aigroup-workflow 2.1.2 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (913) hide show
  1. package/.codex/AGENTS.md +1 -1
  2. package/CLAUDE.md +1 -4
  3. package/README.md +333 -333
  4. package/cli/commands/init.mjs +20 -6
  5. package/cli/utils/scaffold.mjs +39 -9
  6. package/docs/red-flags.md +1 -1
  7. package/docs/rules/entropy.md +1 -1
  8. package/docs/rules/performance.md +1 -1
  9. package/docs/workflow-pipeline.md +1 -0
  10. package/manifests/install-modules.json +223 -133
  11. package/package.json +39 -39
  12. package/scripts/orchestration/lib/orchestrator.cjs +34 -0
  13. package/scripts/orchestration/session.cjs +24 -1
  14. package/skills/ai-ml/fine-tuning-expert/SKILL.md +162 -0
  15. package/skills/ai-ml/fine-tuning-expert/references/dataset-preparation.md +540 -0
  16. package/skills/ai-ml/fine-tuning-expert/references/deployment-optimization.md +673 -0
  17. package/skills/ai-ml/fine-tuning-expert/references/evaluation-metrics.md +597 -0
  18. package/skills/ai-ml/fine-tuning-expert/references/hyperparameter-tuning.md +565 -0
  19. package/skills/ai-ml/fine-tuning-expert/references/lora-peft.md +347 -0
  20. package/skills/ai-ml/ml-pipeline/SKILL.md +159 -0
  21. package/skills/ai-ml/ml-pipeline/references/experiment-tracking.md +833 -0
  22. package/skills/ai-ml/ml-pipeline/references/feature-engineering.md +631 -0
  23. package/skills/ai-ml/ml-pipeline/references/model-validation.md +978 -0
  24. package/skills/ai-ml/ml-pipeline/references/pipeline-orchestration.md +907 -0
  25. package/skills/ai-ml/ml-pipeline/references/training-pipelines.md +782 -0
  26. package/skills/ai-ml/rag-architect/SKILL.md +194 -0
  27. package/skills/ai-ml/rag-architect/references/chunking-strategies.md +878 -0
  28. package/skills/ai-ml/rag-architect/references/embedding-models.md +561 -0
  29. package/skills/ai-ml/rag-architect/references/rag-evaluation.md +833 -0
  30. package/skills/ai-ml/rag-architect/references/retrieval-optimization.md +795 -0
  31. package/skills/ai-ml/rag-architect/references/vector-databases.md +589 -0
  32. package/skills/ai-ml/spark-engineer/SKILL.md +148 -0
  33. package/skills/ai-ml/spark-engineer/references/partitioning-caching.md +543 -0
  34. package/skills/ai-ml/spark-engineer/references/performance-tuning.md +544 -0
  35. package/skills/ai-ml/spark-engineer/references/rdd-operations.md +599 -0
  36. package/skills/ai-ml/spark-engineer/references/spark-sql-dataframes.md +474 -0
  37. package/skills/ai-ml/spark-engineer/references/streaming-patterns.md +786 -0
  38. package/skills/backend/api-designer/SKILL.md +217 -0
  39. package/skills/backend/api-designer/references/error-handling.md +541 -0
  40. package/skills/backend/api-designer/references/openapi.md +824 -0
  41. package/skills/backend/api-designer/references/pagination.md +494 -0
  42. package/skills/backend/api-designer/references/rest-patterns.md +335 -0
  43. package/skills/backend/api-designer/references/versioning.md +391 -0
  44. package/skills/backend/architecture-designer/SKILL.md +117 -0
  45. package/skills/backend/architecture-designer/references/adr-template.md +116 -0
  46. package/skills/backend/architecture-designer/references/architecture-patterns.md +111 -0
  47. package/skills/backend/architecture-designer/references/database-selection.md +102 -0
  48. package/skills/backend/architecture-designer/references/nfr-checklist.md +112 -0
  49. package/skills/backend/architecture-designer/references/system-design.md +100 -0
  50. package/skills/backend/code-documenter/SKILL.md +147 -0
  51. package/skills/backend/code-documenter/references/api-docs-fastapi-django.md +166 -0
  52. package/skills/backend/code-documenter/references/api-docs-nestjs-express.md +220 -0
  53. package/skills/backend/code-documenter/references/coverage-reports.md +125 -0
  54. package/skills/backend/code-documenter/references/documentation-systems.md +333 -0
  55. package/skills/backend/code-documenter/references/interactive-api-docs.md +531 -0
  56. package/skills/backend/code-documenter/references/python-docstrings.md +121 -0
  57. package/skills/backend/code-documenter/references/typescript-jsdoc.md +145 -0
