aigroup-workflow 2.1.1 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (914) hide show
  1. package/.codex/AGENTS.md +1 -1
  2. package/CLAUDE.md +1 -4
  3. package/README.md +333 -333
  4. package/cli/commands/init.mjs +20 -6
  5. package/cli/utils/scaffold.mjs +39 -9
  6. package/docs/red-flags.md +1 -1
  7. package/docs/rules/coding-style.md +21 -1
  8. package/docs/rules/entropy.md +1 -1
  9. package/docs/rules/performance.md +1 -1
  10. package/docs/workflow-pipeline.md +1 -0
  11. package/manifests/install-modules.json +223 -133
  12. package/package.json +39 -39
  13. package/scripts/orchestration/lib/orchestrator.cjs +34 -0
  14. package/scripts/orchestration/session.cjs +24 -1
  15. package/skills/ai-ml/fine-tuning-expert/SKILL.md +162 -0
  16. package/skills/ai-ml/fine-tuning-expert/references/dataset-preparation.md +540 -0
  17. package/skills/ai-ml/fine-tuning-expert/references/deployment-optimization.md +673 -0
  18. package/skills/ai-ml/fine-tuning-expert/references/evaluation-metrics.md +597 -0
  19. package/skills/ai-ml/fine-tuning-expert/references/hyperparameter-tuning.md +565 -0
  20. package/skills/ai-ml/fine-tuning-expert/references/lora-peft.md +347 -0
  21. package/skills/ai-ml/ml-pipeline/SKILL.md +159 -0
  22. package/skills/ai-ml/ml-pipeline/references/experiment-tracking.md +833 -0
  23. package/skills/ai-ml/ml-pipeline/references/feature-engineering.md +631 -0
  24. package/skills/ai-ml/ml-pipeline/references/model-validation.md +978 -0
  25. package/skills/ai-ml/ml-pipeline/references/pipeline-orchestration.md +907 -0
  26. package/skills/ai-ml/ml-pipeline/references/training-pipelines.md +782 -0
  27. package/skills/ai-ml/rag-architect/SKILL.md +194 -0
  28. package/skills/ai-ml/rag-architect/references/chunking-strategies.md +878 -0
  29. package/skills/ai-ml/rag-architect/references/embedding-models.md +561 -0
  30. package/skills/ai-ml/rag-architect/references/rag-evaluation.md +833 -0
  31. package/skills/ai-ml/rag-architect/references/retrieval-optimization.md +795 -0
  32. package/skills/ai-ml/rag-architect/references/vector-databases.md +589 -0
  33. package/skills/ai-ml/spark-engineer/SKILL.md +148 -0
  34. package/skills/ai-ml/spark-engineer/references/partitioning-caching.md +543 -0
  35. package/skills/ai-ml/spark-engineer/references/performance-tuning.md +544 -0
  36. package/skills/ai-ml/spark-engineer/references/rdd-operations.md +599 -0
  37. package/skills/ai-ml/spark-engineer/references/spark-sql-dataframes.md +474 -0
  38. package/skills/ai-ml/spark-engineer/references/streaming-patterns.md +786 -0
  39. package/skills/backend/api-designer/SKILL.md +217 -0
  40. package/skills/backend/api-designer/references/error-handling.md +541 -0
  41. package/skills/backend/api-designer/references/openapi.md +824 -0
  42. package/skills/backend/api-designer/references/pagination.md +494 -0
  43. package/skills/backend/api-designer/references/rest-patterns.md +335 -0
  44. package/skills/backend/api-designer/references/versioning.md +391 -0
  45. package/skills/backend/architecture-designer/SKILL.md +117 -0
  46. package/skills/backend/architecture-designer/references/adr-template.md +116 -0
  47. package/skills/backend/architecture-designer/references/architecture-patterns.md +111 -0
  48. package/skills/backend/architecture-designer/references/database-selection.md +102 -0
  49. package/skills/backend/architecture-designer/references/nfr-checklist.md +112 -0
  50. package/skills/backend/architecture-designer/references/system-design.md +100 -0
  51. package/skills/backend/code-documenter/SKILL.md +147 -0
  52. package/skills/backend/code-documenter/references/api-docs-fastapi-django.md +166 -0
  53. package/skills/backend/code-documenter/references/api-docs-nestjs-express.md +220 -0
  54. package/skills/backend/code-documenter/references/coverage-reports.md +125 -0
  55. package/skills/backend/code-documenter/references/documentation-systems.md +333 -0
  56. package/skills/backend/code-documenter/references/interactive-api-docs.md +531 -0
  57. package/skills/backend/code-documenter/references/python-docstrings.md +121 -0
  58. package/skills/backend/code-documenter/references/typescript-jsdoc.md +145 -0
  59. package/skills/backend/code-documenter/references/user-guides-tutorials.md +530 -0
  60. package/skills/backend/debugging-wizard/SKILL.md +105 -0
  61. package/skills/backend/debugging-wizard/references/common-patterns.md +132 -0
  62. package/skills/backend/debugging-wizard/references/debugging-tools.md +140 -0
  63. package/skills/backend/debugging-wizard/references/quick-fixes.md +177 -0
  64. package/skills/backend/debugging-wizard/references/strategies.md +142 -0
  65. package/skills/backend/debugging-wizard/references/systematic-debugging.md +367 -0
  66. package/skills/backend/feature-forge/SKILL.md +98 -0
  67. package/skills/backend/feature-forge/references/acceptance-criteria.md +104 -0
  68. package/skills/backend/feature-forge/references/ears-syntax.md +99 -0
  69. package/skills/backend/feature-forge/references/interview-questions.md +150 -0
  70. package/skills/backend/feature-forge/references/pre-discovery-subagents.md +54 -0
  71. package/skills/backend/feature-forge/references/specification-template.md +103 -0
  72. package/skills/backend/fullstack-guardian/SKILL.md +105 -0
  73. package/skills/backend/fullstack-guardian/references/api-design-standards.md +307 -0
  74. package/skills/backend/fullstack-guardian/references/architecture-decisions.md +350 -0
  75. package/skills/backend/fullstack-guardian/references/backend-patterns.md +237 -0
  76. package/skills/backend/fullstack-guardian/references/common-patterns.md +134 -0
  77. package/skills/backend/fullstack-guardian/references/deliverables-checklist.md +354 -0
  78. package/skills/backend/fullstack-guardian/references/design-template.md +91 -0
  79. package/skills/backend/fullstack-guardian/references/error-handling.md +135 -0
  80. package/skills/backend/fullstack-guardian/references/frontend-patterns.md +340 -0
  81. package/skills/backend/fullstack-guardian/references/integration-patterns.md +333 -0
  82. package/skills/backend/fullstack-guardian/references/security-checklist.md +106 -0
  83. package/skills/backend/graphql-architect/SKILL.md +146 -0
  84. package/skills/backend/graphql-architect/references/federation.md +418 -0
  85. package/skills/backend/graphql-architect/references/migration-from-rest.md +1141 -0
  86. package/skills/backend/graphql-architect/references/resolvers.md +425 -0
  87. package/skills/backend/graphql-architect/references/schema-design.md +393 -0
  88. package/skills/backend/graphql-architect/references/security.md +569 -0
  89. package/skills/backend/graphql-architect/references/subscriptions.md +510 -0
  90. package/skills/backend/legacy-modernizer/SKILL.md +137 -0
  91. package/skills/backend/legacy-modernizer/references/legacy-testing.md +381 -0
  92. package/skills/backend/legacy-modernizer/references/migration-strategies.md +423 -0
  93. package/skills/backend/legacy-modernizer/references/refactoring-patterns.md +395 -0
  94. package/skills/backend/legacy-modernizer/references/strangler-fig-pattern.md +281 -0
  95. package/skills/backend/legacy-modernizer/references/system-assessment.md +487 -0
  96. package/skills/backend/microservices-architect/SKILL.md +164 -0
  97. package/skills/backend/microservices-architect/references/communication.md +499 -0
  98. package/skills/backend/microservices-architect/references/data.md +721 -0
  99. package/skills/backend/microservices-architect/references/decomposition.md +344 -0
  100. package/skills/backend/microservices-architect/references/observability.md +805 -0
  101. package/skills/backend/microservices-architect/references/patterns.md +603 -0
  102. package/skills/database/database-optimizer/SKILL.md +147 -0
  103. package/skills/database/database-optimizer/references/index-strategies.md +331 -0
  104. package/skills/database/database-optimizer/references/monitoring-analysis.md +501 -0
  105. package/skills/database/database-optimizer/references/mysql-tuning.md +452 -0
  106. package/skills/database/database-optimizer/references/postgresql-tuning.md +413 -0
  107. package/skills/database/database-optimizer/references/query-optimization.md +251 -0
  108. package/skills/database/postgres-pro/SKILL.md +152 -0
  109. package/skills/database/postgres-pro/references/extensions.md +404 -0
  110. package/skills/database/postgres-pro/references/jsonb.md +321 -0
  111. package/skills/database/postgres-pro/references/maintenance.md +481 -0
  112. package/skills/database/postgres-pro/references/performance.md +265 -0
  113. package/skills/database/postgres-pro/references/replication.md +446 -0
  114. package/skills/database/sql-pro/SKILL.md +129 -0
  115. package/skills/database/sql-pro/references/database-design.md +402 -0
  116. package/skills/database/sql-pro/references/dialect-differences.md +419 -0
  117. package/skills/database/sql-pro/references/optimization.md +384 -0
  118. package/skills/database/sql-pro/references/query-patterns.md +285 -0
  119. package/skills/database/sql-pro/references/window-functions.md +328 -0
  120. package/skills/dotnet/csharp-developer/SKILL.md +125 -0
  121. package/skills/dotnet/csharp-developer/references/aspnet-core.md +394 -0
  122. package/skills/dotnet/csharp-developer/references/blazor.md +553 -0
  123. package/skills/dotnet/csharp-developer/references/entity-framework.md +409 -0
  124. package/skills/dotnet/csharp-developer/references/modern-csharp.md +248 -0
  125. package/skills/dotnet/csharp-developer/references/performance.md +498 -0
  126. package/skills/dotnet/dotnet-core-expert/SKILL.md +138 -0
  127. package/skills/dotnet/dotnet-core-expert/references/authentication.md +546 -0
  128. package/skills/dotnet/dotnet-core-expert/references/clean-architecture.md +455 -0
  129. package/skills/dotnet/dotnet-core-expert/references/cloud-native.md +548 -0
  130. package/skills/dotnet/dotnet-core-expert/references/entity-framework.md +440 -0
  131. package/skills/dotnet/dotnet-core-expert/references/minimal-apis.md +319 -0
  132. package/skills/frontend/angular-architect/SKILL.md +152 -0
  133. package/skills/frontend/angular-architect/references/components.md +297 -0
  134. package/skills/frontend/angular-architect/references/ngrx.md +401 -0
  135. package/skills/frontend/angular-architect/references/routing.md +361 -0
  136. package/skills/frontend/angular-architect/references/rxjs.md +319 -0
  137. package/skills/frontend/angular-architect/references/testing.md +405 -0
  138. package/skills/frontend/flutter-expert/SKILL.md +138 -0
  139. package/skills/frontend/flutter-expert/references/bloc-state.md +259 -0
  140. package/skills/frontend/flutter-expert/references/gorouter-navigation.md +119 -0
  141. package/skills/frontend/flutter-expert/references/performance.md +99 -0
  142. package/skills/frontend/flutter-expert/references/project-structure.md +118 -0
  143. package/skills/frontend/flutter-expert/references/riverpod-state.md +130 -0
  144. package/skills/frontend/flutter-expert/references/widget-patterns.md +123 -0
  145. package/skills/frontend/nextjs-developer/SKILL.md +143 -0
  146. package/skills/frontend/nextjs-developer/references/app-router.md +311 -0
  147. package/skills/frontend/nextjs-developer/references/data-fetching.md +482 -0
  148. package/skills/frontend/nextjs-developer/references/deployment.md +545 -0
  149. package/skills/frontend/nextjs-developer/references/server-actions.md +462 -0
