agentscamp 0.1.0 → 0.2.1

package/content/manifest.json

@@ -1,10 +1,10 @@
 {
   "schemaVersion": 1,
-  "generatedAt": "2026-06-12T21:04:12.517Z",
+  "generatedAt": "2026-06-18T01:30:36.928Z",
   "counts": {
     "agents": 49,
-    "skills": 38,
-    "commands": 29
+    "skills": 49,
+    "commands": 40
   },
   "items": [
     {
@@ -866,6 +866,49 @@
       "installAs": "commands/create-pr.md",
       "url": "https://agentscamp.com/commands/git/create-pr"
     },
+    {
+      "id": "commands/create-skill",
+      "type": "command",
+      "slug": "create-skill",
+      "category": "workflow",
+      "title": "Create Skill",
+      "description": "Scaffold a new Claude Code skill into .claude/skills/<name>/SKILL.md — a model-invoked capability with a trigger-rich description, scoped tools, and a lean body that pushes detail into resource files.",
+      "topics": [
+        "workflow-prompting"
+      ],
+      "file": "commands/create-skill.md",
+      "installAs": "commands/create-skill.md",
+      "url": "https://agentscamp.com/commands/workflow/create-skill"
+    },
+    {
+      "id": "commands/create-slash-command",
+      "type": "command",
+      "slug": "create-slash-command",
+      "category": "workflow",
+      "title": "Create Slash Command",
+      "description": "Scaffold a new Claude Code slash command into .claude/commands/ — a valid Markdown file with frontmatter, a least-privilege allowed-tools allowlist, and a $ARGUMENTS-driven body of numbered steps ending in a Report.",
+      "topics": [
+        "workflow-prompting"
+      ],
+      "file": "commands/create-slash-command.md",
+      "installAs": "commands/create-slash-command.md",
+      "url": "https://agentscamp.com/commands/workflow/create-slash-command"
+    },
+    {
+      "id": "commands/create-subagent",
+      "type": "command",
+      "slug": "create-subagent",
+      "category": "workflow",
+      "title": "Create Subagent",
+      "description": "Scaffold a new Claude Code subagent definition file into .claude/agents/ with a routing-ready description, scoped tools, and a system prompt.",
+      "topics": [
+        "workflow-prompting",
+        "ai-agents-systems"
+      ],
+      "file": "commands/create-subagent.md",
+      "installAs": "commands/create-subagent.md",
+      "url": "https://agentscamp.com/commands/workflow/create-subagent"
+    },
     {
       "id": "commands/db-migrate",
       "type": "command",
@@ -881,6 +924,21 @@
       "installAs": "commands/db-migrate.md",
       "url": "https://agentscamp.com/commands/db/db-migrate"
     },
+    {
+      "id": "commands/estimate-effort",
+      "type": "command",
+      "slug": "estimate-effort",
+      "category": "plan",
+      "title": "Estimate Effort",
+      "description": "Produce a grounded effort and complexity estimate for a task by exploring the codebase read-only.",
+      "topics": [
+        "workflow-prompting",
+        "architecture"
+      ],
+      "file": "commands/estimate-effort.md",
+      "installAs": "commands/estimate-effort.md",
+      "url": "https://agentscamp.com/commands/plan/estimate-effort"
+    },
     {
       "id": "commands/explain-code",
       "type": "command",
@@ -937,6 +995,20 @@
       "installAs": "commands/find-bug.md",
       "url": "https://agentscamp.com/commands/review/find-bug"
     },
+    {
+      "id": "commands/find-n-plus-one",
+      "type": "command",
+      "slug": "find-n-plus-one",
+      "category": "perf",
+      "title": "Find N+1 Queries",
+      "description": "Scan code read-only for N+1 query patterns — loops that query per iteration and handlers that fan out per-row — and report each with a location, why it is N+1, and the concrete eager-load/batch/set-based fix.",
+      "topics": [
+        "review-qa"
+      ],
+      "file": "commands/find-n-plus-one.md",
+      "installAs": "commands/find-n-plus-one.md",
+      "url": "https://agentscamp.com/commands/perf/find-n-plus-one"
+    },
     {
       "id": "commands/fix-failing-test",
       "type": "command",
@@ -951,6 +1023,34 @@
       "installAs": "commands/fix-failing-test.md",
       "url": "https://agentscamp.com/commands/testing/fix-failing-test"
     },
+    {
+      "id": "commands/flaky-test-hunt",
+      "type": "command",
+      "slug": "flaky-test-hunt",
+      "category": "testing",
+      "title": "Hunt Flaky Tests",
+      "description": "Reproduce a flaky test, find the real source of nondeterminism, and fix the cause.",
+      "topics": [
+        "review-qa"
+      ],
+      "file": "commands/flaky-test-hunt.md",
+      "installAs": "commands/flaky-test-hunt.md",
+      "url": "https://agentscamp.com/commands/testing/flaky-test-hunt"
+    },
+    {
+      "id": "commands/git-bisect",
+      "type": "command",
+      "slug": "git-bisect",
+      "category": "git",
+      "title": "Git Bisect",
+      "description": "Drive git bisect to find the exact commit that introduced a regression.",
+      "topics": [
+        "review-qa"
+      ],
+      "file": "commands/git-bisect.md",