  58. package/skills/backend/code-documenter/references/user-guides-tutorials.md +530 -0
  59. package/skills/backend/debugging-wizard/SKILL.md +105 -0
  60. package/skills/backend/debugging-wizard/references/common-patterns.md +132 -0
  61. package/skills/backend/debugging-wizard/references/debugging-tools.md +140 -0
  62. package/skills/backend/debugging-wizard/references/quick-fixes.md +177 -0
  63. package/skills/backend/debugging-wizard/references/strategies.md +142 -0
  64. package/skills/backend/debugging-wizard/references/systematic-debugging.md +367 -0
  65. package/skills/backend/feature-forge/SKILL.md +98 -0
  66. package/skills/backend/feature-forge/references/acceptance-criteria.md +104 -0
  67. package/skills/backend/feature-forge/references/ears-syntax.md +99 -0
  68. package/skills/backend/feature-forge/references/interview-questions.md +150 -0
  69. package/skills/backend/feature-forge/references/pre-discovery-subagents.md +54 -0
  70. package/skills/backend/feature-forge/references/specification-template.md +103 -0
  71. package/skills/backend/fullstack-guardian/SKILL.md +105 -0
  72. package/skills/backend/fullstack-guardian/references/api-design-standards.md +307 -0
  73. package/skills/backend/fullstack-guardian/references/architecture-decisions.md +350 -0
  74. package/skills/backend/fullstack-guardian/references/backend-patterns.md +237 -0
  75. package/skills/backend/fullstack-guardian/references/common-patterns.md +134 -0
  76. package/skills/backend/fullstack-guardian/references/deliverables-checklist.md +354 -0
  77. package/skills/backend/fullstack-guardian/references/design-template.md +91 -0
  78. package/skills/backend/fullstack-guardian/references/error-handling.md +135 -0
  79. package/skills/backend/fullstack-guardian/references/frontend-patterns.md +340 -0
  80. package/skills/backend/fullstack-guardian/references/integration-patterns.md +333 -0
  81. package/skills/backend/fullstack-guardian/references/security-checklist.md +106 -0
  82. package/skills/backend/graphql-architect/SKILL.md +146 -0
  83. package/skills/backend/graphql-architect/references/federation.md +418 -0
  84. package/skills/backend/graphql-architect/references/migration-from-rest.md +1141 -0
  85. package/skills/backend/graphql-architect/references/resolvers.md +425 -0
  86. package/skills/backend/graphql-architect/references/schema-design.md +393 -0
  87. package/skills/backend/graphql-architect/references/security.md +569 -0
  88. package/skills/backend/graphql-architect/references/subscriptions.md +510 -0
  89. package/skills/backend/legacy-modernizer/SKILL.md +137 -0
  90. package/skills/backend/legacy-modernizer/references/legacy-testing.md +381 -0
  91. package/skills/backend/legacy-modernizer/references/migration-strategies.md +423 -0
  92. package/skills/backend/legacy-modernizer/references/refactoring-patterns.md +395 -0
  93. package/skills/backend/legacy-modernizer/references/strangler-fig-pattern.md +281 -0
  94. package/skills/backend/legacy-modernizer/references/system-assessment.md +487 -0
  95. package/skills/backend/microservices-architect/SKILL.md +164 -0
  96. package/skills/backend/microservices-architect/references/communication.md +499 -0
  97. package/skills/backend/microservices-architect/references/data.md +721 -0
  98. package/skills/backend/microservices-architect/references/decomposition.md +344 -0
  99. package/skills/backend/microservices-architect/references/observability.md +805 -0
  100. package/skills/backend/microservices-architect/references/patterns.md +603 -0
  101. package/skills/database/database-optimizer/SKILL.md +147 -0
  102. package/skills/database/database-optimizer/references/index-strategies.md +331 -0
  103. package/skills/database/database-optimizer/references/monitoring-analysis.md +501 -0
  104. package/skills/database/database-optimizer/references/mysql-tuning.md +452 -0
  105. package/skills/database/database-optimizer/references/postgresql-tuning.md +413 -0
  106. package/skills/database/database-optimizer/references/query-optimization.md +251 -0
  107. package/skills/database/postgres-pro/SKILL.md +152 -0
  108. package/skills/database/postgres-pro/references/extensions.md +404 -0
