their relationships, business lines, or what completing a chain unlocks, anything about *their own* issues ("my issues", who's blocking me, who's waiting on me, "我负责的 / 分给我的 / 谁在阻塞我 / 谁在等我"), "下一个做什么 / 排一下 issue 优先级 / 接下来推进哪个 / 这个 issue 能直接做吗 / 把 issue 关系和业务线画出来 / 生成依赖图 / 看板", or is about to start an issue and needs to know if it's ready — eve
pr-lifecycle
Full PR lifecycle management: list, analyze, validate, and merge pull requests. Auto-detects validation gates per package and integrates a code-review pass for code analysis. Use when: managing PRs, checking PR status, reviewing open PRs, merging PRs, triaging PRs, cleaning up stale PRs, validating PR readiness, or any PR maintenance task. Even if the user just says 'merge', 'PR status', 'open PRs', 'stale PRs', 'validate branch', 'triage', or references a PR number — this skill applies.
profile
View or edit the shared profile that the oss-contribute plugin uses for stable preferences (watched repos, languages, default GitHub account, default budget, what "ripe" means). All other skills in the plugin read from this same file so settings never drift across surfaces.
ship
Full deployment pipeline — tests, coverage audit, CHANGELOG generation, bisectable commits, and PR creation. Use when a change is verified and ready to ship as a pull request.
github
GitHub operations: list/create issues, PRs, check CI, manage repos. Requires GH_TOKEN.
dependency-extraction-multilang
Extract dependencies from package.json, requirements.txt, and pyproject.toml. Use when analyzing repo tech stacks, building dependency graphs, or matching projects by technology.
github-discovery-scoring
Score GitHub repos for project relevance using weighted dependency/topic matching. Use when building recommendation engines, filtering discovery results, or ranking repositories.
cls-certify
CocoLoop Safe (CLS) Skill 安全认证。对 Agent Skills 进行六维深度安全分析(静态代码、动态行为、依赖审计、网络流量、隐私合规、威胁情报),输出 S+/S/A/B/C/D 等级评估和 HTML/PDF 可视化报告。使用当用户需要检查 skill 安全性、验证 skill 是否可信、分析 skill 代码安全���、评估 skill 风险等级时。
code-reviewer
Code review automation for TypeScript, JavaScript, Python, Go, Swift, Kotlin. Analyzes PRs for complexity and risk, checks code quality for SOLID violations and code smells, generates review reports. Use when reviewing pull requests, analyzing code quality, identifying issues, generating review checklists.
expert-panel-review
Run code, architecture, systems, or proposed changes through a panel of world-class engineering perspectives. Each panelist reads the ACTUAL source files before judging. Use this skill whenever the user asks to: review code quality, get expert opinions, assess architecture decisions, evaluate a refactor plan, critique a design, run something 'through expert eyes', get a 'Linus review', assess quality against the best projects, compare to top OSS standards, or get unbiased multi-perspective feedback. Also trigger for: 'what would X think of this', 'is this good enough', 'how does this compare to the best', 'give me honest feedback', 'tear this apart', 'brutal review', 'no-bullshit assessment'. This is for EVALUATING existing code or proposals — not for writing new code or extracting system structure (use system-layer-extraction for that).
system-layer-extraction
Deep architectural investigation that extracts, documents, and maps every system in a codebase. Use this skill whenever the user asks to: extract layers, map systems, analyze architecture, investigate codebase structure, document system boundaries, create a system map, understand how systems relate, audit dependencies, assess isolation, or do any form of comprehensive architectural analysis. Also trigger when the user says things like 'I want to see all the layers', 'map out the systems', 'what are the moving parts', 'how is this structured', or 'give me the full picture of the architecture'. This is NOT for reviewing code quality or individual files — it's for understanding the full system topology.
session-analytics
Analyze session transcripts to extract data, diagnose anti-patterns, and generate GitHub issues from findings.
review-deep
Deep multi-agent code review — parallel agents cross-check each other to catch critical bugs
carsim-simulation
CarSim 联合仿真开发:场景生成、车辆配置、结果分析。触发词:CarSim、carsim、联合仿真、车辆仿真、道路仿真、高架桥仿真、弯道仿真、制动仿真。兼容 CarSim 2019.0+。
cross-platform-launcher
创建跨平台项目启动器:HTML 可视化页面 + macOS .command 脚本 + Windows .bat 脚本。 自动检测应用程序路径 + 菜单式交互。触发:启动器、launcher、一键启动、双击即用、 桌面快捷方式、不想点 bat 文件。适用于 MATLAB、CCS、Hermes 等任何需要简化启动流程的工具。
cua-driver
Drive a native macOS app via the cua-driver CLI (default) or MCP server — snapshot its AX tree, click/type/scroll by element_index, verify via re-snapshot. Use when the user asks you to operate, drive, automate, or perform a GUI task in a real macOS application on the host (e.g. "open a file in TextEdit", "navigate to /Applications in Finder", "click the Save button in Numbers").
doc-coauthoring
Guide users through a structured workflow for co-authoring documentation. Use when user wants to write documentation, proposals, technical specs, decision docs, or similar structured content. This workflow helps users efficiently transfer context, refine content through iteration, and verify the doc works for readers. Trigger when user mentions writing docs, creating proposals, drafting specs, or similar documentation tasks.
matlab-ai-generator
根据用户提供的精确参数生成 MATLAB/Simulink 仿真代码。使用场景:用户要求生成 MATLAB 脚本、Simulink 模型、仿真代码,或要求修改现有仿真参数时自动触发。
matlab-simulink-generator
自动生成 Simulink 模型(.slx 文件)。使用场景:用户要求生成 Simulink 模型、搭建仿真模型、创建控制系统模型时自动触发。兼容 R2016b。
nature-academic-search
Multi-source literature search, citation verification, MeSH search strategy, citation file management (.nbib/.ris/.bib conversion), and reference management (BibTeX, related articles, ID conversion) via MCP tools (PubMed, CrossRef, arXiv). Use when the user needs coordinated multi-step literature workflows beyond a single MCP call.
nature-citation
Add strict Nature/CNS citations to manuscript text by splitting long passages into citable segments, searching only accepted flagship and subjournal titles from Nature Portfolio, the AAAS Science family, and Cell Press, filtering by publication time range, and exporting one reference-manager-ready output by default. Use this skill whenever the user asks to input text and automatically get references, add citations to a paragraph/manuscript, find Nature-series or CNS support for statements, create text-to-reference correspondence, "分段引用", "自动给出引用", "Nature系列引用", "CNS及子刊", "支撑文献", "补引用", "找引用", or export EndNote/RIS/ENW/Zotero RDF.
nature-data
Prepare, audit, or revise Nature-ready Data Availability statements, data repository plans, dataset citations, and FAIR metadata checklists for manuscripts. Use when the user asks about Nature data availability, research data sharing, repository selection, accession numbers, restricted or sensitive data, source data, supplementary datasets, DataCite-style dataset references, FAIR metadata for academic publication, or Chinese-to-English data availability wording for Chinese-speaking authors preparing Nature-family submissions.
nature-figure
Submission-grade Nature/high-impact journal figure workflow for Python or R. Use whenever the user asks to create, revise, audit, or polish manuscript figures, multi-panel scientific plots, figures4papers-style matplotlib plots, or journal-ready SVG/PDF/TIFF outputs, especially for Nature-family or other high-impact journals. Before plotting, define the figure's conclusion, evidence logic, export needs, and review risks. If the user has not chosen Python or R, ask "Python or R?" and stop. Use only the selected backend for figure generation, previewing, exporting, and QA. Supports matplotlib/seaborn and ggplot2/patchwork/ComplexHeatmap. Not for dashboards or Illustrator/Figma-first infographics.
nature-paper2ppt
Build a complete but efficient Nature-style Chinese PPTX presentation from a scientific paper, preprint, PDF, article text, abstract, figure legends, or reading notes. Use this skill whenever the user asks to make slides/PPT/PPTX for journal club, group meeting, paper sharing, thesis seminar, lab meeting, department report, or academic presentation from a research paper, not only medical papers. It identifies the paper type and argument, selects only the figures needed for the story, writes Chinese slide content and speaker notes, creates the actual .pptx deck, and performs lightweight verification with cross-platform Python tooling by default.
nature-reader
Build full-paper Chinese-English side-by-side, figure/table-aware, source-grounded Markdown readers for journal or conference papers from PDF, DOI, arXiv, publisher HTML, or pasted text. Use whenever the user asks to translate or read a paper, make 中英文对照/原文对照/全文翻译解读, extract figures or tables into the right positions, preserve figure/table placement near relevant prose, or keep exact source anchors for every block. This skill must not degrade into a summary-only output unless the user explicitly asks for a summary.
neat-freak
End-of-session knowledge cleanup with OCD-level rigor — reconciles project docs (CLAUDE.md, README.md, docs/) and agent memory against the code so nothing rots. 会话结束后对项目文档和记忆进行洁癖级审查与���步。MUST trigger when the user says: "sync up", "tidy up docs", "update memory", "clean up docs", "/sync", "/neat", "同步一下", "整理文档", "整理一下", "更新记忆", "梳理一下", "收尾", "这个阶段做完了", "新人能直接上手", or any phrase suggesting a dev milestone where knowledge needs reconciliation. Also trigger when the user reports stale docs, conflicting memories, or wants a clean handoff to teammates or other agents. Bare "整理" / "tidy" with prior dev context counts — do not under-trigger. Cross-platform: works on Claude Code, OpenAI Codex, OpenCode, and OpenClaw.
research-rigor
蒙多科研辩证思维引擎 — 将顶级期刊(Nature/Science/Cell)级别的科研严谨性注入蒙多的每一个任务。 核心方法论:盲假设协议 + 证据质量Rubric + 跨模型对审 + 观察生命周期 + 校准反馈循环。 适用场景:论文写作、实验设计、数据分析、方案论证、技术选型、架构评审、任何需要严谨推理的任务。 触发词:科研/辩证/严谨/论证/假设/验证/实验/review/peer review/方案对比/技术选型/架构评审。 灵感来源:cheat-on-content (XBuilderLAB) 的校准预测循环方法论。
resume-builder
制作/优化专业简历(HTML格式)。触发词:简历、resume、CV、求职、找工作、投简历。自动加载,白底专业风格,禁止深色主题和过度设计。
create-pr
Create a pull request for the current session. Use when the user wants to open a PR with the session's changes.
babysit-pr
Babysit a GitHub pull request after creation by continuously polling review comments, CI checks/workflow runs, and mergeability state until the PR is merged/closed or user help is required. Diagnose failures, retry likely flaky failures up to 3 times, auto-fix/push branch-related issues when appropriate, and keep watching open PRs so fresh review feedback is surfaced promptly. Use when the user asks Claude to monitor a PR, watch CI, handle review comments, or keep an eye on failures and feedback on an open PR.
plan-dev
Plan development work — structure tasks into phases, review with user, then create GitHub issues. Use when the user asks to plan, decompose, structure, organize, or break down a task, spec, issue URL, or list of fixes into phases before coding.
pr-dev
Manage PR lifecycle — fetch fresh PR state, address every unresolved review thread, fix CI, get user approval, then squash-merge and clean up. Use when the user wants to drive a PR through review and merge.
architecture-ownership-topology
Use when architecture crosses ownership or review boundaries: CODEOWNERS/OWNERS, module coverage, cross-owned dependencies, socio-technical coordination, and governance paths.
meremoth-devops-craft
How Meremoth builds CI/CD pipelines — GitLab CI / GitHub Actions stages, secret marshalling via SOPS, hash-based config drift detection, SSH-direct deploy patterns, the prepare-not-execute rule, and the "check the CI AND the remote script" diverge-silently rule. Invoke when a pipeline or release-automation change is in scope.
nexus-debugging
Use when something is failing, regressing, or behaving unexpectedly and the goal is root-cause analysis, narrowest fix, and verification. Covers CI/CD, tests, runtime, deployment, and tooling failures. Output should be RCA + fix + prevention, not design options. When in doubt, use this skill.
manage-aomi-skill
Manage the aomi skill distribution pipeline. Trigger when the user asks about platform submission status, wants to push a skill update to a distribution channel, needs to add a new platform, wants to check staleness, or asks about any platform in _registry.yaml, including PR #679, PR #575, PR #21, issue #36, clawhub, codex-marketplace, agensi, lobehub, or anthropic submission.
skill-vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
competlab-ai-ecosystem
Measures EXTERNAL developer-ecosystem signals around each competitor — GitHub organization meta, top-starred repos, npm/PyPI download volumes, community-built MCP servers (not first-party), integration marketplace presence, Claude Skills directories, agent-toolkit repos. Complements competlab-agent-adoption (which measures FIRST-PARTY signals). Use when the user asks "developer adoption", "GitHub presence", "npm downloads", "marketplace presence", "agent-ecosystem strength", "community signals around [competitor]". Requires CompetLab MCP + Bash (GitHub + npm + PyPI API, mostly unauth) + WebSearch + Perplexity with URL verification.
uselink-pr-digest
Summarize a pull request as a stakeholder-friendly HTML page and publish to uselink. Use when the user wants to share PR changes with PMs, reviewers, or business stakeholders who don't read diffs.
uselink-repo-summary
Scan a GitHub repo (local or remote), generate an architecture overview as HTML, and publish to uselink. Use when the user wants to share a repo summary, architecture overview, or codebase tour with stakeholders who don't have repo access.
dare-layered-design
Enforce arquitetura estrita de 4 camadas (Handlers, Services, Repositories, Models) em todos os projetos DARE, independente de linguagem ou framework. Inspirado em "Layered Design for Ruby on Rails Applications" de Vladimir Dementyev (Evil Martians).
dare-quality-telemetry
Coleta de métricas de qualidade e detecção de regressões em projetos DARE. Agrega métricas das skills filhas (dare-ax, dare-layered-design, etc.), persiste histórico em tmp/dare_metrics.json e detecta regressões contra baseline. Inclui template de GitHub Actions.
doncheli-changelog
Auto-generate CHANGELOG.md entries from git commit history. Activate when user mentions "changelog", "release notes", "what changed", "generate changelog", "CHANGELOG", "release history".
doncheli-pr-review
Perform a structured code review of a pull request aligned with SDD principles. Activate when user mentions "PR review", "pull request", "review PR", "code review", "review this diff".
doncheli-webhook
Configure and test webhooks and automation triggers for the project. Activate when user mentions "webhook", "trigger", "automation", "event hook", "notify on", "callback URL".
testing-strategy
Use when designing test plans for new features or improving existing test coverage. Covers test pyramid design, coverage targets, quality gates, and test file specifications. Do not use for codebase pattern audits or convention enforcement (use pattern-analysis).
pentest-cicd
CI/CD red team methodology — GitHub Actions, GitLab CI, Jenkins pipeline security analysis, secret leak, workflow injection advisory. Triggers on CI/CD pentest, GitHub Actions security, GitLab CI, Jenkins, pipeline injection, workflow injection, secret leak, OIDC abuse, runner takeover, supply chain.
auto-propose-backlog-specs
sr:auto-propose-backlog-specs — Generate new feature ideas through product discovery, create GitHub Issues.
get-backlog-specs
sr:get-backlog-specs — View product-driven backlog from GitHub Issues and propose top 3 for implementation.
refactor-recommender
sr:refactor-recommender — Scan the codebase for refactoring opportunities ranked by impact/effort ratio. Optionally creates GitHub Issues for tracking.
develop
Project conventions and recurring gotchas for implementer agents working on agent-orchestrator, plus Rust-specific LLM gotchas. Use before opening a PR for any change in orchestrator/, tests/, docs/, or plans/, and for any change in a Rust codebase.
review
Review checklist for reviewer agents on agent-orchestrator PRs, plus Rust-specific LLM defect patterns. Use when evaluating a developer-produced branch before approval or change-requests, including Rust PRs.
pitch-generator
Generate concise, audience-targeted pitch drafts for products, projects, and ideas — with dedicated guidance for pre-seed fundraising.
tenet-build-ci
Audits CI, reproducible builds, lockfiles, pinned tools, secret handling, and image security.
tenet-supply-chain-license
Audits dependency provenance, lockfiles, action/image pinning, licenses, and supply-chain risk.
vercel-github-actions-deploy
Set up GitHub Actions to deploy any Vercel project using the Git Author Override method, enabling teammates to deploy on the free Hobby plan. Use when the user asks about Vercel deployment via GitHub Actions, CI/CD for Vercel, letting teammates deploy on Vercel free plan, bypassing Vercel's Hobby plan deploy restrictions, or automating Vercel production deploys. Covers workflow setup, GitHub Secrets configuration, and package manager variants (bun, npm, pnpm).
codex-pr-review
Revisa pull requests en proyectos Drupal 11 (u otro) siguiendo la metodología Codex (lógica de negocio, edge cases de hooks/queries, seguridad, performance, completitud). Genera un informe .md en la carpeta del IDE detectado (.antigravity/, .cursor/, .vscode/ o docs/) con hallazgos por severidad y soluciones accionables. Usar cuando el usuario pida "revisión Codex", "revisión de PR", "revisar PR", "revisar PR
create-pr
Creates a PrestaShop pull request with the required metadata table. Triggers when asked to create, open, submit, or push a PR, or when mentioning "pull request" in the context of contributing.
docker-skills
Docker containerization patterns, best practices, and multi-stage builds
speckit-taskstoissues
Convert existing tasks into actionable, dependency-ordered GitHub issues for the feature based on available design artifacts.
notebooklm
Complete API for Google NotebookLM - full programmatic access including features not in the web UI. Create notebooks, add sources, generate all artifact types, download in multiple formats. Activates on explicit /notebooklm or intent like "create a podcast about X"
security-scan
Detect CWE-78 (command injection) regex patterns in Python, PowerShell, Bash, and C# files before PR submission. CWE-22 is delegated to CodeQL; see Scope. Use when you ask "scan for command injection", "CWE-78 check before PR". Do NOT use to decide whether security review is warranted (use security-detection).
review
Review a GitHub PR or GitLab MR with craft-level attention to semantic HTML, CSS architecture, accessibility, TypeScript patterns, and code quality. Auto-detects platform from URL or git remote. Proposes inline diff comments, shows them for approval, only posts what the user approves. TRIGGER when the user says "/review", "review this PR/MR", "review <url>", or passes a PR/MR number.
scaffold-sub-issues-gh
GitHub · GitHub-Issues sibling of /abc:scaffold-sub-issues. Reads one or more PLAN-*.md files and turns them into a GitHub parent issue plus child issues, using a managed task-list-in-body for hierarchy and label conventions for state/dependencies. Either creates a new parent (auto-detect / new-parent mode) or adds children to an existing parent (when `<owner>/<repo>#<n>` is passed). Output is a parent issue URL you can paste into /abc:ship-issue-gh or /abc:ship-epic-gh. TRIGGER when the user says "/scaffold-sub-issues-gh", "create GitHub issues from this plan", "scaffold sub-issues for owner/repo#N", or passes a PLAN-*.md path while working on a GitHub-Issues-tracked project.
ship-epic-gh
GitHub · GitHub-Issues sibling of /abc:ship-epic. Coordinator for a GitHub parent issue whose children live in a managed `## Sub-issues` task-list. Builds a dependency graph from `blocks:#N` / `blocked-by:#N` labels on the children, fires `/loop 6m /abc:ship-issue-gh <owner>/<repo>#<n>` per ready child (truly parallel via independent cron entries), gates blocked children until upstreams merge, aggregates status into the parent. Self-arms its own `/loop` — invoke once and walk away. TRIGGER when the user says "/ship-epic-gh <owner>/<repo>#<n>", asks to "ship this epic" against a GitHub parent, or wants to drive a multi-repo GitHub epic through merge in parallel.
ship-issue-gh
GitHub · GitHub-Issues sibling of /abc:ship-issue. Drives a GitHub issue (or list, or parent with task-list children) from `pending` to `merged` through the implement → PR → address-review → merge loop. Emulates Linear's state machine on top of GitHub Issues using the label conventions documented in scaffold-sub-issues-gh/github-conventions.md. TRIGGER when the user says "/ship-issue-gh <owner>/<repo>#<n>", asks to ship/land/drive a GitHub issue, or wants Claude to take a GitHub-tracked ticket through review to merge. Also trigger when resuming work on a GitHub issue with an open PR and pending reviewer comments. Self-arms its own `/loop` — the user invokes once and walks away.
conductor
Context-Driven Development: управляет документацией проекта в директории conductor/ (product.md, tech-stack.md, workflow.md, tracks.md) для консистентной AI-assisted разработки. Отслеживает фазы проекта, обеспечивает context health, поддерживает командное выравнивание. Используй при старте нового проекта, онбординге в существующий, управлении tech-stack документацией. Триггеры: /conductor, "context-driven", "project context", "conductor setup", "настрой проект", "документация проекта", "track management", "workflow phases".
uselink-skills
Agent skills for publishing engineering artifacts to uselink — repo summaries, PR digests, changelogs, API docs, onboarding guides, reports, and specs. Each skill gathers data, generates HTML, and publishes via the uselink CLI.
adk-setup
Set-up, configure-overrides, init-config, refresh-metadata, verify-mcps, check-env. Stewards `$ADK_CONFIG_HOME/core.yaml` and the metadata cache. NOT a CLI-dep installer — brew, gh, jq, uv, node are the user's job (SETUP.md prints the exact commands). NOT a wiring tool — install.sh handles symlinks, MCP merges, hook wiring, AGENTS.md pointers. This skill picks up where install.sh stops: filling user data files (conversationally) and introspecting MCPs (with the agent's MCP client, which install.sh / curl cannot do). Four modes. --init: conversational scaffolding of core.yaml (workspaces, repos, data dictionary, RAG config). --enrich: queries every reachable MCP (Datadog dashboards, Statsig experiments, Mixpanel events, Snowflake schemas, Looker dashboards, Atlassian spaces, GitHub repos), summarizes findings, writes `enriched:` block + `$ADK_DATA_HOME/improve/metadata/<source>.json`. Never overwrites manually-set values. --check: superset of `scripts/adk_mcp_health.py` — also probes stdio MCPs (Atlassian via
adk-sync
Publish, sync, push-to, post-to, update, fetch-as-markdown, pull-from-Confluence/Jira/Slack. Bidirectional 3P bridge for markdown. Hybrid path: writes to `<repo>/.temp/adk/sync/<task>/synced/` when invoked from a repo with a repo-coupled doc, else `$ADK_DATA_HOME/sync/<task>/synced/` (default). READ mode (--read <url>): pulls a Confluence page / Jira description / GDoc / GitHub PR body / GitHub issue / Slack thread into local markdown. WRITE mode (--write <md-path> --to <destination>): publishes markdown to confluence / jira-desc / jira-comment / gh-pr-body / gh-issue-comment / slack / gdoc. Idempotent: match-by-id first, match-by-title-and-parent second, never by content hash. Format conversions are programmatic (md ↔ Confluence storage XHTML, md ↔ Jira ADF, md ↔ Slack blocks); AI only for "is this update safe?" checks. Per-invocation user confirmation required for every write regardless of mode (constitution §I.4). NEVER overwrites a human-authored target without explicit opt-in. NEVER changes sharing/restr
gh-pr-perm-audit
Security-first audit of the per-repo GitHub setting "Allow GitHub Actions to create and approve pull requests" (can_approve_pull_request_reviews) across an account. Flags repos where Actions CAN approve PRs — a required-review bypass risk (OpenSSF) — unless you intentionally allow them. Read-only: it never changes settings; it prints the exact gh command for you to run. Use when you ask: "audit Actions PR permissions", "can GitHub Actions approve PRs?", "PR approval setting check", "Actions PR 権限監査", "review-bypass チェック". DO NOT USE FOR: creating PRs, changing branch protection, or writing code.
gh-repo-security-audit
OpenSSF-aligned security posture audit across all repos in a GitHub account: default workflow token permissions, allowed-actions policy, branch protection, secret scanning + push protection, and Dependabot alerts. Reports WARN (fixable gaps) vs INFO (opinionated hardening). Read-only by default; the only optional mutation is enabling Dependabot alerts. Use when you ask: "repo security audit", "OpenSSF audit", "are Dependabot alerts on?", "GitHub hardening check", "repo セキュリティ監査", "Actions セキュリティ横断". DO NOT USE FOR: writing code, changing branch protection automatically, or the PR-approval toggle (use gh-pr-perm-audit for that).
issue-triage
Score and prioritize all open GitHub Issues by Impact x Effort x Urgency. Outputs a triage matrix (TRIAGE.md), applies priority labels, and suggests a sprint plan. Use when your issue backlog is overwhelming, you don't know what to work on next, or you want a structured sprint plan. Triggers on: "issue 整理", "バックログ整理", "何から手をつける", "issue優先度", "sprint plan", "issue-triage", "issue triage". DO NOT USE FOR: closing issues, writing code, or creating new issues.
pr-respond
Address open GitHub PR review comments automatically. For each unresolved comment, classifies as MUST-FIX (edit code), ACK (reply only), or DISCUSS (ask back). Edits the relevant files, commits, and drafts a response comment for each item. Use when you receive PR review feedback and want to address all comments in one pass. Triggers on: "PRのコメントに対応", "review comments", "address PR feedback", "レビュー対応", "pr-respond", "コメント修正". DO NOT USE FOR: creating new PRs, writing code from scratch, or Issue responses.
self-hosted-runner-setup
Windows PC を GitHub Actions self-hosted runner にセットアップする手順を skill 化。 GitHub Free plan の private repo 2000 min/月 制約から CI を解放するための、PC ホスト側 オペレーション。tackt / palm 等のローカル開発 PC を兼用 runner ホストに変える 非対話手順を提供する。配置は `actions-runner-<repo>\` 別ディレクトリ方式、起動は Scheduled Task at logon(admin 不要)で永続化、登録 token は 1 時間有効のため configure 直前に gh CLI で取得。**private repo 専用**であり、public repo で fork PR を受ける構成では使用しない(任意コード実行リスク)。Triggers on natural-language requests like "self-hosted runner をセットアップ", "GitHub Actions の self-hosted を入れて", "Free 枠の制約を外したい", "private repo の CI をローカル PC で回したい". See ADR-0016.
skill-audit-reminder
月初に source/skills/, templates/skills/, skills/, claude-bootstrap/skills/, scheduled-tasks/ を走査し、SKILL.md frontmatter の `last_audit_date` が 6 ヶ月以上前の skill を検出して GitHub Issue を 1 件ずつ起票する。 ADR-0036 で導入した skill backend-neutrality 監査の cadence を裏付ける。 起票済 Open Issue は de-dup で skip し、stale 0 件の月は沈黙する。
create-github-issues
Break a plan, spec, or PRD into independently-grabbable GitHub issues using tracer-bullet vertical slices. Use when user wants to convert a plan into issues, create implementation tickets, or break down work into GitHub issues.
standardize-github-repo
Automatic GitHub repo standardization at publication checkpoints with bilingual READMEs (EN/FR), CI linting, badges, and About configuration
code-review
Review code with a sharp, encouraging voice — inline GitHub PR comments + a tight summary. Supports PR (default), pending changes, commit hash, and codebase modes. Encodes an opinionated review style: severity-prefixed, concise, actionable, no fluff.
git
Granular git operations with conventional commits — stage, commit, push, PR, merge. Auto-splits commits by type/scope, blocks on secrets, delegates verbose work to git-manager subagent. Use when you want explicit control; for full ship-it pipeline use vd:ship.
venture-analyst
Startup and SaaS idea validation. Researches market evidence, maps competitors, scores viability, and generates concrete validation experiments. Zero API keys required.
api-design
Design production-grade REST, GraphQL, gRPC, and Python library APIs with correct schemas, error contracts, auth, and versioning. Use when the user asks to design an API, define endpoints, create an OpenAPI/Swagger spec, design a GraphQL schema, build a gRPC service, model request/response with Pydantic, add pagination, or review API contracts. NOT for building MCP server tools (use mcp-server). NOT for Node.js/Express API routes or backend patterns (use backend-patterns or typescript-development).
cloud-infrastructure
Cloud infrastructure design and infrastructure-as-code (IaC) authoring. Use for Terraform module authoring, AWS CDK constructs, cloud architecture design (VPCs, load balancers, managed services, serverless), multi-region and disaster-recovery patterns, cost-optimisation analysis, and IaC code review. Trigger phrases: "write Terraform for", "design the AWS architecture", "set up a VPC", "convert this to CDK", "optimise our cloud costs". NOT for application-layer code — this skill models infrastructure, not the code running on it. NOT for Kubernetes application manifests (Deployments, Services, Ingress) — those belong in a k8s-specific skill. NOT for CI/CD pipeline configuration — that is a deployment concern separate from infrastructure provisioning.
code-review
Run a final code review on a pull request
github-safe-publish
将本地 Git 项目安全地发布到 GitHub 公开仓库。包含两层脱敏扫描 (确定性规则 + AI 语义)、自动修复、备份回滚、仓库创建、SEO 优化。 Use when: "push to github", "publish to github", "开源", "推送到 GitHub", "create github repo", "发布到 github"。
drive-pr
Use when the user says "drive this PR", "/drive-pr", asks to resolve all PR comments, get a PR green, address review feedback, or otherwise wants Claude to iterate on an open pull request until every trusted comment is resolved, CI is passing, and the PR description matches the code. Operates only on the current branch's PR or an explicitly passed PR number/URL.
write-pr
Use when the user says "open a PR", "/write-pr", "draft a PR", "create the PR", "write a PR description", or wants Claude to compose a pull request from the current branch and open it on GitHub. Drafts the title and body from commits + diffstat + linked ADR/spec/ticket, runs the repo's pre-push checks (tests, lint, type-check, build), shows the user the proposed PR for confirmation, then pushes and creates via `gh pr create`. Bookend to /drive-pr - write-pr opens, drive-pr iterates.
github-actions-creator
Use when the user wants to create, generate, or set up a GitHub Actions workflow. Handles CI/CD pipelines, testing, deployment, linting, security scanning, release automation, Docker builds, scheduled tasks, and any custom workflow for any language or framework.
project-add
Add or clone a project into the multi-project setup. Use with /project-add.
context-handover
End-of-context-window session transition that saves memory, writes a handoff doc, posts a GitHub progress comment, and instructs the user to /compact for a clean next session. Use when context usage approaches 80%, when remaining tokens are insufficient for the current phase's remaining work, or when user says "handover", "context is full", "save progress", "end session". Distinct from /handoff (lightweight subagent briefing — no GitHub, no /compact).
setup-harness-skills
Creates CLAUDE.md/AGENTS.md from the harness template (if absent) and configures docs/agents/ so harness skills know the issue tracker, triage labels, domain docs, GitHub Project board, and session state location. Run before first use of triage, to-prd, to-issues, context-handover, or session-start — or if those skills appear to be missing context. Typically consumes <30% of a context window.
ci-cd-pipeline-builder
Detect project stack and generate CI/CD pipeline configuration for GitHub Actions or GitLab CI. TRIGGER when: user asks to set up CI/CD, create a pipeline, add GitHub Actions, configure GitLab CI, or automate testing and deployment. DO NOT TRIGGER when: user is debugging an existing pipeline failure, or asking about deployment infrastructure (servers, containers, cloud).
env-secrets-manager
Environment variable hygiene, secret leak detection, and credential rotation workflows. TRIGGER when: working with .env files, secret management, credential rotation, pre-commit secret scanning, or investigating leaked credentials. DO NOT TRIGGER when: general config file editing, non-secret environment setup, or infrastructure provisioning (use relevant infra skill).
prd-to-plan
Convert a PRD into a phased implementation plan using tracer-bullet vertical slices, then optionally create GitHub issues from the plan. TRIGGER when: user has a PRD and wants an implementation plan, says "plan this", asks to break a feature into phases, wants to convert requirements into tasks, asks to break a PRD into issues, create issues from a plan, or says "prd to issues". Also when user wants to stress-test a plan, get grilled on their design, or says "grill me". DO NOT TRIGGER when: user wants to execute a plan (just code it), review existing code, or do general architecture discussion without a PRD.
qa
Bug triage and issue creation. Single-issue investigation with TDD fix plans, or interactive multi-bug QA sessions with background codebase exploration. TRIGGER when: user reports a bug, unexpected behavior, or regression; wants to triage an issue; wants to run a QA session; says "qa session"; or asks to create an issue for a bug. DO NOT TRIGGER when: user is actively implementing a fix themselves (use focused-fix -- qa is for triage, reproduction, and issue authoring, not the fix work), or wants a code review of a PR (use code-review).
docs-gap-finder
Know exactly which docs page to write next. Cross-references real user signals — failed searches, AI-unanswered questions, popular queries — against your live doc graph and returns the top 7 pages worth creating. Optionally opens a GitHub Issue with a draft outline for each. PRO+.
docs-release-announce
Wire up release announcements for a Docsbook workspace. Registers a Docsbook webhook on release events and generates a GitHub Actions workflow that dispatches notifications to Slack and/or email when a new release is published. Requires PRO plan.
docs-stale-watcher
Register a Docsbook content.outdated webhook and generate a GitHub Actions workflow that converts each stale-content notification into a GitHub Issue in the documentation repository. Keeps docs maintenance visible in the team's normal issue triage flow. Requires PRO+ plan.
github-repo-search-download
Use when the user wants to search GitHub repositories by keyword, inspect ranked candidates, compare likely matches, and optionally clone the selected repository into a specified local directory. Good for prompts like “帮我搜 GitHub 上相关仓库”, “帮我找并下载一个相关仓库”, “搜索 GitHub 上的项目然后拉到 reference”, or “按关键词找仓库并 clone 到指定位置”.
skillsmp-find-install
Use when the user wants to find a suitable SKILL.md-based skill from SkillsMP, compare candidates, verify the upstream GitHub repository, and optionally install it into Claude Code or Codex skill directories with the local installer script.
github-pr-resolve
Evaluate and triage existing review comments on a GitHub pull request, then implement agreed fixes. Use when the user wants to address PR feedback, resolve review comments, or fix reviewer requests.
github-pr-review
Review GitHub pull requests — drafts findings across 5 categories with severity labels, supports parallel agents for large PRs, and posts as a batched pending review after per-comment approval.
xcode-cloud
Xcode Cloud CI/CD configuration, workflows, custom scripts, testing, deployment, and optimization. Use when setting up or troubleshooting Xcode Cloud pipelines.
ci-cd-and-automation
Use when setting up or modifying build and deployment pipelines. Use when you need to automate quality gates, configure test runners in CI, or establish deployment strategies.
oracle-devops-ptbr
Estrutura Git e CI/CD para projetos Oracle/APEX/ORDS. ATIVE em estrutura de projeto Oracle no Git, commit de objetos do banco, script de deploy, GitHub Actions para Oracle, export APEX split via SQLcl, versionamento de módulos ORDS, GMUD naming (001_projeto_ddl_objeto.sql), deploy-db/deploy-apex/deploy-ords, branch strategy, .gitignore Oracle, rollback, ordem de dependências de objetos. Frases — "como estruturar meu projeto no Git", "script de deploy Oracle", "export do APEX para Git", "GitHub Actions ORDS", "versionar módulo ORDS", "deploy ordenado do banco", "nomenclatura GMUD". NAO ATIVE em código PL/SQL (oracle-plsql-ptbr), APEX pages (oracle-apex-ptbr), ORDS handlers (oracle-ords-ptbr), DBA operacional (oracle-dba-ptbr), tuning (oracle-tuning-ptbr). Templates em assets/.
mcpb
Generate MCPB (MCP Bundle) packages for MCP server projects. Creates manifest.json, bundle directory structure, validates against the MCPB spec, and wires in CI/CD workflows.
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
deployment-pipeline-design
Design multi-stage CI/CD pipelines with approval gates, security checks, and deployment orchestration. Use when architecting deployment workflows, setting up continuous delivery, or implementing GitOps practices.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
review-pr
Review a pull request against project architecture rules. Use when the user asks to "review PR", "check PR", "PR review", or wants architecture-aware review of a pull request before merge.
harness-review
Assess an existing agentic harness — read-only. Use to review, audit, or assess a harness, to judge how well its skills and agents are actually used, to check drift between the files and the CLAUDE.md record, or to validate that skills trigger and agents wire up. It produces a prioritized review context that hands off to harness-setup, and writes nothing. To build or change a harness, use harness-setup. Not for reviewing ordinary code or a pull request (that is code review).
devops
Deploy to Vercel (frontends, serverless), Railway (backends, services), Supabase (database, auth, storage), GitHub Actions CI/CD. Use for deployments, infrastructure, monitoring, CI/CD.
pushing-ci-changes
Pushing GitHub Actions changes, resolving push rejection, requesting upload exceptions.
latest-versions
Always use the latest stable version of any library or dependency. Activate when adding, updating, or recommending any package, SDK, framework, or tool version.