+      "installAs": "commands/git-bisect.md",
+      "url": "https://agentscamp.com/commands/git/git-bisect"
+    },
     {
       "id": "commands/new-component",
       "type": "command",
@@ -1024,6 +1124,34 @@
       "installAs": "commands/refactor.md",
       "url": "https://agentscamp.com/commands/refactor/refactor"
     },
+    {
+      "id": "commands/rename-symbol",
+      "type": "command",
+      "slug": "rename-symbol",
+      "category": "refactor",
+      "title": "Rename Symbol",
+      "description": "Safely rename a symbol project-wide, distinguishing the real symbol from coincidental substring matches.",
+      "topics": [
+        "coding-languages"
+      ],
+      "file": "commands/rename-symbol.md",
+      "installAs": "commands/rename-symbol.md",
+      "url": "https://agentscamp.com/commands/refactor/rename-symbol"
+    },
+    {
+      "id": "commands/resolve-conflict",
+      "type": "command",
+      "slug": "resolve-conflict",
+      "category": "git",
+      "title": "Resolve Merge Conflicts",
+      "description": "Walk through resolving the in-progress merge, rebase, or cherry-pick conflict in the current repo by understanding both sides, then verify before continuing.",
+      "topics": [
+        "review-qa"
+      ],
+      "file": "commands/resolve-conflict.md",
+      "installAs": "commands/resolve-conflict.md",
+      "url": "https://agentscamp.com/commands/git/resolve-conflict"
+    },
     {
       "id": "commands/review-pr",
       "type": "command",
@@ -1069,6 +1197,21 @@
       "installAs": "commands/scaffold-pgvector-schema.md",
       "url": "https://agentscamp.com/commands/db/scaffold-pgvector-schema"
     },
+    {
+      "id": "commands/scaffold-rag-pipeline",
+      "type": "command",
+      "slug": "scaffold-rag-pipeline",
+      "category": "scaffold",
+      "title": "Scaffold RAG Pipeline",
+      "description": "Scaffold a Retrieval-Augmented Generation pipeline — ingestion (load, chunk, embed, upsert) and retrieval (search, rerank, grounded prompt with citations) — fitted to the project's stack.",
+      "topics": [
+        "rag-retrieval",
+        "llm-app-dev"
+      ],
+      "file": "commands/scaffold-rag-pipeline.md",
+      "installAs": "commands/scaffold-rag-pipeline.md",
+      "url": "https://agentscamp.com/commands/scaffold/scaffold-rag-pipeline"
+    },
     {
       "id": "commands/scaffold-vllm-config",
       "type": "command",
@@ -1142,6 +1285,21 @@
       "installAs": "commands/sync-branch.md",
       "url": "https://agentscamp.com/commands/git/sync-branch"
     },
+    {
+      "id": "commands/trace-data-flow",
+      "type": "command",
+      "slug": "trace-data-flow",
+      "category": "analyze",
+      "title": "Trace Data Flow",
+      "description": "Trace how a value, field, or variable flows through the codebase from source to sink.",
+      "topics": [
+        "coding-languages",
+        "architecture"
+      ],
+      "file": "commands/trace-data-flow.md",
+      "installAs": "commands/trace-data-flow.md",
+      "url": "https://agentscamp.com/commands/analyze/trace-data-flow"
+    },
     {
       "id": "commands/update-readme",
       "type": "command",
@@ -1184,6 +1342,35 @@
       "installAs": "skills/adr-writer/SKILL.md",
       "url": "https://agentscamp.com/skills/docs/adr-writer"
     },
+    {
+      "id": "skills/agent-memory-designer",
+      "type": "skill",
+      "slug": "agent-memory-designer",
+      "category": "workflow",
+      "title": "Agent Memory Designer",
+      "description": "Design a project's CLAUDE.md and memory hierarchy by exploring the repo to learn its real build/test/lint commands, architecture, and non-obvious gotchas, then writing a concise, skimmable memory that keeps only what belongs in context. Use when onboarding a repo to Claude Code with no CLAUDE.md, or when an existing one is bloated, stale, or being ignored.",
+      "topics": [
+        "workflow-prompting",
+        "ai-agents-systems"
+      ],
+      "file": "skills/agent-memory-designer.md",
+      "installAs": "skills/agent-memory-designer/SKILL.md",
+      "url": "https://agentscamp.com/skills/workflow/agent-memory-designer"
+    },
+    {
+      "id": "skills/auth-flow-reviewer",
+      "type": "skill",
+      "slug": "auth-flow-reviewer",
+      "category": "security",
+      "title": "Auth Flow Reviewer",
+      "description": "Read-only review of authentication AND authorization flows — session/token model, cookie flags, CSRF, token rotation, password-reset/email-verification, OAuth redirect/state, and per-route object-level access checks — for exploitable gaps. Use before shipping login/session/token code, when adding a protected route or sharing-by-URL feature, or during a security pass. Reports findings by severity with location, impact, and the concrete fix; never edits code.",
+      "topics": [
+        "review-qa"
+      ],
+      "file": "skills/auth-flow-reviewer.md",
+      "installAs": "skills/auth-flow-reviewer/SKILL.md",