  150. package/skills/frontend/nextjs-developer/references/server-components.md +384 -0
  151. package/skills/frontend/react-expert/SKILL.md +149 -0
  152. package/skills/frontend/react-expert/references/hooks-patterns.md +162 -0
  153. package/skills/frontend/react-expert/references/migration-class-to-modern.md +1119 -0
  154. package/skills/frontend/react-expert/references/performance.md +168 -0
  155. package/skills/frontend/react-expert/references/react-19-features.md +174 -0
  156. package/skills/frontend/react-expert/references/server-components.md +143 -0
  157. package/skills/frontend/react-expert/references/state-management.md +171 -0
  158. package/skills/frontend/react-expert/references/testing-react.md +174 -0
  159. package/skills/frontend/react-native-expert/SKILL.md +185 -0
  160. package/skills/frontend/react-native-expert/references/expo-router.md +187 -0
  161. package/skills/frontend/react-native-expert/references/list-optimization.md +204 -0
  162. package/skills/frontend/react-native-expert/references/platform-handling.md +188 -0
  163. package/skills/frontend/react-native-expert/references/project-structure.md +171 -0
  164. package/skills/frontend/react-native-expert/references/storage-hooks.md +173 -0
  165. package/skills/frontend/vue-expert/SKILL.md +98 -0
  166. package/skills/frontend/vue-expert/references/build-tooling.md +480 -0
  167. package/skills/frontend/vue-expert/references/components.md +448 -0
  168. package/skills/frontend/vue-expert/references/composition-api.md +299 -0
  169. package/skills/frontend/vue-expert/references/mobile-hybrid.md +636 -0
  170. package/skills/frontend/vue-expert/references/nuxt.md +669 -0
  171. package/skills/frontend/vue-expert/references/state-management.md +449 -0
  172. package/skills/frontend/vue-expert/references/typescript.md +584 -0
  173. package/skills/frontend/vue-expert-js/SKILL.md +167 -0
  174. package/skills/frontend/vue-expert-js/references/component-architecture.md +219 -0
  175. package/skills/frontend/vue-expert-js/references/composables-patterns.md +183 -0
  176. package/skills/frontend/vue-expert-js/references/jsdoc-typing.md +535 -0
  177. package/skills/frontend/vue-expert-js/references/state-management.md +249 -0
  178. package/skills/frontend/vue-expert-js/references/testing-patterns.md +237 -0
  179. package/skills/go-rust-cpp/cpp-pro/SKILL.md +115 -0
  180. package/skills/go-rust-cpp/cpp-pro/references/build-tooling.md +440 -0
  181. package/skills/go-rust-cpp/cpp-pro/references/concurrency.md +437 -0
  182. package/skills/go-rust-cpp/cpp-pro/references/memory-performance.md +397 -0
  183. package/skills/go-rust-cpp/cpp-pro/references/modern-cpp.md +304 -0
  184. package/skills/go-rust-cpp/cpp-pro/references/templates.md +357 -0
  185. package/skills/go-rust-cpp/golang-pro/SKILL.md +122 -0
  186. package/skills/go-rust-cpp/golang-pro/references/concurrency.md +329 -0
  187. package/skills/go-rust-cpp/golang-pro/references/generics.md +442 -0
  188. package/skills/go-rust-cpp/golang-pro/references/interfaces.md +432 -0
  189. package/skills/go-rust-cpp/golang-pro/references/project-structure.md +477 -0
  190. package/skills/go-rust-cpp/golang-pro/references/testing.md +451 -0
  191. package/skills/go-rust-cpp/rust-engineer/SKILL.md +167 -0
  192. package/skills/go-rust-cpp/rust-engineer/references/async.md +458 -0
  193. package/skills/go-rust-cpp/rust-engineer/references/error-handling.md +334 -0
  194. package/skills/go-rust-cpp/rust-engineer/references/ownership.md +278 -0
  195. package/skills/go-rust-cpp/rust-engineer/references/testing.md +470 -0
  196. package/skills/go-rust-cpp/rust-engineer/references/traits.md +413 -0
  197. package/skills/infra/cli-developer/SKILL.md +113 -0
  198. package/skills/infra/cli-developer/references/design-patterns.md +221 -0
  199. package/skills/infra/cli-developer/references/go-cli.md +540 -0
  200. package/skills/infra/cli-developer/references/node-cli.md +383 -0
  201. package/skills/infra/cli-developer/references/python-cli.md +422 -0
  202. package/skills/infra/cli-developer/references/ux-patterns.md +448 -0
  203. package/skills/infra/cloud-architect/SKILL.md +216 -0
  204. package/skills/infra/cloud-architect/references/aws.md +394 -0
  205. package/skills/infra/cloud-architect/references/azure.md +562 -0
  206. package/skills/infra/cloud-architect/references/cost.md +582 -0
  207. package/skills/infra/cloud-architect/references/gcp.md +633 -0
  208. package/skills/infra/cloud-architect/references/multi-cloud.md +483 -0
  209. package/skills/infra/devops-engineer/SKILL.md +144 -0
  210. package/skills/infra/devops-engineer/references/deployment-strategies.md +241 -0
  211. package/skills/infra/devops-engineer/references/docker-patterns.md +113 -0
  212. package/skills/infra/devops-engineer/references/github-actions.md +139 -0
  213. package/skills/infra/devops-engineer/references/incident-response.md +331 -0
  214. package/skills/infra/devops-engineer/references/kubernetes.md +154 -0
  215. package/skills/infra/devops-engineer/references/platform-engineering.md +417 -0
  216. package/skills/infra/devops-engineer/references/release-automation.md +527 -0
  217. package/skills/infra/devops-engineer/references/terraform-iac.md +141 -0
  218. package/skills/infra/kubernetes-specialist/SKILL.md +241 -0
  219. package/skills/infra/kubernetes-specialist/references/configuration.md +452 -0
  220. package/skills/infra/kubernetes-specialist/references/cost-optimization.md +458 -0
  221. package/skills/infra/kubernetes-specialist/references/custom-operators.md +563 -0
  222. package/skills/infra/kubernetes-specialist/references/gitops.md +530 -0
  223. package/skills/infra/kubernetes-specialist/references/helm-charts.md +912 -0
  224. package/skills/infra/kubernetes-specialist/references/multi-cluster.md +507 -0
  225. package/skills/infra/kubernetes-specialist/references/networking.md +447 -0
  226. package/skills/infra/kubernetes-specialist/references/service-mesh.md +459 -0
  227. package/skills/infra/kubernetes-specialist/references/storage.md +535 -0
  228. package/skills/infra/kubernetes-specialist/references/troubleshooting.md +414 -0
  229. package/skills/infra/kubernetes-specialist/references/workloads.md +377 -0
  230. package/skills/infra/mcp-developer/SKILL.md +143 -0
  231. package/skills/infra/mcp-developer/references/protocol.md +244 -0
  232. package/skills/infra/mcp-developer/references/python-sdk.md +367 -0
  233. package/skills/infra/mcp-developer/references/resources.md +554 -0
  234. package/skills/infra/mcp-developer/references/tools.md +480 -0
  235. package/skills/infra/mcp-developer/references/typescript-sdk.md +350 -0
  236. package/skills/infra/monitoring-expert/SKILL.md +176 -0
  237. package/skills/infra/monitoring-expert/references/alerting-rules.md +141 -0
  238. package/skills/infra/monitoring-expert/references/application-profiling.md +331 -0
  239. package/skills/infra/monitoring-expert/references/capacity-planning.md +344 -0
  240. package/skills/infra/monitoring-expert/references/dashboards.md +126 -0
  241. package/skills/infra/monitoring-expert/references/opentelemetry.md +123 -0
  242. package/skills/infra/monitoring-expert/references/performance-testing.md +269 -0
  243. package/skills/infra/monitoring-expert/references/prometheus-metrics.md +136 -0
  244. package/skills/infra/monitoring-expert/references/structured-logging.md +142 -0
  245. package/skills/infra/sre-engineer/SKILL.md +181 -0
  246. package/skills/infra/sre-engineer/references/automation-toil.md +492 -0
  247. package/skills/infra/sre-engineer/references/error-budget-policy.md +334 -0
  248. package/skills/infra/sre-engineer/references/incident-chaos.md +576 -0
  249. package/skills/infra/sre-engineer/references/monitoring-alerting.md +424 -0
  250. package/skills/infra/sre-engineer/references/slo-sli-management.md +238 -0
  251. package/skills/infra/terraform-engineer/SKILL.md +143 -0
  252. package/skills/infra/terraform-engineer/references/best-practices.md +583 -0
  253. package/skills/infra/terraform-engineer/references/module-patterns.md +297 -0
  254. package/skills/infra/terraform-engineer/references/providers.md +452 -0
  255. package/skills/infra/terraform-engineer/references/state-management.md +371 -0
  256. package/skills/infra/terraform-engineer/references/testing.md +486 -0
  257. package/skills/infra/websocket-engineer/SKILL.md +168 -0
  258. package/skills/infra/websocket-engineer/references/alternatives.md +391 -0
  259. package/skills/infra/websocket-engineer/references/patterns.md +400 -0
  260. package/skills/infra/websocket-engineer/references/protocol.md +195 -0
  261. package/skills/infra/websocket-engineer/references/scaling.md +333 -0
  262. package/skills/infra/websocket-engineer/references/security.md +474 -0
  263. package/skills/java/java-architect/SKILL.md +132 -0
  264. package/skills/java/java-architect/references/jpa-optimization.md +393 -0
  265. package/skills/java/java-architect/references/reactive-webflux.md +356 -0
  266. package/skills/java/java-architect/references/spring-boot-setup.md +269 -0
  267. package/skills/java/java-architect/references/spring-security.md +445 -0
  268. package/skills/java/java-architect/references/testing-patterns.md +500 -0
  269. package/skills/java/kotlin-specialist/SKILL.md +147 -0
  270. package/skills/java/kotlin-specialist/references/android-compose.md +419 -0
  271. package/skills/java/kotlin-specialist/references/coroutines-flow.md +276 -0
  272. package/skills/java/kotlin-specialist/references/dsl-idioms.md +421 -0
  273. package/skills/java/kotlin-specialist/references/ktor-server.md +426 -0
  274. package/skills/java/kotlin-specialist/references/multiplatform-kmp.md +380 -0
  275. package/skills/java/spring-boot-engineer/SKILL.md +195 -0
  276. package/skills/java/spring-boot-engineer/references/cloud.md +498 -0
  277. package/skills/java/spring-boot-engineer/references/data.md +381 -0
  278. package/skills/java/spring-boot-engineer/references/security.md +459 -0
  279. package/skills/java/spring-boot-engineer/references/testing.md +545 -0
  280. package/skills/java/spring-boot-engineer/references/web.md +295 -0
  281. package/skills/javascript/javascript-pro/SKILL.md +132 -0
  282. package/skills/javascript/javascript-pro/references/async-patterns.md +334 -0
  283. package/skills/javascript/javascript-pro/references/browser-apis.md +398 -0
  284. package/skills/javascript/javascript-pro/references/modern-syntax.md +272 -0
  285. package/skills/javascript/javascript-pro/references/modules.md +357 -0
  286. package/skills/javascript/javascript-pro/references/node-essentials.md +471 -0
  287. package/skills/javascript/nestjs-expert/SKILL.md +206 -0
  288. package/skills/javascript/nestjs-expert/references/authentication.md +166 -0
  289. package/skills/javascript/nestjs-expert/references/controllers-routing.md +111 -0
  290. package/skills/javascript/nestjs-expert/references/dtos-validation.md +153 -0
  291. package/skills/javascript/nestjs-expert/references/migration-from-express.md +1237 -0
  292. package/skills/javascript/nestjs-expert/references/services-di.md +140 -0
  293. package/skills/javascript/nestjs-expert/references/testing-patterns.md +186 -0
  294. package/skills/javascript/typescript-pro/SKILL.md +145 -0
  295. package/skills/javascript/typescript-pro/references/advanced-types.md +259 -0
  296. package/skills/javascript/typescript-pro/references/configuration.md +445 -0