1b1
Walk through items 1-by-1 (findings, tasks, issues, TODOs). Triggers: "one by one" | "walk through" | "1b1" | "process each item" | "review one by one" | "go through each" | "handle them one at a time" | "step through".
ci-watch
Watch a CI run with live status + emoji dashboard; dump logs on failure; watch auto-merge if CI green + auto-merge enabled + "reviewed" label. Triggers: "watch ci" | "ci watch" | "watch the ci" | "watch run" | "monitor ci".
github-setup
Connect project to GitHub Project V2 board — discover or create board, labels, branch protection, workspace registration. Triggers: "github setup" | "setup github project" | "connect github board" | "setup project board".
init
Initialize project — orchestrates env-setup, github-setup, ci-setup, release-setup. Triggers: "init" | "setup project" | "initialize project".
ideate
Research a product idea on the web to assess market viability, identify competitors, and decide whether to pursue it. Searches for existing solutions, GitHub repos, ProductHunt listings, and community signals. Writes .harness/product/idea.md. Use as the very first step when you have a new project idea, before product-plan.
test-tool
Use when the user wants to evaluate a third-party Claude Code tool (npm package, GitHub repo, plugin marketplace) before adopting it. Triggers on phrases like "/test-tool", "on teste X", "let's evaluate X", "is X any good?", or when the user shares a GitHub URL of a tool to assess. Runs the systematic test bench protocol (snapshot → install in sandbox → verify pollution → minimal usage → verdict → cleanup) and ships the verdict to the claude-code-codex Tools tested catalog.
slide-maker
Generate presentation decks grounded in real GitHub projects, or walk through a structured brief-to-slides process. Use when the user asks to create a presentation, slide deck, talk, pitch, keynote, or Slidev project — especially when they want slides based on an existing codebase, architecture, or project documentation.
ci-workflow
自然语言描述 → CI 配置文件(GitHub Actions / GitLab CI)+ 逐段解释 + 安全审查。 适用场景:用户要求"写 CI 配置"、"配个 GitHub Actions/GitLab CI"、"自动构建/部署/发布流程"。 触发关键词:/ci、ci/cd、github actions、gitlab ci、pipeline、workflow、自动构建、自动部署。
pr-description
Analyze git diff and generate structured PR description. Trigger: user says "帮我写 PR 描述"、"提 PR"、"create PR"、"写 pull request".
ci-audit
Audit the latest GitHub Actions workflow runs on the current branch/PR for warnings, errors, failures, deprecation notices, and other log noise — then fix what's fixable in-repo (workflow YAML, configs, source, tests). Hands commit + push back to the developer. Use after CI finishes and before merge, or whenever the user asks about failing/noisy CI — phrasings like "audit the PR", "why did CI fail", "check the workflow logs", "what's wrong with the build on GitHub", "fix the Actions warnings", "review the latest CI run", "clean up the green-with-warnings run", or names a specific check (Codecov, GitGuardian, Renovate) that's failing on the PR.
building-ci-pipelines
Constructs secure, efficient CI/CD pipelines with supply chain security (SLSA), monorepo optimization, caching strategies, and parallelization patterns for GitHub Actions, GitLab CI, and Argo Workflows. Use when setting up automated testing, building, or deployment workflows.
shell-scripting
Write robust, portable shell scripts with proper error handling, argument parsing, and testing. Use when automating system tasks, building CI/CD scripts, or creating container entrypoints.
writing-github-actions
Write GitHub Actions workflows with proper syntax, reusable workflows, composite actions, matrix builds, caching, and security best practices. Use when creating CI/CD workflows for GitHub-hosted projects or automating GitHub repository tasks.
exa-context
Use when a coding task needs Exa Code context, practical library examples, API syntax, framework setup, or repository-grounded snippets beyond local code.
cron-dispatch
Schedule any script to run on a recurring schedule on Windows (Task Scheduler) or Linux (cron) - register, list, and remove jobs from one command, with logging to a file and a guard against overlapping runs. Use for schedule a script, run nightly, set up a cron job, windows task scheduler, or run on a timer.
github-label-scout
Scan a public GitHub repo for open issues carrying a given label and drop the ones already taken - skips pull requests returned by the issues endpoint and any issue with assignees - using the public REST API with no token required. Use for find github issues by label, good first issue scout, skip assigned issues, github issue triage, or open source contribution finder.
cron-dispatch
Schedule any script to run on a recurring schedule on Windows (Task Scheduler) or Linux (cron) - register, list, and remove jobs from one command, with logging to a file and a guard against overlapping runs. Use for schedule a script, run nightly, set up a cron job, windows task scheduler, or run on a timer.
github-label-scout
Scan a public GitHub repo for open issues carrying a given label and drop the ones already taken - skips pull requests returned by the issues endpoint and any issue with assignees - using the public REST API with no token required. Use for find github issues by label, good first issue scout, skip assigned issues, github issue triage, or open source contribution finder.
write-changeset
Write or update a change set (changeset) file for a pull request or branch, and scaffold the repo-local changeset workflow when it is missing. Use when the user says to write, add, update, or run the change set or changeset for a PR/branch before merge.
spring-boot-pr-review
Production-grade Java / Spring Boot / PostgreSQL backend code reviewer. Use whenever the user asks to review, audit, check, critique, or sanity-check Java backend code — including single files, multi-file pull requests, full unified diffs, GitHub PR URLs, or pasted snippets. Specializes in Spring Boot correctness (transaction boundaries, Spring proxy semantics, @Async, @TransactionalEventListener, @Cacheable), JPA/Hibernate pitfalls (N+1, LazyInitializationException, dirty checking, entity-as-DTO leaks), PostgreSQL query safety and migration hygiene, multi-tenant isolation, adversarial security review, and production readiness at multi-tenant scale (1000+ tenants). Triggers on any request involving Java services, repositories, controllers, entities, Flyway migrations, or Spring configuration. Reviews at full production severity — no "fine for now" deferrals.
github-skill-publisher
Use this skill when the user wants to publish, update, package, document, or synchronize an agent skill to GitHub. It captures a single-skill-per-repository workflow, bilingual README writing style, GitHub repository creation, commit/push updates, publish readiness checks, Codex/Claude Code/OpenClaw compatibility checks, portability checks, and security review for public skill repositories.
review-pr
Review changed files or an open PR with code-reviewer, smell-reviewer, security-reviewer, and performance-reviewer. Use when the user wants a quality check on a diff, a PR number, or the current working-tree changes without running the full implement pipeline. Trigger this when someone says: review my PR, check my code, look at this diff, quality check, code review, does this look good, review PR #123, give me feedback on these changes, smell check, structural review. Do NOT use when the user wants to implement new changes — use /implement instead.
code-review-agent-team
Parallel multi-agent code review using Agent Teams with 4 specialized reviewers. Spawns a coordinated team of security, performance, test coverage, and code quality agents. Teammates can share findings with each other for cross-domain insights. Produces unified report with severity-ranked findings saved to /output/. Requires Claude Code with Agent Teams support (TeamCreate, TaskCreate, SendMessage). Use when asked to: - "review code", "code review", "check my changes", "review PR" - "security review", "performance review", "test coverage check" - "full code review", "multi-agent review", "parallel review" Examples: - `/code-review-team` -- review uncommitted changes (git diff) - `/code-review-team 42` -- review PR #42 - `/code-review-team --scope=security` -- security-only review of uncommitted changes - `/code-review-team 42 --scope=performance,tests` -- specific reviewers for PR
mallard-release
Workflow for adding skills/commands to mallard and shipping a new release. Use when the user asks how to release mallard, ship a new mallard version, add a skill or command to mallard, bump a mallard version, "publicar mallard", "subir mallard", "nueva versión de mallard", or anything involving editing this repo and getting the change to the team's machines.
git-ship
Runs the full post-feature workflow by syncing docs, staging commits, renaming the branch, and opening a PR. Use after implementing a feature, or when asked to "ship", "ship this", or "ship it".
context-forge
Use when starting a brand-new project that needs AI-agent context (CLAUDE.md, AGENTS.md, skills, rules, MCP, spec workflow) set up from day one. Discusses goals → matches catalog know-how → creates a new GitHub repo with everything wired in. Keywords: harness engineering, bootstrap project, context engineering, scaffold repo, start project, agent-ready repo.
multi-search
Aggregated search across up to 7 route sources: Brave, Tavily, Exa, Firecrawl, SerpAPI, GitHub Repos, Twitter/X. Combines web results, AI answers, repo discovery, and Twitter/X social search in one parallel request, with optional Jina / Exa / Tavily scraping of top URLs by default. Activate when user asks to search, find, look up, multi-search, search everywhere, or uses Chinese search intents like 搜索, 搜一下, 帮我搜, 查找, 查一下, 查查, 找找, 找一下, 看看, 聚合搜索, 多源搜索, 在 Twitter/X/推特 上搜, 有哪些实现, 有哪些方案, 有哪些项目, 有哪些讨论.
docker-vps-deploy
Use when deploying a Dockerized application to a VPS (Linux server) via SSH without a container registry, generating a GitHub Actions pipeline that uses docker save, gzip compression, and rsync to transfer images. Triggers: "deploy to VPS", "rsync docker image", "docker save and load", "VPS CI/CD", "SSH deploy pipeline", "deploy without registry", "transfer docker image via SSH".
git-github-workflow
Professional Git and GitHub workflow conventions, including CI configuration. Use this skill for every version control or repository operation — staging changes, writing commit messages, creating or switching branches, opening pull requests, rewriting history, tagging releases, setting up branch protection, authoring or reviewing GitHub Actions workflows, or any `git` command. Apply these rules mechanically to keep `main` deployable, commits atomic and conventional, history navigable, PRs reviewable in under thirty minutes, and CI fast and reliable. Trigger this whenever you're about to commit, push, open or merge a PR, run `rebase`, `reset`, `cherry-pick`, write a `.github/workflows/*.yml` file, or configure repository settings — even for trivial one-line changes.
release-announcement-writer
Write release notes, GitHub release copy, website update blurbs, and short launch posts from changelogs, git diffs, README changes, shipped feature lists, or product/system updates. Use when the user asks to announce a release, summarize what changed, prepare public launch copy, write a changelog, turn implementation notes into marketing-safe copy, or create LinkedIn/GitHub/X posts for a new version.
validating-ci-pipelines-locally
Single source of truth for executing GitLab CI/CD pipelines locally with the same image, env vars, and service containers as the real runner — so pipeline failures are caught before push. Defines pipeline discovery (.gitlab-ci.yml + includes), per-job execution via gitlab-runner exec, service-container orchestration (Mongo, Redis, MailHog), env injection without secrets, cache/artifact handling, and a job-by-job verdict report. Also describes the GitHub Actions equivalent via act for projects that mirror to GitHub. Activates whenever an agent or command needs to validate that the CI pipeline will pass — currently used by /lt-dev:production-ready and lt-dev:production-readiness-orchestrator. NOT for running the local check script (use running-check-script). NOT for writing or refactoring CI configs (use the devops agent).
epic-identification
This skill should be used when the user asks to "identify epics", "break down vision into epics", "find major features", "discover capability areas", "decompose vision", "group requirements into themes", "define high-level features", "what epics do I need", "turn vision into work items", or "split project into epics". Provides methodology for deriving epics from a vision statement using user journey mapping, capability decomposition, and stakeholder analysis.
prioritization
This skill should be used when the user asks to "prioritize requirements", "prioritize epics", "prioritize stories", "prioritize tasks", "prioritize backlog", "use MoSCoW", "apply MoSCoW priorities", "assign priorities", "set priority labels", "rank features", "what should I build first", "what's most important", "order by importance", "must have vs should have", or when they need to determine the priority order of epics, user stories, or tasks using the MoSCoW framework.
requirements-feedback
This skill should be used when the user asks about "feedback loops", "iterate on requirements", "continuous documentation", "refine requirements", "update requirements", "requirements changed", "stakeholder review", "validate requirements", "incorporate feedback", "gather feedback", "requirements review meeting", "backlog refinement feedback", "user research findings", "sprint retrospective feedback", "help me gather feedback", "run a feedback session", "get input on my vision", "get input on my epics", "get input on my stories", "collect user feedback", "document feedback from meeting", "review requirements with stakeholders", or when they need guidance on collecting and incorporating feedback throughout the requirements lifecycle.
shared-patterns
This skill should be used when the user asks to "implement recovery flow", "add error handling to command", "handle gh operation failures", "implement idempotency check", "prevent duplicate issues", "check before creating", "implement batch tracking", "track created and failed items", "implement two-layer metadata", "update custom fields and labels", "standardize command patterns", or when developing or modifying /re:* commands that need consistent error handling, duplicate detection, batch operation tracking, or GitHub Projects metadata updates.
task-breakdown
This skill should be used when the user asks to "create tasks", "break down story into tasks", "define tasks", "what tasks are needed", "write acceptance criteria", "implementation tasks", "task list", "create work items", "technical tasks", "work breakdown", "decompose story", "story to tasks", or when decomposing user stories into specific, executable tasks with clear acceptance criteria for GitHub Projects.
user-story-creation
This skill should be used when the user asks to "create user stories", "write user stories", "break down epic into stories", "define user stories", "what stories do I need", "apply INVEST criteria", "write acceptance criteria", "split a large story", "story is too big", "story splitting", or when decomposing epics into specific, valuable user stories.
validation
This skill should be used when the user asks to "validate requirements", "review requirements quality", "check requirements completeness", "verify traceability", "check INVEST compliance", "validate user stories", "requirements health check", "quality gate check", or when running /re:review validation.
infra-audit
Infrastructure and CI/CD security audit - GitHub Actions workflows (pwn-request, secret logging, missing pinning, permissions overreach), Dockerfile (latest tag, USER root, ADD on URL), Kubernetes manifests (runAsNonRoot, privileged containers, hostNetwork), Terraform (IAM wildcards, state in git, module pinning), GitLab CI equivalent checks. Stack-agnostic.
vidhi-init
Sets up an `## Agent skills` block in AGENTS.md/CLAUDE.md and `docs/agents/` so the vidhi skills know this repo's issue tracker (yojana, GitHub, GitLab, or local markdown), triage label vocabulary, and domain doc layout. Run before first use of `vidhi-decompose`, `vidhi-prd`, `vidhi-triage`, `vidhi-diagnose`, `vidhi-tdd`, `vidhi-deepen`, or `vidhi-survey` — or if those skills appear to be missing context about the issue tracker, triage labels, or domain docs.
announcement-draft
「リリース告知文書いて」「announcement 作って」「アナウンス文章まとめて」「release notes 草案」「お知らせ案ほしい」と頼まれたら、opshub MCP の recall.search (関連 release / change context) + decision.list (recorded_after=last_release) + brief (announcement tone) を読み取り系で組み立て、ホスト LLM が告知文 text を構成して返す。persist しない (text-only、ADR-0016 §決定 (l)(a))。propose.generate を経由せず候補保存 / apply 経路を持たない。ユーザーが受け取った text を手で SaaS (Slack / Notion / GitHub release / メール 等) に投稿する。
pr-review
「この PR レビューして」「#123 確認して」「PR どう思う」と頼まれたら、opshub MCP の recall.search で関連 source / decision / 過去 review を引き、必要に応じて gh pr diff の出力を組み合わせてレビュー観点を提示する。read 系のみで構成され、PR への comment 投稿は外部送信扱いで本 skill では行わない。
issue-create
Create GitHub issues for gstack-game improvements — skill gaps, wrong benchmarks, new skill proposals, template bugs. Maps conversation context into actionable issues with proper labels and skill references.
issue-pipeline
End-to-end issue pipeline: plan → implement → review → merge. Dispatches parallel sub-agents with worktree isolation. Usage: /issue-pipeline 33 34 35 [--skip-plan] [--skip-review] [--no-merge]
pr-review-loop
Iteratively review PR, post comment, fix issues, and re-review until LGTM
portfolio-review
Review all of a user's GitHub repositories for product potential and monetization, then generate a polished HTML site (with charts) plus a Markdown report. Each project is scored on 5 metrics, ranked, tiered, and given a verdict, concrete improvements, and missing features. Use when the user asks to review/analyse/rate their GitHub projects, assess monetization or business potential of repos, or wants a portfolio report with graphs.
ci-cd-architect
CI/CD principles — pipeline taxonomy, trigger design, supply-chain hygiene (SHA-pinned actions), OIDC cloud auth, caching, matrix strategy, test gates, release automation, deployment strategies. Suggestion-mode (trade-offs over mandates). GitHub Actions recipes in RECIPES.md. Use when designing, reviewing, or scaffolding CI/CD workflows.
commit-author
Generate concise Conventional Commits messages from a staged diff. Enforces full type set, imperative subject lines, no AI co-author attribution. Use when user wants to commit, asks for a commit message, mentions "commit", or invokes /commit.
sprint-review
Generate a sprint review changelog from GitHub pull requests. Lists PRs by a given author since a given date, groups them into Features and Fixes, and writes a markdown summary.
ci-cd-and-automation
Automates CI/CD pipeline setup. Use when setting up or modifying build and deployment pipelines. Use when you need to automate quality gates, configure test runners in CI, or establish deployment strategies.
code-reviewer
Code review automation for TypeScript, JavaScript, Python, Go, Swift, Kotlin. Analyzes PRs for complexity and risk, checks code quality for SOLID violations and code smells, generates review reports. Use when reviewing pull requests, analyzing code quality, identifying issues, generating review checklists.
finishing-a-branch
Use when implementation is complete and verified and the work needs to land, to choose how to integrate it. Walks the close-out from a clean green suite to a recorded memory of what changed, then merge, pull request or cleanup as the situation calls for.
requesting-code-review
Use when a feature or fix is complete and verified, before merging, to get a focused review. Prepares a tight diff and the context a reviewer needs so the review finds real problems instead of drowning in noise.
verification-before-completion
Use before claiming any work is done, fixed, passing or shipped, and before committing or opening a pull request. Requires running the real checks and quoting the real output, so a success claim is backed by evidence rather than hope.
aws-devops-engineer-professional
AWS DevOps engineering — CI/CD pipelines (CodePipeline, CodeBuild, CodeDeploy), infrastructure as code (CloudFormation, CDK, Systems Manager), deployment strategies (blue/green, canary), resilient multi-AZ/multi-region design, CloudWatch monitoring and logging, event-driven incident response and automated remediation, and security/compliance automation. Use when building, reviewing, or debugging AWS delivery pipelines, IaC templates, observability stacks, or auto-remediation. Not security-first design (see aws-security-specialty) or enterprise architecture trade-offs (see aws-solutions-architect-professional). Scoped and benchmarked by the AWS DevOps Engineer – Professional (DOP-C02) blueprint.
aws-security-specialty
AWS security engineering — threat detection (GuardDuty, Security Hub CSPM, Detective, Security Lake), incident response and containment, IAM policy evaluation and permission boundaries, infrastructure/network security (security groups, NACLs, WAF, Shield, PrivateLink), data protection and KMS encryption strategy, Secrets Manager, Macie, and multi-account governance (SCPs, Control Tower, Config, Firewall Manager). Use when designing or reviewing AWS security controls, detection/response automation, or compliance guardrails. Not pipeline/IaC delivery (see aws-devops-engineer-professional) or broad architecture trade-offs (see aws-solutions-architect-professional). Scoped and benchmarked by the AWS Security – Specialty (SCS-C03) blueprint.
aws-solutions-architect-professional
Designing and evaluating complex AWS architectures — multi-account AWS Organizations, hybrid and cross-account networking (Transit Gateway, PrivateLink, Direct Connect), business-continuity and DR design, migration and modernization strategy (the 7 Rs), and cost/resilience/performance trade-offs at enterprise scale. Use when making or reviewing enterprise AWS design decisions across organizational complexity, new solutions, continuous improvement, or workload migration. Not hands-on pipeline/IaC delivery (see aws-devops-engineer-professional) or security-control depth (see aws-security-specialty). Scoped and benchmarked by the AWS Solutions Architect – Professional (SAP-C02) blueprint.
github-actions
Authoring, maintaining, and securing GitHub Actions — CI/CD workflows, triggers, matrix builds, contexts and expressions, reusable and composite workflows, custom actions (action.yml; JS/Docker/composite), self-hosted and GitHub-hosted runners, secrets and OIDC cloud auth, and enterprise governance. Use when building, reviewing, or debugging GitHub Actions workflows, pipelines, release automation, or runner/security policy. Scoped and benchmarked by the GitHub Actions (GH-200) certification blueprint.
nextjs
Building and reviewing Next.js applications — the App Router, Server and Client Components, rendering and caching (use cache, PPR, streaming), data fetching, Route Handlers, Server Actions and their security rules, and the Proxy (formerly Middleware) layer. Use when building, reviewing, or debugging Next.js apps, routing, caching, or server actions. Excludes React fundamentals (see react) and the Node.js runtime (see nodejs). Competence skill anchored on official Next.js docs (v16.x) — no first-party certification.
nodejs
Building and reviewing Node.js applications and services — the event loop and async patterns, streams and buffers, the module system (ESM/CJS), packaging and the toolchain, error handling and diagnostics, and HTTP services with security. Use when writing, reviewing, or debugging Node.js code, CLIs, services, or AWS Lambda handlers. Stays on the Node runtime; excludes React (see react), Next.js (see nextjs), and TypeScript typing (see typescript). Competence skill mapped to the retired OpenJS JSNAD/JSNSD curriculum.
react
Building and reviewing React applications — components and JSX, hooks (useState/useReducer/useEffect/useRef/useContext, custom hooks), the rules of hooks, state and data flow, rendering and memoization, concurrent features, accessibility, and testing with React Testing Library. Use when writing, reviewing, or debugging React UIs, re-renders/effects, or state architecture. Excludes Next.js (see nextjs) and React Native/Expo (see react-native). Competence skill anchored on react.dev — no first-party certification.
react-native
Building and reviewing React Native and Expo mobile apps — core components and styling (Flexbox, FlatList), navigation (Expo Router, React Navigation), the Expo SDK and permissions, native modules and the New Architecture (JSI, Fabric, TurboModules), EAS Build/Submit/Update, iOS/Android platform differences, and mobile performance. Use when building, reviewing, or debugging RN/Expo apps or the native/mobile layer. Assumes core React (see react); covers the mobile deltas only. Competence skill — no first-party certification.
salesforce-administrator
Day-to-day Salesforce org configuration — profiles, permission sets, OWD, sharing rules, FLS, the object/field data model, Flow automation, data import (Data Import Wizard, Data Loader), validation rules, duplicate management, reports, dashboards, and Agentforce admin setup. Use when configuring or reviewing declarative org settings, security/sharing, automation, or analytics. Not Apex/triggers/SOQL (see salesforce-platform-developer-1), advanced sharing architecture, deployment pipelines or auditing (see salesforce-advanced-administrator), or building AI agents (see salesforce-agentforce-specialist). Scoped and benchmarked by the Platform Administrator (Plat-Admn-201) blueprint.
salesforce-advanced-administrator
Advanced declarative Salesforce administration — the full sharing/security model (role hierarchy, owner/criteria sharing rules, muting and session-based permission sets), complex Flow automation and order-of-execution debugging, custom object and relationship design (master-detail, junctions, DLRS roll-ups), data management (Data Loader, duplicate/matching rules, External IDs), sandbox strategy, SFDX deployment, and auditing/monitoring (Setup Audit Trail, Field History, Event Monitoring). Use when designing or debugging org config beyond day-to-day admin. Not basic setup (see salesforce-administrator) or Apex/code (see salesforce-platform-developer-1). Scoped and benchmarked by the Advanced Administrator (Plat-Admn-301) blueprint.
salesforce-agentforce-specialist
Building and governing Salesforce Agentforce and generative-AI features — Agentforce agents (topics, actions, agent-user security, the reasoning loop), Prompt Builder templates (Sales Email, Field Generation, Record Summary, Flex), Data 360 (formerly Data Cloud) and Knowledge grounding/RAG, and the Einstein Trust Layer (data masking, zero-retention, audit). Use when implementing or reviewing agents, prompt templates, grounding, or AI guardrails. Not admin-level Agentforce permission setup alone (see salesforce-administrator) or Apex action-code internals (see salesforce-platform-developer-2). Scoped and benchmarked by the Agentforce Specialist (AI-201) blueprint.
salesforce-business-analyst
Salesforce business-analysis work — eliciting and documenting requirements, writing and sizing user stories (INVEST, Given/When/Then, MoSCoW), facilitating stakeholder workshops and discovery, mapping current/future-state processes (swimlanes, RACI, RAID), defect triage, and running user acceptance testing to a go/no-go decision. Use when gathering requirements, mapping process, or driving UAT on a Salesforce project. This is the requirements/process discipline — not building the config or code (see salesforce-administrator and the platform-developer skills). Scoped and benchmarked by the Business Analyst (BA-201) blueprint.
salesforce-experience-cloud-consultant
Building and configuring Salesforce Experience Cloud sites and portals — communities, partner/customer portals, LWR and Aura templates, the external sharing model (sharing sets, share groups, guest-user hardening), external license selection, user provisioning and authentication (SSO, self-registration, JIT), audiences and personalization. Use when scoping a portal to the right license/user model, configuring external-user access, or debugging external-user CRUD/FLS/OWD/sharing failures. Not internal-org sharing alone (see salesforce-advanced-administrator) or Service/Sales console config (see those consultant skills). Scoped and benchmarked by the Experience Cloud Consultant (EX-Con-101) blueprint.
salesforce-marketing-cloud-email-specialist
Building Salesforce Marketing Cloud (SFMC) email campaigns, journeys, and automation — Journey Builder welcome/nurture flows, Automation Studio batch pipelines, Content Builder, AMPscript personalization, data extensions and SQL Data Views, Triggered/Single/User-Initiated sends, deliverability (SPF/DKIM/DMARC, IP warming, bounce handling), Marketing Cloud Connect to CRM, and inbox analytics. Use when designing or reviewing SFMC email, journeys, segmentation, or deliverability. This is SFMC (Studio/Builder stack) — not core CRM email or Pardot/Account Engagement. Scoped and benchmarked by the Marketing Cloud Email Specialist (MC-202) blueprint.
salesforce-nonprofit-cloud-consultant
Salesforce nonprofit implementation across BOTH the NPSP managed package (Household Accounts, Relationships, Affiliations, hard/soft credit, TDTM, Customizable Rollups, Recurring Donations, Batch Gift Entry, LYBUNT/SYBUNT) and Industries Nonprofit Cloud (Gift Entry, Program/Outcome Management, Grantmaking, OmniStudio, Action/Care Plans, Data Processing Engine). Use when configuring or troubleshooting either model, or deciding which applies. This is the nonprofit data model/program layer; for the underlying platform see salesforce-administrator and the platform-developer skills. Scoped and benchmarked by the Nonprofit (NP-Con-101 NPSP, NP-Con-102 NPC) blueprints.
salesforce-platform-developer-1
Writing, reviewing, and deploying Apex, SOQL/SOSL, triggers, and Lightning Web Components on the Salesforce platform — trigger handlers (before/after, one-trigger-per-object), bulkification against governor limits (100 SOQL / 150 DML / 10s CPU), synchronous vs async Apex (@future, Queueable, Batch, Schedulable), LWC decorators and lifecycle, FLS/sharing enforcement in code, test classes to the 75% gate, and SFDX deployment. Use when building or reviewing Apex/trigger/SOQL/LWC code. Not declarative-only config (see salesforce-administrator) or advanced integration/async/LDV patterns (see salesforce-platform-developer-2). Scoped and benchmarked by the Platform Developer I blueprint.
salesforce-platform-developer-2
Advanced Apex, integration, async processing, and performance work on the Salesforce platform — design patterns (Singleton, Strategy, fflib, Bulk State Transition), asynchronous patterns (Batch/Queueable/Future/Schedulable, chaining), SOQL selectivity and Large Data Volume tuning, Platform Events, Change Data Capture, REST/Bulk API integration, dynamic Apex with FLS/CRUD enforcement, and test mocking (Stub API). Use when designing or reviewing advanced Apex, integration, or performance-critical code. Not Apex fundamentals (see salesforce-platform-developer-1) or declarative config (see salesforce-administrator). Scoped and benchmarked by the Platform Developer II (Plat-Dev-301) blueprint.
salesforce-sales-cloud-consultant
Designing and configuring Salesforce Sales Cloud — leads and lead conversion, opportunities and pipeline stages, forecasting, territory management, price books and products, campaigns, and sales-productivity/AI features. Use when scoping or implementing Sales Cloud, picking automation tools, modeling the sales data layer, designing the sharing model, planning migrations/dedupe, or building sales reports and dashboards. Not Service Cloud (see salesforce-service-cloud-consultant), external portals (see salesforce-experience-cloud-consultant), or general org admin (see salesforce-administrator). Scoped and benchmarked by the Sales Cloud Consultant (Sales-Con-201) blueprint.
salesforce-service-cloud-consultant
Designing and configuring Salesforce Service Cloud — cases, assignment/escalation rules, queues, entitlements and milestones (SLAs), the Lightning Service Console, Knowledge (Knowledge__kav, data categories, KCS), Omni-Channel routing, Web-to-Case/Email-to-Case, CTI/voice, and contact-center analytics (AHT, FCR, CSAT). Use when scoping or implementing a case-management/support solution, intake channels, or routing. Not Sales Cloud pipeline (see salesforce-sales-cloud-consultant), portals (see salesforce-experience-cloud-consultant), Field Service dispatch/work orders (a separate credential), or general org admin (see salesforce-administrator). Scoped and benchmarked by the Service Cloud Consultant (Service-Con-201) blueprint.
salesforce-technical-architect
End-to-end Salesforce architecture and trade-off design — multi-org strategy, security and identity (SSO, OAuth, JWT Bearer, SAML, FLS), enterprise data modeling and LDV, solution architecture across clouds, integration patterns (Named Credentials, Platform Events, Bulk/REST API, middleware), governor-limit-aware design, and development-lifecycle/deployment governance. Use when designing or reviewing cross-cloud architecture, integration pipelines, access models, or org strategy. Not single-cloud config or hands-on coding (see the cloud-consultant and platform-developer skills). Scoped and benchmarked by the Certified Technical Architect (CTA) review-board blueprint.
typescript
Writing and reviewing TypeScript — the type system and structural typing, generics, narrowing and inference, conditional/mapped/utility types, strictness configuration (tsconfig, the strict family), module resolution and project references, typing third-party/Node APIs, and declaration files (.d.ts). Use when adding or reviewing types in any TS codebase (Node, React, Lambdas). Framework-specific concerns live in the react/nodejs/nextjs/react-native skills. Competence skill anchored on the official TypeScript Handbook — no first-party certification.
super-claudiosoftware-development
Software development skill. Use when the user wants to build, code, automate, or deploy anything technical. Covers backend APIs, databases, workflow automation, scripts, free public APIs, and hosting/deployment. Trigger on backend: "build an API", "REST API", "database schema", "Supabase", "Firebase", "PostgreSQL", "MongoDB", "FastAPI", "Express", "Fastify", "GraphQL", "Node.js server", "Python API", "Prisma", "ORM", "authentication backend", "serverless functions". Trigger on automation: "automate this", "connect these apps", "n8n", "Make.com", "Zapier", "when X happens do Y", "no-code automation", "schedule a script", "webhook", "automate posting", "IFTTT", "auto-post to Instagram", "batch processing", "automate email". Trigger on free APIs: "free API for X", "public API", "build a weather app", "NASA API", "real-time data", "open data", "free data source", "API without credit card", "government API". Trigger on deployment: "deploy my app", "Docker", "Railway", "GitHub Actions", "CI/CD", "hosting", "go live
agent-skill-deploy
Deploys agent skill collections from any GitHub repository with a /skills folder to one or more distribution surfaces: GitHub releases, Claude Code marketplace, VS Code plugin marketplace, and Copilot CLI plugin marketplace. Handles pre-flight validation, conventional commit analysis, version bumping across surface configs, and surface-specific publishing with dry-run support. Use when releasing, publishing, or deploying a skills collection to any supported marketplace or creating a GitHub release for a skills repository. Don't use for deploying non-skill packages, npm modules, Docker images, or Azure resources.
ghcontrib
Regression-safe OSS contribution pipeline — dedupe, reproduce, style-match, attest, throttle, follow-up. Enforces the 10 rules as gated phases over per-candidate state.
ai-github
GitHub repo 展示层管家 — 让 repo 在 GitHub 页面上"看起来像个能用的项目"。三件套:① README 重写(mirror 参考 repo 的结构 + 填充本 repo 内容,含 badges / 它是什么 / 为什么做它对比表 / 安装两法 / 用法 / 流程 / 文件结构 / 自定义 / 版本史 / 贡献 / 致谢 / License)② GitHub 描述润色(30-100 字一句话,卖点 + 输出 + 价值,替代「X Claude Code skill」式裸分类描述)③ Topic 标签加 10-15 个,按 6 类分(生态/受众/用途/数据源/技术/语言)。**附加两步**(用户要求时启用):⓪ 建新 repo(git init + gh repo create + push,当目录还没 git 化或 GitHub 上还没 repo 时)④ 补 LICENSE(README 提到 MIT 但 repo 缺 LICENSE 文件时自动补全)。**与已有 git skill 区别**:那些是 git 操作层(commit/branch/PR/Actions),本 skill 是 GitHub 页面展示层(README + description + topics + 上线视觉)。务必触发:用户说"完善 repo 展示"、"润色 README"、"把 README 写成 X ��格"、"加 topic 标签"、"加 GitHub 标签"、"改 repo 描述"、"polish 我的 repo"、"rebrand 这个 repo"、"让我的 GitHub 项目看起来像个项目"、"GitHub 页面太空"、"美化 GitHub repo"、"把这个 skill 推到 GitHub"、"推到我们 GitHub 上",或调用 /ai-github。
mcp-conductor
Orchestrate multiple MCP servers together for complex multi-step tasks. Teaches agents to chain Exa search → Bright Data scraping → GitHub API → file operations in intelligent workflows. Use when a task requires data from multiple sources, when combining MCP tools for research, when building multi-step automations across services, or when the user says orchestrate, combine MCPs, multi-source, research pipeline, or chain tools together.
ciphera-style-policy
Ciphera code style conventions - mandatory formatting and language idioms for source code (TypeScript-first, applies to every language) - American-English naming, double quotes, string interpolation, length-sorted imports, 4-space indentation, comment/JSDoc format, compact single-line blocks, and code-level anti-patterns (barrel files, external CDN/hosting dependencies). Use whenever writing, refactoring, or reviewing source code.
git-policy
Commit, branch, and pull request standards - conventional commits, atomic changes, branch naming, commit timing, and PR quality. Use when committing, branching, staging changes, or creating/updating a pull request.
code-review
Reviews pull requests, git diffs, branches, and code changes for bugs, regressions, repository guideline violations, and high-confidence risks. Use when the user asks for a code review, PR review, pull request review, review of changes, review this diff, or wants automated review feedback before merge. For GitHub pull requests, requires the GitHub CLI (`gh`) authenticated in the target repository.
gcp-iam
Debugs GCP permission-denied errors, designs IAM bindings, traces org → folder → project inheritance, and untangles service-account impersonation chains. Covers Workload Identity. Use when working with GCP IAM, gcloud, "permission denied" on GCP resources, Workload Identity, or SA impersonation.
github-actions-pipelines
Debugs and authors GitHub Actions workflows — OIDC federation to AWS/GCP/Azure, GITHUB_TOKEN permissions hardening, reusable workflows vs composite actions, deploy concurrency, caching, the path-filter/required-check trap, and pull_request_target security. Use when working with GitHub Actions, `.github/workflows/`, OIDC to cloud providers, `pull_request_target`, branch protection required checks, reusable workflows, or CI/CD pipelines that deploy to AWS/GCP/DigitalOcean.
kubernetes-operators
Designs and audits Kubernetes Operators — CRD shape, reconcile-loop correctness, finalizer and status-subresource handling, OperatorHub capability levels, framework choice. Use when building a controller for a CRD, reviewing an operator for capability gaps, or designing the API surface of a Custom Resource. Not for general pod debugging — see kubernetes-operations.
ci-failure-triage
Triage a CI / PR check failure by READING the failure body before forming any hypothesis. Triggered whenever a required check is red, a PR is BLOCKED, a merge won't land, or you're about to call a failure "transient", "flaky", "stale", or "orphaned". Prevents dismissing a real failure (e.g. real CodeQL security alerts) as noise.
create-pr
Create a pull request with automatic Linear + Vercel integration. Links to issue, attaches preview deployment, and updates Linear status.
project-status
Show comprehensive project status across Linear, Git, and Vercel. See what's in progress, in review, and deployed.
setup-project
Set up a new project for the Claude Code SaaS workflow system. Creates .claude/project.json with Linear, GitHub, and Vercel configuration.
ry-repair
Нормализация репозитория: source-of-truth scan, semantic entropy audit, repair plan, technical-only fixes, validators, docs/memory sync. Используй для: /rldyour-flow:ry-repair, почини систему, нормализуй репозиторий, убери противоречия, repair repo. EN triggers: repository repair, semantic entropy cleanup, contract normalization, stale docs repair, AI-tool context repair.
ry-sec-review
Защитный Mythos-style security review для diff/PR/чувствительного кода. Используй для: /rldyour-security:ry-sec-review, проверь безопасность, секьюрити ревью, проверь авторизацию и секреты, найди уязвимости, threat-моделирование. EN triggers: security review, audit security, threat model, OWASP audit, hypothesis-driven security, defensive review, vulnerability review, audit auth/authz/secrets/injection.
ax-repo
Star the ax repo, file an issue / bug report, or fork-and-open-a-PR against github.com/Necmttn/ax on the user's behalf, by shelling out to the `gh` CLI. Triggers when the user says "star ax", "star the repo", "I want to support ax", "report this as an ax bug", "file an ax issue", "open an issue on ax", "this looks like an ax bug", "I want to contribute to ax", "fix this in ax", "open a PR against ax", or after an unhandled ax error when the user wants to report it. Acts only on an explicit user request - proactive star prompting is handled deterministically by the CLI (`ax star`), not this skill. Confirms before any account-mutating action (never stars without an explicit yes); falls back to a plain GitHub URL when `gh` is missing or unauthenticated. Do NOT auto-trigger on unrelated GitHub work or other repos.
code-review
Run a final code review on a pull request
atlas-crew-tasks
Use when filing, updating, sequencing, or querying tasks in any atlas-crew repo (Facet + the Atlas Crew Security repos: Apparatus, Chimera, Crucible, Synapse, Bridge). These repos track work in GitHub Issues on Projects v2 boards, NOT backlog.md. Covers the two boards, the Type/Area/Status field model, cross-repo Initiative grouping, gh seq execution ordering, and the non-obvious gh/GraphQL mechanics for setting issue types and project fields. Trigger on: file an issue, create a task, set priority/type/area/status, add to board, what should I work on next, execution order, sequencing, blocked-by, milestone, where does this task go.