+      "url": "https://agentscamp.com/skills/security/auth-flow-reviewer"
+    },
     {
       "id": "skills/branch-rebaser",
       "type": "skill",
@@ -1339,6 +1526,21 @@
       "installAs": "skills/embedding-set-inspector/SKILL.md",
       "url": "https://agentscamp.com/skills/data/embedding-set-inspector"
     },
+    {
+      "id": "skills/extract-module",
+      "type": "skill",
+      "slug": "extract-module",
+      "category": "refactor",
+      "title": "Extract Module",
+      "description": "Split an overgrown file into cohesive, well-bounded modules — find the natural seams, design each new module's public interface before moving a line, then relocate one unit at a time keeping tests green. Use when a file has grown too large, mixes unrelated responsibilities, or every change to it forces unrelated diffs and merge conflicts.",
+      "topics": [
+        "coding-languages",
+        "architecture"
+      ],
+      "file": "skills/extract-module.md",
+      "installAs": "skills/extract-module/SKILL.md",
+      "url": "https://agentscamp.com/skills/refactor/extract-module"
+    },
     {
       "id": "skills/finetune-dataset-builder",
       "type": "skill",
@@ -1466,6 +1668,20 @@
       "installAs": "skills/mcp-server-scaffolder/SKILL.md",
       "url": "https://agentscamp.com/skills/api/mcp-server-scaffolder"
     },
+    {
+      "id": "skills/migration-writer",
+      "type": "skill",
+      "slug": "migration-writer",
+      "category": "database",
+      "title": "Migration Writer",
+      "description": "Write a safe, reversible, zero-downtime database migration using expand-contract — add the new shape, backfill in batches, switch reads/writes, then drop the old — so every deploy stays compatible with the running app version. Use when adding or changing schema on a live system, renaming/dropping a column, adding NOT NULL or a foreign key on a large table, or when a migration risks locks, table rewrites, or an unrevertable step.",
+      "topics": [
+        "devops-infra"
+      ],
+      "file": "skills/migration-writer.md",
+      "installAs": "skills/migration-writer/SKILL.md",
+      "url": "https://agentscamp.com/skills/database/migration-writer"
+    },
     {
       "id": "skills/mock-data-factory",
       "type": "skill",
@@ -1593,6 +1809,21 @@
       "installAs": "skills/prompt-pii-redactor/SKILL.md",
       "url": "https://agentscamp.com/skills/security/prompt-pii-redactor"
     },
+    {
+      "id": "skills/prompt-regression-tester",
+      "type": "skill",
+      "slug": "prompt-regression-tester",
+      "category": "data",
+      "title": "Prompt Regression Tester",
+      "description": "Build a regression test harness for an LLM prompt so a prompt edit or model upgrade can't silently degrade quality — a fixed eval set, checkable assertions, and a diff against a committed baseline. Use when changing a production prompt, migrating model versions, or any time 'I tweaked the prompt' needs to be backed by evidence instead of eyeballing two outputs.",
+      "topics": [
+        "llm-evals",
+        "workflow-prompting"
+      ],
+      "file": "skills/prompt-regression-tester.md",
+      "installAs": "skills/prompt-regression-tester/SKILL.md",
+      "url": "https://agentscamp.com/skills/data/prompt-regression-tester"
+    },
     {
       "id": "skills/provider-fallback-wrapper",
       "type": "skill",
@@ -1621,6 +1852,36 @@
       "installAs": "skills/qlora-finetune-runner/SKILL.md",
       "url": "https://agentscamp.com/skills/data/qlora-finetune-runner"
     },
+    {
+      "id": "skills/rate-limiter-designer",
+      "type": "skill",
+      "slug": "rate-limiter-designer",
+      "category": "api",
+      "title": "Rate Limiter Designer",
+      "description": "Design and implement API rate limiting that actually holds under load — pick the algorithm (token bucket vs sliding-window-counter vs fixed window) and justify it, choose the limiting key and per-tier limits, use cross-instance atomic storage, and return standard 429 signals. Use when protecting an API from abuse or scrapers, enforcing per-tier quotas, or replacing an in-memory limiter that breaks behind multiple replicas.",
+      "topics": [
+        "architecture",
+        "devops-infra"
+      ],
+      "file": "skills/rate-limiter-designer.md",
+      "installAs": "skills/rate-limiter-designer/SKILL.md",
+      "url": "https://agentscamp.com/skills/api/rate-limiter-designer"
+    },
+    {
+      "id": "skills/react-render-profiler",
+      "type": "skill",
+      "slug": "react-render-profiler",
+      "category": "performance",
+      "title": "React Render Profiler",
+      "description": "Find and fix wasteful React re-renders by classifying the cause — unstable prop/callback/object identities, context value churn, state lifted too high, expensive work in render, or unvirtualized lists — confirming it with a measurement, then applying the one targeted fix and re-measuring. Use when a React UI is janky, slow to type in, or re-renders far more than the data actually changed.",