  297. package/skills/javascript/typescript-pro/references/patterns.md +484 -0
  298. package/skills/javascript/typescript-pro/references/type-guards.md +352 -0
  299. package/skills/javascript/typescript-pro/references/utility-types.md +329 -0
  300. package/skills/php/laravel-specialist/SKILL.md +262 -0
  301. package/skills/php/laravel-specialist/references/eloquent.md +351 -0
  302. package/skills/php/laravel-specialist/references/livewire.md +512 -0
  303. package/skills/php/laravel-specialist/references/queues.md +423 -0
  304. package/skills/php/laravel-specialist/references/routing.md +362 -0
  305. package/skills/php/laravel-specialist/references/testing.md +522 -0
  306. package/skills/php/php-pro/SKILL.md +206 -0
  307. package/skills/php/php-pro/references/async-patterns.md +412 -0
  308. package/skills/php/php-pro/references/laravel-patterns.md +377 -0
  309. package/skills/php/php-pro/references/modern-php-features.md +323 -0
  310. package/skills/php/php-pro/references/symfony-patterns.md +466 -0
  311. package/skills/php/php-pro/references/testing-quality.md +466 -0
  312. package/skills/python/django-expert/SKILL.md +162 -0
  313. package/skills/python/django-expert/references/authentication.md +145 -0
  314. package/skills/python/django-expert/references/drf-serializers.md +148 -0
  315. package/skills/python/django-expert/references/models-orm.md +151 -0
  316. package/skills/python/django-expert/references/testing-django.md +204 -0
  317. package/skills/python/django-expert/references/viewsets-views.md +153 -0
  318. package/skills/python/fastapi-expert/SKILL.md +185 -0
  319. package/skills/python/fastapi-expert/references/async-sqlalchemy.md +146 -0
  320. package/skills/python/fastapi-expert/references/authentication.md +159 -0
  321. package/skills/python/fastapi-expert/references/endpoints-routing.md +142 -0
  322. package/skills/python/fastapi-expert/references/migration-from-django.md +997 -0
  323. package/skills/python/fastapi-expert/references/pydantic-v2.md +135 -0
  324. package/skills/python/fastapi-expert/references/testing-async.md +159 -0
  325. package/skills/python/pandas-pro/SKILL.md +178 -0
  326. package/skills/python/pandas-pro/references/aggregation-groupby.md +545 -0
  327. package/skills/python/pandas-pro/references/data-cleaning.md +500 -0
  328. package/skills/python/pandas-pro/references/dataframe-operations.md +420 -0
  329. package/skills/python/pandas-pro/references/merging-joining.md +596 -0
  330. package/skills/python/pandas-pro/references/performance-optimization.md +597 -0
  331. package/skills/python/python-pro/SKILL.md +177 -0
  332. package/skills/python/python-pro/references/async-patterns.md +356 -0
  333. package/skills/python/python-pro/references/packaging.md +460 -0
  334. package/skills/python/python-pro/references/standard-library.md +378 -0
  335. package/skills/python/python-pro/references/testing.md +404 -0
  336. package/skills/python/python-pro/references/type-system.md +290 -0
  337. package/skills/quality/chaos-engineer/SKILL.md +182 -0
  338. package/skills/quality/chaos-engineer/references/chaos-tools.md +511 -0
  339. package/skills/quality/chaos-engineer/references/experiment-design.md +229 -0
  340. package/skills/quality/chaos-engineer/references/game-days.md +434 -0
  341. package/skills/quality/chaos-engineer/references/infrastructure-chaos.md +348 -0
  342. package/skills/quality/chaos-engineer/references/kubernetes-chaos.md +432 -0
  343. package/skills/quality/code-reviewer/SKILL.md +119 -0
  344. package/skills/quality/code-reviewer/references/common-issues.md +142 -0
  345. package/skills/quality/code-reviewer/references/feedback-examples.md +144 -0
  346. package/skills/quality/code-reviewer/references/receiving-feedback.md +238 -0
  347. package/skills/quality/code-reviewer/references/report-template.md +109 -0
  348. package/skills/quality/code-reviewer/references/review-checklist.md +88 -0
  349. package/skills/quality/code-reviewer/references/spec-compliance-review.md +258 -0
  350. package/skills/quality/playwright-expert/SKILL.md +169 -0
  351. package/skills/quality/playwright-expert/references/api-mocking.md +140 -0
  352. package/skills/quality/playwright-expert/references/configuration.md +155 -0
  353. package/skills/quality/playwright-expert/references/debugging-flaky.md +150 -0
  354. package/skills/quality/playwright-expert/references/page-object-model.md +152 -0
  355. package/skills/quality/playwright-expert/references/selectors-locators.md +119 -0
  356. package/skills/quality/secure-code-guardian/SKILL.md +191 -0
  357. package/skills/quality/secure-code-guardian/references/authentication.md +136 -0
  358. package/skills/quality/secure-code-guardian/references/input-validation.md +146 -0
  359. package/skills/quality/secure-code-guardian/references/owasp-prevention.md +135 -0
  360. package/skills/quality/secure-code-guardian/references/security-headers.md +133 -0
  361. package/skills/quality/secure-code-guardian/references/xss-csrf.md +157 -0
  362. package/skills/quality/security-reviewer/SKILL.md +103 -0
  363. package/skills/quality/security-reviewer/references/infrastructure-security.md +268 -0
  364. package/skills/quality/security-reviewer/references/penetration-testing.md +268 -0
  365. package/skills/quality/security-reviewer/references/report-template.md +170 -0
  366. package/skills/quality/security-reviewer/references/sast-tools.md +117 -0
  367. package/skills/quality/security-reviewer/references/secret-scanning.md +125 -0
  368. package/skills/quality/security-reviewer/references/vulnerability-patterns.md +152 -0
  369. package/skills/quality/tdd-guide/assets/sample_coverage_report.lcov +0 -0
  370. package/skills/quality/test-master/SKILL.md +94 -0
  371. package/skills/quality/test-master/references/automation-frameworks.md +294 -0
  372. package/skills/quality/test-master/references/e2e-testing.md +128 -0
  373. package/skills/quality/test-master/references/integration-testing.md +120 -0
  374. package/skills/quality/test-master/references/performance-testing.md +118 -0
  375. package/skills/quality/test-master/references/qa-methodology.md +247 -0
  376. package/skills/quality/test-master/references/security-testing.md +127 -0
  377. package/skills/quality/test-master/references/tdd-iron-laws.md +174 -0
  378. package/skills/quality/test-master/references/test-reports.md +104 -0
  379. package/skills/quality/test-master/references/testing-anti-patterns.md +231 -0
  380. package/skills/quality/test-master/references/unit-testing.md +113 -0
  381. package/skills/ruby/rails-expert/SKILL.md +154 -0
  382. package/skills/ruby/rails-expert/references/active-record.md +244 -0
  383. package/skills/ruby/rails-expert/references/api-development.md +401 -0
  384. package/skills/ruby/rails-expert/references/background-jobs.md +272 -0
  385. package/skills/ruby/rails-expert/references/hotwire-turbo.md +228 -0
  386. package/skills/ruby/rails-expert/references/rspec-testing.md +367 -0
  387. package/skills/swift/swift-expert/SKILL.md +163 -0
  388. package/skills/swift/swift-expert/references/async-concurrency.md +360 -0
  389. package/skills/swift/swift-expert/references/memory-performance.md +377 -0
  390. package/skills/swift/swift-expert/references/protocol-oriented.md +354 -0
  391. package/skills/swift/swift-expert/references/swiftui-patterns.md +291 -0
  392. package/skills/swift/swift-expert/references/testing-patterns.md +399 -0
  393. package/skills/workflow/brainstorming/SKILL.md +164 -0
  394. package/skills/workflow/brainstorming/scripts/helper.js +88 -0
  395. package/skills/workflow/brainstorming/scripts/start-server.sh +148 -0
  396. package/skills/workflow/brainstorming/scripts/stop-server.sh +56 -0
  397. package/skills/workflow/brainstorming/spec-document-reviewer-prompt.md +49 -0
  398. package/skills/workflow/brainstorming/visual-companion.md +287 -0
  399. package/skills/workflow/documentation/SKILL.md +45 -0
  400. package/skills/workflow/entropy-management/SKILL.md +115 -0
  401. package/skills/workflow/executing-plans/SKILL.md +70 -0
  402. package/skills/workflow/finishing-a-development-branch/SKILL.md +200 -0
  403. package/skills/workflow/receiving-code-review/SKILL.md +213 -0
  404. package/skills/workflow/requesting-code-review/SKILL.md +105 -0
  405. package/skills/workflow/requesting-code-review/code-reviewer.md +146 -0
  406. package/skills/workflow/requirement-engineering/SKILL.md +111 -0
  407. package/skills/workflow/systematic-debugging/CREATION-LOG.md +119 -0
  408. package/skills/workflow/systematic-debugging/SKILL.md +296 -0
  409. package/skills/workflow/systematic-debugging/condition-based-waiting-example.ts +158 -0
  410. package/skills/workflow/systematic-debugging/condition-based-waiting.md +115 -0
  411. package/skills/workflow/systematic-debugging/defense-in-depth.md +122 -0
  412. package/skills/workflow/systematic-debugging/find-polluter.sh +63 -0
  413. package/skills/workflow/systematic-debugging/root-cause-tracing.md +169 -0
  414. package/skills/workflow/systematic-debugging/test-academic.md +14 -0
  415. package/skills/workflow/systematic-debugging/test-pressure-1.md +58 -0
  416. package/skills/workflow/systematic-debugging/test-pressure-2.md +68 -0
  417. package/skills/workflow/systematic-debugging/test-pressure-3.md +69 -0
  418. package/skills/workflow/using-git-worktrees/SKILL.md +218 -0
  419. package/skills/workflow/verification-before-completion/SKILL.md +139 -0
  420. package/skills/workflow/writing-plans/SKILL.md +151 -0
  421. package/skills/workflow/writing-plans/plan-document-reviewer-prompt.md +49 -0
  422. package/skills/workflow/writing-skills/SKILL.md +655 -0
  423. package/skills/workflow/writing-skills/anthropic-best-practices.md +1150 -0
  424. package/skills/workflow/writing-skills/examples/CLAUDE_MD_TESTING.md +189 -0
  425. package/skills/workflow/writing-skills/graphviz-conventions.dot +0 -0
  426. package/skills/workflow/writing-skills/persuasion-principles.md +187 -0
  427. package/skills/workflow/writing-skills/render-graphs.js +168 -0
  428. package/skills/workflow/writing-skills/testing-skills-with-subagents.md +384 -0
  429. package/skills/angular-architect/SKILL.md +0 -152
  430. package/skills/angular-architect/references/components.md +0 -297
  431. package/skills/angular-architect/references/ngrx.md +0 -401
  432. package/skills/angular-architect/references/routing.md +0 -361
  433. package/skills/angular-architect/references/rxjs.md +0 -319
  434. package/skills/angular-architect/references/testing.md +0 -405
  435. package/skills/api-designer/SKILL.md +0 -217
  436. package/skills/api-designer/references/error-handling.md +0 -541
  437. package/skills/api-designer/references/openapi.md +0 -824
  438. package/skills/api-designer/references/pagination.md +0 -494
  439. package/skills/api-designer/references/rest-patterns.md +0 -335
  440. package/skills/api-designer/references/versioning.md +0 -391
  441. package/skills/architecture-designer/SKILL.md +0 -117
  442. package/skills/architecture-designer/references/adr-template.md +0 -116
  443. package/skills/architecture-designer/references/architecture-patterns.md +0 -111
  444. package/skills/architecture-designer/references/database-selection.md +0 -102
  445. package/skills/architecture-designer/references/nfr-checklist.md +0 -112
  446. package/skills/architecture-designer/references/system-design.md +0 -100
  447. package/skills/brainstorming/SKILL.md +0 -164