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
brainstorming
设计脑暴 / 实现前方案校准:当用户想把已基本成立的想法、功能方向或产品问题,在写 PRD、画 mockup 或进入开发计划前,先比较方案、确认取舍、对齐 UI/视觉约束,并收敛成可执行设计 spec 时使用。 可用中文唤起:“先脑暴一下方案”“先不要写 PRD,帮我设计几种路径”“参考 brainstorming 把这个需求变成设计 spec” “实现前先讨论设计”。问题还没定义清楚时先用 ai-collaboration-calibration;已有方案要压力测试时用 grill-me; 直接写 PRD 时用 prd-architect。
prd-to-issues
PRD 到研发 Issue 拆解 / implementation issues:当用户已有 PRD、需求文档、handoff、产品方案或 GitHub PRD issue, 需要拆成可独立领取、可验收、适合 GitHub Issues 承接的开发任务时使用。可用中文唤起: “把 PRD 拆成 issue”“需求文档拆任务”“生成 GitHub issues”“PRD 拆工单”“拆 implementation issues” “按 vertical slice 拆开发票”。不用于从零写 PRD;那类请求用 prd-architect。不用于评审 PRD 是否完整; 那类请求先用 prd-review。
ci-cd-patterns
Provides CI/CD pipeline best practices for GitHub Actions, deployment strategies, and pipeline optimization. Use when setting up pipelines, configuring GitHub Actions, managing deployments, or when user mentions 'CI', 'CD', 'pipeline', 'GitHub Actions', 'deploy', 'workflow', 'build'.
pr-comments
Address review comments on your own pull request: implement valid suggestions, reply to invalid ones, and resolve threads. Covers inline review threads, review body comments, and plain PR timeline comments. Use when: user says "address PR comments", "implement PR feedback", "respond to review comments", "handle review feedback", "process PR review comments", "fix review feedback", "handle bot review comments", "process Copilot suggestions", "address Claude review", or wants to work through open review threads on their pull request. Gives credit to commenters in commit messages.
ship-it
Create branch, commit, push, and open a pull request. Use when: user says "ship it", "ship this", "create a PR", "open a PR", "push and PR", or wants to go from uncommitted changes to an open pull request.
tldr-this
把超长的文件 / PR / 文档 / 粘贴文本压成中文 TL;DR + 关键点。当用户说「帮我总结这个/太长了 tldr/简单说一下这个/tldr-this」时触发。
soleri-agent-issues
Triggers: "create issue", "file bug", "gh issue", "create task", "report bug", "create tickets". Creates structured GitHub issues optimized for agent execution.
soleri-finishing-a-development-branch
Triggers: "finish branch", "ready to merge", "PR ready", "submit PR", "close branch". Pre-merge checks, PR creation, merge strategy, branch cleanup.
soleri-fix-and-learn
Triggers: "fix it", "apply the fix", "patch this and remember", "fix and capture". Executes fix after root cause identified, captures learning to vault. Use systematic-debugging first.
soleri-systematic-debugging
FIRST response for "bug", "failing test", "not working", "debug this", "error", "crash", "weird issue". Diagnoses root cause before fixes. Hand off to fix-and-learn for repair.
aigr-pr-review
Review AI Gene Review pull requests and curation changes for GO term quality, evidence support, core function identification, and annotation action justification. Use for PR review comments, review follow-up automation, and QA of gene review YAML.
obsidian-vault
Create, edit, and audit notes in an Obsidian vault. Handles frontmatter properties, wikilinks, embeds, callouts, tasks, block references, tags, and Mermaid diagrams. Plugin-aware: Dataview queries and inline fields, Tasks emoji syntax, Kanban boards, Meta Bind fields, Templater templates, Bases schemas, and Canvas JSON. ALWAYS-ON: if the working directory is inside an Obsidian vault (a .obsidian/ directory in any ancestor, or a CLAUDE.md identifying the project as vault-embedded), use this skill for ALL .md file operations — including CLAUDE.md, TASKS.md, and session logs — even when Obsidian isn't mentioned. Triggers: "create/edit a note", "update frontmatter", "add tags", "fix the links", "write a Dataview query", "fix this callout", "add a task", "edit my Kanban board", "make a template", or any note-editing task in a vault. NOT for: .md files outside a vault (code-repo READMEs, GitHub issues, static-site content), generic markdown linting, or Obsidian plugin development.
az-cost-optimize
Analyze Azure resources used in the app (IaC files and/or resources in a target rg) and optimize costs - creating GitHub issues for identified optimizations.
git-flow
Use when changes are ready to ship and you need to go from working tree to pull request — staging, reviewing, conventional commit, version bump, and PR. Triggers include "commit and open a PR", "ship this", "create the PR", finishing a feature/fix, or preparing a release.
memory-hygiene
Detects "stale-but-confident" memory entries — facts that were once verified but have silently drifted. Scans memory/*.md for entries past their staleness threshold and proposes re-verification or archival. Runs automatically as part of harvest-loop Step 0-c and on explicit invocation.
ci-workflow
Generates GitHub Actions CI workflow files with parallel jobs, emoji job names, and gated deploy stages. Use when asked to write a CI workflow, add GitHub Actions, set up a CI pipeline, or create a `.github/workflows` file.
git-pr
Generates pull request titles and descriptions from git diffs. Use for any PR creation or update.
pickup-task
Claim the next ready task from the configured tracker (Linear / GitHub Issues / Notion), create a git worktree, and inject relevant learnings.
aireadylife-brand-task-flag-profile-inconsistency
Writes a flag to vault/brand/open-loops.md when a platform profile field diverges from the master brand profile. Records platform, field, current value, expected value, and fix action.
vault-to-artifact-tailor
Tailor a personal outbound artifact (resume / cover letter / outreach email / proposal / pitch one-pager) against an external audience constraint (job description / RFP / pitch context), using a personal memory vault as the source of truth. Use when the user provides (1) a vault path or repo URL with their canonical self-data, and (2) an audience constraint document or link.
pubmed-reference-resolver
査読対象論文のReferencesセクション(PDF/DOCX/TXT)から各文献をPubMedで逆引き検索し、PubMed純正互換CSV + 番号付きabstract text + 統合監査レポート(ダッシュボード+要確認項目+未解決参照詳細を1ファイルに統合)の3ファイルを自動生成する査読支援スキル。**MDPI形式の参照は決定論的fast-pathで処理し、LLM呼び出し費用ゼロで解決する**(Vancouver/AMA/APA/Harvard/Chicago/Nature/Cell/MDPI等の引用スタイルに不問で対応、MDPI以外はLLM経由)。PDFコピペ由来の行番号問題(行頭・行末・行中・数字連結・散在の5パターン)を統計的に検出・除去する。PubMed未ヒット文献は空行として保持、重複引用は複合キー(PMID/DOI/title+author+year)で検出、引用年誤記・タイトル改変・DOI-雑誌名不整合を重大/要検討/軽微の3段階に自動分類。**ジャーナル名類似度監査**により、引用ジャーナル名とPubMed側ジャーナル名の不一致をMAJOR/WARN/INFOの3段階severityで自動分類し、4層統合レポート(Dashboard/MAJOR詳細セクシ��ン/補遺narrative/sidecar JSON)として出力。**AI/LLMによる捏造引用の検出にも有効**(PubMed未ヒット文献を「真の捏造(DOI実在せず)/MEDLINE非収録誌の正規論文(predatory含む)/MEDLINE収録誌のindexing漏れ論文」の3分類で扱い、Crossref+NLM Catalog補助検証でfalse positiveを抑制可能。詳細はreferences/USAGE_QUICKSTART.md §V Q4参照)。手動補正機能(manual_overrides.yaml)により、特殊ケース(書籍検出、出版社情報保持、smart quote処理等)を明示的に補正可能。想定参照数30件中心、100件超のレビュー論文にも対応(149件MDPIゴールドスタンダードでbyte単位fixture一致を検証済み)。和文文献・医中誌Web等は非対象(英語論文専用)。既存の `paper-search` スキル(新着pull型検索)とは明確に差別化される**push型の逆引き検証ツール**。以下のようなリ
writing-pr-descriptions
Use when drafting or rewriting the description for a cc-port pull request.
agent-builder
Build custom AI agents in Claude Code from a user's problem statement. This skill analyzes the user's use case, asks smart clarifying questions, researches the internet for similar agents (GitHub repos, blogs, Claude Code community patterns), and then architects and builds production-ready Claude Code agents — including subagents, skills, hooks, slash commands, MCP integrations, and CLAUDE.md configuration. Use this skill whenever the user wants to create an agent, build an automation workflow, set up a Claude Code subagent, design a multi-agent system, or says things like 'build me an agent for...', 'automate this with Claude Code', 'I want a subagent that...', 'help me create a workflow', 'set up an agent pipeline', or any variation of wanting Claude Code to do something specialized. Also trigger when the user mentions agent architecture, agent SDK, agentic workflows, or task delegation in Claude Code — even if they don't use the word 'agent' explicitly.
github-actions-template
GitHub Actions CI pipeline templates and workflow YAML patterns. TRIGGER when: creating or editing a CI workflow, adding a CI job, or wiring build/test/deploy steps. SKIP: container build internals (use docker-templates); local git workflow (use git-operations).
research-methodology
Systematic gathering of accurate, version-specific documentation. TRIGGER when: researching a new API, library, or best practice before implementation. SKIP: turning findings into a plan (use planning-methodology); writing proposal.md (use spec-research).
code-review
Use to review diffs and PRs for bugs, regressions, edge cases, proof, and merge readiness.
review-loop
Use to autonomously handle peer review — request, wait, fix comments, push, repeat until resolved.
review-pr
Comprehensive PR review -- full branch diff against base, commit-by-commit analysis, breaking change detection, conventional commit verification.
010109-release-automation
Semantic version mapping, semantic-release automation, post-release workflow, and release configuration for conventional commits.
create-pr
Create a PR with change files, screenshots, and issue linking. Run with /create-pr or /create-pr <ISSUE_NUMBER>.
context-mode-ops
Manage context-mode GitHub issues, PRs, releases, and marketing with parallel subagent army. Orchestrates 10-20 dynamic agents per task. Use when triaging issues, reviewing PRs, releasing versions, writing LinkedIn posts, announcing releases, fixing bugs, merging contributions, validating ENV vars, testing adapters, or syncing branches.
context-mode-ops
Manage context-mode GitHub issues, PRs, releases, and marketing with parallel subagent army. Orchestrates 10-20 dynamic agents per task. Use when triaging issues, reviewing PRs, releasing versions, writing LinkedIn posts, announcing releases, fixing bugs, merging contributions, validating ENV vars, testing adapters, or syncing branches.
context-mode-ops
Manage context-mode GitHub issues, PRs, releases, and marketing with parallel subagent army. Orchestrates 10-20 dynamic agents per task. Use when triaging issues, reviewing PRs, releasing versions, writing LinkedIn posts, announcing releases, fixing bugs, merging contributions, validating ENV vars, testing adapters, or syncing branches.
ci-fix
Diagnose and fix a failing CI / GitHub Actions run. Use when a pipeline or build breaks. Triggers on: ci quebrou, ci falhou, conserta o ci, arruma o ci, build quebrou, o actions ta vermelho, pipeline failing, workflow failed, fix ci.
security-review
Pre-merge security checklist covering secrets, dependencies, auth, data handling, and fawkes suite gates. Use when reviewing a PR for security issues or hardening a change before merge.
committing
Pre-commit and pre-push checklist for the owner's public GitHub repos. Use before every commit, push, or PR. Covers the Git workflow (branch/PR or direct-to-main per the lock, conventional commits), pruning unnecessary comments, keeping docs and CLAUDE.md current, and CHANGELOG tightening.
releasing
Cut a new version of one of the owner's public GitHub repos. Use when the owner asks to publish, ship, or release a version (patch/minor/major bump, CHANGELOG promotion, tag, GitHub Release). Adapts the steps to the repo lock (PR workflow vs direct-to-main) and docs language.
speckit-taskstoissues
Convert existing tasks into actionable, dependency-ordered GitHub issues for the feature based on available design artifacts.
find-missing-tests
Analyze codebase and identify missing test cases, then create GitHub issues for each gap
adk-review
Review, audit, look-at, sanity-check, check any review-able target. Triggers on: GitHub PR URL (specialized review-pr — most common), `.` or local path (review-code-changes against the working tree), markdown file or Confluence URL (review-doc), comment-thread URL (review-comments), repo path with --audit (audit-repo), PR URL with --audit (audit-pr). Read-only by default. Produces severity-tiered findings (blocker / critical / should / may / nit) with `path:line` + ≤15-word evidence quotes from the actual file. Six dimensions in order: correctness → tests → security → performance → readability → consistency. Loads adk-agent-code-reviewer always, adk-agent-security-reviewer when diff touches auth/input/crypto/deps. Under --fix: applies accepted findings locally + pushes after confirm (never force, never merges, never protected branches). Under -i: walks each finding. Under --plan: read-only review-and-recommend; no edits. Refuses single-pass for diffs >5000 LOC.
go-conventions
Apply Go conventions — 1.25.x, vendored, golangci-lint v2, race-detector tests.
solidity-conventions
Apply Solidity conventions — Foundry only, forge fmt, solhint:all, fuzz tests.
pull-feedback
Use when the user has authored a GitHub pull request and wants to work through review feedback on it. Triggers on phrases like "pull down the review on
cicd
CI/CD pipeline builder — GitHub Actions, self-hosted runners, Docker build/push, multi-environment deployments, secrets, rollback strategies
clone
Clone a GitHub repo as a starting skeleton — strips its git history, re-inits, generates CLAUDE.md for the detected stack, optionally renames variables/namespaces to your project
ai-agent-skills-update
Update skills installed FROM THE AI-Agent-skills GitHub REPO (github.com/whobat/AI-Agent-skills) to their latest published versions — it does not touch skills from any other source (plugins, other repos, hand-written skills). Runs the repo installer in update mode across Claude Code, Codex, and OpenCode, installs nothing new, and preserves local config.json files. Use when the user says "update my AI-Agent-skills", "update my skills from the repo", "opdater skills", "are my skills up to date?", or after being told a skill from this repo has a new version.
pr-creator
Creates GitHub pull requests with comprehensive descriptions by analyzing git history and code changes
thrunt-pr-branch
Create a clean PR branch by filtering out .planning/ commits — ready for code review
api-conventions
REST API design conventions and standards. Apply when writing, reviewing, or discussing API endpoints, routes, controllers, serializers, or HTTP handlers. Covers URL structure, HTTP methods, response formats, error handling, pagination, versioning, and authentication headers.
api-design
REST API design patterns including resource naming, status codes, pagination, filtering, error responses, versioning, and rate limiting for production APIs.
backend-patterns
Backend architecture patterns, API design, database optimization, and server-side best practices for Node.js, Express, and Next.js API routes.
claude-api
Anthropic Claude API patterns for Python and TypeScript. Covers Messages API, streaming, tool use, vision, extended thinking, batches, prompt caching, and Claude Agent SDK. Use when building applications with the Claude API or Anthropic SDKs.
coding-standards
Universal coding standards, best practices, and patterns for TypeScript, JavaScript, React, and Node.js development.
fal-ai-media
Unified media generation via fal.ai MCP — image, video, and audio. Covers text-to-image (Nano Banana), text/image-to-video (Seedance, Kling, Veo 3), text-to-speech (CSM-1B), and video-to-audio (ThinkSound). Use when the user wants to generate images, videos, or audio with AI.
watchdog
Scan repos for health issues: stale PRs, failing CI, old issues, TODO refs, lockfile problems, and security advisories. TRIGGER when: user asks about repo health, "check my repos", "stale PRs", "CI status", security advisories, or invokes "/watchdog". DO NOT TRIGGER when: user is working on watchdog agent code itself.
docs-create
Turn a URL or repo into a live docs site in one command. Full end-to-end pipeline — detects the source (website, code, or Mintlify/GitBook/Docusaurus), generates structured Markdown, publishes to GitHub, and configures the Docsbook workspace. Minimal questions, maximum output.
docs-detect-source
Identify what kind of docs source you have in one call. Detects website URLs, code repositories, and existing platforms (Mintlify, GitBook, Docusaurus, Nextra) so the right builder is picked. Used internally by /docs-create or directly when you're not sure where to start.
docs-pr-check
Add a CI gate to every pull request that checks whether code changes are accompanied by documentation updates, validates frontmatter in changed markdown files, and detects broken internal links. Generates a ready-to-use GitHub Actions workflow file.
docs-publish
Push a local docs folder to GitHub in one step. Handles git init, commit, gh repo create and push — no Docsbook MCP required. Designed as the natural next step after /docs-from-site, /docs-from-code or /docs-from-docs.
resolve-comments
Use when resolving unresolved PR or MR review comments, working through reviewer feedback, or addressing code review threads on GitHub, GitLab, Bitbucket Cloud, or Azure DevOps repositories
git
Handle version control tasks: commit changes, review pull requests, and manage issues or branches. Use when user says 'commit', 'PR', 'issue', or 'branch'.
pr-description
Generate a clear, reviewer-friendly pull-request description from a diff, covering what changed, why, risk, and how it was tested. Use when opening a pull request or writing/improving a PR body.
beforemerge-fullstack-architecture-review
Code review rules for DRY/SOLID layered architecture in fullstack TypeScript applications. Covers dependency direction, service/repository patterns, factory injection, domain entities, security hardening, performance optimization, and code quality patterns. Use this skill when reviewing, writing, or refactoring fullstack TypeScript code with layered architecture — especially before merging pull requests. Triggers on tasks involving code review, architecture review, SOLID principles, clean architecture, or quality checks for fullstack TypeScript projects.
beforemerge-nextjs-review
Comprehensive code review rules for Next.js, React, and TypeScript applications. Covers security anti-patterns, performance pitfalls, architecture mistakes, and code quality issues. Use this skill when reviewing, writing, or refactoring Next.js/React code — especially before merging pull requests. Triggers on tasks involving code review, PR review, security audit, performance review, or quality checks for React/Next.js/TypeScript projects.
beforemerge-react-review
Comprehensive code review rules for React applications (framework-agnostic). Covers security anti-patterns, performance pitfalls, architecture mistakes, and code quality issues. Use this skill when reviewing, writing, or refactoring React code — especially before merging pull requests. Triggers on tasks involving code review, PR review, security audit, performance review, or quality checks for React/TypeScript projects. Does not cover Next.js-specific patterns (see nextjs-review for that).
beforemerge-supabase-review
Comprehensive code review rules for Supabase applications including RLS security, auth patterns, query performance, migration workflows, and type safety. Use this skill when reviewing, writing, or refactoring Supabase-backed code — especially before merging pull requests. Triggers on tasks involving code review, PR review, security audit, performance review, or quality checks for Supabase/PostgreSQL projects.
beforemerge-wordpress-review
Comprehensive code review rules for WordPress plugin and theme development. Covers security anti-patterns, performance pitfalls, architecture mistakes, and code quality issues. Use this skill when reviewing, writing, or refactoring WordPress/PHP code — especially before merging pull requests. Triggers on tasks involving code review, PR review, security audit, performance review, or quality checks for WordPress projects.
cc-switch-sync
同步 Hermes skills 到 CC Switch(macOS AI 模型选择工具)。 触发词:更新 cc switch、同步 skill 到 cc switch、cc switch 更新、 把 skill 更新到 cc switch、cc-switch。 自动检测需要更新的 skills,增量同步 SKILL.md 和 references/。
code-tidy
代码洁癖级整理 — 清除死代码、冗余注释、未用导入;统一排序与结构; 每次写代码后自动触发。MUST trigger when user says: "整理代码", "tidy code", "clean code", "代码洁癖", "清理代码", "整理一下代码", "清理系统", "清理垃圾", "清理残留", or after any significant code edit session, package installation, or file download. Also trigger when the user expresses dissatisfaction with code organization or mentions OCD/cleanliness.
homepage-layout
网站首页布局自检与修复。每次新增/删除/修改项目页面后自动触发, 确保仪表盘无横向滚动条、卡片不重叠、列数随项目数量自适应。 MUST trigger when the user says: "主页布局", "首页排版", "check layout", "fix homepage", "检查页面", or after any project page add/remove/rename. Also triggered by any change to index.html or addition of new project directories.
cunninghams-law
Apply Cunningham's Law when someone wants to elicit information, feedback, or corrections from others—especially online. Trigger on phrases like "how do I get people to respond?", "nobody is answering my question", "I want to get feedback on this", or when someone is drafting a question for Stack Overflow, a forum, a team Slack, or a pull request. Also useful when discussing how to get a conversation started or surface hidden knowledge within a team. Cunningham's Law is a surprisingly powerful practical tool for anyone trying to learn or get unstuck.
github-project-launch
This skill should be used when the user wants to create, launch, or grow a GitHub public repository. It provides battle-tested strategies for README optimization, launch burst tactics, sustained growth, contributor onboarding, and analytics iteration. Triggers include phrases like "new GitHub repo", "launch project", "get stars", "grow open source", "GitHub marketing", "repo promotion", or when the user is preparing to make a repository public.
context-engineering
Build and query a token-efficient, provenance-tracked company brain across code, docs, and connector streams. Five capabilities ship as one skill: multi-source indexer (14 languages via tree-sitter AST + markdown heading trees, schema-versioned, incremental); Source ABC (connector contract — connectors live elsewhere, never in this skill); EntityStore (three-tier raw/events/wiki layer with full provenance, semantic-shift consolidation, drift/split/merge auditor); depth-aware packer (2 levels — full / pointer, 95% budget utilization, multi-hop reasoning, query-as-lens reranking, anti-hallucination filters); MCP server. Anabasis `find-links` reference implementation. Use when: an agent needs broad file awareness within a token budget, building or querying a wiki/EntityStore over code + human knowledge, extracting features from a repo (code-to-knowledge), packing entity pages with provenance, multi-hop reasoning across linked concepts, indexing a workspace or GitHub repo. Do NOT use for: single-file reads, when
ship
Ships completed work by committing staged changes, moving any bound ticket to `.simple-workflow/backlog/done/`, delegating knowledge-base extraction to `/tune` via the Skill tool, pushing the branch, creating a GitHub PR, and optionally squash-merging it. Use when (1) the user runs `/ship` directly to commit-and-PR the current branch outside any ticket workflow, (2) the user runs `/ship` on an active ticket so the ticket directory moves from `.simple-workflow/backlog/active/` to `.simple-workflow/backlog/done/`, the ticket's `phase-state.yaml` advances `phases.ship` from `pending` to `completed`, and the PR body carries the canonical `Audit Summary:` line plus every `### Warning:` heading from the latest `audit-round-N.md`, or (3) `/autopilot` chain-calls the ship phase of a ticket-driven pipeline via the Skill tool. Triggers on "/ship", "/ship merge=true", "/ship [target-branch]", "ship the changes", "commit and PR", "create pull request", "squash merge", "complete ticket".
silveradd
This skill should be used to classify and file any deferred or identified work item to the correct PM destination — GitHub Issues + project board (when issue_tracker=github) or local docs/issues/ markdown (when issue_tracker=gsd or absent) — and return a stable, referenceable ID.
silverblast-radius
This skill should be used to assess the blast radius of a proposed infrastructure or DevOps change before planning. Maps change scope, downstream dependencies, failure scenarios, rollback plan, and change window risk. Required before /devops-quality-gates in the devops-cycle workflow.
silvercreate-release
This skill should be used to generate structured release notes from git history since the last tag, then create a GitHub Release (for GitHub repos) or output notes for manual publishing
silverremove
This skill should be used to remove a tracked work item by ID — closes a GitHub Issue as "not planned" with a removed-by-silver-bullet label (when issue_tracker=github), or marks a local SB-I-N or SB-B-N entry with [REMOVED YYYY-MM-DD] inline in docs/issues/ISSUES.md or docs/issues/BACKLOG.md (when issue_tracker=gsd or absent).
silverscan
This skill should be used to retrospectively scan project session sources for deferred work, unresolved questions, and knowledge or learnings candidates, then file or record approved findings through the scanner helper and project-management paths.
deployment
Invoke when working on deployment configuration, CI/CD pipelines, environment variables, or release processes. Contains project-specific deploy platform conventions.
git-workflow
Invoke before any git operations — branching, committing, merging, or creating pull requests. Contains project-specific branch naming, commit format, and merge strategy.
speckit-taskstoissues
Convert existing tasks into actionable, dependency-ordered GitHub issues for the feature based on available design artifacts.
label-system
A minimal, opinionated GitHub label taxonomy for OSS / internal projects covering priority, area, issue status, PR review state, and independent reproduction. Use when setting up labels for a new repo, when triaging a backlog, when asked "how should we label issues", when reviewing whether existing labels are coherent, or when applying labels to a batch of open issues. Five orthogonal axes, ~16 labels total, every label answers a specific filter query — designed against the open-source convention of `S-waiting-on-*` (Rust) and two-stage approval (Kubernetes), but kept small enough for a solo / small-team repo to actually maintain. Includes a bootstrap script (`scripts/bootstrap-labels.sh`) that creates the full label set in a target GitHub repo with one `gh` call per label.
overleaf-paper-sync
Manage Overleaf-backed LaTeX papers mirrored to GitHub with bidirectional GitHub Actions sync. Use for Overleaf git tokens, paper version control, GitHub mirrors, divergence or merge conflicts between Overleaf and Git, repos with sync-overleaf/pull-from-overleaf workflows or sync helpers, collaborator onboarding, and named paper instances listed in references/instances.md.
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
write-change-set
Write or update a change set (changeset) file for a pull request or branch, and scaffold the repo-local changeset workflow when it is missing. Use when the user says to write, add, update, or run the change set or changeset for a PR/branch before merge.
codex-plugin-discovery
Use when a user asks what Codex plugins are available or can be used, wants plugin recommendations for a task, asks to find/search/discover installable plugins, asks about the plugin marketplace, or asks whether a plugin can help with a task.
git-workflow
Apply consistent git practices for branch hygiene, safe commits, and recovery from common mishaps (lost commits, bad merges, accidental pushes). Use when authoring or reviewing a git workflow, recovering broken local state, or sequencing a commit/push that needs explicit user approval before destructive steps.
github-multi-repo
Multi-repository coordination, synchronization, and architecture management across many GitHub repos. Use when changes span several repositories, keeping repos in sync, or planning cross-repo architecture and dependency work.
create-pr
Drafts a pull request title and description from the branch's commits and diff — what changed, why, and how to verify — following Conventional Commits and flagging breaking changes. Asks for explicit confirmation before pushing or opening the PR.
github-release
Cut SemVer release for single-package repo — bump `version` in detected manifest, commit, create annotated tag `v<x.y.z>`. Local only, ⊥ push, ⊥ GitHub Actions. Triggers when user says "release", "tag", "ship", "cut a version", "bump version".
issue
Create, file, open, log, ∨ track GitHub issue. Always-gated by `core:socratic` skill — concrete intent passes ≤ 1 turn, vague intent triggers dialogue until convergence. Triggers when user mentions GitHub issues, bug reports, feature requests, ∨ wants to track work on GitHub. Phrasings: "file an issue", "open a bug", "track this on GitHub".
merge
Merge GitHub PR into main w/ release-ready commit message. Triggers when user mentions merging PR, landing branch, shipping GitHub PR. Phrasings: "merge this", "land the PR", "merge PR #N".
pr
Create GitHub PR from issue number ∨ objective. Triggers when user mentions GitHub PRs, pull requests, opening PR. Phrasings: "open a PR", "create a pull request", "PR for issue #N".
release
Cut SemVer release for single-package repo — bump `version` in detected manifest, commit, create annotated tag `v<x.y.z>`. Local only, ⊥ push, ⊥ GitHub Actions. Triggers when user says "release", "tag", "ship", "cut a version", "bump version".
hv-update
Check for a newer hv-skills release on GitHub and tell the user how to update — detects install type (plugin, stow, repo clone), compares plugin.json version against the latest release, and prints the exact update command. Read-only; does not run the update itself. Use on "check for updates", "is hv-skills up to date", before long /hv-work sessions.
sync-all-repos
Sync all GitHub-backed git repos on this machine with origin. Pulls behind repos, pushes ahead repos, reports dirty/non-main/conflict cases for Claude to resolve.
rust-cicd-pipeline
Set up a professional Rust CI/CD pipeline with pre-commit hooks, automated linting, testing, changelog management, and version control. This skill should be used when creating a new Rust project that needs CI/CD, when adding CI/CD to an existing project, or when troubleshooting pipeline issues. The pipeline follows the "Makefile as single source of truth" pattern and works without GitHub Actions for enterprise environments.
ci-cd-pipeline-builder
Generate pragmatic CI/CD pipelines from detected project stack signals — fast baseline generation, repeatable checks, environment-aware deployment stages. Use when setting up CI for a new project, refactoring existing pipelines, or standardizing deployment workflows across multiple repos.
pr-review-expert
Use when the user asks to review pull requests, analyze code changes, check for security issues in PRs, or assess code quality of diffs.
senior-devops
Comprehensive DevOps skill for CI/CD, infrastructure automation, containerization, and cloud platforms (AWS, GCP, Azure). Includes pipeline setup, infrastructure as code, deployment automation, and monitoring. Use when setting up pipelines, deploying applications, managing infrastructure, implementing monitoring, or optimizing deployment processes.
dev-env-setup
Audit a repo against Mick's dev-environment standard (mise pinning tools, an hk pre-commit hook running linters/tests + gitleaks, a GitHub Actions workflow that mirrors those checks, and project docs — README.md + CLAUDE.md recording pinned package versions) and set it up or upgrade it. Use when a repo of Mick's is missing the standard setup, when the dev-env-reminder hook flags a gap, when the user mentions hk/mise/gitleaks/"my dev setup", or when starting a new repo. Tracks a standard version via DEV_ENV_VERSION in mise.toml and upgrades behind repos using references/upgrade-guide.md.
unknown-skill
Look at the pull request review comments and address any issues raised.
pr-review
Review a GitHub PR by analyzing the branch diff against the linked issue requirements, launch parallel analysis agents (context + security), then post structured findings as PR comments.
speckit-retrospect-run
Run a session retrospective that surfaces context-management gaps and routes them to approved follow-up actions.
speckit-review
Comprehensive code review using specialized agents — orchestrates code, comments, tests, errors, types, and simplify agents sequentially.
speckit-review-run
Comprehensive code review using specialized agents — orchestrates code, comments, tests, errors, types, and simplify agents sequentially.
speckit-review-tests
Test coverage quality analysis — behavioral coverage, critical gap identification, test resilience evaluation.
git-feature-branch
Use when starting a new unit of work that should not land on the default branch: create a focused feature branch off the default branch for each unit of work.
trust-guard
Post-edit verification engine that prevents silent failures from reaching production. After every Write/Edit/MultiEdit, re-reads files to confirm changes actually applied across all call sites, validates diffs against intent, and assigns trust scores. Catches the
pr
Create a PR (GitHub) or MR (GitLab) for the current uncommitted changes. TRIGGER when the user says "/pr", "/mr", asks to "open a PR/MR", "ship this as an MR", or "create a pull request" for work-in-progress changes in the current repo. Inspects the diff, groups related files, runs type-check/tests, commits with no AI attribution, and pauses for confirmation before opening the PR/MR.
github-research
Explore and analyze GitHub repositories related to a research topic. Reads deep-research output, discovers repos from multiple sources, deeply analyzes code, and produces integration blueprints.
uselink-pr-digest
Summarize a pull request as a stakeholder-friendly HTML page and publish to uselink. Use when the user wants to share PR changes with PMs, reviewers, or business stakeholders who don't read diffs.
uselink-repo-summary
Scan a GitHub repo (local or remote), generate an architecture overview as HTML, and publish to uselink. Use when the user wants to share a repo summary, architecture overview, or codebase tour with stakeholders who don't have repo access.
pull-request
Gate-and-create-one-PR twin of the ship skill. Enforces the project's pre-PR gates on the current branch via the shared reviewer-gates layer, then creates exactly one pull request — built-in git push + gh pr create by default, or a project-configured delegate skill — and emits pull_request.created. It gates, creates one PR, and records; it never merges, deploys, stacks multiple PRs, retries a delegate, or orchestrates. Trigger: "pull-request", "/pull-request", "open a PR", "specstudio:pull-request".
document
Draft a technical document from an intent or a source. Triggers on "write the runbook / ADR / RCA / PR description / commit message / changelog / diagram / README / migration guide / API reference / experiment report / incident summary / onboarding doc / design doc". Markdown-first: produces a draft in a local file and NEVER publishes (no Confluence / Jira / Slack / GitHub posting — that is a separate concern). Reader-first voice: leads with the reader's question, cites every non-trivial claim to a repo path or quoted source, caps external quotes at 15 words, cuts filler. Audience-tuned (engineer / pm / exec / mixed) — the voice does not mix. GitHub context (PR / issue) is read via the gh CLI.
pr-review
HEAVYWEIGHT, GitHub-only deep PR review. Takes a GitHub PR URL, prepares a read-only git worktree at the PR head (SSH clone only), and reviews the diff with full cross-file context via Read/Grep/Glob. Fans out one agent per dimension (correctness, security, tests, performance, api, docs, observability, concurrency, feature-flow) through the Workflow tool, then adversarially verifies every finding before it survives. Traces feature flags / experiments via the adk-statsig MCP and pulls linked Jira/Confluence via the adk-atlassian MCP. Posts inline review comments, a review summary, and appreciations through the gh CLI after confirmation. NEVER merges, never force-pushes, never edits the PR's code. For a quick read-only pass with no worktree, use /adk:review.