+      "topics": [
+        "coding-languages",
+        "review-qa"
+      ],
+      "file": "skills/react-render-profiler.md",
+      "installAs": "skills/react-render-profiler/SKILL.md",
+      "url": "https://agentscamp.com/skills/performance/react-render-profiler"
+    },
     {
       "id": "skills/readme-generator",
       "type": "skill",
@@ -1649,6 +1910,20 @@
       "installAs": "skills/secret-scanner/SKILL.md",
       "url": "https://agentscamp.com/skills/security/secret-scanner"
     },
+    {
+      "id": "skills/semver-advisor",
+      "type": "skill",
+      "slug": "semver-advisor",
+      "category": "release",
+      "title": "SemVer Advisor",
+      "description": "Decide the correct semantic-version bump — major, minor, or patch — by diffing a release range, mapping the changes onto the public API surface, and classifying each as breaking, additive, or a fix. Use before cutting a release when you are unsure whether changes are breaking, when a teammate proposes a bump you want to sanity-check, or when a behavior change has no signature change and you need to know if it is still breaking.",
+      "topics": [
+        "devops-infra"
+      ],
+      "file": "skills/semver-advisor.md",
+      "installAs": "skills/semver-advisor/SKILL.md",
+      "url": "https://agentscamp.com/skills/release/semver-advisor"
+    },
     {
       "id": "skills/sql-optimizer",
       "type": "skill",
@@ -1691,6 +1966,34 @@
       "installAs": "skills/tool-definition-generator/SKILL.md",
       "url": "https://agentscamp.com/skills/api/tool-definition-generator"
     },
+    {
+      "id": "skills/type-coverage-improver",
+      "type": "skill",
+      "slug": "type-coverage-improver",
+      "category": "refactor",
+      "title": "Type Coverage Improver",
+      "description": "Raise TypeScript type strictness incrementally — measure the any/implicit-any baseline, enable one strict sub-flag at a time, and fix the fallout per flag instead of all at once, keeping the typecheck green at every step. Use when a codebase is loosely typed, when you want strict mode on without a big-bang break, or when `any` keeps hiding bugs that surface in production.",
+      "topics": [
+        "coding-languages"
+      ],
+      "file": "skills/type-coverage-improver.md",
+      "installAs": "skills/type-coverage-improver/SKILL.md",
+      "url": "https://agentscamp.com/skills/refactor/type-coverage-improver"
+    },
+    {
+      "id": "skills/version-bumper",
+      "type": "skill",
+      "slug": "version-bumper",
+      "category": "release",
+      "title": "Version Bumper",
+      "description": "Bump the project version everywhere it lives in one consistent pass — package.json, lockfile, nested/CLI package manifests, version constants, README badges, docs — then roll the changelog's Unreleased section under the new version and stage an annotated git tag. Use when you've already decided the new version (X.Y.Z or a pre-release like -rc.1) and need every artifact updated to the same value without drift, or before cutting a release.",
+      "topics": [
+        "devops-infra"
+      ],
+      "file": "skills/version-bumper.md",
+      "installAs": "skills/version-bumper/SKILL.md",
+      "url": "https://agentscamp.com/skills/release/version-bumper"
+    },
     {
       "id": "skills/web-research-pipeline",
       "type": "skill",
@@ -1704,6 +2007,20 @@
       "file": "skills/web-research-pipeline.md",
       "installAs": "skills/web-research-pipeline/SKILL.md",
       "url": "https://agentscamp.com/skills/data/web-research-pipeline"
+    },
+    {
+      "id": "skills/webhook-handler-scaffolder",
+      "type": "skill",
+      "slug": "webhook-handler-scaffolder",
+      "category": "api",
+      "title": "Webhook Handler Scaffolder",
+      "description": "Scaffold a robust inbound webhook handler that verifies the signature on the raw body first, dedupes on the provider's event id, acknowledges fast, and processes asynchronously — the four things naive handlers get wrong. Use when wiring up events from a third party (Stripe, GitHub, Shopify, Slack, Twilio), when a provider keeps retrying because your endpoint times out or 500s, or when duplicate events are double-charging or double-creating records.",
+      "topics": [
+        "architecture"
+      ],
+      "file": "skills/webhook-handler-scaffolder.md",
+      "installAs": "skills/webhook-handler-scaffolder/SKILL.md",
+      "url": "https://agentscamp.com/skills/api/webhook-handler-scaffolder"
     }
   ]
 }

package/content/skills/agent-memory-designer.md

@@ -0,0 +1,42 @@
+---
+name: "agent-memory-designer"
+description: "Design a project's CLAUDE.md and memory hierarchy by exploring the repo to learn its real build/test/lint commands, architecture, and non-obvious gotchas, then writing a concise, skimmable memory that keeps only what belongs in context. Use when onboarding a repo to Claude Code with no CLAUDE.md, or when an existing one is bloated, stale, or being ignored."