  448. package/skills/brainstorming/scripts/helper.js +0 -88
  449. package/skills/brainstorming/scripts/start-server.sh +0 -148
  450. package/skills/brainstorming/scripts/stop-server.sh +0 -56
  451. package/skills/brainstorming/spec-document-reviewer-prompt.md +0 -49
  452. package/skills/brainstorming/visual-companion.md +0 -287
  453. package/skills/chaos-engineer/SKILL.md +0 -182
  454. package/skills/chaos-engineer/references/chaos-tools.md +0 -511
  455. package/skills/chaos-engineer/references/experiment-design.md +0 -229
  456. package/skills/chaos-engineer/references/game-days.md +0 -434
  457. package/skills/chaos-engineer/references/infrastructure-chaos.md +0 -348
  458. package/skills/chaos-engineer/references/kubernetes-chaos.md +0 -432
  459. package/skills/cli-developer/SKILL.md +0 -113
  460. package/skills/cli-developer/references/design-patterns.md +0 -221
  461. package/skills/cli-developer/references/go-cli.md +0 -540
  462. package/skills/cli-developer/references/node-cli.md +0 -383
  463. package/skills/cli-developer/references/python-cli.md +0 -422
  464. package/skills/cli-developer/references/ux-patterns.md +0 -448
  465. package/skills/cloud-architect/SKILL.md +0 -216
  466. package/skills/cloud-architect/references/aws.md +0 -394
  467. package/skills/cloud-architect/references/azure.md +0 -562
  468. package/skills/cloud-architect/references/cost.md +0 -582
  469. package/skills/cloud-architect/references/gcp.md +0 -633
  470. package/skills/cloud-architect/references/multi-cloud.md +0 -483
  471. package/skills/code-documenter/SKILL.md +0 -147
  472. package/skills/code-documenter/references/api-docs-fastapi-django.md +0 -166
  473. package/skills/code-documenter/references/api-docs-nestjs-express.md +0 -220
  474. package/skills/code-documenter/references/coverage-reports.md +0 -125
  475. package/skills/code-documenter/references/documentation-systems.md +0 -333
  476. package/skills/code-documenter/references/interactive-api-docs.md +0 -531
  477. package/skills/code-documenter/references/python-docstrings.md +0 -121
  478. package/skills/code-documenter/references/typescript-jsdoc.md +0 -145
  479. package/skills/code-documenter/references/user-guides-tutorials.md +0 -530
  480. package/skills/code-reviewer/SKILL.md +0 -119
  481. package/skills/code-reviewer/references/common-issues.md +0 -142
  482. package/skills/code-reviewer/references/feedback-examples.md +0 -144
  483. package/skills/code-reviewer/references/receiving-feedback.md +0 -238
  484. package/skills/code-reviewer/references/report-template.md +0 -109
  485. package/skills/code-reviewer/references/review-checklist.md +0 -88
  486. package/skills/code-reviewer/references/spec-compliance-review.md +0 -258
  487. package/skills/cpp-pro/SKILL.md +0 -115
  488. package/skills/cpp-pro/references/build-tooling.md +0 -440
  489. package/skills/cpp-pro/references/concurrency.md +0 -437
  490. package/skills/cpp-pro/references/memory-performance.md +0 -397
  491. package/skills/cpp-pro/references/modern-cpp.md +0 -304
  492. package/skills/cpp-pro/references/templates.md +0 -357
  493. package/skills/csharp-developer/SKILL.md +0 -125
  494. package/skills/csharp-developer/references/aspnet-core.md +0 -394
  495. package/skills/csharp-developer/references/blazor.md +0 -553
  496. package/skills/csharp-developer/references/entity-framework.md +0 -409
  497. package/skills/csharp-developer/references/modern-csharp.md +0 -248
  498. package/skills/csharp-developer/references/performance.md +0 -498
  499. package/skills/database-optimizer/SKILL.md +0 -147
  500. package/skills/database-optimizer/references/index-strategies.md +0 -331
  501. package/skills/database-optimizer/references/monitoring-analysis.md +0 -501
  502. package/skills/database-optimizer/references/mysql-tuning.md +0 -452
  503. package/skills/database-optimizer/references/postgresql-tuning.md +0 -413
  504. package/skills/database-optimizer/references/query-optimization.md +0 -251
  505. package/skills/debugging-wizard/SKILL.md +0 -105
  506. package/skills/debugging-wizard/references/common-patterns.md +0 -132
  507. package/skills/debugging-wizard/references/debugging-tools.md +0 -140
  508. package/skills/debugging-wizard/references/quick-fixes.md +0 -177
  509. package/skills/debugging-wizard/references/strategies.md +0 -142
  510. package/skills/debugging-wizard/references/systematic-debugging.md +0 -367
  511. package/skills/devops-engineer/SKILL.md +0 -144
  512. package/skills/devops-engineer/references/deployment-strategies.md +0 -241
  513. package/skills/devops-engineer/references/docker-patterns.md +0 -113
  514. package/skills/devops-engineer/references/github-actions.md +0 -139
  515. package/skills/devops-engineer/references/incident-response.md +0 -331
  516. package/skills/devops-engineer/references/kubernetes.md +0 -154
  517. package/skills/devops-engineer/references/platform-engineering.md +0 -417
  518. package/skills/devops-engineer/references/release-automation.md +0 -527
  519. package/skills/devops-engineer/references/terraform-iac.md +0 -141
  520. package/skills/django-expert/SKILL.md +0 -162
  521. package/skills/django-expert/references/authentication.md +0 -145
  522. package/skills/django-expert/references/drf-serializers.md +0 -148
  523. package/skills/django-expert/references/models-orm.md +0 -151
  524. package/skills/django-expert/references/testing-django.md +0 -204
  525. package/skills/django-expert/references/viewsets-views.md +0 -153
  526. package/skills/documentation/SKILL.md +0 -45
  527. package/skills/dotnet-core-expert/SKILL.md +0 -138
  528. package/skills/dotnet-core-expert/references/authentication.md +0 -546
  529. package/skills/dotnet-core-expert/references/clean-architecture.md +0 -455
  530. package/skills/dotnet-core-expert/references/cloud-native.md +0 -548
  531. package/skills/dotnet-core-expert/references/entity-framework.md +0 -440
  532. package/skills/dotnet-core-expert/references/minimal-apis.md +0 -319
  533. package/skills/entropy-management/SKILL.md +0 -115
  534. package/skills/executing-plans/SKILL.md +0 -70
  535. package/skills/fastapi-expert/SKILL.md +0 -185
  536. package/skills/fastapi-expert/references/async-sqlalchemy.md +0 -146
  537. package/skills/fastapi-expert/references/authentication.md +0 -159
  538. package/skills/fastapi-expert/references/endpoints-routing.md +0 -142
  539. package/skills/fastapi-expert/references/migration-from-django.md +0 -997
  540. package/skills/fastapi-expert/references/pydantic-v2.md +0 -135
  541. package/skills/fastapi-expert/references/testing-async.md +0 -159
  542. package/skills/feature-forge/SKILL.md +0 -98
  543. package/skills/feature-forge/references/acceptance-criteria.md +0 -104
  544. package/skills/feature-forge/references/ears-syntax.md +0 -99
  545. package/skills/feature-forge/references/interview-questions.md +0 -150
  546. package/skills/feature-forge/references/pre-discovery-subagents.md +0 -54
  547. package/skills/feature-forge/references/specification-template.md +0 -103
  548. package/skills/fine-tuning-expert/SKILL.md +0 -162
  549. package/skills/fine-tuning-expert/references/dataset-preparation.md +0 -540
  550. package/skills/fine-tuning-expert/references/deployment-optimization.md +0 -673
  551. package/skills/fine-tuning-expert/references/evaluation-metrics.md +0 -597
  552. package/skills/fine-tuning-expert/references/hyperparameter-tuning.md +0 -565
  553. package/skills/fine-tuning-expert/references/lora-peft.md +0 -347
  554. package/skills/finishing-a-development-branch/SKILL.md +0 -200
  555. package/skills/flutter-expert/SKILL.md +0 -138
  556. package/skills/flutter-expert/references/bloc-state.md +0 -259
  557. package/skills/flutter-expert/references/gorouter-navigation.md +0 -119
  558. package/skills/flutter-expert/references/performance.md +0 -99
  559. package/skills/flutter-expert/references/project-structure.md +0 -118
  560. package/skills/flutter-expert/references/riverpod-state.md +0 -130
  561. package/skills/flutter-expert/references/widget-patterns.md +0 -123
  562. package/skills/fullstack-guardian/SKILL.md +0 -105
  563. package/skills/fullstack-guardian/references/api-design-standards.md +0 -307
  564. package/skills/fullstack-guardian/references/architecture-decisions.md +0 -350
  565. package/skills/fullstack-guardian/references/backend-patterns.md +0 -237
  566. package/skills/fullstack-guardian/references/common-patterns.md +0 -134
  567. package/skills/fullstack-guardian/references/deliverables-checklist.md +0 -354
  568. package/skills/fullstack-guardian/references/design-template.md +0 -91
  569. package/skills/fullstack-guardian/references/error-handling.md +0 -135
  570. package/skills/fullstack-guardian/references/frontend-patterns.md +0 -340
  571. package/skills/fullstack-guardian/references/integration-patterns.md +0 -333
  572. package/skills/fullstack-guardian/references/security-checklist.md +0 -106
  573. package/skills/golang-pro/SKILL.md +0 -122
  574. package/skills/golang-pro/references/concurrency.md +0 -329
  575. package/skills/golang-pro/references/generics.md +0 -442
  576. package/skills/golang-pro/references/interfaces.md +0 -432
  577. package/skills/golang-pro/references/project-structure.md +0 -477
  578. package/skills/golang-pro/references/testing.md +0 -451
  579. package/skills/graphql-architect/SKILL.md +0 -146
  580. package/skills/graphql-architect/references/federation.md +0 -418
  581. package/skills/graphql-architect/references/migration-from-rest.md +0 -1141
  582. package/skills/graphql-architect/references/resolvers.md +0 -425
  583. package/skills/graphql-architect/references/schema-design.md +0 -393
  584. package/skills/graphql-architect/references/security.md +0 -569
  585. package/skills/graphql-architect/references/subscriptions.md +0 -510
  586. package/skills/java-architect/SKILL.md +0 -132
  587. package/skills/java-architect/references/jpa-optimization.md +0 -393
  588. package/skills/java-architect/references/reactive-webflux.md +0 -356
  589. package/skills/java-architect/references/spring-boot-setup.md +0 -269
  590. package/skills/java-architect/references/spring-security.md +0 -445
  591. package/skills/java-architect/references/testing-patterns.md +0 -500
  592. package/skills/javascript-pro/SKILL.md +0 -132
  593. package/skills/javascript-pro/references/async-patterns.md +0 -334
  594. package/skills/javascript-pro/references/browser-apis.md +0 -398
  595. package/skills/javascript-pro/references/modern-syntax.md +0 -272
  596. package/skills/javascript-pro/references/modules.md +0 -357
  597. package/skills/javascript-pro/references/node-essentials.md +0 -471
  598. package/skills/kotlin-specialist/SKILL.md +0 -147
  599. package/skills/kotlin-specialist/references/android-compose.md +0 -419
  600. package/skills/kotlin-specialist/references/coroutines-flow.md +0 -276
  601. package/skills/kotlin-specialist/references/dsl-idioms.md +0 -421
  602. package/skills/kotlin-specialist/references/ktor-server.md +0 -426
  603. package/skills/kotlin-specialist/references/multiplatform-kmp.md +0 -380
  604. package/skills/kubernetes-specialist/SKILL.md +0 -241
  605. package/skills/kubernetes-specialist/references/configuration.md +0 -452
  606. package/skills/kubernetes-specialist/references/cost-optimization.md +0 -458
  607. package/skills/kubernetes-specialist/references/custom-operators.md +0 -563
  608. package/skills/kubernetes-specialist/references/gitops.md +0 -530