  109. package/skills/database/postgres-pro/references/jsonb.md +321 -0
  110. package/skills/database/postgres-pro/references/maintenance.md +481 -0
  111. package/skills/database/postgres-pro/references/performance.md +265 -0
  112. package/skills/database/postgres-pro/references/replication.md +446 -0
  113. package/skills/database/sql-pro/SKILL.md +129 -0
  114. package/skills/database/sql-pro/references/database-design.md +402 -0
  115. package/skills/database/sql-pro/references/dialect-differences.md +419 -0
  116. package/skills/database/sql-pro/references/optimization.md +384 -0
  117. package/skills/database/sql-pro/references/query-patterns.md +285 -0
  118. package/skills/database/sql-pro/references/window-functions.md +328 -0
  119. package/skills/dotnet/csharp-developer/SKILL.md +125 -0
  120. package/skills/dotnet/csharp-developer/references/aspnet-core.md +394 -0
  121. package/skills/dotnet/csharp-developer/references/blazor.md +553 -0
  122. package/skills/dotnet/csharp-developer/references/entity-framework.md +409 -0
  123. package/skills/dotnet/csharp-developer/references/modern-csharp.md +248 -0
  124. package/skills/dotnet/csharp-developer/references/performance.md +498 -0
  125. package/skills/dotnet/dotnet-core-expert/SKILL.md +138 -0
  126. package/skills/dotnet/dotnet-core-expert/references/authentication.md +546 -0
  127. package/skills/dotnet/dotnet-core-expert/references/clean-architecture.md +455 -0
  128. package/skills/dotnet/dotnet-core-expert/references/cloud-native.md +548 -0
  129. package/skills/dotnet/dotnet-core-expert/references/entity-framework.md +440 -0
  130. package/skills/dotnet/dotnet-core-expert/references/minimal-apis.md +319 -0
  131. package/skills/frontend/angular-architect/SKILL.md +152 -0
  132. package/skills/frontend/angular-architect/references/components.md +297 -0
  133. package/skills/frontend/angular-architect/references/ngrx.md +401 -0
  134. package/skills/frontend/angular-architect/references/routing.md +361 -0
  135. package/skills/frontend/angular-architect/references/rxjs.md +319 -0
  136. package/skills/frontend/angular-architect/references/testing.md +405 -0
  137. package/skills/frontend/flutter-expert/SKILL.md +138 -0
  138. package/skills/frontend/flutter-expert/references/bloc-state.md +259 -0
  139. package/skills/frontend/flutter-expert/references/gorouter-navigation.md +119 -0
  140. package/skills/frontend/flutter-expert/references/performance.md +99 -0
  141. package/skills/frontend/flutter-expert/references/project-structure.md +118 -0
  142. package/skills/frontend/flutter-expert/references/riverpod-state.md +130 -0
  143. package/skills/frontend/flutter-expert/references/widget-patterns.md +123 -0
  144. package/skills/frontend/nextjs-developer/SKILL.md +143 -0
  145. package/skills/frontend/nextjs-developer/references/app-router.md +311 -0
  146. package/skills/frontend/nextjs-developer/references/data-fetching.md +482 -0
  147. package/skills/frontend/nextjs-developer/references/deployment.md +545 -0
  148. package/skills/frontend/nextjs-developer/references/server-actions.md +462 -0
  149. package/skills/frontend/nextjs-developer/references/server-components.md +384 -0
  150. package/skills/frontend/react-expert/SKILL.md +149 -0
  151. package/skills/frontend/react-expert/references/hooks-patterns.md +162 -0
  152. package/skills/frontend/react-expert/references/migration-class-to-modern.md +1119 -0
  153. package/skills/frontend/react-expert/references/performance.md +168 -0
  154. package/skills/frontend/react-expert/references/react-19-features.md +174 -0
  155. package/skills/frontend/react-expert/references/server-components.md +143 -0
  156. package/skills/frontend/react-expert/references/state-management.md +171 -0
  157. package/skills/frontend/react-expert/references/testing-react.md +174 -0
  158. package/skills/frontend/react-native-expert/SKILL.md +185 -0
  159. package/skills/frontend/react-native-expert/references/expo-router.md +187 -0
  160. package/skills/frontend/react-native-expert/references/list-optimization.md +204 -0
  161. package/skills/frontend/react-native-expert/references/platform-handling.md +188 -0
  162. package/skills/frontend/react-native-expert/references/project-structure.md +171 -0