+allowed-tools: "Read, Grep, Glob, Write"
+version: 1.0.0
+---
+
+CLAUDE.md is loaded into every prompt for the whole session, so it is the highest-leverage and most easily-abused file in the repo: a sharp 40-line memory steers every turn, while a 400-line dump of prose gets skimmed, diluted, and quietly ignored. This skill explores the actual project, decides what earns a permanent slot in context, and writes a memory the model will actually follow.
+
+## When to use this skill
+
+- You're onboarding an existing repo to Claude Code and there is no CLAUDE.md (or `/init` produced a generic one that restates the obvious).
+- The current CLAUDE.md is long, stale, or contradicts the code, and Claude keeps running the wrong test command or ignoring a stated rule.
+- You want to split repo facts (project CLAUDE.md) from personal cross-project preferences (user `~/.claude/CLAUDE.md`) and aren't sure what goes where.
+
+## When NOT to use this skill
+
+- You want an automatically enforced rule (format on save, block edits to a path) — that's a hook, not memory; memory is advisory and the model can deviate from it.
+- You want a reusable procedure with its own tool scope, invoked on demand — that's a skill, not a fact that must sit in context every turn.
+
+## Instructions
+
+1. **Read the repo before writing a word.** Glob for the build manifest (`package.json`, `pyproject.toml`, `Cargo.toml`, `go.mod`, `Makefile`) and read its scripts/targets to get the *real* commands — never invent `npm test` if the script is `npm run test:unit`. Grep configs (`tsconfig`, `.eslintrc`, `ruff.toml`, CI workflow YAML) for the lint/typecheck/test invocations CI actually runs; those are the commands that must pass.
+2. **Map the architecture in five lines or fewer.** Identify the entry points, the 3–6 directories that matter, and the one data-flow or layering rule that, if violated, breaks the build (e.g. "client components must not import `lib/db`"). Write the *map and the rule*, not a tour of every folder — the model can read the tree itself.
+3. **Mine the non-obvious gotchas.** These are the highest-value lines: footguns you can't infer from a glance — a generated file that must be regenerated after content changes, a port that isn't the default, a test that needs a service running, a "looks unused but isn't" module. Surface them from READMEs, CI steps, and conspicuous comments.
+4. **Sort every candidate fact into KEEP or CUT.** KEEP: stable conventions, exact commands, the architecture map, hard rules ("never commit to main"), and recurring pitfalls. CUT: transient task state, secrets/tokens, anything derivable by reading the code (function signatures, the full dependency list), and long explanatory prose. If a line only helps once, it doesn't belong in always-on context.
+5. **Write it imperative and skimmable.** Short headings, bullet lists, one rule per line in the imperative ("Stage by explicit path", not "It is generally preferable that..."). Put the hardest rules first. Aim for a memory a person can read in under a minute; if it's over ~50 lines, you kept things that should have been cut.
+6. **Place facts in the right tier.** Repo-specific facts → project `./CLAUDE.md` (committed, team-shared). Personal habits that apply across all your repos (preferred commit style, "explain before large refactors") → user `~/.claude/CLAUDE.md`. Machine-local, uncommitted notes → `./CLAUDE.local.md`. Never put a personal preference in the shared project file, or a repo command in user memory.
+7. **State the freshness contract.** End the draft with a one-line note on what makes it go stale (commands renamed, directories moved) and the expectation that it's updated in the same PR that changes those facts — a wrong command in memory is worse than no command.