review
Review, audit, sanity-check, look-at any review-able target. Triggers on a GitHub PR URL (fetched via the gh CLI), a local path or "." (review the working tree), a markdown/doc file, or a comment-thread URL. Read-only by default; --fix applies accepted findings locally and pushes to the PR branch after confirmation (never force, never merge, never to a protected branch). Produces severity-tiered findings (blocker / critical / should / may / nit) with path:line and <=15-word verbatim evidence quotes. Six dimensions: correctness, tests, security, performance, readability, consistency. For a deep PR review with cross-file code-context retrieval, use /adk:pr-review.
profile-weather-view-patterns
Coding patterns extracted from profile-weather-view — a Bun/TypeScript utility that fetches weather data and updates a GitHub profile README
update-docs
Update all project documentation, repository metadata, and progress tracking when the codebase has significantly changed. Handles README (EN/CN), CLAUDE.md, CHANGELOG, pyproject.toml, GitHub About/description/topics, and release notes. CRITICAL: bilingual docs are written independently, NOT translated.
do-issue
Use when creating a new GitHub issue. Ensures issues are self-contained, define domain terms, and provide enough context for the /do-plan skill to produce a quality plan. Triggered by 'create an issue', 'file an issue', or automatically by /sdlc at Step 1.
do-pr-review
Use when reviewing a pull request. Analyzes code changes, validates against plan requirements, and captures visual proof via screenshots. Triggered by 'review this PR', 'check the pull request', 'do a PR review', or a PR URL.
zoom-out
Use when course-correcting mid-session or reassessing priorities. Triggered by 'zoom out', 'am I solving the right problem', 'step back', 'reassess', 'am I on track', or any request to check whether current work aligns with real goals.
create-skill
Create a new Claude Code skill. Use when user says "スキル作って", "Skill作って", or "create skill"
repo-migration-audit
Audit a GitHub repository for identity / secret leaks and produce a recreate-or-not recommendation. Use when investigating a suspected leak in commit metadata (author identity, tailnet hostname, absolute paths) or planning a repo migration / delete-recreate. Produces a structured report with fork count, SHA reachability, GH Archive hits, and clone traffic, plus an inventory file and clean git bundle if recreation is recommended.
repo-recreate
Delete and recreate a GitHub repository to physically purge leaked commit SHAs. Use after repo-migration-audit returns a × judgment (e.g., leaked author identity / tailnet hostname / secret reachable via SHA). 4 phases with explicit stop-and-confirm checkpoints; the destructive phase (delete) requires fresh `delete_repo` OAuth scope. Restores settings, topics, branch protection, releases, and verifies all leaked SHAs return 404.
standardization-scanner
複数プロジェクトの memory / commit / PR から共通パターンを抽出して標準化候補をリストアップする skill。月次運用想定。
publish-skill
Publish a Claude Code skill to GitHub as a polished, adoptable open-source repo, AND diagnose `claude plugin install` failures on a published skill. Use when the user says "publish this skill", "put this on GitHub", "share this skill", "release this skill publicly", "open source my skill", "make this skill installable", "create a GitHub repo for my skill", "package this skill for the marketplace", or wants to update an existing published skill repo. Also trigger when the user says "submit to awesome-claude-skills", "add my skill to the awesome list", "how do I let others install my skill?", "I finished my skill, now what?", "push my skill to a public repo", "generate a README and publish", "bump the version and republish", or "turn my local skill into a polished repo". ALSO trigger on `claude plugin install` failures and diagnostic questions: `Plugin X not found in any configured marketplace`, `Plugin X not found in marketplace Y`, `Invalid schema: plugins.0.source: Invalid input`, `Failed to add marketplace:
session-handoff
End-of-session handoff that captures session knowledge, dispatches output across the canonical 7-bucket docs/ taxonomy (decisions/runbooks/analysis/references/reviews/handoffs/deliverables — aligned with memory-hygiene v3.3), triggers a doc-freshness reverse-lint + skill-freshness audit to catch stale normative guidance, emits the future-to-do plan's follow-up items as GitHub issues, updates memory, and prepares next-session prompts. Use when: (1) user says 'wrap up', 'hand over', 'create handoff', 'end of session', 'write handoff', 'session handoff'; (2) non-trivial work session (3+ tasks) is ending; (3) context window is approaching limits; (4) user says 'consolidate', 'what's the current state', 'start here document' after parallel sessions; (5) the session produced artifacts that belong in more than one docs/ bucket (ADR + analysis + runbook + review). Includes cross-session consolidation when 3+ handoffs accumulate and a mandatory reverse-lint verify step against any lessons.md / feedback_*.md touched th
skill-sync
Keep locally installed Claude Code skills in sync with their GitHub repos. Use when the user says "sync my skills", "push skill updates", "which skills are out of date?", "skill-sync", "push my skill changes", "are my skills in sync?", "register my skills", or "init skill registry". Companion to publish-skill (publish = first-time, skill-sync = ongoing maintenance). Do NOT use for creating new skills (use skill-creator), first-time publishing (use publish-skill), or improving skill quality (use schliff).
agent-harness-backend-adoption-eval
Evaluate a proposed library or backend as a replacement for an existing one. Produces a structured assessment: architecture comparison, benchmark credibility, unproven risks, creative angles, and a staged recommendation. Use when a new library surfaces as a candidate to replace an embedded dependency (vector DB, cache, queue, etc.).
mmr
Multi-model code review — dispatch, poll, and collect results from multiple AI model CLIs
resume-import
Use when importing external data sources to enrich resume profile. Supports GitHub profiles, tech blogs, patents, papers, LeetCode, Stack Overflow, and other platforms for social proof and additional evidence.
pr-merge
Merge a PR locally with fast-forward to preserve GPG-signed commits, then clean up.
journal-this
Use when the Operator wants to capture the current session as a dated engineering/work journal entry written in their own voice — triggers include "/journal-this", "journal this", "summarize this session", "write a journal entry", "wrap this up as a journal entry", or winding-down cues like "good stopping point" / "let's call it here" at the end of substantive work. Also use on first run to configure the journal (name, voice source, destination). Saves the entry to a configured folder or GitHub repo.
harness-issues
Break a plan, spec, or PRD into independently-grabbable issues using tracer-bullet vertical slices with enforced AC templates, creation gates, and dual output to GitHub Issues + PLAN.md. Use when user wants to convert a plan into issues, create implementation tickets, or break down work into issues.
harness-verify-before-move
Comprehensive pre-phase-transition sweep. Verifies phase exit criteria, syncs code status (git/lint/build/tests), audits and cleans design docs, cleans implementation-notes, prunes stale documents and memory, syncs GitHub project state (milestones, issues, status labels, board), updates README, writes a fresh memory snapshot, then outputs a clean project snapshot. Use when completing a phase, before advancing to next phase, or when user says "verify before move", "clean up before moving", "sync everything", "project snapshot", "clean slate", "phase transition". Typically consumes ~8K–15K tokens / <10% of a context window.
finalize-pr
Automatically finalize pull requests for merge by resolving CodeQL violations, review threads, merge conflicts, and CI failures. Handles single PR (current branch or by number), all open PRs in the repo, or all open PRs across the org. Includes bot-authored PRs in all modes.
resolve-pr-threads
Orchestrates resolution of GitHub PR review threads AND reads recent non-thread PR comments (top-level + review bodies) by grouping related feedback, processing each group sequentially inline with superpowers:receiving-code-review, and resolving threads via GraphQL. Use when you need to batch-process review feedback to unblock a PR merge.
trigger-ai-reviews
Use when asked to "trigger AI reviews", "request AI re-reviews", "get Claude/Gemini/Copilot to review my PR", "re-review this PR", or trigger review-request comments on a PR. Triggers all three AI reviewers by default, or specific ones when named.
cicd-pipeline-config
CI/CD pipeline configuration skill for test automation, covering GitHub Actions, Jenkins, GitLab CI, test parallelization, reporting, and artifact management.
create-bug-issue
Create one kind:bug GitHub issue with a Zone-A (symptom) body — the reporter's record of what's broken: Summary, Environment, Steps to reproduce, Expected vs. actual, Evidence, Severity, Regression anchor. Helps the user fill the bug-issue.md template (without inventing facts), confirms it, then creates the issue (kind:bug, NO status, NO branch) via create-bug.sh so /ship analyze picks it up. Activate on '/create-bug-issue', 'file/report a bug', or 'create a bug issue for <x>'.
create-enhancement-issue
Create one kind:enhancement GitHub issue against an EXISTING codebase — the lightweight single-issue analog of /deep-dive-feature (no interview, no doc-lock). Reads context read-only to draft a feature-shaped body, guards that the change needs NO contract/data-model edit (if it does, it's a feature — stop), confirms with the user, then creates it via create-enhancement.sh. Activate on '/create-enhancement-issue', 'create/file an enhancement issue for <x>', or 'enhance <existing behavior>'.
create-feature-issues
Decompose a locked-in feature's PRD into release-safe vertical-slice GitHub issues — ONE issue per slice, whose body inlines the typed task breakdown (e2e → backend → frontend) as a static-ID checklist. Reads the merged `feature-lockin` PRD and contracts; on approval opens slice issues labeled `kind:feature` + `status:ready-to-review` with `feature/<slice#>-<intent>` branches and `Blocked by` chains, then archives the spent PRD. Activate on 'create/slice issues for <feature-name>'.
dream-summary-memory
The 'dreaming' pass over a consuming project's recent history. Reads GitHub issues and PRs closed since the last dream run — review/fix threads, CI failures, merge conflicts — distills the recurring mistakes engineers and reviewers keep making and writes them as additive rule overlays under `.claude/memory/patterns/<skill>.md`. Writes autonomously; never edits baseline pattern skills. Activate on '/dream-summary-memory', 'dream the memory', or 'summarize recent issues into memory'.
operation-git
Single source of truth for every git / GitHub operation the workflow-* skills and the implement-slice Workflow perform. Owns the shared `gh` + `git` scripts (worktree setup, slice-branch resolve, issue listing, task-finder stages, label flips, comment posting, draft-PR creation, PR-status checks), the shared templates, and the gh-command / versioning / release references. Activate whenever the user works with git or GitHub directly, or from inside any workflow that mutates GitHub state.
github-explorer
Deep-dive analysis of GitHub projects. Use when the user mentions a GitHub repo/project name and wants to understand it — triggered by phrases like "帮我看看这个项目", "了解一下 XXX", "这个项目怎么样", "分析一下 repo", or any request to explore/evaluate a GitHub project. Covers architecture, community health, competitive landscape, and cross-platform knowledge sources.
ci-setup
Set up CI/CD — GitHub Actions workflows, TruffleHog, Dependabot, pre-commit hooks, marketplace plugins. Triggers: "ci setup" | "setup ci" | "configure ci" | "setup hooks" | "setup github actions".
automation-audit-ops
Evidence-first automation inventory and overlap audit workflow for an autonomous agent operator. Use when the user wants to know which jobs, hooks, connectors, MCP servers, or wrappers are live, broken, redundant, or missing before fixing anything.
github-pr
Fetch, preview, merge, and test GitHub PRs locally. Great for trying upstream PRs before they're merged.
memex-sync
Sync Zettelkasten cards across devices via git. Initialize, push/pull, or configure auto-sync.
create-issue
Use when you have a rough user story, bug report, or feature idea that needs to become a well-structured GitHub issue.
docs-verify
Use when you need to verify or update internal documentation for a specific topic, or when documentation may be outdated or missing for a feature.
implement
Use when a comment or message contains /devflow:implement followed by a GitHub issue number. Runs the full 4-phase lifecycle — setup, implementation, code review, and documentation.
init
Use when setting up DevFlow in a repo for the first time, or after a plugin update — scaffolds .devflow/config.json from the shipped template (when absent) or backfills newly-added keys into an existing one (preserving your values), and refreshes config.schema.json. Invoke explicitly with /devflow:init.
pr-description
Use when generating or updating a PR description for the current branch. Takes an optional issue number as argument.
review
Use when you need a code-review verdict on a PR or current branch, without auto-applying any fixes.
review-and-fix
Use when you need findings on a PR or current branch to be auto-applied, not just reported.
daily-brief
Operational knowledge for the daily-brief digest pipeline (this project). RSS/API fetchers, pluggable LLM enrichment (default claude CLI on Max; also anthropic/openai/deepseek/minimax API), trading section, HTML rendering, cross-platform scheduler integration (Windows Task Scheduler / macOS launchd / Linux cron). Load when the user asks about running daily / regenerating sections / debugging a failed run / adding or disabling sources / LLM quota / scheduler / why a tab shows wrong data / why a source failed / switching LLM backend. Always prefer the documented npm commands over re-implementing logic. Diagnose by reading logs/daily-*.log first, then logs/llm-calls.jsonl for LLM-side issues.
github
GitHub 작업 (PR, Issue, CI/CD)
ba-feature-analyst
Acts as a Business Analyst (BA) to produce a complete, agent-ready feature analysis document and sequential per-story files for a single feature referenced from the product backlog. Output is optimized for downstream coding agents (Claude Code) — every story is self-contained, with explicit file targets, data contracts, and verification steps. ALWAYS use this skill when the user asks to analyze, break down, or detail a specific feature from the backlog. Triggers: "analyze this feature", "break down feature", "write user stories for", "story breakdown", "split into stories". Output: one feature summary file at docs/features/[F-XXX]-[feature-slug]/feature-analysis.md and one file per story at docs/features/[F-XXX]-[feature-slug]/stories/[S-XX]-[story-slug]/story-plan.md
dev-story-implementer
Implements a single user story against the spec produced by `ba-feature-analyst`. At story start it marks the story In-Progress (both `story-plan.md` and the GitHub board). Then it reads the story's Touch Points, Data Contracts, Observable Behavior, and Verification, writes the code, runs the verification commands, gets an independent code-review, commits on a feature branch (with `Closes #N` in the body), and pushes. That's the whole job — GitHub Actions takes it from there: it opens the PR, runs build + test (the merge gate), and on green moves the board to In-Test (Shopify also deploys a preview). The user tests the In-Test build, then runs `/story-done`, which squash-merges the PR and marks it Done. Implements exactly ONE story per invocation — no bundling, no scope creep, no bonus refactor. ALWAYS use this skill when the user asks to implement, code, build, or "do" a specific story. Triggers: "implement S-XX", "implement F-XXX/S-XX", "code this story", "story uygula", "kodla". Output: source code edits p
devops-ci-architect
Sets up GitHub Actions CI/CD for a project. Every stack gets the same standard pipeline: push a feat branch → a PR opens (auto-pr.yml) → CI runs build + test as the merge gate (ci.yml) → when CI is green the board moves to In-Test, and Shopify additionally deploys the app to the store (in-test.yml). (dev-story-implementer set the board to In-Progress at story start.) Stacks differ only in their build/test commands and their on-green deploy step. iOS also ships a manual TestFlight button. Stack-specific details live in templates/stacks/<id>/manifest.md — adding a project type is a drop-in directory, no skill-body edits. ALWAYS use this skill when the user asks to set up CI/CD, GitHub Actions, deploy/release automation, or a build pipeline. Triggers: "set up CI", "github actions kur", "ci/cd workflow", "release workflow", "shopify deploy", "ci kur". Output: .github/workflows/ (ci.yml + auto-pr.yml + in-test.yml + the stack's release/distribution workflow) + .github/scripts/set-project-status.sh + stack support
ship-it
Set up or fix a deploy pipeline. Picks a platform that fits the app, writes the config (Dockerfile, vercel.json, railway.toml, fly.toml, GitHub Actions), and ships a first deploy. Knows Vercel, Railway, Fly.io, Render, AWS basics (ECS, Lambda, Amplify), Docker, Kubernetes essentials, and GitHub Actions. Use when the user says "deploy this", "ship it", "set up vercel", "dockerize this", "write the GitHub Actions for deploy", or has working local code that needs to be live.
configuring-azure-oidc-for-github-actions
Sets up branch-scoped Azure OIDC for GitHub Actions — creates service principals, federated credentials bound to each branch's refs/heads/{branch}, generates SQL passwords, and sets GitHub secrets. Use when bootstrapping CI/CD, onboarding a new environment branch, or fixing AADSTS70021 subject mismatches.
curating-azure-deployment-learnings
Captures Azure deployment learnings from real projects in a structured format and promotes recurring ones into the diagnosing-azure-deployment-failures gotcha catalogue. Provides scripts to capture a new learning (with project, severity, frontmatter), diff against existing gotchas, and propose promotions with commit-ready text. Use when a deployment problem was solved and the fix should be captured so it doesn't have to be rediscovered, or when reviewing accumulated learnings to find patterns worth promoting.
managing-azure-sql-migrations
Manages versioned, idempotent Azure SQL migrations that run on every deployment via sqlcmd in GitHub Actions. Provides the migration-history tracking table, the guard-clause template every migration uses, and the workflow step that installs sqlcmd on ubuntu-24.04, manages the SQL firewall with trap cleanup, and runs all files in alphabetical order. Use when adding a new SQL migration, setting up the migration system on a new project, or fixing CI failures like "sqlcmd not found", "gpg cannot open /dev/tty", or "Multiple files found matching pattern *.sql".
orchestrating-azure-deployments
Routes Azure web app work (scaffold, deploy, troubleshoot, evolve) to the right Azure Lean Stack sub-skill. Built around branch-per-environment CI/CD where each git branch maps to one isolated Azure resource group via OIDC. Use when building or deploying a new Azure app, setting up GitHub Actions for Azure, troubleshooting a failed deploy, or adding FC1 / Container Apps / Logic Apps / multi-tenant patterns.
scaffolding-azure-bicep-infrastructure
Generates a subscription-scoped Bicep stack + GitHub Actions workflows for an Azure web app, with opt-in module toggles (SQL, Storage, Observability) and the {org}-{project}-{component}-{env} naming formula. Use when bootstrapping a new Azure project's IaC, adding a Bicep module, or refactoring into the modular-toggle pattern.
file-issue
File a GitHub issue for later triage
project-readme
Create, rewrite, update, or validate truthful README.md files for any project archetype. Use for libraries, SDKs, CLIs, web apps, API services, MCP servers, agent skills, monorepos, docs sites, GitHub Actions, extensions, container images, Terraform modules, Helm charts, model cards, dataset cards, research code, templates, demos, specs, desktop/mobile apps, badges, quick starts, setup docs, API or command references, README validation, and README quality checks.
ship-it
Set up or fix a deploy pipeline. Picks a platform that fits the app, writes the config (Dockerfile, vercel.json, railway.toml, fly.toml, GitHub Actions), and ships a first deploy. Knows Vercel, Railway, Fly.io, Render, AWS basics (ECS, Lambda, Amplify), Docker, Kubernetes essentials, and GitHub Actions. Use when the user says "deploy this", "ship it", "set up vercel", "dockerize this", "write the GitHub Actions for deploy", or has working local code that needs to be live.
claudeguard
Pre-merge policy gate. Checks a git diff against versioned house rulesets and returns a structured PASS/FAIL verdict. Use before merging to main/master, when reviewing a branch or PR for policy violations, or when the user asks to "run claudeguard", "gate this branch", or "check policy compliance". Report-only — never edits files.
michi-bootstrap
Onboard a project to the Michi documentation structure — survey what exists, recommend what to build (S/M/L/XL effort tiers), and walk the user through setup interactively.
michi-pr-prep
Prepare a PR review guide — a companion document that helps reviewers understand what they're looking at, why decisions were made, and where to focus attention. Two output shapes (TLDR + Details by default, or TLDR-only via `/michi-pr-prep tldr`); two context modes (in-session, from-diff).
bitbucket-workflow
Bitbucket best practices for pull requests, Pipelines CI/CD, Jira integration, and Atlassian ecosystem workflows
setup-repo
Bootstrap the GitHub repo for a forge project — repo creation, branch protection, GitHub Environments, CI workflows, secrets configuration.
whats-next
Analyze one or more projects by identifying the top 5 user personas across the full spectrum from technical to non-technical, surfacing gaps each persona hits, and synthesizing what to build next — including breakthrough moves that elevate the project to a new level. Use this skill whenever the user asks "what should I build next", "what do my users want", "what's missing from this project", "who uses this and what do they need", or wants strategic product direction for a repo or portfolio. Trigger even if the user just says "analyze my repos" or "what should I add to X" — persona-based product thinking is almost always the right lens. Works with GitHub URLs, repo names, local project paths, plain project descriptions, or pasted user conversations (emails, Discord, reviews, support tickets).
rcode-ci
CI/CD setup and quality gates for the rcode-default stack — GitHub Actions for Node test matrix,.
deployment-advisor
Deployment strategy guidance - platform selection, CI/CD pipeline design, environment configuration, monitoring
index-repos
Enumerate the full content of one or more GitHub repos that host Claude Code skills, agents, and plugins. Thin wrapper around `scripts/scan_repo.mjs` (deterministic Node scanner — no LLM required). Returns structured markdown indices per repo. Use when expanding a small set of candidate skills into the full breadth of what their host repos offer.
inspect
Pre-install structured summary of a remote skill/plugin repo. Fetches the repo tree and key files via gh API, then renders a human-readable capability overview — skills, agents, commands, scripts, permission footprint — without triggering discovery, security scan, or install. Use when the user asks "what does owner/repo contain", "inspect this skill before install", "show me what's in owner/repo", "summarise owner/repo without installing", "what skills does this repo have", or invokes /ievo:inspect <owner>/<repo>.
commit-messages
Generate clear, conventional commit messages from git diffs. Use when writing commit messages, reviewing staged changes, or preparing releases.
docs-review
Review project docs for staleness. Checks lib.rs, Cargo.toml, README, CONTRIBUTING, SECURITY, PRIVACY, and GitHub repo metadata.
pr
Create a pull request with WSL-safe workflow. Uses --body-file to avoid heredoc permission corruption.
git-workflow
This skill should be used when the user asks to "create git commit", "manage branches", "follow git workflow", "use Conventional Commits", "handle merge conflicts", or asks about git branching strategies, version control best practices, pull request workflows. Provides comprehensive Git workflow guidance for team collaboration.
git-patterns
Git workflow patterns covering Conventional Commits, interactive rebase, branch strategy, recovery with reflog, bisect, worktrees, and stash. Use whenever a project uses git, or the user asks about commit messages, rebase, branch strategy, merge conflicts, git history, or recovering lost commits, even if "git" is not mentioned by name.
contributing-to-lt-framework
Guides local development on the lenne.tech framework libraries themselves (@lenne.tech/nest-server and @lenne.tech/nuxt-extensions) and validation of those changes from within a consuming starter project. Covers the pnpm link workflow for both frameworks, expected repository layouts, build/watch commands, rollback, and the handoff to the upstream contribution agents. Activates when the user mentions "modify nest-server", "change nuxt-extensions", "pnpm link", "test framework locally", "develop lt framework", "contribute to nest-server", "contribute to nuxt-extensions", or wants to iterate on framework source while exercising it in nest-server-starter / nuxt-base-starter. NOT for consuming frameworks inside a project (use generating-nest-servers or developing-lt-frontend). NOT for vendored-core workflows inside projects (use nest-server-core-vendoring or nuxt-extensions-core-vendoring). NOT for npm version upgrades (use nest-server-updating).
push
Commit, push, and create PR. Auto-creates feature branch if on base. Use when user wants to commit and push, create a PR, ship work, send changes upstream, open a pull request, or publish a branch.
estimating-accessibility-effort
Use this skill to estimate the effort required to remediate accessibility issues. Triggers when sizing accessibility work for a sprint, estimating how long a WCAG fix will take, scoping remediation work, or planning accessibility improvements.
github-social-preview
Generates a professional GitHub repository social preview image sized 1280x640 pixels as a JPG under 1 MB. Always trigger immediately when the user's message starts with "gsp". Also trigger on "generate github social preview", "create repo preview image", or any request to generate a social preview or OG image for a GitHub repository.
kyosei
Code review for PRs or local changes. Covers code quality, dependency updates, performance, test coverage, documentation accuracy, and security. Use when reviewing PRs, checking code quality, or running comprehensive code reviews.
pr
Generate a GitHub pull request title and body from the current branch and let the user review before creation. Use when the user wants to create a pull request.
pr-style
Pull request style guidelines covering title, body, assignee, and label selection. Use when writing or proposing GitHub pull requests, including direct `gh pr create` invocations outside the /pr skill.
treefmt
treefmt-nix and nix fmt guide. Unified formatting and linting with treefmt. Use when configuring or running nix fmt, treefmt, or adding formatters/linters to a Nix project.
set-blocked-by
Set or remove a GitHub blocked-by relationship between issues. Run with /set-blocked-by <blocked#> <blocker#> or /set-blocked-by remove <blocked#> <blocker#>.
set-parent
Set or remove a GitHub sub-issue (parent/child) relationship. Run with /set-parent <child#> <parent#> or /set-parent remove <child#> <parent#>.
caveman-review
Ultra-compressed code review comments. Cuts noise from PR feedback while preserving the actionable signal. Each comment is one line: location, problem, fix. Use when user says "review this PR", "code review", "review the diff", "/review", or invokes /caveman-review. Auto-triggers when reviewing pull requests.
create-mds
Build a Modern Data Stack (Tailscale + dlt + BigQuery + dbt-core + systemd timers + optional MCP) from scratch on a new VPS for a small or medium business. Invoke when the user wants to bootstrap data integration end-to-end.
community-navigation
Guides you to the best Claude Code community resources. Compares Reddit vs Discord vs GitHub, lists notable power users, and provides etiquette tips for getting high-quality answers.
git-github-workflows
Git and GitHub workflow automation. Handles commit messages, branch management (worktrees), PR creations, conflict resolution, and CI/CD pipelines. Use when interacting with version control, setting up Actions, or resolving merge conflicts.
headless-automation
Claude Code headless mode and CI/CD automation guide. Covers the -p flag for non-interactive execution, --output-format stream-json for structured output, GitHub Actions integration with anthropics/claude-code-action, GitLab CI and Jenkins pipeline patterns, batch processing with parallel instances, CLAUDE_CODE_TASK_LIST_ID for multi-instance coordination, and output parsing with jq. Use when automating Claude Code, setting up CI/CD pipelines, running batch processing, or scripting non-interactive workflows.
git-workflow
Git workflow management. Triggers when creating branches, preparing PRs, or managing merge decisions.
do-issues
Work on GitHub issues systematically with proper development workflow
generate-cicd
Generate CI/CD workflows (GitHub Actions) through interactive conversation by analyzing repository structure and user preferences. Use when the user asks to: (1) set up CI/CD for a project, (2) create GitHub Actions workflows, (3) add automated testing/building/deployment pipelines, (4) improve or review existing CI/CD configuration. Also use when the user mentions automating tests, running checks on PRs, or deploying on merge — even without explicitly saying "CI/CD". Triggers on: "CI/CD", "CI", "GitHub Actions", "workflow", "pipeline", "continuous integration", "continuous deployment", ".github/workflows", "automate tests", "run checks on PRs", "deploy on merge".
import-skill
Import skills from GitHub repositories into the local toolkit. Supports copying a single skill from a GitHub directory URL or merging multiple skills into one. Also accepts pasted skill content. Use when the user asks to: (1) import, add, or copy a skill from GitHub, (2) merge multiple skills into one, (3) paste skill content to create a new local skill. Triggers on: "import skill", "add skill from", "copy skill", "merge skills", "fetch skill", "grab skill", "skill from GitHub".
python-conventions
Apply Python conventions — uv, Ruff strict, mypy strict, pytest, pip-audit.
evidence-sourcing
Use when sourcing, finding, or building a list of candidates for a role — especially when you need real profile URLs and proof-of-work (GitHub repos, papers, models, answers, launches, writing), not just names. Triggers on "source candidates", "find engineers/researchers/founders for X", "who's built Y", "build a pipeline", "find people who".
cm-identity-guard
Verify and lock project identity before ANY git push, Cloudflare deploy, or Supabase operation. Essential when working with multiple GitHub accounts (personal + work), multiple Cloudflare accounts, or multiple Supabase/Neon projects. Prevents wrong-account deploys, cross-project secret leaks, and git history contamination.
nobodybuilt
Use this skill when the user wants to find unexplored tool, app, or project ideas that nobody has built yet. Triggers: 'nobodybuilt', 'find me an idea', 'what should I build', 'viral tool idea', 'unexplored niche', 'blue ocean', 'surprise me with an idea', 'what hasn't been built yet', or when the user sends a screenshot/photo asking for tool ideas. Accepts text or images as input — analyzes screenshots of apps, photos of real-world problems, or Reddit/Twitter posts to identify gaps. Searches GitHub, Reddit, Product Hunt, npm, and AI directories for real gaps, scores ideas on 9 viral factors, then generates complete publish-ready code + README + launch strategy. Do NOT use for: building a specific tool the user already has in mind, code review, debugging, or general brainstorming unrelated to tool/product discovery.
proofread-subtitles
Use this skill to proofread a `.srt` subtitle file produced by Whisper or another voice-to-text engine.
submit-an-issue
Use this skill to file one already-identified bug as GitHub issue against one specific repository.
compose-preview-review
Review pull requests that change Compose UI by rendering @Preview composables on base and head and diffing them. Use when reviewing a UI PR locally, authoring an agent-opened PR that touches UI, or wiring compose-preview/main baselines and PR-comment GitHub Actions for a project. Pairs with the compose-preview skill.
build
Configure build script and run it
check-pr
Checks a GitHub pull request for unresolved review comments, failing status checks, and incomplete PR descriptions. Waits for pending checks to complete, categorizes issues as actionable or informational, and optionally fixes and resolves them. Use when the user wants to check a PR, address review feedback, or prepare a PR for merge.
setup-dotnet-azure-site
Use when creating a new Azure deployment environment (staging, QA, demo, testing) for an existing .NET production app hosted on Azure App Service. Triggers on: "set up a staging environment", "create a new deployment site", "I need a testing environment that mirrors production", "spin up a QA site." Covers Azure resource provisioning via az CLI, GitHub branch creation, GitHub Actions CI/CD (detecting existing workflows or creating fresh), and per-environment secret isolation via GitHub Environments. Skip for non-.NET apps (Python, Node.js) or non-Azure hosting (Vercel, AWS, GCP).
ry-review
Отчётное (report-only) глубокое ревью diff/PR/scope с reviewer tracks. Используй для: /rldyour-flow:ry-review, проверь реализацию, сделай ревью, найди проблемы, инспекция кода, проанализируй diff. EN triggers: review diff, review PR, code review, audit changes, find issues, deep review, report-only review, multi-track review.
ralph
PRD AC 가 모두 passes:true 될 때까지 반복 실행. 명시 옵트인만 (사용자 룰: 자동 활성 금지).
pr-reviewer
Automated GitHub PR code review with diff analysis, lint integration, and structured reports. Use when reviewing pull requests, checking for security issues, error handling gaps, test coverage, or code style problems. Supports Go, Python, and JavaScript/TypeScript. Requires `gh` CLI authenticated with repo access.
gwt-pr
Create or update GitHub Pull Requests with the gh CLI, including deciding whether to create a new PR or only push based on existing PR merge status. Use when the user asks to open/create/edit a PR, generate a PR body/template, or says 'open a PR/create a PR/gh pr'. Defaults: base=develop, head=current branch (same-branch only; never create/switch branches).
onboard-skills
Discovers and installs agent skills into a project (or the user-global lane) with the qvr CLI, treating qvr.lock as the single source of truth. Use when a user wants to find, add, register, or install skills from a skills registry or GitHub repo with qvr — e.g. "register a skill registry", "search for a qvr skill", "qvr add this skill", "install a skill globally", or "why is my skill not loading after I dropped it into the agent's skills directory". Covers registry add, search, the one-step add github.com/org/repo/skill form, --global, and sync.
docent-pr
Render a PR-review film — a pull request reviewed the way a principal engineer would, with the load-bearing 5% surfaced, the trade-off named, and a verdict. Use when the user says "/docent-pr <repo> <pr-number>", asks to "review PR
gh-address-comments
Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.
code-mode
Add a "code mode" tool to an existing MCP server so LLMs can write small processing scripts that run against large API responses in a sandboxed runtime — only the script's compact output enters the LLM context window. Use this skill whenever someone wants to add code mode, context reduction, script execution, sandbox execution, or LLM-generated-code processing to an MCP server. Also trigger when users mention reducing token usage, shrinking API responses, running user-provided code safely, or adding a code execution tool to their MCP server — in any language (TypeScript, Python, Go, Rust, etc.).
prd-to-issues
Primary pipeline decomposition step after /write-a-prd. Use when a shaped PRD is ready to become implementation-ready slices with boundary maps and dependency order. Not for unresolved scope, appetite, or solution direction.
pre-merge
Primary pipeline review step after verified implementation. Use to create a PR with lineage and run architectural review before merge. Not for QA intake, planning, or implementation work.
github-issue-solver
Read GitHub issues, triage them, solve them using GRASP/OOAD principles, run or add tests, commit, push, open a PR linked to the issue, merge into development, and close the issue only after merge. Use when the user says /github-issue-solver, "solve issue
ae-diff-review
Use before finishing any code, docs, script, or config change. Review the diff for behavior changes, secret exposure, accidental churn, missing tests, and whether the implementation matches the user's requested outcome.
cf-ship
Verify, commit, push, and create PR. Use when the user wants to ship their work — e.g. "ship it", "push and create PR", "let's ship", "deploy this", "send it", "push my changes", "create a PR", "open a pull request", "ready to merge", "let's get this merged". Also triggers when the user is done with a feature branch and wants the full verify → commit → push → PR workflow. Supports --dry-run to preview without pushing.
akb-ingest
Ingest whatever you point at into an AKB vault — a local file, a web URL, a GitHub PR/release/commit, a Confluence page, or a Jira issue. Auto-detects the source type and dispatches to a specialized ingest subagent; the router fetches and writes nothing itself. One target per invocation; globs expand to a sequential loop of document ingests.
daf-active
Show information about the currently active conversation
daf-cli
Quick reference and safety guide for daf commands in Claude Code sessions
daf-git
GitHub/GitLab issue operations (update, link) with Markdown syntax reference and gh/glab CLI guide
daf-jira
JIRA operations (view, create, update, comment) with Wiki markup syntax reference
daf-jira-fields
JIRA field mapping rules, validation, and defaults for DevAIFlow
daf-jira-mcp
Using MCP JIRA tools with DevAIFlow validation logic and field intelligence
daf-workflow
DevAIFlow session context loader. Activates when DAF_SESSION_NAME env var is set. Reads session metadata, issue tracker tickets, and context files to understand the current task. Provides per-command workflow guidance for daf open, daf new, daf git new, daf jira new, and daf investigate.
release
Automate project release workflow with version management, CHANGELOG updates, and git operations
review-changes
Review current Android changes for correctness, lifecycle, UI, security, performance and release risks
git-and-github
Invoke for all git and gh commands, GitHub interactions. Solves git and gh access / permission denied issues.
workflow-commit-and-pr
Use when the user wants to commit staged changes or create a PR — enforces trigger-phrase discipline (preview vs commit vs ship), the [type] commit format, branch-naming check, [no ci] auto-appended on docs-only commits, draft-vs-ready PR prompt, and PR template detection. Pre-merge counterpart to workflow-cleanup-merged.
workflow-pr-review
Use when reviewing a remote GitHub PR — fetches into an ephemeral worktree, runs the reviewer agent with a Review Decision footer instruction, deduplicates findings against existing review threads (±5-line fuzzy match + Jaccard ≥ 0.4 against any author), posts new inline comments via gh-api, adds 👍 reactions on dedup matches, and submits the review with APPROVE or COMMENT. Counterpart of local-diff review (which workflow-development Phase 4 keeps using).
git-commit
Create proper git commits from repository changes using Conventional Commits headers and a high-signal commit body that explains why the change was needed and what was done. Use when the user says commit this, make a commit, create a commit, draft a commit message from current changes, or asks for a proper git commit.
ci-monitoring
On-demand CI monitoring. Runs one continuous tail-followed GitHub Actions monitor in a background task only when the user explicitly asks to monitor CI, or when a deploy/merge action requires a fresh CI result.
deploy-credentials
GitHub and Cloudflare credential reference. Env-var table (GH_TOKEN, CLOUDFLARE_API_TOKEN, CLOUDFLARE_ACCOUNT_ID), what each token enables (gh/git/wrangler operations), check-then-fallback behavior, secret-handling rules. Invoked when a turn needs gh/wrangler access and isn't sure if creds are present or wants the full operations reference.