  163. package/skills/frontend/react-native-expert/references/storage-hooks.md +173 -0
  164. package/skills/frontend/vue-expert/SKILL.md +98 -0
  165. package/skills/frontend/vue-expert/references/build-tooling.md +480 -0
  166. package/skills/frontend/vue-expert/references/components.md +448 -0
  167. package/skills/frontend/vue-expert/references/composition-api.md +299 -0
  168. package/skills/frontend/vue-expert/references/mobile-hybrid.md +636 -0
  169. package/skills/frontend/vue-expert/references/nuxt.md +669 -0
  170. package/skills/frontend/vue-expert/references/state-management.md +449 -0
  171. package/skills/frontend/vue-expert/references/typescript.md +584 -0
  172. package/skills/frontend/vue-expert-js/SKILL.md +167 -0
  173. package/skills/frontend/vue-expert-js/references/component-architecture.md +219 -0
  174. package/skills/frontend/vue-expert-js/references/composables-patterns.md +183 -0
  175. package/skills/frontend/vue-expert-js/references/jsdoc-typing.md +535 -0
  176. package/skills/frontend/vue-expert-js/references/state-management.md +249 -0
  177. package/skills/frontend/vue-expert-js/references/testing-patterns.md +237 -0
  178. package/skills/go-rust-cpp/cpp-pro/SKILL.md +115 -0
  179. package/skills/go-rust-cpp/cpp-pro/references/build-tooling.md +440 -0
  180. package/skills/go-rust-cpp/cpp-pro/references/concurrency.md +437 -0
  181. package/skills/go-rust-cpp/cpp-pro/references/memory-performance.md +397 -0
  182. package/skills/go-rust-cpp/cpp-pro/references/modern-cpp.md +304 -0
  183. package/skills/go-rust-cpp/cpp-pro/references/templates.md +357 -0
  184. package/skills/go-rust-cpp/golang-pro/SKILL.md +122 -0
  185. package/skills/go-rust-cpp/golang-pro/references/concurrency.md +329 -0
  186. package/skills/go-rust-cpp/golang-pro/references/generics.md +442 -0
  187. package/skills/go-rust-cpp/golang-pro/references/interfaces.md +432 -0
  188. package/skills/go-rust-cpp/golang-pro/references/project-structure.md +477 -0
  189. package/skills/go-rust-cpp/golang-pro/references/testing.md +451 -0
  190. package/skills/go-rust-cpp/rust-engineer/SKILL.md +167 -0
  191. package/skills/go-rust-cpp/rust-engineer/references/async.md +458 -0
  192. package/skills/go-rust-cpp/rust-engineer/references/error-handling.md +334 -0
  193. package/skills/go-rust-cpp/rust-engineer/references/ownership.md +278 -0
  194. package/skills/go-rust-cpp/rust-engineer/references/testing.md +470 -0
  195. package/skills/go-rust-cpp/rust-engineer/references/traits.md +413 -0
  196. package/skills/infra/cli-developer/SKILL.md +113 -0
  197. package/skills/infra/cli-developer/references/design-patterns.md +221 -0
  198. package/skills/infra/cli-developer/references/go-cli.md +540 -0
  199. package/skills/infra/cli-developer/references/node-cli.md +383 -0
  200. package/skills/infra/cli-developer/references/python-cli.md +422 -0
  201. package/skills/infra/cli-developer/references/ux-patterns.md +448 -0
  202. package/skills/infra/cloud-architect/SKILL.md +216 -0
  203. package/skills/infra/cloud-architect/references/aws.md +394 -0
  204. package/skills/infra/cloud-architect/references/azure.md +562 -0
  205. package/skills/infra/cloud-architect/references/cost.md +582 -0
  206. package/skills/infra/cloud-architect/references/gcp.md +633 -0
  207. package/skills/infra/cloud-architect/references/multi-cloud.md +483 -0
  208. package/skills/infra/devops-engineer/SKILL.md +144 -0
  209. package/skills/infra/devops-engineer/references/deployment-strategies.md +241 -0
  210. package/skills/infra/devops-engineer/references/docker-patterns.md +113 -0
  211. package/skills/infra/devops-engineer/references/github-actions.md +139 -0
  212. package/skills/infra/devops-engineer/references/incident-response.md +331 -0
  213. package/skills/infra/devops-engineer/references/kubernetes.md +154 -0
  214. package/skills/infra/devops-engineer/references/platform-engineering.md +417 -0
  215. package/skills/infra/devops-engineer/references/release-automation.md +527 -0
  216. package/skills/infra/devops-engineer/references/terraform-iac.md +141 -0
  217. package/skills/infra/kubernetes-specialist/SKILL.md +241 -0