+
+> [!WARNING]
+> Do not paste the codebase into CLAUDE.md. Memory that duplicates code (full module lists, copied function signatures, exhaustive API surfaces) goes stale silently and burns context on every turn — and stale memory actively misleads, because the model trusts it over the file it didn't read. Keep facts that are stable and expensive to rediscover; let the model read everything else.
+
+> [!CAUTION]
+> Never write secrets, API keys, tokens, or internal URLs into CLAUDE.md — it is committed and shipped. If a command needs a secret, reference the env var name, not the value.
+
+> [!TIP]
+> Brevity is a feature, not a limitation. When two lines say the same thing, cut one. A memory the model reads fully every time beats a thorough one it learns to skim.
+
+## Output
+
+A ready-to-write `CLAUDE.md` draft tailored to this repo — Project Overview (2–3 lines), exact build/test/lint commands verified against the manifest, a five-line architecture map, hard rules, and known gotchas — plus a short rationale listing what was KEPT vs CUT and why, and a note on which facts (if any) belong in user memory instead. The skill proposes the file via Write; it does not run commands or alter code.

package/content/skills/auth-flow-reviewer.md

@@ -0,0 +1,73 @@
+---
+name: "auth-flow-reviewer"
+description: "Read-only review of authentication AND authorization flows — session/token model, cookie flags, CSRF, token rotation, password-reset/email-verification, OAuth redirect/state, and per-route object-level access checks — for exploitable gaps. Use before shipping login/session/token code, when adding a protected route or sharing-by-URL feature, or during a security pass. Reports findings by severity with location, impact, and the concrete fix; never edits code."
+allowed-tools: "Read, Grep, Glob"
+version: 1.0.0
+---
+
+Review authentication and authorization code for exploitable gaps without touching a line of it. The skill walks the session/token model, cookie flags, CSRF defenses, token lifecycle, password-reset and email-verification flows, and OAuth parameter validation — then spends most of its effort on the part teams routinely skip: confirming that **every protected route enforces an object-level access check**. A login form that works tells you nothing about whether user A can read user B's invoice by editing an ID. Output is a findings list grouped by severity, each with a location, the concrete impact, and the fix.
+
+## When to use this skill
+
+- Before shipping login, signup, session, JWT, or refresh-token code.
+- When adding a new protected route, an admin action, or a "share by link / by ID" feature — anywhere a request carries an object identifier.
+- Reviewing a password-reset, email-verification, or OAuth/SSO integration.
+- During a scheduled security pass, or after a pentest/bug report mentioning broken access control.
+
+> [!WARNING]
+> Authentication ≠ authorization. The most common, highest-impact real bug is a fully logged-in, legitimate user accessing another user's object (IDOR) — `GET /api/orders/123` returning order 123 to whoever asks, regardless of owner. If you only verify that login works, you will miss it. Audit the per-object check on every route, not just the session.
+
+## Instructions
+
+1. **Map the surface first.** Glob for routers, middleware, controllers, and guards (`**/routes/**`, `**/middleware/**`, `**/*controller*`, `**/*guard*`, `**/auth/**`). Build a list of every endpoint and tag each as public, authenticated-only, or authorized (requires ownership/role). You cannot review what you have not enumerated — an unlisted route is the one that ships unprotected.
+2. **Classify the session model.** Determine whether the app uses server-side sessions (cookie holds an opaque session id) or stateless tokens (cookie/header holds a JWT). The two have different failure modes: sessions need a server store and explicit invalidation on logout; JWTs cannot be revoked before expiry without a denylist. Flag any hybrid where a JWT is treated as revocable but no denylist exists.
+3. **Audit cookie flags on every auth cookie.** Confirm `HttpOnly` (blocks JS/XSS theft), `Secure` (HTTPS-only), and an explicit `SameSite` (`Lax` minimum; `Strict` for the session cookie when feasible; `None` requires `Secure` and a CSRF defense). Grep for cookie-setting calls (`set-cookie`, `res.cookie`, `Set-Cookie`, framework session config) and report any auth cookie missing a flag, with the exact line.
+4. **Verify CSRF protection on state-changing requests.** Any cookie-authenticated `POST`/`PUT`/`PATCH`/`DELETE` needs a CSRF defense: a per-session synchronizer token, double-submit cookie, or strict `SameSite` plus origin checking. Token/`Authorization: Bearer` flows in headers are not CSRF-prone, but cookie flows are. Flag every mutating, cookie-authed endpoint with no token check or origin/referer validation.