github-cloudflare-ship
This skill should be used when the user wants to "ship this", "deploy this", "publish my code", "push to GitHub", "create a repo", "set up GitHub", "share my code", "put this online", "make this live", "get a URL for this", "host this", "I want people to see this", "deploy to Cloudflare", "how do I get this on the internet", "I want to share what I built", "make this accessible", "launch this", "push my changes", "create a repository", "set up version control", or mentions anything about getting their code online, shared, deployed, or published. This skill detects the current state of GitHub and Cloudflare configuration and only guides through what is missing. Use this skill proactively — if the user has finished building something and expresses any desire to share it, back it up, deploy it, or make it accessible, this is the right skill.
gen-ci
Generate GitHub Actions CI workflows for this repository. TRIGGER ON: 'generate CI', 'add GitHub Actions', 'create CI workflow', 'set up CI', 'add CI/CD', 'create a CI pipeline', 'generate CI/CD', 'add continuous integration', 'set up GitHub Actions', 'add a lint+test workflow', 'add governance check', 'add PR health check', 'add drift check to CI', 'set up governance gate', 'enforce governance in CI'. Generates .github/workflows/ci.yml with lint, typecheck, and test jobs, and optionally .github/workflows/governance-check.yml with drift + health-score PR gating.
gh-protect
Audit or apply GitHub branch protection, tag rulesets, repo security settings, and signing requirements based on the active profile. TRIGGER when the user says "check branch protection", "audit GitHub protection", "apply branch protection", "enforce branch protection", "set up branch protection", "configure branch rules", "check tag protection", "audit repo security", "apply GitHub settings", "enable branch protection", "protection audit", "are my branches protected", "/nyann:gh-protect". Do NOT trigger on "is this repo healthy" — that's `doctor` (which includes a protection check among many other signals). Do NOT trigger on "bootstrap this project" — bootstrap applies protection as one step of the full pipeline.
pr
Open a GitHub pull request from the current branch, with a Conventional-Commits-style title and a body summarizing the commit range. TRIGGER when the user says "open a PR", "create a pull request", "push and PR", "submit this for review", "ship this PR", "open a draft PR", "file a PR for this branch", "/nyann:pr". Do NOT trigger on "merge the PR" / "approve the PR" / "review PR #N" — those are GitHub actions outside nyann's wedge. Do NOT trigger on "rebase" / "sync with main" / "update my branch" — that's the `sync` skill. Do NOT trigger when the user is on `main` or `master` (no PR to open); if detected, tell them to create a branch first and route to `new-branch`.
wait-for-pr-checks
Poll a GitHub PR's checks until they all pass, any one fails, or a timeout is hit. Returns a structured outcome the caller can gate on. TRIGGER when the user says "wait for CI", "wait for the PR checks", "watch the PR", "is CI green yet", "babysit this PR's checks", "block until checks pass", "/nyann:wait-for-pr-checks". Do NOT trigger on "what's the PR status" (that's a one-off `gh pr view` — no polling). Do NOT trigger on "merge this PR" — that's the action AFTER waiting; consider `/nyann:ship` instead, which combines wait + merge.
overnight-multi-issue-implementation
Run an overnight autonomous workflow that takes a cluster of related GitHub issues (typically a P1 review-panel finding set) and ships them to merged PRs by morning. Use when: (1) the user wants 6-15 related issues closed in one autonomous run, (2) the issues split naturally into two PRs (e.g., hardening + features, or refactor + new-functionality), (3) the user is going to sleep and won't be available to merge PR1 between phases, (4) each issue has clear acceptance criteria so each task can be implemented + tested + reviewed independently. Specializes `superpowers:subagent-driven- development` for the "issues -> stacked PRs by morning" problem shape: stacks PR2 on PR1's branch (so PR2 doesn't wait for human PR1-merge mid- night), audits tracker IDs against main before claiming (concurrent sessions steal ids), runs final code-review subagent before proposing merge, and surfaces important findings as PR comments before squashing (so review trail survives). Sister plugin to `overnight-review-client- delivery` (
overnight-review-panel-blocked-reviewer-reads-as-clean
Overnight specialization of `code-reviewer-subagent-no-bash-blocked-on-pr-diff` (the general tool-gap mechanism). In an UNATTENDED overnight review panel, a reviewer that couldn't see the code reads as a CLEAN one — so a real bug ships by morning. The usual cause: code-review subagents (feature-dev:code-reviewer, voltagent-*, Explore) are frequently provisioned WITHOUT a Bash tool, so when prompted to "review PR #N, fetch the diff with gh pr diff" they return a BLOCKED report (no review performed), or silently review the current checkout (often `main`, which predates the PR). Use when: (1) an overnight review panel (e.g. `overnight-multi-issue-implementation` Phase C, or any `agent-review-panel` run) dispatches reviewers against GitHub PRs or branches not checked out in the working tree; (2) a reviewer returns "I have no shell/gh/git tool" or "the PR sources are not in the working tree"; (3) one reviewer in a parallel panel comes back BLOCKED while siblings succeeded. Fix: pre-generate per-base diffs to files
agent-native-architecture
Build applications where agents are first-class citizens. Use this skill when designing autonomous agents, creating MCP tools, implementing self-modifying systems, or building apps where features are outcomes achieved by agents operating in a loop.
andrew-kane-gem-writer
This skill should be used when writing Ruby gems following Andrew Kane's proven patterns and philosophy. It applies when creating new Ruby gems, refactoring existing gems, designing gem APIs, or when clean, minimal, production-ready Ruby library code is needed. Triggers on requests like "create a gem", "write a Ruby library", "design a gem API", or mentions of Andrew Kane's style.
angular-migration
Migrate from AngularJS to Angular using hybrid mode, incremental component rewriting, and dependency injection updates. Use when upgrading AngularJS applications, planning framework migrations, or modernizing legacy Angular code.
api-design-principles
Master REST and GraphQL API design principles to build intuitive, scalable, and maintainable APIs that delight developers. Use when designing new APIs, reviewing API specifications, or establishing API design standards.
architecture-patterns
Implement proven backend architecture patterns including Clean Architecture, Hexagonal Architecture, and Domain-Driven Design. Use when architecting complex backend systems or refactoring existing applications for better maintainability.
auth-implementation-patterns
Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.
backtesting-frameworks
Build robust backtesting systems for trading strategies with proper handling of look-ahead bias, survivorship bias, and transaction costs. Use when developing trading algorithms, validating strategies, or building backtesting infrastructure.
billing-automation
Build automated billing systems for recurring payments, invoicing, subscription lifecycle, and dunning management. Use when implementing subscription billing, automating invoicing, or managing recurring payment systems.
cqrs-implementation
Implement Command Query Responsibility Segregation for scalable architectures. Use when separating read and write models, optimizing query performance, or building event-sourced systems.
database-migration
Execute database migrations across ORMs and platforms with zero-downtime strategies, data transformation, and rollback procedures. Use when migrating databases, changing schemas, performing data transformations, or implementing zero-downtime deployment strategies.
debugging-strategies
Master systematic debugging techniques, profiling tools, and root cause analysis to efficiently track down bugs across any codebase or technology stack. Use when investigating bugs, performance issues, or unexpected behavior.
defi-protocol-templates
Implement DeFi protocols with production-ready templates for staking, AMMs, governance, and lending systems. Use when building decentralized finance applications or smart contract protocols.
dependency-upgrade
Manage major dependency version upgrades with compatibility analysis, staged rollout, and comprehensive testing. Use when upgrading framework versions, updating major dependencies, or managing breaking changes in libraries.
dhh-rails-style
This skill should be used when writing Ruby and Rails code in DHH's distinctive 37signals style. It applies when writing Ruby code, Rails applications, creating models, controllers, or any Ruby file. Triggers on Ruby/Rails code generation, refactoring requests, code review, or when the user mentions DHH, 37signals, Basecamp, HEY, or Campfire style. Embodies REST purity, fat models, thin controllers, Current attributes, Hotwire patterns, and the "clarity over cleverness" philosophy.
dotnet-backend-patterns
Master C#/.NET backend development patterns for building robust APIs, MCP servers, and enterprise applications. Covers async/await, dependency injection, Entity Framework Core, Dapper, configuration, caching, and testing with xUnit. Use when developing .NET backends, reviewing C# code, or designing API architectures.
dspy-ruby
Build type-safe LLM applications with DSPy.rb — Ruby's programmatic prompt framework with signatures, modules, agents, and optimization. Use when implementing predictable AI features, creating LLM signatures and modules, configuring language model providers, building agent systems with tools, optimizing prompts, or testing LLM-powered functionality in Ruby applications.
embedding-strategies
Select and optimize embedding models for semantic search and RAG applications. Use when choosing embedding models, implementing chunking strategies, or optimizing embedding quality for specific domains.
error-handling-patterns
Master error handling patterns across languages including exceptions, Result types, error propagation, and graceful degradation to build resilient applications. Use when implementing error handling, designing APIs, or improving application reliability.
event-store-design
Design and implement event stores for event-sourced systems. Use when building event sourcing infrastructure, choosing event store technologies, or implementing event persistence patterns.
fastapi-templates
Create production-ready FastAPI projects with async patterns, dependency injection, and comprehensive error handling. Use when building new FastAPI applications or setting up backend API projects.
gemini-imagegen
This skill should be used when generating and editing images using the Gemini API (Nano Banana Pro). It applies when creating images from text prompts, editing existing images, applying style transfers, generating logos with text, creating stickers, product mockups, or any image generation/manipulation task. Supports text-to-image, image editing, multi-turn refinement, and composition from multiple reference images.
hybrid-search-implementation
Combine vector and keyword search for improved retrieval. Use when implementing RAG systems, building search engines, or when neither approach alone provides sufficient recall.
langchain-architecture
Design LLM applications using LangChain 1.x and LangGraph for agents, memory, and tool integration. Use when building LangChain applications, implementing AI agents, or creating complex LLM workflows.
llm-evaluation
Implement comprehensive evaluation strategies for LLM applications using automated metrics, human feedback, and benchmarking. Use when testing LLM performance, measuring AI application quality, or establishing evaluation frameworks.
microservices-patterns
Design microservices architectures with service boundaries, event-driven communication, and resilience patterns. Use when building distributed systems, decomposing monoliths, or implementing microservices.
ml-pipeline-workflow
Build end-to-end MLOps pipelines from data preparation through model training, validation, and production deployment. Use when creating ML pipelines, implementing MLOps practices, or automating model training and deployment workflows.
nft-standards
Implement NFT standards (ERC-721, ERC-1155) with proper metadata handling, minting strategies, and marketplace integration. Use when creating NFT contracts, building NFT marketplaces, or implementing digital asset systems.
nodejs-backend-patterns
Build production-ready Node.js backend services with Express/Fastify, implementing middleware patterns, error handling, authentication, database integration, and API design best practices. Use when creating Node.js servers, REST APIs, GraphQL backends, or microservices architectures.
nx-workspace-patterns
Configure and optimize Nx monorepo workspaces. Use when setting up Nx, configuring project boundaries, optimizing build caching, or implementing affected commands.
openapi-spec-generation
Generate and maintain OpenAPI 3.1 specifications from code, design-first specs, and validation patterns. Use when creating API documentation, generating SDKs, or ensuring API contract compliance.
projection-patterns
Build read models and projections from event streams. Use when implementing CQRS read sides, building materialized views, or optimizing query performance in event-sourced systems.
prompt-engineering-patterns
Master advanced prompt engineering techniques to maximize LLM performance, reliability, and controllability in production. Use when optimizing prompts, improving LLM outputs, or designing production prompt templates.
rag-implementation
Build Retrieval-Augmented Generation (RAG) systems for LLM applications with vector databases and semantic search. Use when implementing knowledge-grounded AI, building document Q&A systems, or integrating LLMs with external knowledge bases.
react-modernization
Upgrade React applications to latest versions, migrate from class components to hooks, and adopt concurrent features. Use when modernizing React codebases, migrating to React Hooks, or upgrading to latest React versions.
saga-orchestration
Implement saga patterns for distributed transactions and cross-aggregate workflows. Use when coordinating multi-step business processes, handling compensating transactions, or managing long-running workflows.
similarity-search-patterns
Implement efficient similarity search with vector databases. Use when building semantic search, implementing nearest neighbor queries, or optimizing retrieval performance.
solidity-security
Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.
temporal-python-testing
Test Temporal workflows with pytest, time-skipping, and mocking strategies. Covers unit testing, integration testing, replay testing, and local development setup. Use when implementing Temporal workflow tests or debugging test failures.
turborepo-caching
Configure Turborepo for efficient monorepo builds with local and remote caching. Use when setting up Turborepo, optimizing build pipelines, or implementing distributed caching.
vector-index-tuning
Optimize vector index performance for latency, recall, and memory. Use when tuning HNSW parameters, selecting quantization strategies, or scaling vector search infrastructure.
web3-testing
Test smart contracts comprehensively using Hardhat and Foundry with unit tests, integration tests, and mainnet forking. Use when testing Solidity contracts, setting up blockchain test suites, or validating DeFi protocols.
workflow-orchestration-patterns
Design durable workflows with Temporal for distributed systems. Covers workflow vs activity separation, saga patterns, state management, and determinism constraints. Use when building long-running processes, distributed transactions, or microservice orchestration.
create-pr
Pull request workflow for coding agents—branch selection, GitHub CLI (gh pr create), tests before PR, confirmation flow, conventional titles, reviewer-first bodies. Use when opening a PR, drafting a GitHub description, or when the user asks in natural language what used to be the create-pr command (e.g. skip checks, yes without prompt, branch A to B).
ccem-release
Publish a new ccem release, commit generated release files, or trigger the ccem GitHub Actions release flow for CLI and Desktop.
tendril-release
Updates the used Ivy NuGet packages to the latest stable versions in a branch from development, builds/verifies, merges into development, creates a PR into main, merges it, merges main back to development, and triggers the GitHub Actions release workflow.
generate-cicd-workflow
為 Bukkit/Paper 插件 Maven 專案產生 GitHub Actions CI/CD workflow,包含 build、test、release 三個 job,支援自動版本打標籤、上傳 JAR 至 Release。當使用者說「幫我建立 CI/CD」、「GitHub Actions workflow」、「自動化部署插件」、「自動發布 JAR」時自動應用。
docker-expert
You are an advanced Docker containerization expert with comprehensive, practical knowledge of container optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies based on current industry best practices.
azure-publish-changes
Publish local changes for an Azure DevOps-hosted Symphony lane: confirm scope, stage intended files, commit, push, and create or update an Azure DevOps pull request.
devpilot-issue-triage
Use when the user wants to triage, classify, sort, or sweep open GitHub issues to decide what's worth working on — "triage these issues", "整理 backlog", "哪些可以马上修", "/triage", "sort the open issues". Sits between devpilot-scanning-repos (which files issues) and devpilot-resolve-issues (which fixes them). Read-only against GitHub — drafts comments and labels into a local report but never posts. Do NOT use for filing new issues, executing fixes, or reviewing a single PR.
devpilot-pr-creator
Use when the user wants to create or update a pull request or merge request, open a PR/MR, push changes for review, update a PR description, or mark a draft as ready. Triggers on: "create pr", "open pull request", "make a pr", "submit mr", "merge request", "push for review", "ready for review", "/pr", "open mr", "ship it", "send for review", "update the pr", "update the description", "mark as ready".
ci-workflow-doctor
Lint GitHub Actions workflows for deploy-breaking and security mistakes. Use whenever the user writes or edits a workflow file, mentions GitHub Actions, sets up CI/CD, complains that deploys land out of order, or before the first automated deploy of a project. Also run it during any security review of a repo. Runs fully offline — no API keys, no network, no credentials.
deploy-log-doctor
Diagnose failed build and deploy logs from Vercel, Netlify, Cloudflare Pages, or GitHub Actions. Use this whenever the user pastes a build log, says a deploy failed, mentions 'build error', 'deployment failed', 'works locally but not in production', or shows any CI output containing an error — even if they don't ask for a diagnosis explicitly. Runs fully offline — no API keys, no network, no credentials.
ci-workflow-doctor
Lint GitHub Actions workflows for deploy-breaking and security mistakes. Use whenever the user writes or edits a workflow file, mentions GitHub Actions, sets up CI/CD, complains that deploys land out of order, or before the first automated deploy of a project. Also run it during any security review of a repo. Runs fully offline — no API keys, no network, no credentials.
deploy-log-doctor
Diagnose failed build and deploy logs from Vercel, Netlify, Cloudflare Pages, or GitHub Actions. Use this whenever the user pastes a build log, says a deploy failed, mentions 'build error', 'deployment failed', 'works locally but not in production', or shows any CI output containing an error — even if they don't ask for a diagnosis explicitly. Runs fully offline — no API keys, no network, no credentials.
vb6-guidelines
Applies general Visual Basic 6 conventions when editing .bas, .cls, .frm, .frx, .vbp, .vbg, .ctl, or .dob files, or any code identified as VB6 (not VB.NET, not VBA). Covers case-preservation in existing code (VB6 is case-insensitive but diff tools are not), Option Explicit requirement, Hungarian notation with scope prefix plus type prefix (mstr/mint/mcur for module-level in .bas; m_str/m_int/m_cur for module-level in .cls; gstr/gint for global; str/int/cur for parameters and locals), file header blocks for .cls modules with 80-hyphen delimiters, comment-per-field convention, Property Get/Let/Set patterns without public fields, ByVal/ByRef explicit declarations, Long over Integer for performance and overflow safety, preservation of Windows-1252 encoding and CRLF line endings, and never editing .frx files manually due to binary offset corruption. Activates for any Visual Basic 6 development task, code review, refactoring, or new file creation in a VB6 project.
doc-drift
Surface drift between the pending diff and the repo's orientation docs --- AGENTS.md (or legacy CLAUDE.md), README.md, and the GitHub repository description --- before `spinclass merge-this-session`. Use when the user asks "are the docs still accurate?", "did this change the README?", "check for doc drift", or right before a merge.
loose-ends
Surface deferred work, in-diff TODOs, and adjacent-improvement candidates before `spinclass merge-this-session`. Use when the user asks "any loose ends?", "any followups?", "anything left?", or right before a merge.
pr-body-formatter
Generate a complete GitHub PR body with Summary, Changes, How tested, Test plan, and issue link from a branch diff plus issue reference, and never ship a placeholder body. Use for pr body template, format pr description, write a PR description, or API/CLI PR creation.
pr-body-formatter
Generate a complete GitHub PR body with Summary, Changes, How tested, Test plan, and issue link from a branch diff plus issue reference, and never ship a placeholder body. Use for pr body template, format pr description, write a PR description, or API/CLI PR creation.
azure-integrations
Azure deployment for web apps — Static Web Apps, App Service, Blob Storage, Bicep/ARM, GitHub Actions CI/CD. Use when deploying Next.js/Vite to Azure or configuring Azure resources for full-stack apps.
code-quality
two-stage review (spec compliance first, then code quality), refactoring, and quality improvement. Use when reviewing code, eliminating code smells, reducing technical debt, refactoring methods, running self-critique loops, or improving maintainability and readability.
development-workflow
Spec-driven development lifecycle — EARS requirements, technical design docs, implementation tracking, and contribution guidelines. Use when planning features, defining requirements, or managing project lifecycle.
devops-tooling
Git operations, shell scripting, CI/CD pipelines, and terminal automation. Use for conventional commits, PowerShell/Bash scripting, configuring GitHub Actions, or automating development tooling workflows.
finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup.
gh-fix-ci
Use when a user asks to debug or fix failing GitHub PR checks that run in GitHub Actions; use `gh` to inspect checks and logs, summarize failure context, draft a fix plan, and implement only after explicit approval. Treat external providers (for example Buildkite) as out of scope and report only the details URL.
prd-taskmaster
PRD generator that creates comprehensive requirements, publishes as a GitHub issue, and triggers /agent-os:shape-spec for orchestrated execution. No deferred scope — every requirement is a must-deliver. Use when user requests "PRD", "product requirements", or wants to plan a feature for implementation.
prepr
Pre-PR Rust quality gate. Run this before opening or updating a pull request on a Rust crate to surface dead code, unused dependencies, code bloat, unsafe, panics/unwraps, security advisories, and clippy/quality issues — scoped to the PR diff and triaged by severity with a clear go/no-go verdict. Invoke when the user says "prepr", "pre-PR check", "vet my Rust changes", or asks to clean up a Rust branch before a PR.
plan-archive
Archive completed plan-mode files in ~/.claude/plans/ by linking them to their merged PR. Use when plans accumulate and you want the list to show only active work.
fr-dispatch
Queue a plan's phases to a runner (`fr apply --to <runner>`) and reconcile its GitHub Issues. Use when: "dispatch this plan", "send to VK", "create issues from plan", "sync plan to GitHub".
project-inception
Use when starting a new project from an idea that is still unclear or not yet specified. Guides a conversational discovery process before architecture, planning, GitHub issues, or code.
ci-cd-and-automation
Automates CI/CD pipeline setup. Use when setting up or modifying build and deployment pipelines. Use when you need to automate quality gates, configure test runners in CI, or establish deployment strategies.
cicd-generation
Use when creating GitHub Actions workflows, adding CI/CD to a project, or reviewing pipeline security. Produces fail-fast, security-hardened workflows with OIDC auth and SHA-pinned actions. Triggers on 'add CI', 'create workflow', 'github actions'.
deploy
通过 SSH 密钥将 ship 项目部署到目标服务器。SSH 登录用户固定为 deploy。 首次部署一键完成:服务器配置 + GitHub 私有仓库 + CI/CD + 自动推送。 后续只需 git push,GitHub Actions 自动构建并部署。 当用户说"部署"、"deploy"、"发布"、"上线",或 ship workflow Stage 10 时使用。
non-consensus-research
Use this skill when the user wants to set up an automated multi-agent research pipeline that hunts genuinely non-consensus findings in any topic domain (e.g. AI hardware, biotech, climate, supply chain, geopolitics). The skill builds a self-running system that re-executes every N hours, performs sector-by-sector deep research, runs cross-sector permutation analysis to surface mispriced findings, and uses an independent verification agent to ruthlessly purge anything the market already prices in. Outputs a public GitHub repo plus a mobile-first reader. Use when the user says "build me a research pipeline", "find non-consensus alpha in <topic>", "automated market research", "permutation analysis across sectors", "scheduled research agent", or "verification-gated synthesis".
iw-oss-publish
Verifies a private Innovation Ways repository for safe public OSS release. Runs secrets/history/license/community compliance checks and auto-generates missing files (LICENSE, README, CoC v3, CONTRIBUTING with DCO, SECURITY, NOTICE, THIRD_PARTY_LICENSES, gitleaks config, pre-commit config, GitHub Actions workflows). Use when auditing an already-public repo for compliance drift, running a compliance scan, or when user says "OSS compliance check", "run OSS scan", "/iw-oss-publish".
daf-config
View current configuration (read-only)
verify
Run the project's CI gate locally — ruff lint, ruff format check, mypy, and fast pytest (excluding slow/download markers). Use before opening a PR or marking work done.
goal
Use to drive every open issue in a GitHub milestone to a pull request with the kagura-engineer harness — shells out to `kagura-engineer goal <milestone>`, running each issue through the run loop. HARNESS — high cost; it mutates the repo and creates multiple PRs. Confirm with the user before launching.
run
Use to drive a single GitHub issue to a pull request with the kagura-engineer harness — shells out to `kagura-engineer run <issue>` (guard → recall → worktree → start → implement → ship → persist). HARNESS — this mutates the repo, creates a PR, and spends model budget; confirm with the user before launching.
steno
Human-facing terse-prose register for non-author reviewers. Triggers: write/edit human-facing terse prose for review; user says "steno", "shorthand", "tighten this", "make this shorter".
github
How to access GitHub. Avoid direct URL fetches; prefer GitHub MCP tools or the `gh` CLI subcommands. Use when fetching GitHub information or operating on issues, pull requests, or workflows.
parallel-issue-fix
多 Issue 并行修复 - 使用 Git Worktree 和双智能体协同模式完成问题全流程闭环修复(含循环迭代和标准评审流程)
to-issues
Slice a PRD's requirements into independently-grabbable issues on the configured backend - sphinx-needs issue directives or GitHub issues with two-way traceability links. Use when the user wants to break a PRD/feature/plan into issues, create implementation tickets, or says "turn this into issues" / "create the tickets".
security-review
Conducts a security review of a pull request. Mandatory STRIDE coverage. Analyzes vulnerabilities, injection risks, auth issues, dependencies, and other weaknesses. Use this Skill with a PR number or file paths.
simplify
Simplifies code in a pull request. Reduces complexity, improves readability, and removes unnecessary abstractions. Use this Skill with a PR number or file paths.
check-update
Owner-only — checks upstream versions of maxvision plus the 3 upstream sources (maxvision, upstream, maxvision). Gated by gh CLI auth.
pr
Lightweight GitHub PR shipping workflow that creates a new PR or updates an existing OPEN PR with a clear title/body, never reuses merged/closed PRs, and immediately triggers my-calendar's PR review/calendar pipeline. Use when the user says "/pr", "create a PR", "open a PR", "light ship", "走 my-calendar 检查", "发个 PR 让日历 review", "别跑完整 ship", or otherwise wants a quick PR handoff instead of the full release /ship flow.
typescript-narrows
Provides a single, well-reasoned TypeScript opinion for every common decision point. Eliminates the "multiple ways to do it" problem when writing, refactoring, or reviewing TypeScript code. Use when generating TypeScript, performing TypeScript code review, or deciding between multiple valid TypeScript patterns.
port-dashboard
⚠️ **已过期**(2026-05-23):原依赖 `openspec/followups.md` 按 capability 切章节,已迁移到 GitHub Issues + `openspec/TS_BASELINE_DEVIATIONS.md` + `openspec/README.md::路线图`,本 skill 不再有承载场景。看进度用 `gh issue list` / `gh issue list --milestone vX.Y`;TS 偏差预警直接 Read `openspec/TS_BASELINE_DEVIATIONS.md`。仅显式 `/port-dashboard` 时才调用。
gsc-weekly-audit
Run a comprehensive Google Search Console audit covering Sitemap status, URL Inspection, Search Analytics, canonical mismatch detection, CTR diagnosis, and 0-impression page detection. Battle-tested on miyakodeit.com and netsujo.jp with weekly GitHub Actions cron. Use when user says "GSC audit", "Search Console weekly check", "indexing audit", "canonical mismatch", "CTR low pages", or wants automated site health monitoring.
org-pull-request
ワーカー完了報告に対するユーザー承認後の push / PR 作成 / CI 監視 / レビュー指摘ループ / PR マージ後の最終クローズを窓口が実行する。発動条件: (1) ワーカーから完了報告を受領しユーザーが「OK」「進めて」等の明示的承認を出した直後、 (2) GitHub PR にレビュー指摘 / CI 失敗が来てワーカーへ修正指示を送り直すとき、 (3) PR がマージされ最終クローズ条件を満たしたとき。 単に「ワーカーに作業を依頼する」初動は org-delegate であり本スキルではない。
pr-quiz
Use when reviewing a Sessions Chronicle PR or local diff and the user wants an interactive A/B quiz focused on architecture, data safety, and Rust/Relm4 trade-offs.
github-pr-digest
Summarize your open GitHub pull requests into a single morning digest — grouped by repo, flagged by staleness and review state. Use when asked for "/github-pr-digest", "my PR digest", "what PRs are waiting on me", or "open PR summary".
pre-pr-review
Review the current branch before creating a pull request. Use this skill whenever the user says 'review my changes', 'review this branch', 'pre-PR review', 'check before I merge', 'is this ready to merge', 'review before PR', or 'code review'. Also triggers on 'check my work' or 'anything I missed?' when there are uncommitted or branch-level changes. This skill is for changes made OUTSIDE the /pipeline — the pipeline has its own Stage 5 peer review. Use this after direct edits, implement skill work, or /hotfix runs.
do-merge
Use when merging a pull request that has cleared the SDLC pipeline. Runs the deterministic verify-then-merge gate — confirms the PR is OPEN, mergeable, CI-green, REVIEW-approved, and links its tracking issue — then authorizes and squash-merges. Triggered by 'merge this PR', 'do-merge', or automatically by /sdlc at the MERGE stage.
gh-issue-workflow
Treats GitHub Issues as the async backlog + decision channel between user and AI agent. Use when a non-blocking todo / bug / decision needs to persist beyond the chat session. Enforces 5-section body template (Background / Given / Decision / AC / Next) so issues become reusable agent context, not just sticky notes.
bosskuai-github-workflow
Use this for GitHub workflow operations across issues, pull requests, Actions, releases, Dependabot, repository settings, and GitHub MCP-assisted project coordination.
atmos-cli-release
Run the standalone Atmos CLI release workflow for this repository. Use this whenever you need to cut an Atmos CLI release, verify `apps/cli/Cargo.toml`, create or dispatch the required `cli-v<version>` GitHub Release, and publish CLI archives. Prefer this over local runtime or generic GitHub release flows for CLI releases.
atmos-desktop-release
Run the Atmos desktop release workflow for this repository. Use this whenever you need to cut an Atmos desktop release, bump the desktop version, create the required `desktop-v<version>` tag, push the release-prep commit, and verify the GitHub Actions + Homebrew tap flow. Prefer this over a generic GitHub release process for Atmos desktop releases.
atmos-local-web-release
Run the Atmos local web runtime release workflow for this repository. Use this whenever you need to cut an Atmos local web runtime release, verify the local web runtime installer version, create the required `local-web-runtime-v<version>` tag, publish the runtime archives, and publish the `@atmos/local-web-runtime` installer package. Prefer this over a generic GitHub release process for Atmos local web runtime releases.
github-workflow-security-patterns
Canonical security patterns for GitHub Actions workflows
pr-standards
Use when creating PRs, linking issues, managing PR comments, or creating GitHub issues
rebase-pr
Local rebase-merge workflow for pull requests with signed commits
skills-registry
Use when looking up available tools, skills, commands, agents, or plugins
mission-control-diff-impact
Analyze the impact of current changes or a pull request through Mission Control. Use for ripple effects, affected tests, ownership, risk, and review focus.
gh-gemini-review-loop
Use after a GitHub PR is opened, or when the user asks to handle gemini-code-assist review feedback, run the Gemini review loop, fix Gemini comments, or re-request Gemini review. Waits, fixes, pushes, re-asks. Capped by user preference, default 3 cycles.
checkup
Health check — verify dev-core config, GitHub project, labels, workflows, branch protection. Triggers: "checkup" | "health check" | "check setup" | "verify config".
pr-review
Automated PR review and code quality analysis skill. Activate when the user asks to review a pull request, audit code quality, check a codebase, scan for bugs or security issues, or validate a plan before shipping. Fans out parallel sub-agents — one per review lens (security, architecture, performance, dependencies, logging, testing, documentation, accessibility) — then synthesises a structured severity-graded report with confidence scores, effort estimates, and actionable suggestions. Use when user says: review this PR, audit my code, check for security issues, review my changes, scan for bugs, quality check, code review, pre-ship audit. First response: "PR Review skill active. Paste the diff, file paths, or describe what to review. I'll run every lens in parallel and give you a structured report."
building-tauri-with-github-actions
Set up Tauri CI/CD with GitHub Actions and tauri-action for cross-platform desktop builds. USE WHEN automating Tauri build, test, or release across Windows/macOS/Linux, configuring workflow triggers, or publishing signed releases.
finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
docs
Use when all documentation needs updating for a branch — internal docs, external docs, and release notes — in a single pass before pushing or merging.
docs-bootstrap-external
Use when setting up external documentation for the first time, performing a comprehensive documentation refresh, or when large portions of internal docs need corresponding external docs created.
docs-bootstrap-internal
Use when setting up internal documentation for the first time, when the docs directory is empty or poorly organized, or when a codebase has no structured developer documentation yet.
docs-release-notes
Use when a PR has customer-visible changes (new features, bug fixes, UI changes) that need a release note entry, or when finalizing a branch before merge.
docs-sync-external
Use when internal documentation has been updated and external customer-facing docs need to be aligned, or when checking for outdated, missing, or confidential content in external docs.
docs-sync-internal
Use when code changes on the current branch need corresponding internal documentation updates, or when reviewing a branch before pushing to ensure docs are aligned with code.
retrospective
Stage A of /devflow:retrospective-weekly: analyze one non-clean PR from its pre-fetched context bundle and return a retrospective entry as JSON. Invoked as a subagent — do not call it directly.
retrospective-audit
Stage B of /devflow:retrospective-weekly: given the bundled context of every occurrence PR for one recurring pattern, re-derive the root cause, make the intervention edits in the working tree, and return the touched paths + PR title + PR body as JSON. Invoked as a subagent on a branch the orchestrator already created.
retrospective-weekly
Run the weekly devflow self-improvement loop locally: scan freshly-merged watched-author PRs, write per-PR retrospective entries (LLM only for PRs that fail the mechanical clean-gate), derive recurring patterns, and open one human-reviewed intervention PR per actionable pattern. Use when running the weekly devflow retrospective + audit.
research
Research a topic using autonomous web search and AI synthesis. Use when you need external information, documentation lookup, or to validate technical approaches.
ai-jury
Convene a cross-vendor multi-agent review jury on a diff, PR, or issue and produce one report — Claude Code, Codex, Antigravity, and/or a free local/open-weight model each review independently, cross-examine each other, verify, and reach one verdict — a chair's synthesis or a panel vote. Handles the whole flow end to end (scaffold config if needed → review → report → summarize). Use when the user wants a multi-model review of a pull request, a diff, an issue, or the current branch, or says "review jury", "convene the jury", or "cross-model review".
ux-antipatterns
Use when reviewing, building, or refactoring frontend UI — components, pages, forms, or interactive flows. Triggers on code review, pull requests, and new feature implementation involving user-facing interfaces.
wayd
WAYD (What Are You Doing?) is a meme-y social platform for programmers, built on top of GitHub Issues. Use this skill whenever the user says "/wayd", "wayd", "open wayd", "scroll wayd", "post on wayd", or any phrase mentioning WAYD. Also trigger when the user wants to take a scroll break while their agent works, see what other developers are up to, share a coding frustration, post a hot take, vent about cursed code they're dealing with, brag about a shipped feature, or decompress for a minute without leaving the console. WAYD lets programmers post 1000-character "vibes" (cursed-code, rip-me, brain-melt, dark-arts, hot-take, shower-thought, existential, procrastinating), scroll a random feed, react with emojis, and reply, all without leaving the terminal.
compare-branches
Compare script outputs between two git branches. Uses worktrees to run scripts on both branches and checksums to detect differences.
daf-info
Show detailed information about the current session
daf-list-conversations
List all conversations in the current multi-project session
daf-read-conversation
Read the conversation history from another repository in this multi-project session
daf-workspace
List configured workspaces for multi-branch development
code-review-skill
Review code for quality issues, bugs, and adherence to best practices
code-reviewer
Perform thorough code reviews with actionable, prioritized feedback. Use when a user asks to review code, check code quality, find bugs, review a pull request, audit code for issues, or get feedback on implementation. Covers correctness, security, performance, readability, and best practices across languages.