  218. package/skills/infra/kubernetes-specialist/references/configuration.md +452 -0
  219. package/skills/infra/kubernetes-specialist/references/cost-optimization.md +458 -0
  220. package/skills/infra/kubernetes-specialist/references/custom-operators.md +563 -0
  221. package/skills/infra/kubernetes-specialist/references/gitops.md +530 -0
  222. package/skills/infra/kubernetes-specialist/references/helm-charts.md +912 -0
  223. package/skills/infra/kubernetes-specialist/references/multi-cluster.md +507 -0
  224. package/skills/infra/kubernetes-specialist/references/networking.md +447 -0
  225. package/skills/infra/kubernetes-specialist/references/service-mesh.md +459 -0
  226. package/skills/infra/kubernetes-specialist/references/storage.md +535 -0
  227. package/skills/infra/kubernetes-specialist/references/troubleshooting.md +414 -0
  228. package/skills/infra/kubernetes-specialist/references/workloads.md +377 -0
  229. package/skills/infra/mcp-developer/SKILL.md +143 -0
  230. package/skills/infra/mcp-developer/references/protocol.md +244 -0
  231. package/skills/infra/mcp-developer/references/python-sdk.md +367 -0
  232. package/skills/infra/mcp-developer/references/resources.md +554 -0
  233. package/skills/infra/mcp-developer/references/tools.md +480 -0
  234. package/skills/infra/mcp-developer/references/typescript-sdk.md +350 -0
  235. package/skills/infra/monitoring-expert/SKILL.md +176 -0
  236. package/skills/infra/monitoring-expert/references/alerting-rules.md +141 -0
  237. package/skills/infra/monitoring-expert/references/application-profiling.md +331 -0
  238. package/skills/infra/monitoring-expert/references/capacity-planning.md +344 -0
  239. package/skills/infra/monitoring-expert/references/dashboards.md +126 -0
  240. package/skills/infra/monitoring-expert/references/opentelemetry.md +123 -0
  241. package/skills/infra/monitoring-expert/references/performance-testing.md +269 -0
  242. package/skills/infra/monitoring-expert/references/prometheus-metrics.md +136 -0
  243. package/skills/infra/monitoring-expert/references/structured-logging.md +142 -0
  244. package/skills/infra/sre-engineer/SKILL.md +181 -0
  245. package/skills/infra/sre-engineer/references/automation-toil.md +492 -0
  246. package/skills/infra/sre-engineer/references/error-budget-policy.md +334 -0
  247. package/skills/infra/sre-engineer/references/incident-chaos.md +576 -0
  248. package/skills/infra/sre-engineer/references/monitoring-alerting.md +424 -0
  249. package/skills/infra/sre-engineer/references/slo-sli-management.md +238 -0
  250. package/skills/infra/terraform-engineer/SKILL.md +143 -0
  251. package/skills/infra/terraform-engineer/references/best-practices.md +583 -0
  252. package/skills/infra/terraform-engineer/references/module-patterns.md +297 -0
  253. package/skills/infra/terraform-engineer/references/providers.md +452 -0
  254. package/skills/infra/terraform-engineer/references/state-management.md +371 -0
  255. package/skills/infra/terraform-engineer/references/testing.md +486 -0
  256. package/skills/infra/websocket-engineer/SKILL.md +168 -0
  257. package/skills/infra/websocket-engineer/references/alternatives.md +391 -0
  258. package/skills/infra/websocket-engineer/references/patterns.md +400 -0
  259. package/skills/infra/websocket-engineer/references/protocol.md +195 -0
  260. package/skills/infra/websocket-engineer/references/scaling.md +333 -0
  261. package/skills/infra/websocket-engineer/references/security.md +474 -0
  262. package/skills/java/java-architect/SKILL.md +132 -0
  263. package/skills/java/java-architect/references/jpa-optimization.md +393 -0
  264. package/skills/java/java-architect/references/reactive-webflux.md +356 -0
  265. package/skills/java/java-architect/references/spring-boot-setup.md +269 -0
  266. package/skills/java/java-architect/references/spring-security.md +445 -0
  267. package/skills/java/java-architect/references/testing-patterns.md +500 -0
  268. package/skills/java/kotlin-specialist/SKILL.md +147 -0
  269. package/skills/java/kotlin-specialist/references/android-compose.md +419 -0
  270. package/skills/java/kotlin-specialist/references/coroutines-flow.md +276 -0