+5. **Trace the token lifecycle.** For JWTs/access tokens, check: signing algorithm is pinned (reject `alg: none` and confirm the verifier does not accept attacker-chosen algorithms), expiry is short (minutes, not days), the secret/key is not hardcoded, and the payload carries no secrets. For refresh tokens, require server-side storage, **rotation on use** (old token invalidated when a new one is issued), and reuse-detection that revokes the family on replay. Flag tokens stored in `localStorage` (XSS-readable) where a cookie would be safer.
+6. **Review password reset and email verification as untrusted token flows.** For each, confirm: the token is high-entropy (CSPRNG, not a sequential id, timestamp, or weak hash), **single-use** (consumed/invalidated after first use), short-lived (minutes to an hour), and bound to the target user. Critically, confirm the flow does **not enumerate users** — the "reset email sent" and "verify" responses must be identical for existing and non-existing accounts (same body, same status, same timing). Flag any reset that returns "no such user".
+7. **Validate OAuth/SSO parameters.** Confirm `redirect_uri` is checked against an exact-match allowlist (not a prefix/substring/regex that an attacker can satisfy with `evil.com?x=trusted.com`), and that the `state` parameter is generated, stored, and verified on callback to stop CSRF/login-fixation. For authorization-code flows, confirm PKCE is used for public clients and the code is exchanged server-side.
+8. **Enforce object-level authorization on every protected route — the core check.** For each endpoint that accepts an object id (path param, query, or body), confirm the handler verifies the current principal is allowed to act on *that specific object* (e.g. `WHERE owner_id = session.user.id`, or an explicit policy/ability check), not merely that someone is logged in. Look for the anti-pattern: authentication middleware present, but the query fetches by id alone. Also check privilege escalation: role/permission read from the request body or a client-supplied field instead of the server-trusted session; missing `isAdmin` gates on admin endpoints; mass-assignment that lets a user set their own `role`.
+9. **Report; do not modify.** Produce the severity-grouped findings (see Output). The skill is read-only — propose the fix, leave the change to the author.
+
+> [!NOTE]
+> Test the negative path in your reasoning, not just the happy path: for every "user can see their data" check, ask "what stops them from seeing someone else's?" and "what happens if I delete the auth header / swap the id / replay the token?". Findings come from the requests the code forgot to reject.
+
+## Output
+
+A findings report grouped by severity, with a one-line scope header (what was reviewed) and, for each finding, a `file:line` location, the impact in attacker terms, and the concrete fix. Nothing is edited.
+
+```text
+Auth flow review — scope: src/routes/**, src/middleware/auth.ts, src/auth/oauth.ts
+12 endpoints enumerated (3 public, 5 authenticated, 4 authorized)
+
+CRITICAL
+- IDOR on invoice fetch — src/routes/invoices.ts:41
+  Impact: any logged-in user reads any invoice; `findById(req.params.id)` has no
+          owner check. GET /api/invoices/123 returns 123 to anyone.
+  Fix:    scope the query — findOne({ id, ownerId: req.session.userId }); 404 on miss.
+
+- Privilege escalation via body — src/routes/users.ts:88
+  Impact: PATCH /api/users/me accepts { role } from the request body (mass assignment);
+          a user can set role: "admin".
+  Fix:    whitelist updatable fields; derive role only from server state, never the body.
+
+HIGH
+- Refresh token not rotated — src/auth/tokens.ts:53
+  Impact: a stolen refresh token works until expiry and is never invalidated on reuse.
+  Fix:    rotate on each use, persist the new token, and revoke the family on replay.
+
+- User enumeration on password reset — src/routes/auth.ts:120
+  Impact: reset endpoint returns 404 "no such user", letting attackers harvest valid emails.
+  Fix:    return an identical 200 "if an account exists, an email was sent" in all cases.
+
+MEDIUM
+- Session cookie missing SameSite — src/middleware/session.ts:17
+  Impact: cookie sent on cross-site requests; widens CSRF exposure.
+  Fix:    add SameSite=Lax (or Strict) alongside HttpOnly and Secure.
+
+- OAuth redirect_uri prefix match — src/auth/oauth.ts:34
+  Impact: startsWith() allows https://trusted.com.evil.com — open redirect / token theft.
+  Fix:    exact-match redirect_uri against a registered allowlist.
+
+Summary: 2 critical, 2 high, 2 medium. No code modified.
+```

package/content/skills/extract-module.md

@@ -0,0 +1,50 @@
+---
+name: "extract-module"
+description: "Split an overgrown file into cohesive, well-bounded modules — find the natural seams, design each new module's public interface before moving a line, then relocate one unit at a time keeping tests green. Use when a file has grown too large, mixes unrelated responsibilities, or every change to it forces unrelated diffs and merge conflicts."