  609. package/skills/kubernetes-specialist/references/helm-charts.md +0 -912
  610. package/skills/kubernetes-specialist/references/multi-cluster.md +0 -507
  611. package/skills/kubernetes-specialist/references/networking.md +0 -447
  612. package/skills/kubernetes-specialist/references/service-mesh.md +0 -459
  613. package/skills/kubernetes-specialist/references/storage.md +0 -535
  614. package/skills/kubernetes-specialist/references/troubleshooting.md +0 -414
  615. package/skills/kubernetes-specialist/references/workloads.md +0 -377
  616. package/skills/laravel-specialist/SKILL.md +0 -262
  617. package/skills/laravel-specialist/references/eloquent.md +0 -351
  618. package/skills/laravel-specialist/references/livewire.md +0 -512
  619. package/skills/laravel-specialist/references/queues.md +0 -423
  620. package/skills/laravel-specialist/references/routing.md +0 -362
  621. package/skills/laravel-specialist/references/testing.md +0 -522
  622. package/skills/legacy-modernizer/SKILL.md +0 -137
  623. package/skills/legacy-modernizer/references/legacy-testing.md +0 -381
  624. package/skills/legacy-modernizer/references/migration-strategies.md +0 -423
  625. package/skills/legacy-modernizer/references/refactoring-patterns.md +0 -395
  626. package/skills/legacy-modernizer/references/strangler-fig-pattern.md +0 -281
  627. package/skills/legacy-modernizer/references/system-assessment.md +0 -487
  628. package/skills/mcp-developer/SKILL.md +0 -143
  629. package/skills/mcp-developer/references/protocol.md +0 -244
  630. package/skills/mcp-developer/references/python-sdk.md +0 -367
  631. package/skills/mcp-developer/references/resources.md +0 -554
  632. package/skills/mcp-developer/references/tools.md +0 -480
  633. package/skills/mcp-developer/references/typescript-sdk.md +0 -350
  634. package/skills/microservices-architect/SKILL.md +0 -164
  635. package/skills/microservices-architect/references/communication.md +0 -499
  636. package/skills/microservices-architect/references/data.md +0 -721
  637. package/skills/microservices-architect/references/decomposition.md +0 -344
  638. package/skills/microservices-architect/references/observability.md +0 -805
  639. package/skills/microservices-architect/references/patterns.md +0 -603
  640. package/skills/ml-pipeline/SKILL.md +0 -159
  641. package/skills/ml-pipeline/references/experiment-tracking.md +0 -833
  642. package/skills/ml-pipeline/references/feature-engineering.md +0 -631
  643. package/skills/ml-pipeline/references/model-validation.md +0 -978
  644. package/skills/ml-pipeline/references/pipeline-orchestration.md +0 -907
  645. package/skills/ml-pipeline/references/training-pipelines.md +0 -782
  646. package/skills/monitoring-expert/SKILL.md +0 -176
  647. package/skills/monitoring-expert/references/alerting-rules.md +0 -141
  648. package/skills/monitoring-expert/references/application-profiling.md +0 -331
  649. package/skills/monitoring-expert/references/capacity-planning.md +0 -344
  650. package/skills/monitoring-expert/references/dashboards.md +0 -126
  651. package/skills/monitoring-expert/references/opentelemetry.md +0 -123
  652. package/skills/monitoring-expert/references/performance-testing.md +0 -269
  653. package/skills/monitoring-expert/references/prometheus-metrics.md +0 -136
  654. package/skills/monitoring-expert/references/structured-logging.md +0 -142
  655. package/skills/nestjs-expert/SKILL.md +0 -206
  656. package/skills/nestjs-expert/references/authentication.md +0 -166
  657. package/skills/nestjs-expert/references/controllers-routing.md +0 -111
  658. package/skills/nestjs-expert/references/dtos-validation.md +0 -153
  659. package/skills/nestjs-expert/references/migration-from-express.md +0 -1237
  660. package/skills/nestjs-expert/references/services-di.md +0 -140
  661. package/skills/nestjs-expert/references/testing-patterns.md +0 -186
  662. package/skills/nextjs-developer/SKILL.md +0 -143
  663. package/skills/nextjs-developer/references/app-router.md +0 -311
  664. package/skills/nextjs-developer/references/data-fetching.md +0 -482
  665. package/skills/nextjs-developer/references/deployment.md +0 -545
  666. package/skills/nextjs-developer/references/server-actions.md +0 -462
  667. package/skills/nextjs-developer/references/server-components.md +0 -384
  668. package/skills/pandas-pro/SKILL.md +0 -178
  669. package/skills/pandas-pro/references/aggregation-groupby.md +0 -545
  670. package/skills/pandas-pro/references/data-cleaning.md +0 -500
  671. package/skills/pandas-pro/references/dataframe-operations.md +0 -420
  672. package/skills/pandas-pro/references/merging-joining.md +0 -596
  673. package/skills/pandas-pro/references/performance-optimization.md +0 -597
  674. package/skills/php-pro/SKILL.md +0 -206
  675. package/skills/php-pro/references/async-patterns.md +0 -412
  676. package/skills/php-pro/references/laravel-patterns.md +0 -377
  677. package/skills/php-pro/references/modern-php-features.md +0 -323
  678. package/skills/php-pro/references/symfony-patterns.md +0 -466
  679. package/skills/php-pro/references/testing-quality.md +0 -466
  680. package/skills/playwright-expert/SKILL.md +0 -169
  681. package/skills/playwright-expert/references/api-mocking.md +0 -140
  682. package/skills/playwright-expert/references/configuration.md +0 -155
  683. package/skills/playwright-expert/references/debugging-flaky.md +0 -150
  684. package/skills/playwright-expert/references/page-object-model.md +0 -152
  685. package/skills/playwright-expert/references/selectors-locators.md +0 -119
  686. package/skills/postgres-pro/SKILL.md +0 -152
  687. package/skills/postgres-pro/references/extensions.md +0 -404
  688. package/skills/postgres-pro/references/jsonb.md +0 -321
  689. package/skills/postgres-pro/references/maintenance.md +0 -481
  690. package/skills/postgres-pro/references/performance.md +0 -265
  691. package/skills/postgres-pro/references/replication.md +0 -446
  692. package/skills/python-pro/SKILL.md +0 -177
  693. package/skills/python-pro/references/async-patterns.md +0 -356
  694. package/skills/python-pro/references/packaging.md +0 -460
  695. package/skills/python-pro/references/standard-library.md +0 -378
  696. package/skills/python-pro/references/testing.md +0 -404
  697. package/skills/python-pro/references/type-system.md +0 -290
  698. package/skills/rag-architect/SKILL.md +0 -194
  699. package/skills/rag-architect/references/chunking-strategies.md +0 -878
  700. package/skills/rag-architect/references/embedding-models.md +0 -561
  701. package/skills/rag-architect/references/rag-evaluation.md +0 -833
  702. package/skills/rag-architect/references/retrieval-optimization.md +0 -795
  703. package/skills/rag-architect/references/vector-databases.md +0 -589
  704. package/skills/rails-expert/SKILL.md +0 -154
  705. package/skills/rails-expert/references/active-record.md +0 -244
  706. package/skills/rails-expert/references/api-development.md +0 -401
  707. package/skills/rails-expert/references/background-jobs.md +0 -272
  708. package/skills/rails-expert/references/hotwire-turbo.md +0 -228
  709. package/skills/rails-expert/references/rspec-testing.md +0 -367
  710. package/skills/react-expert/SKILL.md +0 -149
  711. package/skills/react-expert/references/hooks-patterns.md +0 -162
  712. package/skills/react-expert/references/migration-class-to-modern.md +0 -1119
  713. package/skills/react-expert/references/performance.md +0 -168
  714. package/skills/react-expert/references/react-19-features.md +0 -174
  715. package/skills/react-expert/references/server-components.md +0 -143
  716. package/skills/react-expert/references/state-management.md +0 -171
  717. package/skills/react-expert/references/testing-react.md +0 -174
  718. package/skills/react-native-expert/SKILL.md +0 -185
  719. package/skills/react-native-expert/references/expo-router.md +0 -187
  720. package/skills/react-native-expert/references/list-optimization.md +0 -204
  721. package/skills/react-native-expert/references/platform-handling.md +0 -188
  722. package/skills/react-native-expert/references/project-structure.md +0 -171
  723. package/skills/react-native-expert/references/storage-hooks.md +0 -173
  724. package/skills/receiving-code-review/SKILL.md +0 -213
  725. package/skills/requesting-code-review/SKILL.md +0 -105
  726. package/skills/requesting-code-review/code-reviewer.md +0 -146
  727. package/skills/requirement-engineering/SKILL.md +0 -111
  728. package/skills/rust-engineer/SKILL.md +0 -167
  729. package/skills/rust-engineer/references/async.md +0 -458
  730. package/skills/rust-engineer/references/error-handling.md +0 -334
  731. package/skills/rust-engineer/references/ownership.md +0 -278
  732. package/skills/rust-engineer/references/testing.md +0 -470
  733. package/skills/rust-engineer/references/traits.md +0 -413
  734. package/skills/secure-code-guardian/SKILL.md +0 -191
  735. package/skills/secure-code-guardian/references/authentication.md +0 -136
  736. package/skills/secure-code-guardian/references/input-validation.md +0 -146
  737. package/skills/secure-code-guardian/references/owasp-prevention.md +0 -135
  738. package/skills/secure-code-guardian/references/security-headers.md +0 -133
  739. package/skills/secure-code-guardian/references/xss-csrf.md +0 -157
  740. package/skills/security-reviewer/SKILL.md +0 -103
  741. package/skills/security-reviewer/references/infrastructure-security.md +0 -268
  742. package/skills/security-reviewer/references/penetration-testing.md +0 -268
  743. package/skills/security-reviewer/references/report-template.md +0 -170
  744. package/skills/security-reviewer/references/sast-tools.md +0 -117
  745. package/skills/security-reviewer/references/secret-scanning.md +0 -125
  746. package/skills/security-reviewer/references/vulnerability-patterns.md +0 -152
  747. package/skills/spark-engineer/SKILL.md +0 -148
  748. package/skills/spark-engineer/references/partitioning-caching.md +0 -543
  749. package/skills/spark-engineer/references/performance-tuning.md +0 -544
  750. package/skills/spark-engineer/references/rdd-operations.md +0 -599
  751. package/skills/spark-engineer/references/spark-sql-dataframes.md +0 -474
  752. package/skills/spark-engineer/references/streaming-patterns.md +0 -786
  753. package/skills/spring-boot-engineer/SKILL.md +0 -195
  754. package/skills/spring-boot-engineer/references/cloud.md +0 -498
  755. package/skills/spring-boot-engineer/references/data.md +0 -381
  756. package/skills/spring-boot-engineer/references/security.md +0 -459
  757. package/skills/spring-boot-engineer/references/testing.md +0 -545
  758. package/skills/spring-boot-engineer/references/web.md +0 -295
  759. package/skills/sql-pro/SKILL.md +0 -129
  760. package/skills/sql-pro/references/database-design.md +0 -402
  761. package/skills/sql-pro/references/dialect-differences.md +0 -419
  762. package/skills/sql-pro/references/optimization.md +0 -384
  763. package/skills/sql-pro/references/query-patterns.md +0 -285
  764. package/skills/sql-pro/references/window-functions.md +0 -328
  765. package/skills/sre-engineer/SKILL.md +0 -181
  766. package/skills/sre-engineer/references/automation-toil.md +0 -492
  767. package/skills/sre-engineer/references/error-budget-policy.md +0 -334
  768. package/skills/sre-engineer/references/incident-chaos.md +0 -576
  769. package/skills/sre-engineer/references/monitoring-alerting.md +0 -424
