backspace-shmackspace
Userclaude-devkit - an agentic coding framework
Categories
Indexed Skills (15)
receiving-code-review
Use when receiving code review feedback, before implementing suggestions, especially if feedback seems unclear or technically questionable - requires technical rigor and verification, not performative agreement or blind implementation
threat-model-gate
Use when planning security-sensitive features — authentication, authorization, data handling, API design, cryptography, or network configuration — requires explicit threat modeling before implementation decisions are made
verification-before-completion
Use when about to claim work is complete, before committing or creating PRs - requires fresh verification evidence before any completion claim. Triggers on phrases like "done", "finished", "ready to commit", "all tests pass", "looks good", "should work", "I think that's it".
journal-recall
Search, retrieve, and summarize past journal entries. Use when the user says "what did I", "recall", "look up", "find in journal", "journal search", "last week", "weekly review", "what happened on", "summarize my week", "what have I been working on", "review my journal", or asks about past work, decisions, meetings, or notes.
journal-review
Periodic journal review — scans daily entries to surface unlogged decisions, unlogged learnings, untracked action items, and recurring themes. Use when the user says "journal audit", "review my entries for promotion", "extract decisions", "unlogged items", "what should I formalize", "untracked items", or wants to promote daily notes into formal entries. NOT for weekly summaries — use /journal-recall for "weekly review" or "review my journal".
journal
Write entries to the Obsidian work journal. Creates daily logs, meeting notes, project updates, learnings, and decision records. Use when the user says "journal", "log", "daily entry", "meeting notes", "learning", "decision", "ADR", "capture this", "write down", "record this", or wants to document work for future reference.
architect
Research and create a technical blueprint for a new feature.
audit
Deep security and performance scan with structured reporting.
dependency-audit
Supply chain security audit — coordinates real CLI vulnerability scanners (npm audit, pip-audit, govulncheck, cargo audit, etc.) and synthesizes findings with license compliance and risk assessment.
fix
Apply targeted fixes for specific findings from code reviews, security reviews, QA reports, or audit scans.
retro
Mine review artifacts for recurring patterns and write project learnings.
secrets-scan
Pre-commit secrets detection with pattern-based scanning for API keys, tokens, passwords, private keys, and connection strings. Self-contained — no external tools required.
secure-review
Deep semantic security review of code changes with data flow tracing, taint analysis, and trust boundary validation. Composable building block invoked by /audit when deployed.
ship
Execute an approved plan using unattended implementation and validation with worktree isolation.
sync
Synchronize CLAUDE.md and README with recent code changes.
Bio shown is the top-scored skill's repo description as a fallback — real GitHub bios land in a future update.