  271. package/skills/java/kotlin-specialist/references/dsl-idioms.md +421 -0
  272. package/skills/java/kotlin-specialist/references/ktor-server.md +426 -0
  273. package/skills/java/kotlin-specialist/references/multiplatform-kmp.md +380 -0
  274. package/skills/java/spring-boot-engineer/SKILL.md +195 -0
  275. package/skills/java/spring-boot-engineer/references/cloud.md +498 -0
  276. package/skills/java/spring-boot-engineer/references/data.md +381 -0
  277. package/skills/java/spring-boot-engineer/references/security.md +459 -0
  278. package/skills/java/spring-boot-engineer/references/testing.md +545 -0
  279. package/skills/java/spring-boot-engineer/references/web.md +295 -0
  280. package/skills/javascript/javascript-pro/SKILL.md +132 -0
  281. package/skills/javascript/javascript-pro/references/async-patterns.md +334 -0
  282. package/skills/javascript/javascript-pro/references/browser-apis.md +398 -0
  283. package/skills/javascript/javascript-pro/references/modern-syntax.md +272 -0
  284. package/skills/javascript/javascript-pro/references/modules.md +357 -0
  285. package/skills/javascript/javascript-pro/references/node-essentials.md +471 -0
  286. package/skills/javascript/nestjs-expert/SKILL.md +206 -0
  287. package/skills/javascript/nestjs-expert/references/authentication.md +166 -0
  288. package/skills/javascript/nestjs-expert/references/controllers-routing.md +111 -0
  289. package/skills/javascript/nestjs-expert/references/dtos-validation.md +153 -0
  290. package/skills/javascript/nestjs-expert/references/migration-from-express.md +1237 -0
  291. package/skills/javascript/nestjs-expert/references/services-di.md +140 -0
  292. package/skills/javascript/nestjs-expert/references/testing-patterns.md +186 -0
  293. package/skills/javascript/typescript-pro/SKILL.md +145 -0
  294. package/skills/javascript/typescript-pro/references/advanced-types.md +259 -0
  295. package/skills/javascript/typescript-pro/references/configuration.md +445 -0
  296. package/skills/javascript/typescript-pro/references/patterns.md +484 -0
  297. package/skills/javascript/typescript-pro/references/type-guards.md +352 -0
  298. package/skills/javascript/typescript-pro/references/utility-types.md +329 -0
  299. package/skills/php/laravel-specialist/SKILL.md +262 -0
  300. package/skills/php/laravel-specialist/references/eloquent.md +351 -0
  301. package/skills/php/laravel-specialist/references/livewire.md +512 -0
  302. package/skills/php/laravel-specialist/references/queues.md +423 -0
  303. package/skills/php/laravel-specialist/references/routing.md +362 -0
  304. package/skills/php/laravel-specialist/references/testing.md +522 -0
  305. package/skills/php/php-pro/SKILL.md +206 -0
  306. package/skills/php/php-pro/references/async-patterns.md +412 -0
  307. package/skills/php/php-pro/references/laravel-patterns.md +377 -0
  308. package/skills/php/php-pro/references/modern-php-features.md +323 -0
  309. package/skills/php/php-pro/references/symfony-patterns.md +466 -0
  310. package/skills/php/php-pro/references/testing-quality.md +466 -0
  311. package/skills/python/django-expert/SKILL.md +162 -0
  312. package/skills/python/django-expert/references/authentication.md +145 -0
  313. package/skills/python/django-expert/references/drf-serializers.md +148 -0
  314. package/skills/python/django-expert/references/models-orm.md +151 -0
  315. package/skills/python/django-expert/references/testing-django.md +204 -0
  316. package/skills/python/django-expert/references/viewsets-views.md +153 -0
  317. package/skills/python/fastapi-expert/SKILL.md +185 -0
  318. package/skills/python/fastapi-expert/references/async-sqlalchemy.md +146 -0
  319. package/skills/python/fastapi-expert/references/authentication.md +159 -0
  320. package/skills/python/fastapi-expert/references/endpoints-routing.md +142 -0
  321. package/skills/python/fastapi-expert/references/migration-from-django.md +997 -0
  322. package/skills/python/fastapi-expert/references/pydantic-v2.md +135 -0
  323. package/skills/python/fastapi-expert/references/testing-async.md +159 -0
  324. package/skills/python/pandas-pro/SKILL.md +178 -0
  325. package/skills/python/pandas-pro/references/aggregation-groupby.md +545 -0