  770. package/skills/sre-engineer/references/slo-sli-management.md +0 -238
  771. package/skills/swift-expert/SKILL.md +0 -163
  772. package/skills/swift-expert/references/async-concurrency.md +0 -360
  773. package/skills/swift-expert/references/memory-performance.md +0 -377
  774. package/skills/swift-expert/references/protocol-oriented.md +0 -354
  775. package/skills/swift-expert/references/swiftui-patterns.md +0 -291
  776. package/skills/swift-expert/references/testing-patterns.md +0 -399
  777. package/skills/systematic-debugging/CREATION-LOG.md +0 -119
  778. package/skills/systematic-debugging/SKILL.md +0 -296
  779. package/skills/systematic-debugging/condition-based-waiting-example.ts +0 -158
  780. package/skills/systematic-debugging/condition-based-waiting.md +0 -115
  781. package/skills/systematic-debugging/defense-in-depth.md +0 -122
  782. package/skills/systematic-debugging/find-polluter.sh +0 -63
  783. package/skills/systematic-debugging/root-cause-tracing.md +0 -169
  784. package/skills/systematic-debugging/test-academic.md +0 -14
  785. package/skills/systematic-debugging/test-pressure-1.md +0 -58
  786. package/skills/systematic-debugging/test-pressure-2.md +0 -68
  787. package/skills/systematic-debugging/test-pressure-3.md +0 -69
  788. package/skills/tdd-guide/assets/sample_coverage_report.lcov +0 -56
  789. package/skills/terraform-engineer/SKILL.md +0 -143
  790. package/skills/terraform-engineer/references/best-practices.md +0 -583
  791. package/skills/terraform-engineer/references/module-patterns.md +0 -297
  792. package/skills/terraform-engineer/references/providers.md +0 -452
  793. package/skills/terraform-engineer/references/state-management.md +0 -371
  794. package/skills/terraform-engineer/references/testing.md +0 -486
  795. package/skills/test-master/SKILL.md +0 -94
  796. package/skills/test-master/references/automation-frameworks.md +0 -294
  797. package/skills/test-master/references/e2e-testing.md +0 -128
  798. package/skills/test-master/references/integration-testing.md +0 -120
  799. package/skills/test-master/references/performance-testing.md +0 -118
  800. package/skills/test-master/references/qa-methodology.md +0 -247
  801. package/skills/test-master/references/security-testing.md +0 -127
  802. package/skills/test-master/references/tdd-iron-laws.md +0 -174
  803. package/skills/test-master/references/test-reports.md +0 -104
  804. package/skills/test-master/references/testing-anti-patterns.md +0 -231
  805. package/skills/test-master/references/unit-testing.md +0 -113
  806. package/skills/typescript-pro/SKILL.md +0 -145
  807. package/skills/typescript-pro/references/advanced-types.md +0 -259
  808. package/skills/typescript-pro/references/configuration.md +0 -445
  809. package/skills/typescript-pro/references/patterns.md +0 -484
  810. package/skills/typescript-pro/references/type-guards.md +0 -352
  811. package/skills/typescript-pro/references/utility-types.md +0 -329
  812. package/skills/using-git-worktrees/SKILL.md +0 -218
  813. package/skills/verification-before-completion/SKILL.md +0 -139
  814. package/skills/vue-expert/SKILL.md +0 -98
  815. package/skills/vue-expert/references/build-tooling.md +0 -480
  816. package/skills/vue-expert/references/components.md +0 -448
  817. package/skills/vue-expert/references/composition-api.md +0 -299
  818. package/skills/vue-expert/references/mobile-hybrid.md +0 -636
  819. package/skills/vue-expert/references/nuxt.md +0 -669
  820. package/skills/vue-expert/references/state-management.md +0 -449
  821. package/skills/vue-expert/references/typescript.md +0 -584
  822. package/skills/vue-expert-js/SKILL.md +0 -167
  823. package/skills/vue-expert-js/references/component-architecture.md +0 -219
  824. package/skills/vue-expert-js/references/composables-patterns.md +0 -183
  825. package/skills/vue-expert-js/references/jsdoc-typing.md +0 -535
  826. package/skills/vue-expert-js/references/state-management.md +0 -249
  827. package/skills/vue-expert-js/references/testing-patterns.md +0 -237
  828. package/skills/websocket-engineer/SKILL.md +0 -168
  829. package/skills/websocket-engineer/references/alternatives.md +0 -391
  830. package/skills/websocket-engineer/references/patterns.md +0 -400
  831. package/skills/websocket-engineer/references/protocol.md +0 -195
  832. package/skills/websocket-engineer/references/scaling.md +0 -333
  833. package/skills/websocket-engineer/references/security.md +0 -474
  834. package/skills/writing-plans/SKILL.md +0 -151
  835. package/skills/writing-plans/plan-document-reviewer-prompt.md +0 -49
  836. package/skills/writing-skills/SKILL.md +0 -655
  837. package/skills/writing-skills/anthropic-best-practices.md +0 -1150
  838. package/skills/writing-skills/examples/CLAUDE_MD_TESTING.md +0 -189
  839. package/skills/writing-skills/graphviz-conventions.dot +0 -172
  840. package/skills/writing-skills/persuasion-principles.md +0 -187
  841. package/skills/writing-skills/render-graphs.js +0 -168
  842. package/skills/writing-skills/testing-skills-with-subagents.md +0 -384
  843. /package/skills/{design-commands → frontend/design-commands}/design.md +0 -0
  844. /package/skills/{design-commands → frontend/design-commands}/handoff.md +0 -0
  845. /package/skills/{design-commands → frontend/design-commands}/prototype.md +0 -0
  846. /package/skills/{design-commands → frontend/design-commands}/spec.md +0 -0
  847. /package/skills/{design-commands → frontend/design-commands}/style.md +0 -0
  848. /package/skills/{senior-frontend → frontend/senior-frontend}/SKILL.md +0 -0
  849. /package/skills/{senior-frontend → frontend/senior-frontend}/references/frontend_best_practices.md +0 -0
  850. /package/skills/{senior-frontend → frontend/senior-frontend}/references/nextjs_optimization_guide.md +0 -0
  851. /package/skills/{senior-frontend → frontend/senior-frontend}/references/react_patterns.md +0 -0
  852. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/bundle_analyzer.py +0 -0
  853. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/component_generator.py +0 -0
  854. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/frontend_scaffolder.py +0 -0
  855. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/SKILL.md +0 -0
  856. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/charts.csv +0 -0
  857. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/colors.csv +0 -0
  858. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/icons.csv +0 -0
  859. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/landing.csv +0 -0
  860. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/products.csv +0 -0
  861. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/react-performance.csv +0 -0
  862. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/astro.csv +0 -0
  863. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/flutter.csv +0 -0
  864. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/html-tailwind.csv +0 -0
  865. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/jetpack-compose.csv +0 -0
  866. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nextjs.csv +0 -0
  867. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nuxt-ui.csv +0 -0
  868. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nuxtjs.csv +0 -0
  869. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/react-native.csv +0 -0
  870. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/react.csv +0 -0
  871. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/shadcn.csv +0 -0
  872. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/svelte.csv +0 -0
  873. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/swiftui.csv +0 -0
  874. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/vue.csv +0 -0
  875. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/styles.csv +0 -0
  876. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/typography.csv +0 -0
  877. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/ui-reasoning.csv +0 -0
  878. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/ux-guidelines.csv +0 -0
  879. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/web-interface.csv +0 -0
  880. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/core.py +0 -0
  881. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/design_system.py +0 -0
  882. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/search.py +0 -0
  883. /package/skills/{competitive-analysis → product/competitive-analysis}/SKILL.md +0 -0
  884. /package/skills/{meeting-notes → product/meeting-notes}/SKILL.md +0 -0
  885. /package/skills/{prd-template → product/prd-template}/SKILL.md +0 -0
  886. /package/skills/{stakeholder-update → product/stakeholder-update}/SKILL.md +0 -0
  887. /package/skills/{user-research-synthesis → product/user-research-synthesis}/SKILL.md +0 -0
  888. /package/skills/{senior-qa → quality/senior-qa}/README.md +0 -0
  889. /package/skills/{senior-qa → quality/senior-qa}/SKILL.md +0 -0
  890. /package/skills/{senior-qa → quality/senior-qa}/references/qa_best_practices.md +0 -0
  891. /package/skills/{senior-qa → quality/senior-qa}/references/test_automation_patterns.md +0 -0
  892. /package/skills/{senior-qa → quality/senior-qa}/references/testing_strategies.md +0 -0
  893. /package/skills/{senior-qa → quality/senior-qa}/scripts/coverage_analyzer.py +0 -0
  894. /package/skills/{senior-qa → quality/senior-qa}/scripts/e2e_test_scaffolder.py +0 -0
  895. /package/skills/{senior-qa → quality/senior-qa}/scripts/test_suite_generator.py +0 -0
  896. /package/skills/{tdd-guide → quality/tdd-guide}/HOW_TO_USE.md +0 -0
  897. /package/skills/{tdd-guide → quality/tdd-guide}/README.md +0 -0
  898. /package/skills/{tdd-guide → quality/tdd-guide}/SKILL.md +0 -0
  899. /package/skills/{tdd-guide → quality/tdd-guide}/assets/expected_output.json +0 -0
  900. /package/skills/{tdd-guide → quality/tdd-guide}/assets/sample_input_python.json +0 -0
  901. /package/skills/{tdd-guide → quality/tdd-guide}/assets/sample_input_typescript.json +0 -0
  902. /package/skills/{tdd-guide → quality/tdd-guide}/references/ci-integration.md +0 -0
  903. /package/skills/{tdd-guide → quality/tdd-guide}/references/framework-guide.md +0 -0
  904. /package/skills/{tdd-guide → quality/tdd-guide}/references/tdd-best-practices.md +0 -0
  905. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/coverage_analyzer.py +0 -0
  906. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/fixture_generator.py +0 -0
  907. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/format_detector.py +0 -0
  908. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/framework_adapter.py +0 -0
  909. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/metrics_calculator.py +0 -0
  910. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/output_formatter.py +0 -0
  911. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/tdd_workflow.py +0 -0
  912. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/test_generator.py +0 -0
  913. /package/skills/{brainstorming → workflow/brainstorming}/scripts/frame-template.html +0 -0
  914. /package/skills/{brainstorming → workflow/brainstorming}/scripts/server.cjs +0 -0
package/skills/security-reviewer/SKILL.md DELETED
@@ -1,103 +0,0 @@
1
- ---
2
- name: security-reviewer
3
- description: Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance. Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews, dependency audits, secrets scanning, or compliance checks. Produces vulnerability reports, prioritized recommendations, and compliance checklists.