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
acmm-audit
Audit this repo against the AI Codebase Maturity Model (ACMM) — canonical 6-level rubric with 100+ criteria from 4 source frameworks (ACMM, Fullsend, AEF, Reflect). Writes a report to .claude/acmm/, files GitHub issues for the next-level gaps, and rewrites the README badge. Invoke with /acmm-audit [--apply] [--badge] [--trend].
ci-monitor
Check GitHub CI status on main branch and open PRs. Fix simple failures directly via mbe agent run, create issues for complex ones. Monitors agent-created PRs for failing checks. Invoke with /ci-monitor.
decompose
Break a feature into ordered, agent-sized GitHub issues that the ship-loop can work through sequentially. Takes a feature description, analyzes the codebase, creates a dependency chain of issues. Invoke with /decompose.
learning-loop
Sensor-driven continuous improvement loop. Collects metrics from all sensors, detects regressions, creates issues, verifies past fixes, and self-tunes thresholds. Invoke with /learning-loop.
local-ci-precheck
Run the same lint + typecheck + architecture-audit checks CI runs, locally and in parallel. Catches workspace-package issues (missing deps, prop drift, lint rule violations) before pushing — the failures CI would surface in 5 minutes show up in 30 seconds. Use before opening or pushing to a PR.
site-audit
Audit mattbutlerengineering.com with three modes: smoke (per-commit regression check), sweep (weekly zone rotation), scout (monthly improvement suggestions). Uses inventory tracking, parallel dispatch, and Lighthouse/Playwright. Invoke with /site-audit [smoke|sweep|scout].
github-readme
Generate polished GitHub README.md files for Mick's repositories in his established voice and structure. Always trigger immediately when the user's message starts with "readme" or "gr". Also trigger on "write a readme", "generate readme", "readme for this repo", "document this repo", or any request to create or rewrite a GitHub README. Produces a complete, repo-specific README with the right sections for the project instead of a generic template.
github-repo-architect
Convert a repository idea into a complete GitHub repository architecture. Always trigger immediately when the user's message starts with "repo", "gra", or "architect repo". Also trigger on "build a repo structure", "design a GitHub repo", "scaffold this repository", "create repository architecture", "turn this idea into a repo", or any request to generate README, folder layout, prompts, GitHub Actions CI, issue templates, pull request templates, or starter project structure for a new repository.
ci-cd-and-automation
Automates CI/CD pipeline setup. Use when setting up or modifying build and deployment pipelines. Use when you need to automate quality gates, configure test runners in CI, or establish deployment strategies.
pr-workflow
Pull request creation template. Steps for analyzing the full commit history, drafting summary/body, REQ backlinks (when sdd/ exists), and using -u for new branches. Invoked when the user asks the agent to open a PR.
speckit-git-remote
Detect Git remote URL for GitHub integration
finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
pullrequest
vibe-editor で PR を作成し、vibe-editor-reviewer (GitHub bot) からの自動レビュー → 指摘修正 → 再レビューのループを bot による自動 merge まで完走させる一連のワークフロー。ユーザーが「PR を作成」「プルリクエスト作成」「PR 出して」「pull request」「PR お願い」等を言ったとき、または既存 PR のレビューサイクルを回したいとき (「レビュー待つ」「指摘修正してまた送って」等) に必ずこの skill を使うこと。単純な `gh pr create` 一発で終わらせず、レビューが完了して merge されるまで責任を持って見届ける workflow。
vibe-issue-planner
vibe-teamで全オープンIssueを並列分析し、Codex調査を経て実装計画をIssueコメントに自動投稿する。 vibe-editor Canvas版。issue-planner の vibe-team MCP 翻訳。 トリガー: "vibe-issue-planner", "vibeで計画", "canvasで計画"
aria-report
向 Aria 维护团队报告 Bug 或提交功能建议。自动收集环境信息, 自动路由到 Forgejo(内部用户)或 GitHub(外部用户)。 使用场景:"报告 bug"、"report an issue"、"提交功能建议"、 "aria 有个问题想反馈"、"feature request"、"提 issue"、 "反馈问题"、"report bug to aria"
phase-c-integrator
十步循环 Phase C - 集成阶段执行器,编排 C.1-C.2 步骤。 使用场景:"执行集成阶段"、"Phase C"、"提交代码并创建 PR"
environment
Development environment setup, tool locations, and dependency installation for the flight-path Go project. Use when setting up the project, installing tools, troubleshooting PATH issues, or asking about Go/Node versions. Do NOT use for runtime troubleshooting, workflow guidance, or CI pipeline questions.
workflows
Project-specific development workflows for the flight-path Go project: adding endpoints, benchmarking, releasing, Docker builds, and CI pipelines. Use when following a development process, preparing a release, running CI locally, or understanding the build pipeline. Do NOT use for environment setup, troubleshooting errors, or debugging specific failures.
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
codeql-permission-classification
Permission requirements for GitHub Actions
compound-code-review
Load when a workflow-router-selected owner workflow needs Compound Engineering-inspired code review for deep pre-PR, CE-style, or multi-perspective review with structured findings, lenses, confidence, and fix routing; skip ordinary verification.
xcloud-docker-deploy
Deploy any project to xCloud hosting — auto-detects stack (WordPress, Laravel, PHP, Node.js, Next.js, NestJS, Python, Go, Rust), routes to native or Docker deployment, generates production-ready Dockerfile, docker-compose.yml, GitHub Actions CI/CD, and .env.example. Works from zero Docker setup.
cicd-fix-deploy
CI/CD specialist for TypeScript DDD projects on GitHub Actions. Use this skill whenever: a GitHub Actions workflow is failing or missing; `tsc` reports type errors in CI; Vitest tests are red in the pipeline; the user wants to verify the project is ready to deploy or merge; or any combination of "CI is broken", "types are failing", "tests won't pass", "fix the pipeline", "deploy ready", "prepare for production", "make CI green". Covers scaffolding missing workflow files, diagnosing and fixing TypeScript errors, diagnosing and fixing Vitest failures, and running a pre-deploy readiness gate. Always invoke before touching any .yml, tsconfig, or test file in a CI context.
ts-ddd-ci-design
Design and implement CI/CD pipelines for a TypeScript DDD clean architecture project — GitHub Actions, GitLab CI, Docker builds, environment promotion, and secrets management. Trigger when the user says "set up CI", "add a pipeline", "automate tests", "write a GitHub Actions workflow", "configure deployment", "add Docker support", "set up CD", "automate the build", or when the project needs automated quality gates before merge. Also trigger when the user asks about environment promotion (dev → staging → prod) or secrets management strategy.
ci-pipeline
GitHub Actions / GitLab CI 分阶段构建、缓存优化
conventional-commits
Conventional Commit format rules (type, scope, description, breaking change marker) with Incorrect → Correct examples. Use this skill when writing a commit message, reviewing a PR's commits, designing a CHANGELOG-from-git workflow, or configuring a commit linter.
git-github
Git workflow and GitHub collaboration patterns including conventional commits, branch naming, PR workflow, and gh CLI usage. Use when creating commits, branches, or pull requests. TRIGGER when: git commit, branch, PR, pull request, merge, gh cli. DO NOT TRIGGER when: code implementation, testing, documentation without git operations.
research-patterns
4-phase research methodology: codebase recon, targeted web search, deep source analysis, and evidence synthesis. Use when investigating patterns, evaluating libraries, or analyzing best practices. TRIGGER when: research, investigate, evaluate options, compare libraries. DO NOT TRIGGER when: implementation tasks, bug fixes, routine code changes.
tool-permission-audit
Use when auditing AI-agent tool permissions, command policies, connector access, GitHub actions, file-system scopes, or automation rules for risk, approval gates, and least-privilege controls.
architect
Comprehensive implementation planning with vertical slices. Use when asked to 'act as an Architect', 'plan this', 'create an implementation plan', 'slice this into tasks', or when a task needs decomposition before execution.
atomic-commits
Atomic commits on a feature branch with conventional messages — Commit mode for checkpoints, Ship mode for PR. Use when committing, checkpointing, shipping, pushing, or creating a PR.
npm-security-audit
Layered security audit on npm/pnpm/yarn projects before installing or running. Use to vet a GitHub repo, npm package, or local project before npm install/start/npx.
prd-to-issues
Break a PRD into independently grabbable GitHub issues with dependency relationships. Use when asked to 'break this PRD into issues', 'create issues from PRD', 'plan the work', 'create a kanban', or after writing a PRD to prepare work for execution.
review-pr-copilot
Address GitHub Copilot review comments on the active PR by triaging into confidence tiers, fixing in atomic commits, resolving threads, and re-requesting review.
session-debugger
Investigate Claude Code and Codex CLI session transcripts from shipper runs. Use for: "investigate session", "debug shipper run", "what went wrong", "transcript", "remediation agent", "session failure", "why did the agent fail", "check session logs", "find agent sessions for issue".
pull-request
Use when drafting, revising, or reviewing GitHub pull request bodies, pull request comments, review guides, reviewer asks, review focus sections, merge-readiness notes, or follow-up issue guidance. Handles pull request operating logic: traceable summaries, reviewer address, review posture, external context, diagrams, verification evidence, changed-file links, and standalone review guides for complex or high-risk changes. Pair with content-styleguide for deeper prose quality.
visual-styleguide
Use when producing or revising designed communication surfaces for the organization: reading-first HTML/PDF pages, executive guides, briefing pages, presentation support pages, visual docs, landing pages, and other rendered prose surfaces where layout, type, color, and link styling affect the result. Load `references/yolando-design-system.md` for Yolando-branded surfaces. Pair with `content-styleguide` when the work also needs voice, structure, tone, or AI-writing artifact cleanup.
qa
Side-route skill and single entry point for bug conversations. Use when the user is reporting observed failures and wants durable GitHub issues filed in project language. Delegates per-issue to /triage-issue for bugs that need root-cause diagnosis, then returns to the loop. Not for already-scoped implementation work (use /execute).
setup-ralph-loop
Infrastructure skill for setting up Ralph loop scripts for Claude-driven AFK execution. Use when a repo wants a HITL-to-AFK runner around /execute with bounded iterations, GitHub-native durable state, and explicit feedback loops. Not a normal feature-delivery stage; it prepares the repo for safer autonomous execution.
github-workflow
Flujo de trabajo con GitHub para implementar cambios de forma segura en un proyecto.
git-workflow
Git workflow rules for Renfield. Commit message format, issue numbering, branch naming, PR creation, documentation updates before push. Triggers on "commit", "push", "PR erstellen", "pull request", "branch", "git", "merge".
update-docs
Keep project documentation current by researching latest patterns, fetching sources, and updating docs with findings
commit-unstaged
Checks unstaged changes into Git as a sequence of commits with high quality commit messages. Use this whenever the user asks you to commit changes.
setup-pm
Configures the project management tool by guiding selection from supported options, applying the implementation guide, updating way-of-working adoption, and recording the decision via /record-decision. Idempotent — detects existing configuration.
cr-implementer
Fetches GitHub PR review comments, evaluates validity, and implements valid ones one at a time with test verification. Use when implementing unresolved GitHub PR review comments, when told "fix the cr comments", "implement review feedback", "address pr comments", or when a PR has unresolved reviewer comments that need addressing.
pr-reviewer
Produces copy-paste-ready markdown code review with constructive criticism — problems, severity, and suggested fixes — formatted for GitHub PR comments. Use when reviewing a pull request, staged changes, or a specific diff.
skills
Use when the user wants to run one of the hostile audit skills in this repo, or asks what skills are available.
code-review
Use when reviewing a pull request, diff, or proposed code change for correctness, clarity, security, performance, and conformance to project conventions — whether the author is a human, an AI agent, or a peer. Covers the pre-review fact-gathering pass, the read-order strategy (tests first, then implementation, then call sites), the severity-grading rubric, the comment-phrasing discipline, and the no-rubber-stamp rule for AI-generated diffs. Do NOT use for AUTHORING the code (use `refactor` for behaviour-preserving changes or `skill-scaffold` for new skills), for chasing a known bug after merge (use `debugging`), or for security-only audits (use `owasp-security` for vulnerability-focused review). Do NOT use for fix this bug that production users are reporting. Do NOT use for refactor this 200-line function into smaller pieces. Do NOT use for scaffold a new skill that teaches code review. Do NOT use for write a guide explaining our review conventions.
mushi-test
Run, review, and improve Mushi Mushi TDD tests — story mapping, Playwright test generation, QA coverage, PDCA improvement loop, test approval workflow. Use when "run tdd tests", "generate tests for my stories", "check qa coverage", "improve failing tests", "test my app with mushi", "review generated tests", or any TDD/QA workflow in mushi.
agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches AI agents running in CI/CD pipelines, including env var intermediary patterns, direct expression injection, dangerous sandbox configurations, and wildcard user allowlists. Use when reviewing workflow files that invoke AI coding agents, auditing CI/CD pipeline security for prompt injection risks, or evaluating agentic action configurations.
rappterzoo
Autonomous content platform — 640+ self-contained HTML apps. Browse, submit, review, rate, and evolve apps via GitHub Issues.
ginee-file-bug
File a bug report against the primary GitHub repo (the adopter's own project) via the ginee framework's GitHub-integration workflow. Use when the user asks to 'file a bug', 'report a bug', 'create a bug issue' for the current project. Drafts a structured issue using core/templates/issues/bug-report.md, surfaces the draft for approval, then creates a labelled GitHub issue.
ginee-triage
List ready work across all task sources (GitHub issues + TODO files) and propose a pickup order. Use when the user asks to 'triage', 'list ready work', 'what should I work on', 'show the backlog'. Optional positional arg narrows scope ('issues' / 'framework' / 'todos'). Returns a merged table; never picks on its own.
issue-authoring
Draft or refine IDD-ready GitHub issues, roadmap issues, and sub-issues before the normal IDD execution loop begins. Use when a request is too large or ambiguous for one reviewable change, when work needs decomposition or dependency encoding, or when the user asks for issue drafting, roadmap planning, or parallelizable task breakdown.
screenshots
Locate macOS screenshots saved to ~/screenshots/ and route them into downstream workflows — most commonly attaching to GitHub PR/issue/comment bodies via the gh image extension, but also useful for previewing, organizing, copying to clipboard, or feeding into other tools. Use when the user mentions "screenshots", "today's screenshots", "find a screenshot", "attach screenshots", "upload screenshot", "images on machine", or wants to locate, preview, or share a local screenshot.
structured-autonomy-plan
Structured Autonomy Planning Prompt
conventions
Defines the commit message, branch naming, pull request, and release note conventions for the ai-agent-skills repository. Make sure to load this skill whenever writing a commit message, naming a branch, drafting a PR title or body, or writing CHANGELOG entries in this repo. Use when the user asks "how should I format this commit", "what's the branch naming convention", "how do I write the PR", "what commit type should I use", or before any git commit, PR creation, release note, or CHANGELOG task in this project.
speckit-resolve-pr
Address actionable review feedback on a pull request, push the fixes, and resolve review threads. Reads the PR comments, updates the code, runs project verification, replies to review threads, and reports what changed.
pr-board
在终端里显示当前正在运行的 Codex PR review 任务列表,输出 Codex app 可解析的可展开 Markdown 组件,支持点击跳转 PR。当用户说"打开 review 看板"、"看当前 PR review 任务"、"PR dashboard"、"/pr-board"、"看看现在 review 到哪了"、"列一下正在跑的 codex review" 等表达时调用。
create-github-action
Scaffold a deterministic GitHub Actions CI/CD workflow
managing-deployment
Deployment and infrastructure for the site. Consult when troubleshooting deployments, modifying CI/CD, or diagnosing build issues.
review-and-ship
Review the current branch for bugs, intent fit, and test coverage; run or write tests; commit focused work; open or update a PR.
code-review-methodology
Conduct two-stage code review: Stage 1 verifies spec compliance (criterion-to-code mapping), Stage 2 evaluates security, correctness, performance, and maintainability across 6 parallel facets with P1/P2/P3 synthesis and deduplication by file:line. Use when reviewing code changes or pull requests. This skill MUST be consulted because reviewing quality on broken logic is wasted effort, and unmet acceptance criteria must block merge.
feedback-resolution
Address PR review feedback through surgical fixes traceable to specific comments, apply the Boy Scout Rule only to already-modified files (separate `improve:` commits), recover context by code snippet rather than line number, and enforce pushback only when factually incorrect, test-breaking, or CLAUDE.md-violating. Use when resolving reviewer comments on a pull request. This skill MUST be consulted because every untraceable change is out-of-context, and pushback without evidence is just disagreement.
loop-on
Create an event-driven loop using Monitor instead of cron. The loop fires when a watched condition becomes true (CI status changes, log line appears, file modified, PR merged, etc.) rather than on a time schedule. Use when the user says "watch for X and then do Y", "trigger when Z happens", "loop on event", or any work-shape where time-based polling is the wrong cadence.
gen-templates
Generate GitHub PR and issue templates for this repository. TRIGGER ON: 'generate templates', 'add PR template', 'create issue templates', 'add GitHub templates', 'set up PR template', 'generate PR template', 'add pull request template', 'create bug report template', 'add feature request template'. Generates .github/PULL_REQUEST_TEMPLATE.md and .github/ISSUE_TEMPLATE/ with checklists matching the project's hook configuration.
zen
Проверяет код на соответствие принципам Дзена Python (PEP 20) — на любом языке программирования, не только Python. Обязательно используй этот скилл, когда пользователь просит проверить код, сделать ревью, оценить читаемость, стиль или качество, упоминает «дзен», «zen», «PEP 20», спрашивает «насколько код в духе Дзена / питоничный» — даже если язык не Python и слово «zen» не прозвучало явно. Понимает контекст проверки: весь проект, незакоммиченные изменения, staged-файлы, последний ко��мит, диапазон коммитов, pull request или конкретные файлы. Выдаёт разбор по принципам и общую оценку по 10-балльной шкале с визуализацией.
fanout-ship
Parallel multi-agent ship pattern. Decompose 1 parent task into N independent child tasks → spawn N background agents in isolated git worktrees → each opens PR targeting shared integration branch → smallest-first merge order with self-documenting rebase recipes → final PR integration → main. Collapses N×30min sequential work into ~30min wall-clock. Isolated blast radius (one agent crash ≠ kill others). Granular revert. Small review surface per PR. Background execution = no babysit. Trigger when user says: "fan out", "fanout", "split into N PRs", "parallel build", "parallel agents", "spawn N agents", "/fanout-ship", "ship in parallel", or pastes a parent issue + list of child tasks. Auto-trigger heuristic: task list ≥ 4 INDEPENDENT subtasks touching DISJOINT files, single repo, GitHub-hosted.
skynet-site
Build a premium client website end-to-end — competitor research, niche-tuned design system, conversion funnel, SEO/AEO base, Vercel deploy, GitHub repo, speculative pitch with 5-8 scope-unlocking questions. Distilled from 9 shipped client wins (wedding, wellness, medical, luxury rental, clinic pitch, indie event, coach funnel, 20-niche demos, agency theme rebuild). Trigger when user says: "build a site for", "design website", "spec build for client", "/skynet-site", pastes a client brief / Upwork JD asking for a website, or wants a landing page / agency demo / niche site.
github-profile-beautifier
Use when user wants to create or improve their GitHub profile README, generate a new profile page, beautify their existing GitHub homepage, or add stats cards, project showcase, and tech stack badges
aw-author
Author, validate, and improve GitHub Agentic Workflow (gh-aw) markdown files. Use when the user wants to create a new workflow, validate an existing workflow, improve a workflow, or debug workflow issues. Triggers on: "aw-author", "agentic workflow", "gh-aw workflow", "workflow markdown", "workflow frontmatter", "write a workflow", "create a workflow", "validate workflow", "debug workflow".
gh-aw-report
Daily intelligence reporting for the GitHub Agentic Workflows (gh-aw) ecosystem. Executes 8+ targeted web searches, synthesizes findings into a structured Markdown report, updates the persistent knowledge base, and optionally posts to GitHub Discussions. Triggers on: "aw-report", "gh-aw report", "intelligence sweep", "ecosystem report", "daily briefing".
setup-matt-pocock-skills
Sets up an `## Agent skills` block in AGENTS.md/CLAUDE.md and `docs/agents/` so the engineering skills know this repo's issue tracker (GitHub or local markdown), triage label vocabulary, and domain doc layout. Run before first use of `to-issues`, `to-prd`, `triage`, `diagnose`, `tdd`, `improve-codebase-architecture`, or `zoom-out` — or if those skills appear to be missing context about the issue tracker, triage labels, or domain docs.
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
shape-issues
Shape raw ideas into actionable GitHub Issues using Shape Up methodology
creating-pds-issues
Create GitHub issues in NASA-PDS repositories using organizational templates (bug reports, I&T bug reports, feature requests, tasks, vulnerabilities, release themes). Use when user requests to create, file, or submit PDS issues.
creating-pds-pull-requests
Create GitHub pull requests in NASA-PDS repositories with auto-detection of repo/branch, issue linking, reviewer assignment, and label management. Use when user requests to create, open, submit, or make a pull request, PR, merge request, or says "create a PR", "open a PR", "make a PR", "submit a PR", "push a PR", or any variation of creating a pull request in PDS repositories.
dependabot-alerts-triaging
Analyze GitHub Dependabot dependency vulnerability alerts and suggest triage decisions (dismiss/fix/escalate) with explanations. Use when the user needs help reviewing Dependabot alerts, deciding whether dependencies are exploitable, or triaging CVEs across NASA PDS repositories.
devpilot-daily-toolkit
Personal daily-life toolkit for someone living in Auckland, NZ. Bundles four tools behind one skill: RSS news (世界科技 / AI / 世界政治 / 经济金融 / 新西兰), real-time exchange rates (any currency pair via cdn.moneyconvert.net), GitHub daily activity reports (commits / PRs / issues across the user's active repos), and NZ public holidays (Auckland-highlighted via Nager.Date). USE WHEN the user asks for any of: a personal daily / morning briefing, "my daily digest", exchange rates ("汇率", "USD to NZD", "100 AUD 换多少人民币"), NZ public holidays ("下个假期", "next NZ holiday", "Auckland anniversary day"), a daily GitHub activity report ("今日 github", "github daily report", "what did I push today"), or a blended "give me everything" briefing that combines all four. Triggers on: "daily toolkit", "my daily", "morning briefing", "今日简报", "晨报", "汇率", "exchange rate", "currency convert", "convert X to Y", "NZ holiday", "新西兰假期", "Auckland holiday", "github daily report", "今日 github", "what did I ship today". For a pure long-form general news dig
devpilot-pr-review
Use when the user asks to review a pull request, merge request, or a diff — "review this PR", "review PR
devpilot-prd-to-issues
Use when the user wants to turn a PRD, spec, design doc, or feature brief into a set of GitHub issues — "break this PRD into tickets", "create issues from the spec", "split this into tasks", "file the work for this feature", "decompose into deliverables", "/prd-to-issues". Produces an issue tree where every ticket is a deliverable slice with explicit parent/child/blocks relationships and a bounded change size.
devpilot-resolve-issues
Use when the user wants to resolve, fix, work through, or burn down open GitHub issues in a repository — "fix all the issues", "resolve these tickets", "work through the repo-scan issues", "clear the backlog", "fix issue
devpilot-resolving-review-threads
Use when responding to inline review comments after pushing fixes to a GitHub PR or GitLab MR — decide per thread whether to auto-resolve (fix verified at HEAD), reply with technical reasoning (reviewer misread or wrong), or leave open for the reviewer. Triggers on "respond to review comments", "resolve the review threads", "I pushed the fixes, now reply to the comments", "close out the review", "/resolve-review". Do NOT use for writing a review (use devpilot-pr-review) or creating a PR (use devpilot-pr-creator).
devpilot-scanning-repos
Use when the user asks to scan, audit, or sweep an entire GitHub repository for issues and file them as tickets — "scan this repo", "audit the codebase", "find bugs/security holes/missing tests", "check the docs are still accurate", "/repo-scan", "open issues for all the problems you find". Scans security, edge cases, testing coverage, and doc/code drift (CLAUDE.md, AGENTS.md, README.md and the docs they link to) without assuming business logic. Do NOT use for reviewing a single PR (use devpilot-pr-review) or language-specific style review (use devpilot-google-go-style).
forgejo-cli
Manage repos, issues, PRs, and releases on the self-hosted Forgejo (git.${WALTER_DOMAIN}) via the official `tea` CLI. Use this skill whenever the user asks to "create a Forgejo repo", "open an issue on git.${WALTER_DOMAIN}", "list my private repos", "tag a release", or any operation against the self-hosted git. Replaces the dropped community forgejo-mcp.
infisical-agent
How to consume Infisical secrets from every Walter-OS surface — operator shells, walter-host Docker services, Vercel deploys, Railway services, GitHub Actions, n8n workflows, Cursor, Claude Code. The unifying principle: NEVER paste secrets into config files; always pull from Infisical at runtime via CLI / SDK / native integration. Use this skill when the user asks "how do I use this secret in <X>", "Infisical setup for Vercel", "secrets in GitHub Actions", "n8n credentials".
pr-review
Run a rigorous, multi-dimensional review checklist on any pull request before opening, merging, or after receiving review comments. Use this skill ALWAYS before opening a PR, when asked to "review this PR/branch/diff", "check my changes", "is this ready to merge", or before promoting a branch from dev to staging or staging to main. Goes beyond style — checks security, performance, testing rigor, supply chain, and Definition of Done coverage.
readme-craft
Opinionated README authoring guide. Picks a section template by project type (CLI, library, web app, hackathon submission, OSS publication, GitHub profile), curates a small set of upstream tools from the awesome-readme-tools catalog, and enforces a mobile-readable structure. Use this skill whenever the user asks to "write a README", "improve my README", "make the README better", "review my README", or starts a new project that needs a public-facing landing artifact. Complements landing-page-fast (landings), brand-creation (identity), oss-readiness (audit), and content-writer (long-form).
security-review
Checklist-driven security review pass for pull requests.
api-contract-sync-manager
Validate OpenAPI, Swagger, and GraphQL schemas match backend implementation. Detect breaking changes, generate TypeScript clients, and ensure API documentation stays synchronized. Use when working with API spec files (.yaml, .json, .graphql), reviewing API changes, generating frontend types, or validating endpoint implementations.
review-pr
Review a pull request with structured severity-based feedback. Use when asked to review a PR, code review, or given a PR number/URL.
check-no-secrets
Scans codebase for accidentally committed secrets, credentials, API keys, and sensitive data to prevent security breaches
daf-help
Show available daf commands and quick reference
daf-list
List all DevAIFlow sessions
daf-notes
Add and view progress notes for sessions
daf-status
Show status and progress dashboard
finishing-a-development-branch
Git branch completion workflow. Use when implementation is complete, tests pass, and a feature branch needs to be integrated via merge, pull request, or cleanup.
keepwright
Set up and continuously keep engineering quality and architecture true in any git repo. Implants a constitution (CLAUDE.md), structured rules, GitHub Actions with AI PR review wired to OAuth, portable validators, and git hooks; then audits and enforces them over time. Detects the stack and adapts. Use when a repo needs a solid quality architecture, a PR flow with AI review, living rules, or an audit of how integrated it already is.
setup-projeto-qualidade
Organizadora e criadora de projetos. Aplica uma arquitetura de qualidade alta em qualquer projeto git, novo ou existente — CLAUDE.md como constituição equalizada, rules estruturadas (invariantes, equalização de pipeline, hierarquia epistêmica P1-P5, PR flow, catalisação de lições, frentes paralelas, merge seguro, prova empírica pré-merge), CI/CD com auto-review OAuth, deploy automático adaptado à stack, agentes worktree-isolados, validators portáveis, hooks. Adapta tudo à stack detectada.
pr-pipeline
Autonomous PR review, fix, test, and merge pipeline
sentry-triage
Query Sentry for production errors, filter by severity/frequency, deduplicate against existing GitHub issues, and create actionable issues for the ship-loop. Invoke with /sentry-triage.
feedback
Generate a retrospective report analyzing agent pipeline execution, duplication, scope adherence, and output quality from a completed work session.
speckit-git-remote
Detect Git remote URL for GitHub integration
project-patterns
Pipeline architecture, directory layout, naming, error philosophy, and the end-to-end pattern for adding a source
fastlane-knowledge
Provides Fastlane configuration patterns for Flutter apps including iOS and Android lanes, code signing with match, CI/CD integration with GitHub Actions, and environment management. Use when user asks about Fastlane setup, deployment automation, code signing, or CI/CD for mobile.
ts-parity-check
对比 TS 源(`../claude-devtools`)与 Rust 端口指定 capability 的文件映射,并查 `openspec/TS_BASELINE_DEVIATIONS.md` 看是否有该 capability 相关的 TS 偏差预警 + 当前 GitHub Issues backlog 里的相关项。**用户说 `/ts-parity-check <capability>` 或"对比一下 chunk-building 的 TS 与 Rust / 这个 cap 还有 TS 偏差吗"时都用这个 skill**——不要自己手 grep 比一遍。
roadmap
Structured workflow for creating Roadmap documents that sequence multiple features into a coordinated initiative. Use when planning multi-feature work that needs dependency tracking, sequencing rationale, and progress monitoring. Triggers on "create a roadmap for X", "plan the rollout of Y", "sequence these features", or any request to coordinate multiple features into an ordered plan. Do NOT use for single-feature requirements (/prd), strategic justification (/vision), technical architecture (/design), or open-ended exploration (/explore). Drives a multi-phase workflow: conversational scoping, parallel research agents, structured drafting, and jury review.
work-on
Implement work end-to-end with branch creation, analysis, coding, tests, and a pull request with CI monitoring. Accepts a GitHub issue (number or URL), a milestone (selects the next unblocked issue), a PLAN document path (drives multiple issues through one shared branch and PR), or a free-form task description. Use when asked to work on, implement, fix, build, tackle, pick up, close, or ship work — at any size, from a single issue to a whole plan.
autonomous-dev
Use to develop a feature or bug fix end-to-end through a TDD git-worktree workflow — interactively (developer-led) or unattended (autonomous-mode, driven by the dispatcher). Triggers on phrases like "implement issue #N", "fix this bug", "add a feature", "create a worktree", "write test cases", "push and open a PR", "check CI", "address review comments", "resolve review threads", "/q review", "/codex review", "implement this autonomously", or any partial step in the design → worktree → tests → implement → verify → review → PR → CI → E2E lifecycle. Interactive mode asks for decisions; autonomous mode makes decisions per autonomous-mode.md and posts progress comments to the GitHub issue.
autonomous-review
Use to perform an end-to-end PR review and reach an approve/request-changes verdict — including verifying acceptance criteria, running E2E tests via browser automation, resolving merge conflicts, and (when verdict passes) merging the PR. Triggers on phrases like "review this PR", "decide whether to approve and merge", "run E2E verification", "resolve merge conflicts on PR #N", or when the dispatcher hands off a PR labeled `pending-review` / `reviewing` for autonomous review. Distinct from in-flight dev-side self-review (that lives in autonomous-dev's pr-review step).
ddalggak
Use when the user wants a Codex App native GitHub issue to implementation to review to recovery workflow, or wants to plan issues, create GitHub issues, inspect status, ship an existing lane, clean up after merge, write retrospectives, improve prompts, or run a one-shot local diff check.
dotnet-playwright-ci-caching
Cache Playwright browser binaries in CI/CD pipelines (GitHub Actions, Azure DevOps) to eliminate 1-2 minute download overhead on every build. Uses version-based cache keys derived from Central Package Management (CPM) for automatic invalidation. Use when: setting up or optimizing CI/CD for .NET projects with Playwright E2E tests.
make-pr
Creates pull requests on GitHub or Azure DevOps by analyzing commits and generating descriptions. Detects platform from git remote and uses gh CLI or az CLI. Use when asked to create PR, open PR, make pull request, submit PR, create pull request, new PR, raise PR, push PR, open pull request, submit changes, PR workflow, or when user mentions PR creation. Generates casual, context-aware PR descriptions that explain WHY not WHAT.
diagnose-ci
Diagnose and fix GitHub Actions CI failures for the current repository. Fetches failing job logs via gh CLI, reproduces the failure locally, identifies the root cause (code bug, flaky test, or infra/config issue), proposes a targeted fix, applies it after approval, then offers to commit and push to re-trigger CI. Global and project-agnostic (requires gh CLI). Trigger when the user says "diagnose CI", "diagnose-ci", "why is CI failing", "CI is red", "fix CI failures", "debug GitHub Actions", "CI is broken", "what's failing in CI", or "CI keeps failing". SKIP when the user is asking about a non-GitHub CI system.
health-check
Periodic Codex repo health check orchestrator. Runs CI status, AGENTS.md staleness audit, documentation accuracy audit, and Obsidian Vault sync if present, pausing for approval between steps and producing one consolidated report. Global and project-agnostic. Trigger when the user says "health check", "health-check", "repo health", "check repo health", "repo maintenance", "run a health check", "audit the repo", "check everything", "periodic maintenance", or "check if everything is up to date". SKIP when the user only wants one specific audit.
pr
Create or update a GitHub Pull Request from the current branch. Reads all commits since the base branch, auto-generates a structured PR title and body (Summary / Changes / Test Plan sections), infers labels from commit types, and shows everything for approval before running gh pr create. Handles push if needed and detects existing PRs. Global and project-agnostic. Trigger when the user says "create a PR", "open a pull request", "make a PR", "$pr", "submit PR", or "push and open a PR".
setup-ci
Analyze a GitHub repository and propose or improve a GitHub Actions CI setup with clearly separated jobs — one job per concern — so each check shows independently in the GitHub PR and Actions UI. Global and project-agnostic. Trigger when the user says "set up CI", "setup-ci", "add GitHub Actions", "propose CI jobs", "improve my CI", "add CI pipeline", "set up GitHub Actions workflow", "create GitHub Actions tests", or "suggest CI checks". SKIP when the user is asking about a non-GitHub CI system (Jenkins, CircleCI, GitLab CI) — this skill is GitHub Actions only.
speckit-git-remote
Detect Git remote URL for GitHub integration
spec-driven-cc-guide
Expert knowledge base for Claude Code Terminal — the CLI tool itself, not coding tasks. Implements 4 knowledge-retrieval phases with structural anti-skip enforcement using the Execute-Verify-Gate pattern at every step. Designed to prevent token optimization bias that causes reference file skipping by making every reference load mandatory and verifiable. MUST use this skill whenever the user asks about Claude Code features, configuration, setup, or troubleshooting. This includes: keyboard shortcuts not working (Option key, Alt+P, Shift+Enter, Ctrl+B), creating or configuring subagents/skills/commands/plugins, setting up hooks (PreToolUse, PostToolUse, HTTP hooks), installing or debugging MCP servers, GitHub Actions or GitLab CI/CD integration for PR reviews, switching models mid-conversation, undoing or rewinding Claude's changes, proxy/network configuration, permission modes, memory and CLAUDE.md setup, the /batch /simplify /debug bundled skills, git worktrees, agent teams, remote control, headless mode, or A
spec-driven-ci
Generate CI/CD pipeline workflows through spec-driven workflow generation with structural anti-skip enforcement. Implements 5 phases covering preflight validation, configuration loading, workflow template generation, cost optimization, and final validation using the Execute-Verify-Gate pattern at every step. Designed to prevent token optimization bias through lean orchestration and binary CLI gate enforcement. Currently supports GitHub Actions with cost-optimized Claude API integration (prompt caching, Haiku preference, max-turns limits). Use when setting up CI/CD automation for DevForgeAI projects. Always use this skill when the user runs /setup-github-actions. Also use when the user mentions GitHub Actions setup, CI/CD pipeline generation, headless DevForgeAI execution, or workflow automation for /dev and /qa commands.
issue-writing
Use when drafting, revising, triaging, or reviewing GitHub issue titles and bodies, bug reports, feature requests, internal implementation issues, acceptance criteria, scope boundaries, decomposition notes, and links to supporting documents. Handles issue framing, scope, title shape, checkable outcomes, and when context belongs somewhere else. Pair with content-styleguide for deeper prose quality.
engineering-advanced
Advanced engineering patterns for AI-native products. Use when the user mentions agent design, RAG architecture, AI pipelines, MCP servers, API design best practices, CI/CD pipeline architecture, system design interviews, observability, infrastructure as code, or advanced engineering topics. Also triggers on: agent, RAG, retrieval augmented generation, MCP, API design, REST, GraphQL, CI/CD, GitHub Actions, Docker, Kubernetes, microservices architecture, event-driven, message queues, caching strategies, database design, system design.
code-quality-gate
Enforces automated quality checks before every deploy. Prevents production failures through a 5-stage Quality Gate System (Pre-Commit, PR-Check, Preview, E2E, Production). Activate on code changes, deployments, PR reviews, build failures.
speckit-taskstoissues
Convert existing tasks into actionable, dependency-ordered GitHub issues for the feature based on available design artifacts.
commit-push-pr
Commit current work, push the branch, and create a GitHub pull request with a concise title, body, and verification notes.
kickoff
Scaffolds a new project in the current directory — creates CLAUDE.md, CHANGELOG.md, .gitignore, README.md, and a source dir, initializes git with a first commit, and offers to create a GitHub repo. Prompts for project name, description, and language/framework first. Use when the user wants to "start a new project", "bootstrap a repo", "set up a fresh project", "scaffold a codebase", or "kick off" a new build from scratch.
ginee-file-feature
File a feature request against the primary GitHub repo (the adopter's own project) via the ginee framework's GitHub-integration workflow. Use when the user asks to 'file a feature', 'request a feature', 'create a feature request' for the current project. Drafts a structured issue using core/templates/issues/feature-request.md, surfaces the draft for approval, then creates a labelled GitHub issue.
ai-team-orchestration
Multi-agent dev team — parallel AI agents, roles, coordination, project kickoff
aegisops-ai
Autonomous DevSecOps & FinOps Guardrails. Orchestrates Gemini 3 Flash to audit Linux Kernel patches, Terraform cost drifts, and K8s compliance.
agentflow
Orchestrate autonomous AI development pipelines through your Kanban board (Asana, GitHub Projects, Linear). Manages multi-worker Claude Code dispatch, deterministic quality gates, adversarial review, per-task cost tracking, and crash-proof pipeline execution.
agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches. AI agents running in CI/CD pipelines.
github-actions-templates
Production-ready GitHub Actions workflow patterns for testing, building, and deploying applications.
onboard
Add a new open source project to the marketing pipeline. Researches real user pain, auto-detects project type, generates everything.
codex-review
Professional code review with auto CHANGELOG generation, integrated with Codex AI
agent-skill-deploy
Deploys agent skill collections from any GitHub repository with a /skills folder to one or more distribution surfaces: GitHub releases, Claude Code marketplace, VS Code plugin marketplace, and Copilot CLI plugin marketplace. Handles pre-flight validation, conventional commit analysis, version bumping across surface configs, and surface-specific publishing with dry-run support. Use when releasing, publishing, or deploying a skills collection to any supported marketplace or creating a GitHub release for a skills repository. Don't use for deploying non-skill packages, npm modules, Docker images, or Azure resources.
upkeep-audit
Run the Upkeep repo audit locally against any repository path. Use when asked to audit a repo, check docs/spec/asset drift, or run upkeep without GitHub Actions.
docker-build-deploy
Use when user wants to containerize a project, set up Docker CI/CD with GitHub Actions, push images to GHCR or Docker Hub, deploy containers to a remote server, or generate optimized Dockerfiles
chinese-commit-conventions
中文 commit 与 changelog 配置参考——Conventional Commits 中文适配、commitlint/husky/commitizen 中文模板、conventional-changelog 中文配置。仅在用户显式 /chinese-commit-conventions 时调用,不要根据上下文自动触发。
chinese-git-workflow
国内 Git 平台配置参考——Gitee、Coding.net、极狐 GitLab、CNB 的 SSH/HTTPS/凭据/CI 接入差异与镜像同步配置。仅在用户显式 /chinese-git-workflow 时调用,不要根据上下文自动触发。
finishing-a-development-branch
当实现完成、所有测试通过、需要决定如何集成工作时使用——通过提供合并、PR 或清理等结构化选项来引导开发工作的收尾
aria-dashboard
项目进度看板生成器。解析 UPM、User Story、OpenSpec、审计报告、AB Benchmark 五种数据源, 生成单文件自包含 HTML 看板,写入 .aria/dashboard/index.html 并尝试在浏览器中打开。 使用场景:"生成看板"、"项目看板"、"dashboard"、"查看全局进度"、 "项目进度可视化"、"生成进度报告"
code-review-practices
Provides practical guidance for conducting thorough code reviews that identify issues early, promote knowledge sharing, and deliver constructive feedback. This skill should be used when reviewing pull requests, establishing team review standards, or mentoring developers on effective review practices.
playwright-pro
Playwright E2E testing: page object model, fixture setup, network interception, visual regression, CI integration, and debugging flaky tests — production-grade browser automation
eds-cicd-pipeline
Set up a GitHub Actions CI/CD pipeline for an AEM Edge Delivery Services project. Generates workflow YAML files for ESLint (Airbnb rules), Lighthouse CI performance testing, link validation, and automated preview/publish via the AEM Admin API. Fills the gap left by the absence of official CI/CD guidance for EDS projects.
localization-audit
Audit multi-language AEM Edge Delivery Services sites for content parity across locales. Builds a locale matrix from the query index, identifies missing translations, checks metadata completeness per language, validates hreflang tags, and generates a prioritized remediation report. Use when launching new locales, validating translation completeness, or fixing SEO issues on multi-language EDS sites.
query-index-optimizer
Audit and optimize the AEM Edge Delivery Services query index configuration. Analyzes indexed properties against actual usage, identifies missing or stale pages, checks index size and pagination, and generates recommendations for helix-query.yaml changes. Use when the query index feels bloated, pages are missing from block-driven lists, or you need to verify index health before launch.
sitemap-audit
Validate an AEM Edge Delivery Services sitemap.xml against actual site content. Cross-references the sitemap with the query index, checks URL reachability, validates lastmod dates, and identifies missing or orphaned pages. Use when auditing SEO health, preparing for launch, or investigating indexing issues.
structured-data
Generate JSON-LD structured data for AEM Edge Delivery Services pages. Analyzes page content and metadata to determine the appropriate schema.org types, extracts relevant properties, and produces validated JSON-LD snippets ready for implementation in head.html or scripts.js. Use when adding rich results support, improving search appearance, or auditing existing structured data.
gh-address-comments
Help address review/issue comments on the open GitHub PR for the current branch using gh CLI; verify gh auth first and prompt the user to authenticate if not logged in.
auto-enforcer-action
Use when setting up automatic PR constraint enforcement via GitHub Actions — covers the advisory-vs-blocking split, workflow installation, configuration options, and reading the output
github-actions-supply-chain
Use when reviewing GitHub Actions workflow files for security issues, hardening CI pipelines, or assessing supply chain risk in a repository that uses GitHub Actions
deployment-patterns
Deployment workflows, CI/CD pipeline patterns, Docker containerization, health checks, rollback strategies for Python applications.
list-missions
List all proactive background missions for the current user. Shows mission titles, schedules, statuses, and last run times. Use when the user asks to see their missions, what's running in the background, or what scheduled tasks exist. Keywords: missions, list, show, background, scheduled, active, paused.
expo-docs-boxlink-audit
Audit `<BoxLink>` components in an Expo docs PR and flag mismatches between the Icon prop and the destination URL, then stage findings as a private pending GitHub review (never auto-submitted). MUST USE when the user provides a GitHub PR URL and says "audit boxlink icons", "review boxlinks", "check boxlink icons", or "/expo-docs-boxlink-audit". Public PRs only. Narrow scope: icon mismatches only, not other BoxLink props.
expo-docs-pr
This skill should be used when the user asks to "write a PR description", "create a PR", mentions "PR description", "pull request", or discusses writing PR descriptions for the Expo docs repository.
expo-docs-review
Review an Expo docs pull request against the Expo writing style guide and MDX component conventions, and stage the findings as a private pending GitHub review (never auto-submitted). MUST USE when the user provides a GitHub PR URL and says "review this pr", "review this docs pr", "audit this pr", "check this pr against the style guide", or "/expo-docs-review". Public PRs only.
aitask-contribute
Contribute local aitasks framework changes back to the upstream repository by opening structured GitHub issues.
aitask-pr-import
Create an aitask from a pull request by analyzing PR data and generating a structured task with implementation plan.
workflow-advisor
Interview a team about its development process, generate a versioned `.workflow/` configuration, and advise on GitHub events, lifecycle gates, labels, roles, and process metrics. Use when the user wants to set up team workflow automation, adopt spec-driven development, configure GitHub workflow files from an interview, design event-driven CI/CD around roles and artifacts, reconcile workflow state, or measure process changes. Triggers on "workflow advisor", "set up team process", "configure SDD", "process automation", "team workflow", "GitHub workflow generation", "spec-driven development setup", or bootstrapping repo process.
support-triage
Triage incoming support — categorize, prioritize, draft responses, identify product bug vs user-error vs feature-request. Routes to engineering when needed.
github-repo-hardening
Audit GitHub repository governance and access control settings including branch protection rules, ruleset configuration, secret scanning, push protection, CODEOWNERS, signed commits, required reviews, and admin bypass policies. Use this skill whenever the user asks about branch protection, "is my main branch safe", required reviews, force-push prevention, CODEOWNERS, signed commits, gitsign, Sigstore, secret scanning, push protection, custom secret patterns, repo settings, ruleset vs branch protection, or merge queue. Trigger on phrases like "harden my repo", "audit my branch rules", "secret scanning", "CODEOWNERS review", "are my settings safe", "lock down main". Use this even when the user only mentions one of these sub-topics.
github-supply-chain
Audit GitHub repository supply chain security including GitHub Actions workflow hardening, third-party action pinning, dependency review, SBOM generation, and OIDC-based cloud authentication. Use this skill whenever the user asks about GitHub Actions security, workflow permissions, action pinning, Dependabot, Renovate, supply chain attacks, dependency confusion, typosquatting, SBOM (CycloneDX/SPDX), OIDC federation with AWS/GCP/Azure, or any concern about external code entering their CI/CD pipeline. Trigger on phrases like "audit my GitHub Actions", "are my workflows safe", "supply chain risk", "should I pin actions", "OIDC for cloud", "SBOM generation", "dependency review", and similar. Use this even if the user only mentions one sub-topic — coverage is broader than the trigger.
cco
Orchestrates the support domain -- assesses support posture, recommends actions, and delegates to support specialist agents. Use individual support agents for focused tasks; use this agent for cross-cutting support strategy and multi-agent coordination.
framework-docs-researcher
Use this agent when you need to gather documentation and best practices for specific frameworks, libraries, or dependencies. Use best-practices-researcher for general industry best practices; use this agent for a specific library's docs and source.
self-review
Pre-PR code review using specialist subagents
sync-issues
Sync sprint issues to GitHub Issues
address-copilot-review
Take a GitHub pull request through Copilot's code review end to end: check out the PR, fetch Copilot's summary and inline review comments, investigate the codebase to judge each one, apply agreed fixes, commit and push, then reply to and resolve each Copilot thread. Pauses for approval before any GitHub write and asks before dismissing a comment it disagrees with. Use when the user asks to "address the Copilot review", "go through Copilot comments", handle/triage a Copilot PR review, or reply to and resolve Copilot review threads on a PR.
address-review
Take a GitHub pull request's code review feedback end to end: check out the PR, fetch review summaries and unresolved inline threads from any reviewer (bots like Copilot and humans alike), investigate the codebase to judge each comment, apply agreed fixes, commit and push, then reply to each thread and resolve where appropriate. Pauses for approval before any GitHub write, asks before dismissing a comment it disagrees with, and leaves human-opened threads for the human to resolve unless told otherwise. Use when the user asks to "address the review", "address review comments", "go through the PR feedback", "address the Copilot review", handle/triage a PR review, or reply to and resolve review threads on a PR.
finishing-a-development-branch
Complete feature development with structured options for merge, PR, or cleanup
github-pr
Automates the end-to-end Git workflow: branch creation, staging, committing, pushing, and opening or updating a GitHub pull request. Use when a feature or fix is ready for review and requires a structured PR, or when branch changes may need to be pushed to an existing PR for follow-up review.
github-pr-feedback
Use this skill whenever the user asks to look at GitHub PR feedback, PR review comments, review bot output, Gemini/Claude review feedback, or pasted reviewer suggestions and wants a markdown table that separates what should be fixed from what does not need to be fixed. This skill should trigger for PR feedback triage, deciding whether review comments are actionable, and producing a concise markdown report with yes/no emoji decisions and reasoning.
go-engineering
Comprehensive Go engineering guidance for coding agents. Use when writing, reviewing, refactoring, or debugging Go code; designing packages and exported APIs; improving error handling, interfaces, concurrency, contexts, cancellation, tests, benchmarks, and module layout; or reviewing Go pull requests for idioms and maintainability. Trigger on Go, golang, go.mod, interfaces, goroutines, channels, context.Context, errors.Is, errors.As, testing, and benchmarks.
rust-engineering
Comprehensive Rust engineering guidance for coding agents. Use when writing, reviewing, refactoring, or debugging Rust code; designing crate APIs; resolving ownership, borrowing, lifetime, or trait issues; implementing async/concurrent code with Tokio; improving error handling, testing, performance, memory layout, or file I/O safety; or reviewing Rust pull requests for idioms and footguns. Trigger on Rust, Cargo, rustc, clippy, rustfmt, ownership, lifetimes, traits, enums, tokio, anyhow, thiserror, serde, criterion, and borrow-checker errors.
typescript-engineering
Comprehensive TypeScript engineering guidance for coding agents. Use when writing, reviewing, refactoring, or debugging TypeScript or TSX code; designing public APIs; fixing tsconfig or strict-mode issues; resolving generic, union, narrowing, async, module, or type-inference problems; improving runtime validation, testability, and performance; or reviewing TypeScript pull requests for safety and maintainability. Trigger on TypeScript, ts, tsx, tsconfig, tsc, generics, discriminated unions, type guards, Zod, NodeNext, ESM, and strict mode.
inbox
Codex-native MaxVision inbox triage for GitHub issues and pull requests against project templates.
cicd-hardening
CI/CD pipeline hardening for GitHub Actions and GitLab CI — trust-model (pull_request_target vs pull_request), action pinning to SHA, OIDC-based cloud access, permissions minimization, runner isolation, and supply-chain gates (SLSA provenance, signing).
address-github-comments
Use when you need to address review or issue comments on an open GitHub Pull Request using the gh CLI.
macro-liquidity-monitor
USD funding / repo-plumbing liquidity radar. Tracks SOFR-IORB spread, SOFR tail, ON RRP buffer, bank reserves vs LCLoR, TGA drain/add, net liquidity, and SRF takeup (the funding-stress alarm). Outputs a tightness regime 🟢 ABUNDANT / 🟡 AMPLE / 🟠 TIGHTENING / 🔴 STRESS with the two lenses — "too loose → bubble" and "too tight → funding stress". All data from NY Fed Markets API + FRED (no API key). Runs on-demand or daily via GitHub Actions with Telegram push on regime change. Triggers in English ("liquidity check", "is liquidity tight", "SOFR IORB spread", "RRP balance", "when does liquidity tighten", "repo stress") or Chinese ("流动性怎么样", "流动性紧不紧", "什么时候收紧", "SOFR IORB 利差", "RRP 还剩多少", "回购市场压力", "美元流动性").
price-alert
Set, list, and cancel parameterized price alerts on any US-listed stock or ETF. Supports absolute price thresholds (above/below) and percentage moves (drop/rise from anchor). Alerts run via GitHub Actions cron (every 15 min during US trading hours) and fire Telegram notifications. Use when user wants to be notified when a stock hits a specific price or moves a specific percentage. Triggers in English ("alert me when X hits Y", "notify me if X drops Z%", "set price alert", "watch X at Y", "list my alerts", "cancel alert") or Chinese ("X 跌到 Y 通知我", "X 涨到 Y 提醒", "设个 alert", "盯一下 X", "列出我的 alert", "取消 alert").
issue-crafting
Craft well-structured GitHub issues with solution-agnostic outcomes, duplicate detection (open and closed), dynamically-discovered labels, and acceptance criteria describing observable behavior without implementation details. Use when creating new GitHub issues. Proactively suggest when an issue prescribes a method instead of describing an outcome.
critical-issues-only
PR review discipline - flag only correctness, security, and performance issues. Skip nits.
private-content
Content guidelines for private repository artifacts -- what's allowed when writing issues, PRs, design docs, and code comments in private repos.
investigating-a-ci-failure
Use when a GitHub Actions PR webhook reports a CI failure on this repo (lint / test / build / visual / lighthouse / e2e). Triages by failure class, identifies whether the cause is environmental (CI runner difference), a recent code change, or a flaky test. Returns either a one-line "this is the fix" plan or a clarifying question. Don't use to investigate local-only test failures — those are usually faster to debug interactively.
commit-changes-to-git
Use this skill to commit changes in the working tree of the current Git repository.
submit-a-pull-request
Use this skill to submit the current local branch as a pull request to a GitHub repository.
address-pr-comments
Fetch all review comments on the current branch's open PR, challenge each one critically, implement sensible ones using TDD, commit touched files, and print a summary. Trigger with /address-pr-comments.
finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
sharing-skills
Use when you've developed a broadly useful skill and want to contribute it upstream via pull request - guides process of branching, committing, pushing, and creating PR to contribute skills back to upstream repository
career-copilot
AI/ML Career Copilot. ATS analysis, resume optimization, keyword research, GitHub review, LinkedIn review, project evaluation, interview preparation, market fit analysis, and career readiness scoring.
gh-fix-ci
Use when a user asks to debug or fix failing GitHub PR checks that run in GitHub Actions; use `gh` to inspect checks and logs, summarize failure context, draft a fix plan, and implement only after explicit approval. Treat external providers (for example Buildkite) as out of scope and report only the details URL.
odoo-code-review
Review Odoo addon code for correctness, security, performance, migrations, tests, and official Odoo coding guidelines. Use when reviewing Odoo modules, diffs, pull requests, or changed files involving models, fields, XML views, data, controllers, reports, OWL/assets, manifests, access rules, record rules, or OCA migrations.
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
github-actions-templates
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
pr-comments
Review and triage PR comments interactively
buildable-issue
Creates agent-ready GitHub issues that are ready to build. Formerly framed as sdd-issue / SDD-ready issue creation. Use when creating a buildable issue, implementation-ready ticket, SDD-ready issue, preparing work for an orchestrator, or when the user says "create an issue", "write a ticket", or "I need to build X". Also use when the user references an existing issue and wants it enriched with scope, constraints, acceptance scenarios, and technical context.
code-review-checklist
Comprehensive checklist and excellence guide for conducting thorough code reviews covering functionality, security, performance, maintainability, and constructive feedback techniques
supreme-npm-node
Principal NPM/NPX/NPMJS/Node engineering discipline for Tech Leads, DevOps, Backend Engineers, Frontend Engineers, Product Engineers, AI Engineers, ML Engineers, LLM Engineers, LLM Architects, AI Researchers, Quality Assurance Engineers, and Software Quality Engineers. Enforces a latest-version-always policy (never pin to definitive versions; always `ncu -u` before install), TypeScript strict mode with every check enabled (strict + noUncheckedIndexedAccess + exactOptionalPropertyTypes + useUnknownInCatchVariables + noImplicitOverride), `satisfies` over `as`, `unknown` over `any`, discriminated unions over optional flags, branded types for opaque identifiers. Covers Node ecosystem (current LTS or latest stable), package.json discipline (files allowlist over .npmignore, exports map with import/require/types conditional, engines node range, type:module default), publishing workflow (`npm pack --dry-run` preview, OIDC provenance attestation in GitHub Actions, semantic versioning via changesets/release-please, dis
canonical-data-map
Single source of truth for all paths, naming conventions, and data formats across the OpenClaw Greek Accounting system. Reference document.
ci
CIが赤くなったら呼んで。パイプライン消防隊、出動します。Use when user mentions CI failures, build errors, test failures, or pipeline issues. Do NOT load for: local builds, standard implementation work, reviews, or setup.
android-ci-cd-release
Android CI/CD and release patterns - build validation, test pipelines, signing, versioning, flavors, Play rollout, release automation, and secrets handling. Use this skill whenever setting up GitHub Actions or other CI, preparing signed builds, managing release tracks, or automating checks for pull requests and production releases. Trigger on phrases like "CI", "CD", "GitHub Actions", "release", "signing", "versioning", "Play Console", "flavors", or "build pipeline".
pr-review
Review a pull request against the repository's constitution (REVIEW.md + .claude/rules + derived patterns) and return a verdict. Invoked by the PR auto-review workflow via /pr-review.
address-github-comments
Use when you need to address review or issue comments on an open GitHub Pull Request using the gh CLI.
dpd-feedback
Submit DPD dogfood feedback as a GitHub issue. Collects system metadata only (version, OS, agent, Python version, optional stack trace) — does NOT send any session content (no node text, scope, label, Pool, rejected hypotheses, or session_id). User free-text description is the primary payload. Graph context is opt-in via manual copy-paste only.
list-open-issues
列出当前项目中所有未解决的 GitHub issues
cycle
Run the daily post rotation — drafts and posts for all live projects across their channels.
sr-finishing-a-development-branch
Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
mindforge-pr-branch
Create a clean PR branch by filtering out .planning/ commits — ready for code review
infisical-ci-integration
This skill activates when configuring CI/CD pipelines, writing GitHub Actions workflows, GitLab CI configs, Dockerfiles, Kubernetes manifests, or serverless deployment configs that need secret injection. It provides patterns for integrating Infisical into build and deployment pipelines.
antigravity-github-actions-review
Use Antigravity CLI from Codex to review GitHub Actions workflow changes and PR-review automation risk.
claude-github-actions-review
Generate or validate a fork-safe GitHub Actions workflow that runs Claude for Codex PR review.
autonomous-common
Use when setting up, troubleshooting, or modifying the shared hooks and agent-callable utility scripts that enforce the autonomous dev/review workflow. Triggers on phrases like "push to main is blocked", "block-commit-outside-worktree hook failing", "configure hooks after npx skills add", "what does check-pr-review.sh do", "set up workflow hook symlinks", or when editing files under `skills/autonomous-common/`. Provides the hooks the autonomous-dev / autonomous-review skills depend on, plus utility scripts (gh-as-user.sh, mark-issue-checkbox.sh, reply-to-comments.sh, resolve-threads.sh).
autonomous-dispatcher
Use when running, configuring, or troubleshooting the autonomous-dev-team dispatcher cron. Triggers on phrases like "run the dispatcher", "scan for pending issues", "dispatch autonomous tasks", "set up the dispatch cron", "configure dispatcher.conf", "set up multi-project dispatcher", "dispatch to a remote dev box via SSM", "EXECUTION_BACKEND=remote-aws-ssm", "stale agent detection", or working on dispatcher-tick.sh / dispatcher-multi-tick.sh / dispatch-local.sh / dispatch-remote-aws-ssm.sh. Covers per-project tick (5 steps: concurrency, scan-new, scan-pending-review, scan-pending-dev, stale detection), the multi-project outer loop, and pluggable local-vs-remote-AWS-SSM execution backends.
create-issue
Use when the user asks to create a GitHub issue, file a bug, request a feature, open a tracking issue, or break a feature into multiple sub-issues. Guides interactive issue drafting with structured templates, workspace-change attachment, dependency linking, and the optional `autonomous` label for the automated dev pipeline.
commit-push-pr
Commit changes, push to remote, and create a pull request. Use for completing features or fixes ready for review.
code-review
Run a comprehensive code review
django-verification
Verification loop for Django projects: migrations, linting, tests with coverage, security scans, and deployment readiness checks.
github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
new-feature-fast
Fast feature development: clone → implement → PR (no planning, no tests)
pr-create
Create a pull request. MUST be invoked for ANY request that creates a PR — including 'create a PR', 'open a PR', 'gh pr create', 'submit for review', or any equivalent phrasing. Do NOT call `gh pr create` directly; always run this skill instead.
aio-github
Read and manage GitHub repos, pull requests, issues, releases, and branches via github-mcp (auto-installs if missing). Use when the user mentions a GitHub URL, asks to open/review/merge a PR, comment on an issue, list repos, trigger a release, or run any GitHub action programmatically.
aio-review-deep
Deep multi-agent code review — dispatch a fleet of parallel specialized agents (security, architecture, quality, performance) with GitNexus domain analysis. Use before merging a PR or after a major feature lands when a single-pass review is too shallow. For a quick pre-commit sanity check use aio-review-quick.
multaiupdate
Check for MultAI updates, show changelog, and install if available
github-incident-from-feedback
Convert selected AI-analysis recommendations from `devforgeai/feedback/ai-analysis/${STORY_ID}/...ai-analysis.json` files into GitHub issues in bankielewicz/DevForgeAI via gh issue create. Owns drafting, summary preview, drill-down approval flow, and posting. Consumes the embedded Github-incident-template.md as the issue-body schema and AI prompt. Use this skill whenever the user runs /create-incident-from-feedback, asks to convert ai_analysis recommendations into GitHub issues, asks to "post issues from feedback", asks to "create incidents from framework-analyst recommendations", or wants to turn AI-analysis findings into actionable GitHub work-orders. The skill is the only place in the framework that calls `gh issue create` for ai_analysis-derived work — slash commands and other skills MUST delegate here rather than calling gh directly.
github-incident-from-rca
Convert selected RCA recommendations into GitHub issues in bankielewicz/DevForgeAI via gh issue create. Owns drafting, summary preview, drill-down approval flow, and posting. Consumes the embedded Github-incident-template.md as the issue-body schema and AI prompt. Use this skill whenever the user runs /create-incident-from-rca, asks to convert RCA recommendations into GitHub issues, asks to "post issues from RCA", asks to "create incidents from RCA recommendations", or wants to turn analysis findings into actionable GitHub work-orders. The skill is the only place in the framework that calls `gh issue create` for RCA-derived work — slash commands and other skills MUST delegate here rather than calling gh directly.
github-incident-from-recommendations
Convert selected QA recommendations from devforgeai/qa/recommendations/STORY-NNN-qa-recommendations.md into GitHub issues in bankielewicz/DevForgeAI via gh issue create. Owns drafting, summary preview, drill-down approval flow, and posting. Consumes the embedded Github-incident-template.md as the issue-body schema and AI prompt. Use this skill whenever the user runs /create-incident-from-recommendations, asks to convert QA recommendations into GitHub issues, asks to "post issues from QA recs", asks to "create incidents from STORY-NNN findings", or wants to turn QA-validated findings into actionable GitHub work-orders. The skill is the only place in the framework that calls `gh issue create` for QA-recs-derived work — slash commands and other skills MUST delegate here rather than calling gh directly.
researchharness
Use when installing, configuring, running, embedding, deploying, or debugging InternScience ResearchHarness as a lightweight tool-using LLM agent runtime, including CLI runs, local frontend UI, OpenAI-compatible API server, Python API, tool selection, workspaces, traces, compaction, tests, and read-only source inspection.
apply-review
GitHub PR 리뷰 코멘트를 가져와 분석 보고서를 마크다운 파일로 저장한 뒤, 사용자 승인 후 코드 수정까지 수행. "PR 리뷰 반영해줘", "코드리뷰 코멘트 처리해줘", "리뷰 적용해", "리뷰 피드백 수정해줘", "review comment 처리", "리뷰 보고서 만들어줘" 같은 요청에 반드시 이 스킬을 사용할 것.
automation-audit-ops
Evidence-first automation inventory and overlap audit workflow for ECC. Use when the user wants to know which jobs, hooks, connectors, MCP servers, or wrappers are live, broken, redundant, or missing before fixing anything.
gh-cli
Enforces authenticated gh CLI workflows over unauthenticated curl/WebFetch patterns. Use when working with GitHub URLs, API access, pull requests, or issues.
issue-ready-checklist
Definition of Ready for GitHub Issues: AC, design link, no architecture blockers. Triggers on "issue ready", "ready for dev", "definition of ready", "check this issue".
canonical-data-map
Single source of truth for all paths, naming conventions, and data formats across the OpenClaw Greek Accounting system. Reference document.
bb-bash
Use this skill when the user asks about a Bitbucket Cloud pull request — listing PRs, reading diffs, posting comments, leaving inline review feedback, approving, declining, merging, or creating new PRs. Triggers on phrases like "review the PR", "comment on PR
github-issue
Creates well-documented GitHub issues (or comments on existing ones) from problems discussed in conversation. Investigates the codebase to map affected layers, files, and data flow, then writes up findings with acceptance criteria — without prescribing fixes. Use when a conversation has identified a problem that needs a GitHub issue, when the user wants to document a bug or problem for an implementer, or when dispatching work. Triggers on "create a GitHub issue", "write up an issue for this", "file a bug", or "document this problem".
morning-brief
Scan industry news, summarize important emails, check today's calendar, and send a 60-second brief to Slack DM. Runs automatically via GitHub Action at 6 AM GST or on-demand. Triggers on: morning brief, daily brief, news brief, what did I miss, catch me up, brief me.
iterative-review
Iterative review-fix-verify loop for code, docs, and phasing-run artifacts. Runs review → fix → verify → re-review with severity-gated stopping: Critical always gates the user, Important auto-fixes by default (per-finding flip available), Suggestions surface in the report only. 3-iteration hard cap, skip-if-clean pre-gate (avoids the Snorkel self-critique 41pt accuracy drop), fixed-point early exit, 5× token-budget circuit breaker. Auto-detects mode: code (PR or local diff), doc (.md / .txt / .rst / specs/ / docs/), or phase (phasing-run deliverables vs. spec). In phase mode, plan-affecting findings flow through the existing handoff "Open questions for downstream" channel without modifying the locked master plan. Use when the user says "/iterative-review", "review and fix", "loop the review", "verify phase N output", "review the spec against the PR", or wants more than a one-shot review. Use proactively after `/pr-review-toolkit:review-pr` returns Critical findings or after a phasing phase completes and its d
ship
Commits staged and unstaged changes, pushes to origin, and creates a pull request in one command. Use when the user says "ship", "ship it", "commit and PR", "push and PR", or wants to complete the git workflow quickly.
work-issue
Orchestrates GitHub issue-driven development with 8 gated phases: issue analysis, branch creation, planning, strict TDD implementation, verification, automated acceptance testing, review, and PR creation. Use when the user says "/work-issue 83", "work on issue 83", "pick up issue 83", or wants to start working on a GitHub issue. Also use when the user mentions working from GitHub issues, linking branches to issues, or issue-driven development.
codex-review
Professional code review with auto CHANGELOG generation, integrated with Codex AI
agent-gap-analyzer
Analyze project needs against existing Agent capabilities to identify coverage gaps. Reads project-profile.yaml and Agent capabilities tags, outputs deterministic coverage report. Use when evaluating which Agents are missing for a project.
oss-pipeline-track
Track the AI-native Community → Customer funnel. Measures conversion through GitHub star → Discord active → trial → paid → enterprise stages. Identifies stuck cohorts and named-conversion candidates.
yeet
Use only when the user explicitly asks to stage, commit, push, and open a GitHub pull request in one flow using the GitHub CLI (`gh`).
odoo-migration
End-to-end OCA module migration workflow for porting addons between Odoo major versions and preparing [MIG] pull requests. Use when migrating OCA modules, porting addons between Odoo versions, applying OCA migration checklists, resolving migration patch conflicts, or preparing versioned OCA migration PRs.
vuln-research
Use when performing vulnerability research, security auditing, code analysis, bug bounty hunting, CTF challenges, penetration testing, or exploit development. Covers source audit across 30+ attack domains, sink analysis for 12 languages, SAST/DAST integration, vulnerability chaining, and proof-of-concept development. Triggers: vuln assessment, pentest, bug bounty, security audit, find vulns, exploit, ctf, code audit, hunt bugs, 0-day, SAST, DAST, taint analysis, CI/CD pipeline security, GitHub Actions, Terraform, Traefik, n8n workflow, OpenTelemetry, supply chain attack, agent sweep, find me zero days, sweep everything, automated vuln discovery, binary analysis, reverse engineering, firmware audit, kernel driver, memory corruption, ROP, fuzzing harness, patch diffing.
recommending-skills
Automatically recognizes and recommends suitable skills for user requests. Discovers helpful installed skills even without explicit skill requests. Implicitly activates on all user requests.
bb-bash
Use this skill when the user asks about a Bitbucket Cloud pull request — listing PRs, reading diffs, posting comments, leaving inline review feedback, approving, declining, merging, or creating new PRs. Triggers on phrases like "review the PR", "comment on PR
springboot-verification
Load when running the Spring Boot quality pipeline — mvn test, JaCoCo coverage reporting (jacoco:report, jacoco:check with minimumRatio), Checkstyle or SpotBugs static analysis, OWASP dependency-check:check, Spring Cloud Contract verifier, or configuring GitHub Actions CI workflow to enforce quality gates (coverage threshold, zero-CVE policy) on pull requests.
dependabot
Comprehensive guide for configuring and managing GitHub Dependabot. Use this skill when users ask about creating or optimizing dependabot.yml files, managing Dependabot pull requests, configuring dependency update strategies, setting up grouped updates, monorepo patterns, multi-ecosystem groups, security update configuration, auto-triage rules, or any GitHub Advanced Security (GHAS) supply chain security topic related to Dependabot.
turborepo
Turborepo monorepo build system reference. Covers turbo.json task pipelines, dependency-aware scheduling, local and remote caching, filter syntax, turbo prune for Docker, GitHub Actions CI, and comparison with Nx and Lerna.
release-planner
Plans the PMO platform release lifecycle. Modes: Backlog analysis · Release planning · Dry run. Analyzes the improvement backlog, maps dependencies, suggests release bundles, generates release plans, and produces dry-run diffs. Read-only — never modifies governance files. Triggers: "review the backlog", "plan the release", "bundle the release", "dry run", "show me the diffs", "what's in v[X.Y]."
weekly-status-rollup
Generates a weekly executive status roll-up across all active projects. Covers project health, key risks, decisions made/pending, and upcoming milestones. Writes back updated health indicators to PORTFOLIO.md. Triggers: "weekly roll-up", "weekly status", "SteerCo prep", "SteerCo update", "executive status", "portfolio summary", "portfolio health", "cross-project status."
byte-research
Research competitors, alternatives, pricing, market trends, user complaints, and product opportunities for Your ByteDance / Byte OS. Use when the user asks for competitor benchmarking, market intelligence, online research, product iteration based on external signals, or refreshed research for an existing `.byte-os/` project.
x-publishing-rules
⚠️ DEFERRED 2026-04-27 — 本 channel 暫不發 X。Skill 內容保留(規則參考),但動工前先跟使用者確認真的要做 X 才執行,別自動把 X 列進跨平台發片清單。X (Twitter) 發 thread / single post 完整規則 — 2026-Q1 起 Grok 演算法接管、hashtag 上限 1–2 個、外連結 -30~50% 觸及、Thread 比單推 +63% 曝光。
fs-update
Check all dependencies for updates, auto-apply safe patch-level npm upgrades, flag CVEs as high priority, prompt for decisions on minor/major/Docker/Actions changes, then commit and display a summary table.
merge
Merge PR с pre/post проверками, sync main и cleanup. Используй при merge PR вместо ручного gh pr merge.
github-issues
HwHubプロジェクトのGitHub Issue参照・作成・更新の手順。SM・DEV・POがIssueを取得する、Issueを作成する、IssueのBodyを更新する操作が必要なときは必ずこのスキルを参照すること。Issue操作はMCPを優先し、Projectsフィールド操作はGraphQL APIを使う。このスキルを読まずに操作してはならない。
product-owner-workflow
HwHubスクラムチームのProduct Ownerとしての行動フロー。バックログ管理・Issue起票・ACの詳細化・スプリント中の仕様確認対応の手順を定義する。POとして動くときは必ずこのスキルを参照すること。
scrum-master-workflow
HwHubスクラムチームのScrum Masterとしての行動フロー。Planning・DEV起動・レビュー集約・Sprint Review・Retroの進行手順を定義する。SMとして動くときは必ずこのスキルを参照すること。
push-pr
Push current branch and create a GitHub PR if one doesn't exist
caveman-review
Ultra-compressed code review comments. Cuts noise from PR feedback while preserving the actionable signal. Each comment is one line: location, problem, fix. Use when user says "review this PR", "code review", "review the diff", "/review", or invokes /caveman-review. Auto-triggers when reviewing pull requests.
n8n-workflow-patterns
Proven workflow architectural patterns from real n8n workflows. Use when building new workflows, designing workflow structure, choosing workflow patterns, planning workflow architecture, or asking about webhook processing, HTTP API integration, database operations, AI agent workflows, or scheduled tasks.
agent-skill-deploy
Deploys agent skill collections from any GitHub repository with a /skills folder to one or more distribution surfaces: GitHub releases, Claude Code marketplace, VS Code plugin marketplace, and Copilot CLI plugin marketplace. Handles pre-flight validation, conventional commit analysis, version bumping across surface configs, and surface-specific publishing with dry-run support. Use when releasing, publishing, or deploying a skills collection to any supported marketplace or creating a GitHub release for a skills repository. Don't use for deploying non-skill packages, npm modules, Docker images, or Azure resources.
gemini-github-actions-review
Generate, initialize, validate, and consume fork-safe GitHub Actions PR review workflows for Gemini for Codex.
ami-pr-comment-analyzer
Analyzes code review comments left by other developers on an active Pull Request, extracting pending tasks, suggestions, and offering to reply.
ami-pr-conflict-detector
Analyzes other open Pull Requests in the repository to alert if there are parallel PRs that might conflict with the current changes.
ami-test-runner
Finds and executes the test suite for the current project to ensure no regressions before opening a Pull Request.
coldbox-reviewer
Use this skill when reviewing ColdBox application code for correctness, security, performance, testability, and adherence to ColdBox conventions. Covers handlers, services, models, interceptors, modules, routing, ORM/OBM usage, REST APIs, dependency injection patterns, and common anti-patterns to flag during pull request reviews.
from-issue
Generate Playwright tests from a Jira ticket (read via the Atlassian MCP), composing /scaffold-page-object when a target Page Object doesn't yet exist, and open a GitHub PR with the generated tests for review.
playwright-cli
Automate browser interactions, test web pages and work with Playwright tests.
refine-ticket
Iteratively harden a Jira automation ticket against a "bulletproof" rubric — grounded in existing automation, app docs, and user-supplied sources — then write the refined acceptance criteria back to the ticket on approval, so /from-issue has nothing left to guess.