  326. package/skills/python/pandas-pro/references/data-cleaning.md +500 -0
  327. package/skills/python/pandas-pro/references/dataframe-operations.md +420 -0
  328. package/skills/python/pandas-pro/references/merging-joining.md +596 -0
  329. package/skills/python/pandas-pro/references/performance-optimization.md +597 -0
  330. package/skills/python/python-pro/SKILL.md +177 -0
  331. package/skills/python/python-pro/references/async-patterns.md +356 -0
  332. package/skills/python/python-pro/references/packaging.md +460 -0
  333. package/skills/python/python-pro/references/standard-library.md +378 -0
  334. package/skills/python/python-pro/references/testing.md +404 -0
  335. package/skills/python/python-pro/references/type-system.md +290 -0
  336. package/skills/quality/chaos-engineer/SKILL.md +182 -0
  337. package/skills/quality/chaos-engineer/references/chaos-tools.md +511 -0
  338. package/skills/quality/chaos-engineer/references/experiment-design.md +229 -0
  339. package/skills/quality/chaos-engineer/references/game-days.md +434 -0
  340. package/skills/quality/chaos-engineer/references/infrastructure-chaos.md +348 -0
  341. package/skills/quality/chaos-engineer/references/kubernetes-chaos.md +432 -0
  342. package/skills/quality/code-reviewer/SKILL.md +119 -0
  343. package/skills/quality/code-reviewer/references/common-issues.md +142 -0
  344. package/skills/quality/code-reviewer/references/feedback-examples.md +144 -0
  345. package/skills/quality/code-reviewer/references/receiving-feedback.md +238 -0
  346. package/skills/quality/code-reviewer/references/report-template.md +109 -0
  347. package/skills/quality/code-reviewer/references/review-checklist.md +88 -0
  348. package/skills/quality/code-reviewer/references/spec-compliance-review.md +258 -0
  349. package/skills/quality/playwright-expert/SKILL.md +169 -0
  350. package/skills/quality/playwright-expert/references/api-mocking.md +140 -0
  351. package/skills/quality/playwright-expert/references/configuration.md +155 -0
  352. package/skills/quality/playwright-expert/references/debugging-flaky.md +150 -0
  353. package/skills/quality/playwright-expert/references/page-object-model.md +152 -0
  354. package/skills/quality/playwright-expert/references/selectors-locators.md +119 -0
  355. package/skills/quality/secure-code-guardian/SKILL.md +191 -0
  356. package/skills/quality/secure-code-guardian/references/authentication.md +136 -0
  357. package/skills/quality/secure-code-guardian/references/input-validation.md +146 -0
  358. package/skills/quality/secure-code-guardian/references/owasp-prevention.md +135 -0
  359. package/skills/quality/secure-code-guardian/references/security-headers.md +133 -0
  360. package/skills/quality/secure-code-guardian/references/xss-csrf.md +157 -0
  361. package/skills/quality/security-reviewer/SKILL.md +103 -0
  362. package/skills/quality/security-reviewer/references/infrastructure-security.md +268 -0
  363. package/skills/quality/security-reviewer/references/penetration-testing.md +268 -0
  364. package/skills/quality/security-reviewer/references/report-template.md +170 -0
  365. package/skills/quality/security-reviewer/references/sast-tools.md +117 -0
  366. package/skills/quality/security-reviewer/references/secret-scanning.md +125 -0
  367. package/skills/quality/security-reviewer/references/vulnerability-patterns.md +152 -0
  368. package/skills/quality/tdd-guide/assets/sample_coverage_report.lcov +0 -0
  369. package/skills/quality/test-master/SKILL.md +94 -0
  370. package/skills/quality/test-master/references/automation-frameworks.md +294 -0
  371. package/skills/quality/test-master/references/e2e-testing.md +128 -0
  372. package/skills/quality/test-master/references/integration-testing.md +120 -0
  373. package/skills/quality/test-master/references/performance-testing.md +118 -0
  374. package/skills/quality/test-master/references/qa-methodology.md +247 -0
  375. package/skills/quality/test-master/references/security-testing.md +127 -0
  376. package/skills/quality/test-master/references/tdd-iron-laws.md +174 -0
  377. package/skills/quality/test-master/references/test-reports.md +104 -0
  378. package/skills/quality/test-master/references/testing-anti-patterns.md +231 -0