4
- license: MIT
5
- allowed-tools: Read, Grep, Glob, Bash
6
- metadata:
7
- author: https://github.com/Jeffallan
8
- version: "1.1.1"
9
- domain: security
10
- triggers: security review, vulnerability scan, SAST, security audit, penetration test, code audit, security analysis, infrastructure security, DevSecOps, cloud security, compliance audit
11
- role: specialist
12
- scope: review
13
- output-format: report
14
- related-skills: secure-code-guardian, code-reviewer, devops-engineer, cloud-architect, kubernetes-specialist, api-designer, mcp-developer
15
- ---
16
-
17
- # Security Reviewer
18
-
19
- Security analyst specializing in code review, vulnerability identification, penetration testing, and infrastructure security.
20
-
21
- ## When to Use This Skill
22
-
23
- - Code review and SAST scanning
24
- - Vulnerability scanning and dependency audits
25
- - Secrets scanning and credential detection
26
- - Penetration testing and reconnaissance
27
- - Infrastructure and cloud security audits
28
- - DevSecOps pipelines and compliance automation
29
-
30
- ## Core Workflow
31
-
32
- 1. **Scope** — Map attack surface and critical paths. Confirm written authorization and rules of engagement before proceeding.
33
- 2. **Scan** — Run SAST, dependency, and secrets tools. Example commands:
34
- - `semgrep --config=auto .`
35
- - `bandit -r ./src`
36
- - `gitleaks detect --source=.`
37
- - `npm audit --audit-level=moderate`
38
- - `trivy fs .`
39
- 3. **Review** — Manual review of auth, input handling, and crypto. Tools miss context — manual review is mandatory.
40
- 4. **Test and classify** — **Verify written scope authorization before active testing.** Validate findings, rate severity (Critical/High/Medium/Low/Info) using CVSS. Confirm exploitability with proof-of-concept only; do not exceed it.
41
- 5. **Report** — Confirm findings with stakeholder before finalizing. Document with location, impact, and remediation. Report critical findings immediately.
42
-
43
- ## Reference Guide
44
-
45
- Load detailed guidance based on context:
46
-
47
- | Topic | Reference | Load When |
48
- |-------|-----------|-----------|
49
- | SAST Tools | `references/sast-tools.md` | Running automated scans |
50
- | Vulnerability Patterns | `references/vulnerability-patterns.md` | SQL injection, XSS, manual review |
51
- | Secret Scanning | `references/secret-scanning.md` | Gitleaks, finding hardcoded secrets |
52
- | Penetration Testing | `references/penetration-testing.md` | Active testing, reconnaissance, exploitation |
53
- | Infrastructure Security | `references/infrastructure-security.md` | DevSecOps, cloud security, compliance |
54
- | Report Template | `references/report-template.md` | Writing security report |
55
-
56
- ## Constraints
57
-
58
- ### MUST DO
59
- - Check authentication/authorization first
60
- - Run automated tools before manual review
61
- - Provide specific file/line locations
62
- - Include remediation for each finding
63
- - Rate severity consistently
64
- - Check for secrets in code
65
- - Verify scope and authorization before active testing
66
- - Document all testing activities
67
- - Follow rules of engagement
68
- - Report critical findings immediately
69
-
70
- ### MUST NOT DO
71
- - Skip manual review (tools miss things)
72
- - Test on production systems without authorization
73
- - Ignore "low" severity issues
74
- - Assume frameworks handle everything
75
- - Share detailed exploits publicly
76
- - Exploit beyond proof of concept
77
- - Cause service disruption or data loss
78
- - Test outside defined scope
79
-
80
- ## Output Templates
81
-
82
- 1. Executive summary with risk assessment
83
- 2. Findings table with severity counts
84
- 3. Detailed findings with location, impact, and remediation
85
- 4. Prioritized recommendations
86
-
87
- ### Example Finding Entry
88
-
89
- ```
90
- ID: FIND-001
91
- Severity: High (CVSS 8.1)
92
- Title: SQL Injection in user search endpoint
93
- File: src/api/users.py, line 42
94
- Description: User-supplied input is concatenated directly into a SQL query without parameterization.
95
- Impact: An attacker can read, modify, or delete database contents.
96
- Remediation: Use parameterized queries or an ORM. Replace `cursor.execute(f"SELECT * FROM users WHERE name='{name}'")`
97
- with `cursor.execute("SELECT * FROM users WHERE name=%s", (name,))`.
98
- References: CWE-89, OWASP A03:2021
99
- ```
100
-
101
- ## Knowledge Reference
102
-
103
- OWASP Top 10, CWE, Semgrep, Bandit, ESLint Security, gosec, npm audit, gitleaks, trufflehog, CVSS scoring, nmap, Burp Suite, sqlmap, Trivy, Checkov, HashiCorp Vault, AWS Security Hub, CIS benchmarks, SOC2, ISO27001
package/skills/security-reviewer/references/infrastructure-security.md DELETED
@@ -1,268 +0,0 @@
1
- # Infrastructure Security
2
-
3
- ## DevSecOps Integration
4
-
5
- ### CI/CD Security Pipeline
6
-
7
- ```yaml
8
- # GitHub Actions - Security scanning
9
- name: Security Pipeline
10
- on: [push, pull_request]
11
- jobs:
12
- security:
13
- runs-on: ubuntu-latest
14
- steps:
15
- - uses: returntocorp/semgrep-action@v1
16
- - uses: gitleaks/gitleaks-action@v2
17
- - uses: aquasecurity/trivy-action@master
18
- with:
19
- scan-type: 'fs'
20
- severity: 'CRITICAL,HIGH'
21
- ```
22
-
23
- ### Infrastructure as Code Security
24
-
25
- ```bash
26
- # Terraform/CloudFormation scanning
27
- checkov -d terraform/ --framework terraform
28
- tfsec terraform/
29
- terrascan scan -d terraform/
30
-
31
- # Kubernetes manifest scanning
32
- kubesec scan deployment.yaml
33
- ```
34
-
35
- ## Cloud Security Controls
36
-
37
- ### AWS Security Hardening
38
-
39
- ```bash
40
- # Enable security services
41
- aws guardduty create-detector --enable
42
- aws securityhub enable-security-hub
43
- aws cloudtrail create-trail --name security-trail --s3-bucket-name logs
44
-
45
- # Check S3 bucket security
46
- aws s3api list-buckets --query "Buckets[].Name" | \
47
- xargs -I {} aws s3api get-bucket-acl --bucket {}
48
-
49
- # IAM password policy
50
- aws iam update-account-password-policy \
51
- --minimum-password-length 14 \
52
- --require-symbols --require-numbers \
53
- --require-uppercase-characters --require-lowercase-characters
54
- ```
55
-
56
- ### Azure Security
57
-
58
- ```bash
59
- # Enable Security Center
60
- az security auto-provisioning-setting update --name default --auto-provision on
61
-
62
- # Enable disk encryption
63
- az vm encryption enable --resource-group myRG --name myVM --disk-encryption-keyvault myKV
64
- ```
65
-
66
- ### GCP Security
67
-
68
- ```bash
69
- # Enable Security Command Center
70
- gcloud services enable securitycenter.googleapis.com
71
-
72
- # Enable VPC Flow Logs
73
- gcloud compute networks subnets update SUBNET --enable-flow-logs
74
- ```
75
-
76
- ## Container Security
77
-
78
- ### Secure Dockerfile
79
-
80
- ```dockerfile
81
- FROM node:18-alpine
82
- RUN addgroup -g 1001 -S nodejs && adduser -S nodejs -u 1001
83
- WORKDIR /app
84
- COPY --chown=nodejs:nodejs package*.json ./
85
- RUN npm ci --only=production
86
- USER nodejs
87
- EXPOSE 3000
88
- HEALTHCHECK --interval=30s CMD node healthcheck.js
89
- CMD ["node", "server.js"]
90
- ```
91
-
92
- ### Kubernetes Security
93
-
94
- ```yaml
95
- # Pod Security Standards
96
- apiVersion: v1
97
- kind: Pod
98
- metadata:
99
- name: secure-pod
100
- spec:
101
- securityContext:
102
- runAsNonRoot: true
103
- runAsUser: 1000
104
- fsGroup: 2000
105
- seccompProfile:
106
- type: RuntimeDefault
107
- containers:
108
- - name: app
109
- image: myapp:1.0
110
- securityContext:
111
- allowPrivilegeEscalation: false
112
- readOnlyRootFilesystem: true
113
- capabilities:
114
- drop: [ALL]
115
- resources:
116
- limits:
117
- memory: "128Mi"
118
- cpu: "500m"
119
- ---
120
- # Network Policy - Default deny
121
- apiVersion: networking.k8s.io/v1
122
- kind: NetworkPolicy
123
- metadata:
124
- name: default-deny-all
125
- spec:
126
- podSelector: {}
127
- policyTypes:
128
- - Ingress
129
- - Egress
130
- ```
131
-
132
- ## Compliance Automation
133
-
134
- ### CIS Benchmark Scanning
135
-
136
- ```bash
137
- # Docker CIS benchmark
138
- docker run --net host --pid host --cap-add audit_control \
139
- -v /var/lib:/var/lib -v /var/run/docker.sock:/var/run/docker.sock \
140
- docker/docker-bench-security
141
-
142
- # Kubernetes CIS benchmark
143
- kube-bench run --targets master,node
144
-
145
- # Linux system hardening
146
- lynis audit system --quick
147
- ```
148
-
149
- ### Compliance as Code (InSpec)
150
-
151
- ```ruby
152
- # controls/baseline.rb
153
- control 'ssh-hardening' do
154
- impact 1.0
155
- title 'SSH Security Configuration'
156
-
157
- describe sshd_config do
158
- its('Protocol') { should eq '2' }
159
- its('PermitRootLogin') { should eq 'no' }
160
- its('PasswordAuthentication') { should eq 'no' }
161
- end
162
- end
163
-
164
- control 'encryption-at-rest' do
165
- impact 1.0
166
- title 'S3 Encryption Enabled'
167
-
168
- describe aws_s3_bucket('my-bucket') do
169
- it { should have_default_encryption_enabled }
170
- end
171
- end
172
- ```
173
-
174
- ## Secrets Management
175
-
176
- ### HashiCorp Vault
177
-
178
- ```bash
179
- # Initialize and configure
180
- vault operator init
181
- vault secrets enable -path=secret kv-v2
182
-
183
- # Store secrets
184
- vault kv put secret/app/config api_key="secret123"
185
-
186
- # Dynamic database credentials
187
- vault secrets enable database
188
- vault write database/config/postgresql \
189
- plugin_name=postgresql-database-plugin \
190
- allowed_roles="app" \
191
- connection_url="postgresql://{{username}}:{{password}}@localhost:5432/" \
192