code-reviewer
Use when performing high-signal code reviews focused on correctness, security, maintainability, performance, and test coverage risk. Invoke for pull request review, architecture drift detection, bug risk assessment, and actionable feedback with severity-ranked findings.
github-action-authoring
Use when authoring or debugging composite GitHub Actions: adding platform support (Windows/Linux/macOS), fixing PATH issues on runners, updating action inputs/outputs/steps, writing PowerShell steps, debugging installer flag ordering, or adding CI test jobs.
aio-feedback
Submit bug reports, feature requests, and plugin requests to aiocean/claude-plugins via GitHub Issues.
dev-workflow
Developer productivity workflows - PR review, CI monitoring, deploy tracking, code metrics
setup-pm
Configures the project management tool by guiding selection from supported options, applying the implementation guide, updating way-of-working adoption, and recording the decision via /record-decision. Idempotent — detects existing configuration.
unified-cicd-platform
This skill should be used when the user is choosing a CI/CD platform, migrating between CI/CD providers, consolidating build and deployment pipelines, designing pipeline architecture across application and infrastructure code, setting up drift detection, configuring OIDC authentication for pipelines, or discussing the operational cost of multiple CI/CD systems. Covers platform selection, the cost of multi-platform CI/CD, what 'everything on one platform' means, OIDC pipeline authentication, Jenkins migration, and scheduled pipeline jobs like drift detection.
create-pr
현재 브랜치의 변경사항을 분석하여 GitHub PR을 생성하거나 기존 PR 본문을 업데이트하는 스킬. "PR 만들어줘", "풀리퀘 올려줘", "PR 생성해줘", "pull request 만들어줘", "PR 본문 업데이트해줘" 등의 표현이 나오면 반드시 이 스킬을 사용할 것.
github-actions
Author and operate GitHub Actions workflows
axon
Use whenever the user wants to crawl, scrape, or extract a website; ingest a GitHub repo, Reddit, YouTube, or local AI sessions; embed content into Qdrant; run semantic search; ask grounded RAG questions; or manage axon's async job queues. Also use when the user mentions axon, the crawler, hybrid search, Qdrant, Tavily, or the MCP tool surface.
github-pr-create
Creates a GitHub pull request from staged git changes, handling commit, push, and PR creation in one workflow. Activate when the user asks to "create PR", "open pull request", "push and create PR", "submit PR", or wants to send their changes upstream to os-autoinst-distri-opensuse.
ci-cd-pipeline-builder
CI/CD Pipeline Builder
pr-review-expert
PR Review Expert
make-issue-comment
Post a structured investigation/fix comment on the active GitHub PR capturing findings, root cause, proposed fix, and a progress checklist — and later update progress or mark the comment resolved. Proactively invoke whenever an investigation or debugging session on a PR branch has produced a concrete root cause plus a fix plan (even if the user hasn't asked yet) — the skill's first step is to *propose* posting the comment via AskUserQuestion, so firing it speculatively is cheap. Also invoke on explicit triggers like `/make-issue-comment`, "post this as a PR comment", "file these findings on the PR", "update the PR comment", or "mark that comment as resolved".
gh-issues
Fetch GitHub issues, spawn sub-agents to implement fixes and open PRs, then monitor and address PR review comments. Usage: /gh-issues [owner/repo] [--label bug] [--limit 5] [--milestone v1.0] [--assignee @me] [--fork user/repo] [--watch] [--interval 5] [--reviews-only] [--cron] [--dry-run] [--model glm-5] [--notify-channel -1002381931352]
project-analyzer
Scan project directory to identify tech stack, frameworks, work patterns, and toolchain. Outputs structured project profile for agent-gap-analyzer. Use when onboarding a new project or auditing project characteristics.
gh-issues
Fetch GitHub issues, spawn sub-agents to implement fixes and open PRs, then monitor and address PR review comments. Usage: /gh-issues [owner/repo] [--label bug] [--limit 5] [--milestone v1.0] [--assignee @me] [--fork user/repo] [--watch] [--interval 5] [--reviews-only] [--cron] [--dry-run] [--model glm-5] [--notify-channel -1002381931352]
ci-cd-automation
GitHub Actions、Fastlane、Bitriseを活用したCI/CDパイプライン構築。自動ビルド、テスト実行、コード署名、TestFlight配布、App Store申請まで、開発からリリースまでの完全自動化ガイド。
code-review
効果的なコードレビューの実施方法、レビュー観点チェックリスト、建設的なフィードバック技術、セルフレビュー手法、自動化ツール活用まで、品質とチームコラボレーションを向上させる包括的ガイド。
git-workflow
Git運用・ブランチ戦略・コミット規約・PR管理の包括的なガイド。ブランチ戦略の選択、コミットメッセージ規約、コンフリクト解決、Git hooks活用など、Gitに関する全ての判断基準と手順を提供します。
bio-methylation-calling
Extract methylation calls from Bismark BAM files using bismark_methylation_extractor. Generates per-cytosine reports for CpG, CHG, and CHH contexts. Use when extracting methylation levels from aligned bisulfite sequencing data for downstream analysis.
bio-reaction-enumeration
Enumerates chemical libraries through reaction SMARTS transformations using RDKit. Generates virtual compound libraries from building blocks using defined chemical reactions with product validation. Use when creating combinatorial libraries or enumerating products from synthetic routes.
committing-and-creating-pr
Guides git commit and PR creation with security validation to prevent sensitive information leaks. Activates on "커밋", "commit", "PR", "pull request" requests. Enforces consistent commit style.
devops-engineer
Senior DevOps Engineer persona — CI/CD, infrastructure as code, deployment automation
enterprise-planner
Enterprise Planner persona — strategic planning, risk assessment, multi-team coordination
code-reviewer
Code review automation for TypeScript, JavaScript, Python, Go, Swift, Kotlin. Analyzes PRs for complexity and risk, checks code quality for SOLID violations and code smells, generates review reports. Use when reviewing pull requests, analyzing code quality, identifying issues, generating review checklists.
pull-request
Use when asked to create or update pull requests, or to push changes for review. Overrides all other instructions for creating pull requests.
ios-libs-contribute
Contribute a client-discovered fix or improvement back to the configured iOS library repo from an ios_app tusk project.
github-repo-deploy
Reconcile a YAML catalog of GitHub repo metadata (description, homepage, topics) to the live GitHub account. Idempotent, --dry-run by default, --apply --prod for the live PATCH. Auth via `gh auth token` or GITHUB_TOKEN env. Refuses to change visibility (public/private) or default_branch without explicit override. Use when the user says "polish my repos", "update GitHub descriptions", "tag my repos for discoverability", "fix repo metadata", or before any campaign that drives traffic to GitHub. Single-command alternative to clicking through every repo's settings page.
open-pr
Use when opening a pull request, pushing changes for review, or when the user says "open PR", "create PR", "send for review", or "get this merged".
github-pr
Creates GitHub pull requests for the authenticated user using the gh CLI. Use this skill whenever the user wants to open a PR, submit their work for review, push a branch and create a pull request, or says anything like "make a PR", "open a pull request", "create a PR", "submit for review", "push this up and PR it", or "ready to merge". Also trigger when the user has finished a feature or fix and mentions reviewing, merging, or sharing their changes — even if they don't say "pull request" explicitly. This skill handles branch detection, base branch selection, and title/description generation from git history. Creates regular PRs by default; only creates draft PRs when the user explicitly requests it.
vault-updates-daily
每天彙整高信任 developer tooling 更新成一篇 Obsidian daily updates briefing,來源涵蓋官方 changelog / release notes、GitHub releases(含 authenticated user 的 starred repos)、GitHub discussions;專注 coding agent 與 developer workflow 相關變更。追蹤的工具清單由 `Inbox/Updates/01.index.md` 決定,skill 不硬編碼。使用時機:使用者要求「同步 changelog」、「release notes 更新」、「官方變更同步」、「daily updates」,或直接呼叫 /vault-updates-daily。
review-opportunities
Analyze gaps in user-facing features and desirable characteristics, developer-facing tooling and desirable characteristics, and other opportunities not currently tracked in the project's roadmap. Use when the user asks you to help identify opportunities to improve the system.
commit-rules
Conventions for creating git commits in this repo — how to scope, stage, and word a commit. Use whenever about to run `git commit`, when the user asks to "commit", "commit this", or "save changes", or when wording a commit message. Covers subject/body style, atomic scoping, what not to commit, and required trailers. Generic and project-agnostic; no language- or framework-specific rules.
review-tests
Review changes to this TMDB API testing framework against its own conventions and gotchas — the project-specific checks that generic code review misses. Use after writing or editing an API client, endpoint method, test module, fixture, Pydantic schema, test-data YAML, or assertion helper, and before committing/opening a PR. Covers schema dual-registration, module-scope test data, the API-client/test separation, response validation via Pydantic + assert_http_response, and the known flaky-endpoint exemption. Complements (does not replace) the built-in /code-review for generic bugs.
update-claude-md
Update CLAUDE.md so it stays accurate after a significant change to this TMDB API testing framework. Use after adding/removing/renaming an API client, endpoint method, test module, fixture, schema, or helper; changing how tests are run (Poetry/pytest commands, flags, markers); adding/changing config or env vars; introducing a new convention, gotcha, or dependency; or reworking Docker/K8s/CI/MCP wiring. Trigger when finishing such a change, before committing, or when the user asks to "update CLAUDE.md" / "keep the docs in sync". Skip for pure test-data tweaks, formatting, or one-off fixes that don't change structure, commands, conventions, or gotchas.
babysit-pr
Babysit a GitHub pull request after creation by waiting for compact PR events, handling CI/review blockers, retrying likely flaky failures, and continuing until the PR is ready, merged, closed, or blocked on user help. Use when the user asks to monitor, watch, babysit, keep an eye on, handle PR CI, or respond to PR review feedback.
creating-issues
Create GitHub issues with `gh` in the user's concise, emoji-free style. Use this whenever the user asks to create, file, open, or report a GitHub issue or bug report, including phrases like "create a GitHub issue for that", "file an issue", "create a GitHub bug report", "report this bug on GitHub", or "open an issue". Infer the target repo automatically, strongly prefer the upstream parent repo over the current fork when working in a forked checkout unless the user explicitly wants the fork, inspect the last 5-7 authored issues to mirror tone and structure, prefer any repo-provided issue template, choose appropriate repo labels, attach the issue to the right project when relevant, and populate project fields such as status, priority, and the active sprint or iteration from recent precedent when clear.
creating-pull-requests
Create GitHub pull requests with `gh` in the user's concise, emoji-free style. Use this whenever the user asks to create, open, publish, or send a PR or pull request, including phrases like "create a new PR", "create a new pull request", "open a PR", "publish this branch", or "create a draft PR". Infer the upstream repo and base branch automatically, inspect the last 5-7 authored PRs and issues to mirror tone and structure, verify relevant local quality checks before opening, prefer any repo-provided PR template when present, and produce a brief high-signal PR with validation, review guidance, optional demo notes, optional Mermaid diagrams, and closing issue references when relevant.
ai-daily-digest
Generate and publish a daily AI-vendor news card digest. Fetches the latest Anthropic (and later OpenAI, etc.) official announcements, curates them into concise Chinese summaries, renders editorial 小红书 (1080×1440) and 微信公众号 cards, updates a GitHub Pages review page, and can push a mobile notification. Use when the user wants to "做今天的 AI 日报 / Anthropic 动态卡片", "抓取最新 Anthropic 新闻并生成小红书图", "更新每日 AI 速递", refresh the gh-pages review page, or run the daily digest pipeline.
code-quality
ESLint, Prettier, Ruff, mypy, and TypeScript strict mode configuration patterns. Use when setting up linting, formatting, or code quality tooling for a new project, reviewing existing configs, generating config files, or adding lint steps to CI. Triggers on tasks involving ESLint, Prettier, Ruff, mypy, Black, code style, linting, formatting, or code quality enforcement.
scaffold-page-object
Generate a draft Page Object class from a live page snapshot, composing framework components when detected.
open-plan-pr
Open a pull request for a successfully completed approved plan after final verification.
prd-to-issues
Slices a committed PRD into vertically-sliced GitHub issues — one tracer-bullet slice = one issue = one Strain candidate — under a single `initiative:<slug>` label, anchored to the PRD file. Runs ONE interrogation loop, the slicing quiz, then publishes blocker-first via `gh`. Use when the user wants to slice a PRD into GitHub issues, turn a PRD into issues, create brood-ready issues from a PRD, decompose a PRD into vertical slices, or break a PRD into trackable work. Trigger on: "slice a PRD into GitHub issues", "PRD to issues", "create brood-ready issues from a PRD", "decompose a PRD", "/hivemind:prd-to-issues".
push-branch
Push the current working branch to its remote. No PR creation — push only, for resuming a review loop after remediation commits.
vulnerability-scanning
Automated security scanning for dependencies, code, containers with Trivy, Snyk, npm audit. Use for CI/CD security gates, pre-deployment audits, compliance requirements, or encountering CVE detection, outdated packages, license compliance, SBOM generation errors.
ship
현재 브랜치의 변경사항을 커밋, 푸시하고 대상 브랜치로 PR을 생성합니다. 서브모듈 모노레포에서는 각 서브모듈별로 개별 커밋/푸시/PR을 생성합니다.
speckit-git-remote
Detect Git remote URL for GitHub integration
skill-installer
Install Codex skills into $CODEX_HOME/skills from a curated list or a GitHub repo path. Use when a user asks to list installable skills, install a curated skill, or install a skill from another repo (including private repos).
ingest
Use when the user wants to index a GitHub repository, ingest a Reddit subreddit or thread, index a YouTube video or playlist, or import past Claude/Codex/Gemini session transcripts into axon. Triggers on "ingest this repo", "index this GitHub repo", "add this Reddit thread", "ingest subreddit", "index YouTube video", "import my sessions", "ingest GitHub", "index r/", "add this repo to axon". Also use when the user wants to make source code searchable via RAG.
release
Create a new auto-stack release by tagging a commit and pushing the tag. The GitHub Actions release workflow builds binaries and publishes the release.
merge
Merge a PR (with merge commit) and prune merged branches. Usage: /merge [pr-number]
code-review-excellence
Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.
ami-pr-peer-reviewer
Assists in reviewing Pull Requests from other people. Understands the PR goal, reads available documentation, asks the user clarifying questions, focuses solely on modified code, and outputs quality observations with criticality levels.
ship
Unified shipping pipeline -- ship projects to GitHub with scaffolded docs, optional social posting, and notification. The single entry point for publishing open-source work.
code-reviewer
Thorough code review assistant that checks for bugs, security vulnerabilities, performance issues, and adherence to best practices. Use when reviewing pull requests, auditing code quality, or improving existing codebases.
devops-engineer
Senior DevOps engineer specializing in Docker, Kubernetes, CI/CD pipelines, cloud infrastructure (AWS/GCP/Azure), and deployment automation. Use when setting up deployment pipelines, containerizing applications, or managing cloud infrastructure.
review-with-intent
Review a PR, branch, or set of changes against a user-provided intent. Extracts structured intent and acceptance criteria from a GitHub issue number, pasted description, or free-form text, then compares the actual implementation against that intent. Highlights matches, divergences, gaps, and basic quality. Use when the user wants to validate that code changes fulfill a specific goal, ticket, or requirement, or when reviewing a PR against its stated purpose.
rewrite-gh-issue
Rewrite an existing GitHub issue for the current repository using the GitHub CLI, codebase context, and any matching issue template. Use when the user wants to improve, clarify, normalize, or fully rewrite a GitHub issue by issue number.
testing-tauri-apps
Guides developers through testing Tauri applications including unit testing with mock runtime, mocking Tauri APIs, WebDriver end-to-end testing with Selenium and WebdriverIO, and CI integration with GitHub Actions.
pr-atom-reviewer
Review a local git branch as a pull request with a bias toward minimum disruption and minimum reviewer scope. Splits sprawling PRs into independently-mergeable atoms of work — each one a single end-to-end behaviour describable in 2-3 sentences, each shippable to the trunk on its own without any other atom in the plan being merged first — and demands a screenshot/video/recording proving the verifiable acceptance criterion. If the AllSource Prime MCP server is available (`prime_*` tools), the skill recalls prior reviews of the same repo to calibrate its judgement and records the current review for the next one. Use this skill whenever the user asks to review a PR, review a branch, prep a PR for review, check if a branch is ready to merge, or mentions "this PR is too big", "split this PR", "atomic commits", "scope creep in PR", "PR review checklist", or anything about getting a branch in shape before peers look at it. Trigger even if the user just says "look at my branch" in a code review context.
bitbucket-workflow
Bitbucket best practices for pull requests, Pipelines CI/CD, Jira integration, and Atlassian ecosystem workflows
bounty-hunter
Find, evaluate, and submit online bounties and hackathons for prize money. Use when user mentions "bounties", "hackathon", "earn money", "Superteam Earn", "prize money", "submissions", "freelance bounties", or asks to find paid opportunities. Covers discovery, eligibility filtering, content drafting, and submission workflows.
git-workflow-automation
Comprehensive Git workflow automation including branching strategies, pull request creation, code reviews, merge strategies, and release management. Use when Claude needs to help with Git operations, branching models (Git Flow, GitHub Flow), pull request creation, code reviews, merge conflicts, or release processes.
github-issue-triage
Triage GitHub issues with parallel analysis. 1 issue = 1 background agent. Exhaustive pagination. Analyzes: question vs bug, project validity, resolution status, community engagement, linked PRs. Triggers: 'triage issues', 'analyze issues', 'issue report'.
run-cicd-pipeline-locally
Run the Wavecraft CI checks locally. Prefer the native `cargo xtask` commands for speed; use Docker + `act` only when validating GitHub Actions workflows or Linux-specific behavior.
testing-tauri-apps
Guides developers through testing Tauri applications including unit testing with mock runtime, mocking Tauri APIs, WebDriver end-to-end testing with Selenium and WebdriverIO, and CI integration with GitHub Actions.
code-review
GitHub Pull Request(またはローカルの差分)のコードレビューと動作確認を行うスキル。**既定の通常モード(normal)では 1 つの subagent A_review が 10 観点すべてを横断的にレビューし、1 つの subagent C_review がそのメタレビュー(検証)を行う**。ユーザーが「詳細に」「詳しく」「観点別に」「観点ごとに」「detailed」「徹底的に」「thoroughly」などのキーワードを依頼文に含めた場合のみ、**詳細モード(detailed)**に切り替わり、Claude Code 組み込みの `/review` コマンド由来の 5 基本観点(コード正確性 / プロジェクト規約準拠 / パフォーマンス / テストカバレッジ / セキュリティ)と、リポジトリ固有・品質深掘りの 5 観点(エラーハンドリング / 可読性・保守性 / シンプル化 / リポジトリ共通観点 / PR 固有観点)の最大 10 観点に分割し、**1 観点 1 subagent で並列レビュー / 観点ごとに別 subagent で評価**する。実行前に必ずユーザーへ 3 点を確認する — ①レビュー対象を **GitHub の PR から取得するか、ローカルの git diff から取得するか**、②**動作確認(テスト/lint/型チェック/ビルド等の実行検証)を実施するか、静的レビューのみに留めるか**、③レビュー結果を **GitHub にコメント投稿するか、コンソール表示のみに留めるか**。差分を取得し、🔴 MUST / 🟡 SHOULD / 🟢 NICE TO HAVE の 3 段階で指摘を分類した上で、選択された出力先に結果を提示する。動作確認(テスト/lint/型チェック/ビルド等の実行検証)は独立した subagent B として並列に走らせる。リポジトリ共通のレビュー観点(docs/REVIEW.md)と PR 固有のレビュー観点(PR 本文の `<!-- REVIEW_FOCUS -->` ブロック)も観点として扱う。GitHub の操作は MCP(`mcp__github__*` / `mcp__github_inline_comment__*` / `mcp__github_comment__*`)が使える場合は MCP を優先し、使えない場合は `gh`
create-pr
GitHub の Pull Request を作成するスキル。カレントブランチのコミット内容を要約し、マージ先ブランチ(未指定時は main / master を自動検出)に対する PR を作成してリンクを返す。実行前にマージ先ブランチ・PR タイトル・本文をユーザーに提示して確認を取り、承認後に PR を作成する。GitHub 操作は MCP(`mcp__github__create_pull_request` など)が使える場合は MCP を優先し、使えない場合は `gh` CLI にフォールバックする。ユーザーが「PR 作成」「PR を作って」「プルリクエスト作成」「create PR」「open a PR」「プルリク出して」「PR にして」「MR 作成」「この変更で PR」「現在のブランチで PR」などに言及した場合にこのスキルを使うこと。ブランチをプッシュしていない場合は先にプッシュ可否をユーザーに確認してから push も含めて行う。Draft PR / Ready PR の選択やテンプレート(.github/PULL_REQUEST_TEMPLATE.md)の有無も考慮する。
dependabot-alerts
GitHub Dependabot alerts の調査・分析・修正方針の策定を行うスキル。GitHub MCP(`mcp__github__list_dependabot_alerts` など)が使える場合は MCP を優先し、使えない場合は `gh` CLI にフォールバックして alerts の一覧取得、詳細調査、重大度別の分類、影響範囲の分析を行い、さらに拡張思考(extended thinking)を用いて各脆弱性に対する修正方針を深く検討する。ユーザーが「Dependabot」「脆弱性」「vulnerability」「security alerts」「依存関係の脆弱性」「CVE」「セキュリティアラート」「パッケージの更新」「セキュリティ修正」「脆弱性の対応方針」「依存関係の棚卸し」などに言及した場合にこのスキルを使うこと。dependabot alerts を確認したい、脆弱性を調べたい、セキュリティ状況を把握したい、修正計画を立てたい、といったリクエストにも対応する。
package-upgrade
升級 Python / JavaScript / TypeScript / Go 套件或修復 CVE 漏洞的完整工作流。 當使用者提到「升級 package」、「更新套件」、「fix CVE」、「修復漏洞」、 「package migration」、「dependency update」、「bump version」、 「升級 npm package」、「update axios / react / lodash」、「bump <pkg>」、 「升級 go module」、「update go.mod」、「go get upgrade」、 「govulncheck」、「v1 升 v2」、「major version upgrade」 時觸發此 skill。也適用於使用者提供 CVE 編號 (如 CVE-2024-xxxxx) 並希望修復的場景,以及提供 Atlassian Jira ticket URL (如 https://trendmicro.atlassian.net/browse/V1E-148968) 或 Jira issue key (如 V1E-148968) — 此時會自動讀取 ticket 內容、 分析應升級的套件、完成後將報告 comment 回 ticket,並依目前 ticket 狀態提議推進 (To Do → Ready for Work → Development → Done)。 也適用於使用者提供 GitHub Dependabot 安全警示頁面 URL (如 https://github.com/<owner>/<repo>/security/dependabot) — 此時會抓取所有 open 警示、依語言/manifest 分組、產出一份批次升級計畫 供使用者核可後,逐項驅動既有升級流程 (batch mode)。 Python: 支援 pip、poetry、uv 三種套件管理工具。 JavaScript/TypeScript: 支援 npm、yarn (1 & 3 Berry)、pnpm、bun,含 TypeScript .d.ts API surface diff、workspace/monorepo 偵測、 @types/<pkg> 同步升級偵測。 Go: 支援 go modules、major version path rewrite (v1→v2+)、apidiff
package-upgrade-feedback
收集對 `/package-upgrade` skill 本身的改進建議(流程 / 功能 / UX),開成 GitHub Issue 送到 millerlai/auto-package-migration。當使用者輸入「/package-upgrade-feedback」、 「改進 package-upgrade」、「report package-upgrade issue」、「package-upgrade feedback」、 「想給 package-upgrade 建議」時觸發。 流程:(1) LLM 主動讀 `/package-upgrade` SKILL.md 並從外部視角擬一份 Improvement.md 草稿(純針對 skill 流程與功能面,**完全不引用**使用者環境、套件、ticket、路徑、 token 等私人 / 專案資料)→ (2) 用 `AskUserQuestion` 工具以「多選 + 自動 Other 自由輸入」 方式收集使用者優先項與補充意見 → (3) 整合為 final issue body 並過 `sanitize_feedback.sh` 過濾敏感資料 → (4) Review gate:使用者選 `y` 立即送出 / `edit` 修改 / `n` 取消 → (5) `gh issue create` 送到 millerlai/auto-package-migration (label=feedback)。
ci-cd-and-automation
Automates CI/CD pipeline setup. Use when setting up or modifying build and deployment pipelines. Use when you need to automate quality gates, configure test runners in CI, or establish deployment strategies.
boxlang-deployment
Use this skill when deploying BoxLang applications: CommandBox server setup, Docker containers, AWS Lambda, GitHub Actions CI/CD, BoxLang Version Manager (BVM), boxlang.json runtime config, environment variables, or Spring Boot integration.
boxlang-runtime-compiled-native-binaries
Use this skill when compiling BoxLang scripts to standalone native executables using MatchBox's --target native flag, cross-compiling for multiple platforms, optimizing binary size, and using Native Fusion to expose Rust functions as BoxLang built-in functions.
boxlang-runtime-digitalocean-app
Use this skill when deploying BoxLang applications to DigitalOcean App Platform using the official BoxLang starter kit, setting up auto-deployment from GitHub, and understanding the MiniServer + multi-stage Docker build architecture used in the starter.
boxlang-runtime-github-actions
Use this skill when setting up GitHub Actions CI/CD pipelines for BoxLang projects, including the setup-boxlang action, supported inputs/outputs, installing modules, CommandBox integration, multi-engine testing, and complete workflow templates.
changelog
Create or update CHANGELOG.md — version history following Keep a Changelog format
git-commiting
Read this skill before making git commits; use this skill when the user asks you to commit the code, or before pushing or making a new github pull request
observability-telemetry
Benchmarking and telemetry tracking for AI engineering agents using LangSmith.
create-pr
Create a pull request for the current session. Use when the user wants to open a PR with the session's changes.
code-review-analyzer
A comprehensive code review skill that analyzes code for best practices, potential bugs, security issues, and suggests improvements.
bounty-hunter
Find, evaluate, and submit online bounties and hackathons for prize money. Use when user mentions "bounties", "hackathon", "earn money", "Superteam Earn", "prize money", "submissions", "freelance bounties", or asks to find paid opportunities. Covers discovery, eligibility filtering, content drafting, and submission workflows.
pr-with-docs
Creates production-ready pull requests with automatically updated AGENTS.md and project docs. Use when the user asks to create a PR, make a PR, is ready to merge, has finished a feature and wants a PR, or says they're done for the day with changes to commit.
deploy-pipeline
Sets up CI/CD pipelines, deployment configuration, and automated deploy workflows. GitHub Actions, platform-specific deploy (Vercel, Railway, Fly.io, AWS, VPS), secrets management in CI. Use when: "подготовь деплой", "настрой автодеплой", "настрой CI/CD", "setup deploy", "configure deployment", "настрой пайплайн"
pr
Use when ready to create a pull request — handles push and PR creation. Suggests security review when agent-facing code is modified.
run-cicd-pipeline-locally
Run the Wavecraft CI checks locally. Prefer the native `cargo xtask` commands for speed; use Docker + `act` only when validating GitHub Actions workflows or Linux-specific behavior.
create-pr
Create a pull request for the current session. Use when the user wants to open a PR with the session's changes.
blueprint-web-micronaut-solidstart
Specialized blueprint for crafting full-stack web applications using Micronaut (Java 21) and SolidStart (TypeScript) for a team environment. This skill orchestrates the entire SDLC, from discovery and documentation scaffolding to build configuration (Gradle/Bun), CI/CD pipelines, and Docker containerization. Includes strict anti-hallucination guardrails and API contract governance to keep AI agents and human developers perfectly synchronized. Triggers: "blueprint web app micronaut solidstart", "new fullstack java typescript project", "setup micronaut solidstart blueprint", "generate ci cd for micronaut solidstart", "dockerize micronaut solidstart", "rancang web app java solidstart".
cicd-pipeline
Use when setting up GitHub Actions, automated testing, build checks, or deployment workflows. Triggers on "CI/CD", "pipeline", "GitHub Actions", "deploy", "automated testing", "build check".
code-review-analyzer
A comprehensive code review skill that analyzes code for best practices, potential bugs, security issues, and suggests improvements.
git-workflow
Git workflow rules for Renfield. Commit message format, issue numbering, branch naming, PR creation, documentation updates before push. Triggers on "commit", "push", "PR erstellen", "pull request", "branch", "git", "merge".
ci-cd
Use when the user asks to create, edit, debug, or optimize CI/CD pipelines, workflow YAML, build/test jobs, deployment automation, matrix builds, caches, permissions, or secrets in GitHub Actions, GitLab CI, CircleCI, Jenkins, or similar systems.
pr-code-review
Use when the user asks to review a GitHub Pull Request, inspect PR diffs, assess changed code, or produce PR review findings with severity, file/line references, risks, and test gaps.
slopstop-gh-init
Bootstrap a GitHub repo for the slopstop ticket workflow. Creates status labels, writes .project-conf.toml. Invoke as /slopstop:gh-init (or /slopstop-gh-init). Idempotent — safe to re-run.
dev-workflow
Developer productivity workflows - PR review, CI monitoring, deploy tracking, code metrics
code-review-checklist
Comprehensive checklist and excellence guide for conducting thorough code reviews covering functionality, security, performance, maintainability, and constructive feedback techniques
feedback
Send structured feedback about ai-kit itself — friction, surprise, clarity, gaps, or wins — to the ai-kit GitHub repo. Use when user says "this skill was annoying", "ai-kit should also do X", "report this to ai-kit", "give feedback on ai-kit", "/ai:feedback", or any variant of "this kit could be better at …".
next
Ranked "what's next" list for the current project — combines open GitHub issues (P0-P3 + status:in-progress + ready-for-agent labels), roadmap-only tasks, and setup-deferred branches into one prioritized backlog. Use when the user asks "wat is open", "what's next", "wat moet ik nu doen", "openstaande taken", "status van het project", "hoogste prioriteit", or invokes /ai:next.
ship
Deploy a release to production or staging — pre-flight checks, release notes, deploy via project CI or docs, post-deploy smoke test. Use when landing an increment or closing a sprint increment.
codex-review
Professional code review with auto CHANGELOG generation, integrated with Codex AI
orbit-docker-site
Spin up, manage, and troubleshoot a WordPress test site (wp-env / wp-now / Docker) for Orbit. Use when the user says "create test site", "spin up WP", "wp-env", "Docker WordPress", "I need a local WP", "site not loading", or any browser test fails because the site isn't running. Walks them from "no site" to "site at localhost:8881 with plugin installed and Query Monitor active".
code-reviewer
Perform thorough code reviews with actionable, prioritized feedback. Use when a user asks to review code, check code quality, find bugs, review a pull request, audit code for issues, or get feedback on implementation. Covers correctness, security, performance, readability, and best practices across languages.
shaktra-review
Code Reviewer workflow — app-level code review and PR review with independent verification testing. Dispatches CR Analyzer agents across quality dimensions and produces evidence-based structured reports.
shaktra-workflow
Natural language intent router — classifies user requests and dispatches to the appropriate Shaktra workflow skill. Primary entry point for users who prefer natural language over direct skill invocation.
github-issue-processing
处理 kanban-framework 仓库的 GitHub Issues —— 抓取、甄别、登记看板任务、回复、关闭。也用于 /loop 定时巡检。
core-00-create
Creates and initializes a new issue in the SPS linear workflow.
issue-pr
Use when asked to create a PR for an issue and drive it to just before merge
aws-serverless
Deploy any web project to AWS serverless infrastructure (S3 + CloudFront for static sites, Lambda + API Gateway for containers) at ~$1-3/month with automatic HTTPS and CI/CD
code-review
Run a multi-LLM code review on a pull request — gather the diff, dispatch reviewer CLIs in parallel via the file-write contract, synthesize a Korean summary, and post inline comments tagged by severity and model signature. Use this for any PR review whether the PR was just opened by flow:deploy or already exists on GitHub. Even when the user says "review PR
deploy
Push the task branch, open a Korean pull request, then hand off to flow:code-review for the multi-LLM review pipeline. Use this whenever development for a flow task is done and the branch is ready for review. Even when the user says "just open a PR", run the full flow — multi-LLM review is the point of this skill, not optional dressing. Run in its own session from develop; do not bundle.
pr
Open a pull request for the active ticket's branch with pre-commit simplify + tests + configurable review (CodeRabbit or Claude). Use /slopstop:pr to (1) run Claude Code's code-simplifier agent on uncommitted changes, (2) run the project's tests and refuse to commit on failures, (3) commit with a ticket-anchored message, (4) push and open a PR via GitHub MCP or gh CLI, (5) trigger or run the configured review backend — CodeRabbit (default) or Claude /code-review — posting findings to the PR, and (6) categorize the suggestions for action. Stops after presenting — never auto-applies (unless fix = true in [pr_review], which commits fixable findings after code-review completes). Review backend is set via [pr_review] in .project-conf.toml; omit the block to keep CodeRabbit as the default.
github-pr-create
Creates a GitHub pull request from staged git changes, handling commit, push, and PR creation in one workflow. Activate when the user asks to "create PR", "open pull request", "push and create PR", "submit PR", or wants to send their changes upstream to os-autoinst-distri-opensuse.
init-project
Initialize project with template, git, and GitHub
canonical-data-map
Single source of truth for all paths, naming conventions, and data formats across the OpenClaw Greek Accounting system. Reference document.
git-workflow
Use this skill when the user asks to commit changes, create a branch, open a pull request, or update a PR description.
codex-review
Professional code review with auto CHANGELOG generation, integrated with Codex AI
gh-issues
Fetch GitHub issues, spawn sub-agents to implement fixes and open PRs, then monitor and address PR review comments. Usage: /gh-issues [owner/repo] [--label bug] [--limit 5] [--milestone v1.0] [--assignee @me] [--fork user/repo] [--watch] [--interval 5] [--reviews-only] [--cron] [--dry-run] [--model glm-5] [--notify-channel -1002381931352]
codex-review
Professional code review with auto CHANGELOG generation, integrated with Codex AI
pr-review
A skill that reviews pull requests description, Use when create a pull request, writting a pull request and when user ask to summirize changes for a pull request. Provides feedback on code quality, style, and potential issues.
profile
Manage claude-profile-sync: list, switch, push, pull, create, delete, or check status of Claude Code profiles
github-pr
현재 작업 중인 변경사항을 Git 커밋하고 원격 저장소에 푸시한 뒤, "Pull Request(PR)"를 생성합니다. "작업 끝났어 PR 올려줘", "리뷰 요청할게" 등의 상황에서 사용하십시오.
github-workflow
Use when working with GitHub issues or pull requests for the Specture repository, including viewing issues, preparing PRs, and choosing conventional-commit titles.
create-pr
Create a pull request for the current session. Use when the user wants to open a PR with the session's changes.
cicd-pipeline
Use when setting up GitHub Actions, automated testing, build checks, or deployment workflows. Triggers on "CI/CD", "pipeline", "GitHub Actions", "deploy", "automated testing", "build check".
code-review
Automated code review for pull requests using multiple specialized agents with confidence-based scoring to filter false positives
pr-review
Review a GitHub pull request or code diff
gh-issues
Fetch GitHub issues, spawn sub-agents to implement fixes and open PRs, then monitor and address PR review comments. Usage: /gh-issues [owner/repo] [--label bug] [--limit 5] [--milestone v1.0] [--assignee @me] [--fork user/repo] [--watch] [--interval 5] [--reviews-only] [--cron] [--dry-run] [--model glm-5] [--notify-channel -1002381931352]
bounty-hunter
Find, evaluate, and submit online bounties and hackathons for prize money. Use when user mentions "bounties", "hackathon", "earn money", "Superteam Earn", "prize money", "submissions", "freelance bounties", or asks to find paid opportunities. Covers discovery, eligibility filtering, content drafting, and submission workflows.
git-workflow-patterns
Use this skill when working on branching, PRs, commits, or releases. Triggers on: branch naming, PR workflow, commit messages, release strategy, or mentions of "branch", "PR", "commit", "release", "versioning", "changelog", or "git workflow".
testing-tauri-apps
Guides developers through testing Tauri applications including unit testing with mock runtime, mocking Tauri APIs, WebDriver end-to-end testing with Selenium and WebdriverIO, and CI integration with GitHub Actions.
Integration detected automatically from skill content. Some results may be false positives.