+allowed-tools: "Read, Grep, Glob, Edit"
+version: 1.0.0
+---
+
+Carve a bloated, multi-responsibility file into a handful of focused modules without breaking a thing. The skill first maps what the file actually does and where the seams are — clusters of functions that share state, types, or a single reason to change — then designs each new module's public surface before touching code, and moves the clusters out one at a time so every intermediate state still compiles and passes tests.
+
+## When to use this skill
+
+- A single file has grown past what one person holds in their head, and unrelated edits keep colliding in it.
+- One file mixes responsibilities — HTTP handling, business rules, and persistence; or parsing, validation, and formatting — that change for different reasons.
+- The file is a chronic merge-conflict hotspot because every feature touches it.
+- You need a *safe, incremental* split with a green build at each step, not a big-bang rewrite.
+
+> [!WARNING]
+> Do not split by line count. "This file is 1,200 lines, cut it in half" produces two arbitrarily-severed files that still share state and import each other constantly — worse than one. Split by **cohesion**: a module is a set of functions and types with one reason to change and a small interface to everything else. If a proposed boundary would expose more than a handful of symbols, the seam is in the wrong place.
+
+## Instructions
+
+1. **Map responsibilities before touching code.** Read the whole file and list every top-level function/class with its one-line purpose and what state it reads or mutates (module-level variables, shared config, a connection, a cache). Group symbols that touch the same state or serve the same purpose — those clusters are your candidate modules. A symbol that several clusters call but that owns no state is a shared utility; a type used across clusters is shared data.
+2. **Find the natural seams.** A good boundary is where the call graph is *narrow*: cluster A calls cluster B through one or two functions, not fifteen. Use `Grep`/`Glob` to count cross-cluster references. Prefer seams that separate by reason-to-change (e.g. transport vs. domain logic) over seams that separate by noun. If two clusters are mutually entangled (each calls deep into the other), they are one module — do not force them apart.
+3. **Design the public interface of each new module first — on paper, before moving anything.** For each module, write down: its name/path, the exact symbols it will export, and what it imports. Keep exports minimal — everything not in the list becomes module-private. This is the contract; if it looks awkward now, the seam is wrong and re-cutting a sketch is free.
+4. **Extract shared types and pure utilities to a leaf module first.** Before moving any cluster, pull the types and zero-dependency helpers that multiple clusters share into a dependency-free leaf module (e.g. `types.ts`, `shared.ts`). Every other new module imports *from* it and it imports from none of them. This single move is what prevents the cycles that splitting otherwise creates.
+5. **Move one cohesive unit at a time.** Cut one cluster into its new file, add the planned exports, and update every importer with `Edit`. Re-point the original file to re-export or import from the new module so external callers keep working. Then run the build and test suite. Never move two clusters before verifying — a failure must point at exactly one move.
+6. **Check the dependency direction after each move.** After relocating a cluster, confirm the new module does not import (directly or transitively) anything that imports it back. If a cycle appears, the cause is almost always a symbol living in the wrong module — move that symbol to the leaf module from step 4, or invert the dependency by passing the value in as an argument instead of importing it.
+7. **Collapse the husk last.** Once every cluster is out, the original file is either an empty re-export barrel or gone. Decide deliberately: keep it as a thin barrel if external callers depend on its path, or delete it and update the remaining importers. Verify the full suite one final time.
+
+> [!NOTE]
+> Keep the original file as a temporary re-export barrel (`export * from './new-module'`) during the move. External callers stay green while you extract internally, and you can delete the barrel in a final, isolated commit once nothing imports the old path — turning a scary refactor into a sequence of trivially-revertable steps.
+
+## Output
+
+1. **A module boundary map** — a table of each proposed module with its path, the symbols it owns (private), the symbols it exports (its interface), and what it imports. Shared types/utilities are listed as the leaf module everything depends on.
+
+   | Module | Exports (public) | Imports | Owns (private) |
+   | --- | --- | --- | --- |
+   | `parser/types.ts` | `Token`, `AstNode`, `ParseError` | — (leaf) | — |
+   | `parser/lex.ts` | `tokenize` | `types` | `scanIdent`, `scanNumber` |
+   | `parser/parse.ts` | `parse` | `types`, `lex` | `parseExpr`, `parsePrimary` |
+   | `parser/index.ts` | `parse`, `tokenize` (barrel) | `lex`, `parse` | — |
+
+2. **An incremental move plan** — an ordered list of steps, each independently verifiable, e.g.:
+   - Step 1: extract `parser/types.ts` (leaf), update in-file references → build + tests green.
+   - Step 2: move lexer cluster to `parser/lex.ts`, re-export from original → green.
+   - Step 3: move parser cluster to `parser/parse.ts` → green.
+   - Step 4: replace original file with `parser/index.ts` barrel, delete dead path → green.
+
+   Each step is one commit with the verifying command output, so any regression reverts to exactly one change.