- username="vault" password="vaultpass"
193
-
194
- vault write database/roles/app \
195
- db_name=postgresql \
196
- creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}';" \
197
- default_ttl="1h" max_ttl="24h"
198
- ```
199
-
200
- ### Kubernetes Secrets with External Secrets Operator
201
-
202
- ```yaml
203
- apiVersion: external-secrets.io/v1beta1
204
- kind: SecretStore
205
- metadata:
206
- name: vault-backend
207
- spec:
208
- provider:
209
- vault:
210
- server: "https://vault.example.com"
211
- path: "secret"
212
- auth:
213
- kubernetes:
214
- role: "app-role"
215
- ---
216
- apiVersion: external-secrets.io/v1beta1
217
- kind: ExternalSecret
218
- metadata:
219
- name: app-secrets
220
- spec:
221
- refreshInterval: 1h
222
- secretStoreRef:
223
- name: vault-backend
224
- target:
225
- name: app-secrets
226
- data:
227
- - secretKey: api_key
228
- remoteRef:
229
- key: secret/app/config
230
- property: api_key
231
- ```
232
-
233
- ## Security Monitoring
234
-
235
- ### SIEM Log Shipping (Filebeat)
236
-
237
- ```yaml
238
- filebeat.inputs:
239
- - type: log
240
- paths:
241
- - /var/log/auth.log
242
- - /var/log/nginx/*.log
243
- fields:
244
- environment: production
245
-
246
- output.elasticsearch:
247
- hosts: ["elasticsearch:9200"]
248
- index: "security-logs-%{+yyyy.MM.dd}"
249
- ```
250
-
251
- ## Quick Reference
252
-
253
- | Area | Tool | Purpose |
254
- |------|------|---------|
255
- | Cloud Security | Prowler, ScoutSuite | AWS/Azure/GCP audit |
256
- | Container | Trivy, Clair | Image scanning |
257
- | IaC | Checkov, tfsec | Terraform/CloudFormation |
258
- | Secrets | Vault, Sealed Secrets | Secret management |
259
- | Compliance | InSpec, OpenSCAP | CIS benchmarks |
260
- | Monitoring | ELK, Splunk | SIEM |
261
-
262
- | Framework | Focus | Key Controls |
263
- |-----------|-------|--------------|
264
- | SOC 2 | Security controls | Access, encryption, monitoring |
265
- | ISO 27001 | ISMS | Policy, risk, audit |
266
- | PCI DSS | Payment security | Network segmentation, encryption |
267
- | HIPAA | Healthcare | Encryption, access logs |
268
- | GDPR | Data privacy | Consent, retention, DLP |
package/skills/security-reviewer/references/penetration-testing.md DELETED
@@ -1,268 +0,0 @@
1
- # Penetration Testing
2
-
3
- ## Reconnaissance
4
-
5
- ### Passive Information Gathering
6
-
7
- ```bash
8
- # DNS enumeration
9
- dig example.com ANY
10
- nslookup -type=any example.com
11
-
12
- # Subdomain discovery
13
- subfinder -d example.com
14
- amass enum -d example.com
15
-
16
- # Certificate transparency
17
- curl -s "https://crt.sh/?q=%.example.com&output=json"
18
- ```
19
-
20
- ### Active Scanning
21
-
22
- ```bash
23
- # Port scanning
24
- nmap -sV -p- target.com
25
- nmap -sC -sV -oA scan target.com
26
-
27
- # Web technology detection
28
- whatweb target.com
29
- ```
30
-
31
- ## Web Application Testing
32
-
33
- ### Authentication & Authorization
34
-
35
- ```bash
36
- # Session analysis - Check for:
37
- # - Session timeout, Secure/HttpOnly flags
38
- # - Session fixation, concurrent sessions
39
-
40
- # IDOR testing
41
- GET /api/users/123 # Your ID
42
- GET /api/users/124 # Another user - should fail
43
-
44
- # Privilege escalation
45
- GET /api/admin/users # As standard user
46
- ```
47
-
48
- ### Input Validation
49
-
50
- ```bash
51
- # SQL injection
52
- sqlmap -u "http://target.com/search?q=test" --batch
53
-
54
- # XSS payloads
55
- <script>alert(document.domain)</script>
56
- <img src=x onerror=alert(1)>
57
- <svg onload=alert(1)>
58
-
59
- # Command injection
60
- ; ls -la
61
- | whoami
62
- $(whoami)
63
-
64
- # XXE
65
- <?xml version="1.0"?>
66
- <!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
67
- <root>&xxe;</root>
68
- ```
69
-
70
- ## API Security Testing
71
-
72
- ### JWT & Token Security
73
-
74
- ```bash
75
- # Decode JWT
76
- echo "eyJ..." | base64 -d
77
-
78
- # Test none algorithm
79
- # Modify header: {"alg": "none"}
80
-
81
- # Weak secret brute force
82
- hashcat -m 16500 jwt.txt wordlist.txt
83
- ```
84
-
85
- ### Rate Limiting & Data Exposure
86
-
87
- ```bash
88
- # Test rate limits
89
- for i in {1..1000}; do
90
- curl https://api.target.com/login -d "user=test&pass=test"
91
- done
92
-
93
- # Check for excessive data exposure
94
- GET /api/users/me
95
- # Look for: password hashes, internal IDs, sensitive PII
96
-
97
- # Mass assignment
98
- POST /api/users/profile
99
- {"email": "new@email.com", "isAdmin": true}
100
- ```
101
-
102
- ## Network Penetration
103
-
104
- ### Privilege Escalation (Linux)
105
-
106
- ```bash
107
- # SUID binaries
108
- find / -perm -4000 -type f 2>/dev/null
109
-
110
- # Sudo permissions
111
- sudo -l
112
-
113
- # Writable paths in PATH
114
- echo $PATH | tr ':' '\n' | xargs -I {} ls -ld {}
115
-
116
- # Kernel exploits
117
- uname -a
118
- searchsploit linux kernel $(uname -r)
119
- ```
120
-
121
- ### Lateral Movement
122
-
123
- ```bash
124
- # Network enumeration
125
- arp -a
126
- netstat -ant
127
-
128
- # Service discovery
129
- nmap -sV 192.168.1.0/24
130
-
131
- # Credential harvesting
132
- grep -r "password" /home/*/
133
- cat ~/.bash_history | grep -i "pass\|pwd\|secret"
134
- ```
135
-
136
- ## Mobile Application Testing
137
-
138
- ### Android
139
-
140
- ```bash
141
- # Decompile APK
142
- apktool d app.apk
143
- jadx -d output app.apk
144
-
145
- # Check for secrets
146
- grep -r "api_key\|secret\|password" .
147
-
148
- # Insecure storage
149
- adb shell
150
- run-as com.app.package
151
- find . -type f -exec cat {} \;
152
- ```
153
-
154
- ### iOS
155
-
156
- ```bash
157
- # Class dump
158
- class-dump App.app
159
-
160
- # Check data storage
161
- sqlite3 /var/mobile/Applications/.../Library/Caches/data.db
162
- ```
163
-
164
- ## Cloud Security Testing
165
-
166
- ### AWS
167
-
168
- ```bash
169
- # S3 bucket enumeration
170
- aws s3 ls s3://bucket-name --no-sign-request
171
- aws s3api get-bucket-acl --bucket bucket-name
172
-
173
- # IAM enumeration
174
- aws iam get-user
175
- aws iam list-attached-user-policies --user-name username
176
- ```
177
-
178
- ### Container & Kubernetes
179
-
180
- ```bash
181
- # Docker escape testing
182
- docker inspect container_id | grep -i privileged
183
- docker inspect container_id | grep -A 5 Mounts
184
-
185
- # Kubernetes
186
- kubectl get pods --all-namespaces
187
- kubectl get secrets --all-namespaces
188
- kubectl auth can-i --list
189
- ```
190
-
191
- ## Exploitation Validation
192
-
193
- ### Proof of Concept Guidelines
194
-
195
- ```python
196
- # Always demonstrate impact SAFELY
197
-
198
- # SQL injection PoC
199
- # DON'T: Extract actual data
200
- # DO: Prove injection with sleep
201
- payload = "' OR SLEEP(5)--"
202
-
203
- # DON'T: Delete/modify production data
204
- # DO: Show you COULD with SELECT
205
- payload = "' UNION SELECT 'proof_of_concept'--"
206
- ```
207
-
208
- ### Rules of Engagement
209
-
210
- 1. **Scope verification** - Only test authorized targets
211
- 2. **Time windows** - Respect testing hours
212
- 3. **DoS prevention** - Avoid resource exhaustion
213
- 4. **Data handling** - Don't exfiltrate real data
214
- 5. **Stop on discovery** - Don't exploit beyond proof
215
- 6. **Immediate reporting** - Report critical findings ASAP
216
- 7. **Documentation** - Record all actions
217
- 8. **Cleanup** - Remove test artifacts
218
-
219
- ## Vulnerability Classification
220
-
221
- ### Severity Scoring
222
-
223
- | Severity | Exploitability | Impact | CVSS Range |
224
- |----------|---------------|---------|------------|
225
- | Critical | Easy | Full compromise | 9.0-10.0 |
226
- | High | Medium | Significant access | 7.0-8.9 |
227
- | Medium | Hard | Limited access | 4.0-6.9 |
228
- | Low | Very hard | Minimal impact | 0.1-3.9 |
229
-
230
- ### Impact Assessment
231
-
232
- - **Critical**: Remote code execution, full data access, admin takeover
233
- - **High**: Authentication bypass, privilege escalation, sensitive data exposure
234
- - **Medium**: CSRF, XSS (non-admin), information disclosure
235
- - **Low**: Missing security headers, verbose errors, rate limiting issues
236
-
237
- ## Testing Checklist
238
-
239
- ### OWASP Top 10 Coverage
240
-
241
- - [ ] Broken Access Control (IDOR, path traversal)
242
- - [ ] Cryptographic Failures (weak encryption, plaintext)
243
- - [ ] Injection (SQL, XSS, command)
244
- - [ ] Insecure Design (missing auth flows)
245
- - [ ] Security Misconfiguration (defaults, debug mode)
246
- - [ ] Vulnerable Components (outdated dependencies)
247
- - [ ] Authentication Failures (weak passwords, session issues)
248
- - [ ] Data Integrity (deserialization, lack of verification)
249
- - [ ] Logging Failures (missing logs, exposed sensitive data)
250
- - [ ] SSRF (unvalidated URLs)
251
-
252
- ## Quick Reference
253
-
254
- | Test Type | Tools | Focus |
255
- |-----------|-------|-------|
256
- | Web App | Burp Suite, OWASP ZAP | OWASP Top 10 |
257
- | API | Postman, curl | AuthN/AuthZ, data exposure |
258
- | Network | nmap, Metasploit | Services, exploits |
259
- | Mobile | MobSF, Frida | Data storage, crypto |
260
- | Cloud | ScoutSuite, Prowler | Misconfigurations |
261
-
262
- | Finding Type | Validation Method | Evidence Required |
263
- |--------------|------------------|-------------------|
264
- | SQL Injection | Sleep-based, error-based | Request/response, timing |
265
- | XSS | Alert box, DOM manipulation | Screenshot, payload |
266
- | IDOR | Access other user's resource | Two user accounts, IDs |
267
- | Auth Bypass | Unauthorized access | Before/after screenshots |
268
- | RCE | Command output (safe) | Whoami, id command output |