  379. package/skills/quality/test-master/references/unit-testing.md +113 -0
  380. package/skills/ruby/rails-expert/SKILL.md +154 -0
  381. package/skills/ruby/rails-expert/references/active-record.md +244 -0
  382. package/skills/ruby/rails-expert/references/api-development.md +401 -0
  383. package/skills/ruby/rails-expert/references/background-jobs.md +272 -0
  384. package/skills/ruby/rails-expert/references/hotwire-turbo.md +228 -0
  385. package/skills/ruby/rails-expert/references/rspec-testing.md +367 -0
  386. package/skills/swift/swift-expert/SKILL.md +163 -0
  387. package/skills/swift/swift-expert/references/async-concurrency.md +360 -0
  388. package/skills/swift/swift-expert/references/memory-performance.md +377 -0
  389. package/skills/swift/swift-expert/references/protocol-oriented.md +354 -0
  390. package/skills/swift/swift-expert/references/swiftui-patterns.md +291 -0
  391. package/skills/swift/swift-expert/references/testing-patterns.md +399 -0
  392. package/skills/workflow/brainstorming/SKILL.md +164 -0
  393. package/skills/workflow/brainstorming/scripts/helper.js +88 -0
  394. package/skills/workflow/brainstorming/scripts/start-server.sh +148 -0
  395. package/skills/workflow/brainstorming/scripts/stop-server.sh +56 -0
  396. package/skills/workflow/brainstorming/spec-document-reviewer-prompt.md +49 -0
  397. package/skills/workflow/brainstorming/visual-companion.md +287 -0
  398. package/skills/workflow/documentation/SKILL.md +45 -0
  399. package/skills/workflow/entropy-management/SKILL.md +115 -0
  400. package/skills/workflow/executing-plans/SKILL.md +70 -0
  401. package/skills/workflow/finishing-a-development-branch/SKILL.md +200 -0
  402. package/skills/workflow/receiving-code-review/SKILL.md +213 -0
  403. package/skills/workflow/requesting-code-review/SKILL.md +105 -0
  404. package/skills/workflow/requesting-code-review/code-reviewer.md +146 -0
  405. package/skills/workflow/requirement-engineering/SKILL.md +111 -0
  406. package/skills/workflow/systematic-debugging/CREATION-LOG.md +119 -0
  407. package/skills/workflow/systematic-debugging/SKILL.md +296 -0
  408. package/skills/workflow/systematic-debugging/condition-based-waiting-example.ts +158 -0
  409. package/skills/workflow/systematic-debugging/condition-based-waiting.md +115 -0
  410. package/skills/workflow/systematic-debugging/defense-in-depth.md +122 -0
  411. package/skills/workflow/systematic-debugging/find-polluter.sh +63 -0
  412. package/skills/workflow/systematic-debugging/root-cause-tracing.md +169 -0
  413. package/skills/workflow/systematic-debugging/test-academic.md +14 -0
  414. package/skills/workflow/systematic-debugging/test-pressure-1.md +58 -0
  415. package/skills/workflow/systematic-debugging/test-pressure-2.md +68 -0
  416. package/skills/workflow/systematic-debugging/test-pressure-3.md +69 -0
  417. package/skills/workflow/using-git-worktrees/SKILL.md +218 -0
  418. package/skills/workflow/verification-before-completion/SKILL.md +139 -0
  419. package/skills/workflow/writing-plans/SKILL.md +151 -0
  420. package/skills/workflow/writing-plans/plan-document-reviewer-prompt.md +49 -0
  421. package/skills/workflow/writing-skills/SKILL.md +655 -0
  422. package/skills/workflow/writing-skills/anthropic-best-practices.md +1150 -0
  423. package/skills/workflow/writing-skills/examples/CLAUDE_MD_TESTING.md +189 -0
  424. package/skills/workflow/writing-skills/graphviz-conventions.dot +0 -0
  425. package/skills/workflow/writing-skills/persuasion-principles.md +187 -0
  426. package/skills/workflow/writing-skills/render-graphs.js +168 -0
  427. package/skills/workflow/writing-skills/testing-skills-with-subagents.md +384 -0
  428. package/skills/angular-architect/SKILL.md +0 -152
  429. package/skills/angular-architect/references/components.md +0 -297
  430. package/skills/angular-architect/references/ngrx.md +0 -401
  431. package/skills/angular-architect/references/routing.md +0 -361
  432. package/skills/angular-architect/references/rxjs.md +0 -319
  433. package/skills/angular-architect/references/testing.md +0 -405
  434. package/skills/api-designer/SKILL.md +0 -217
  435. package/skills/api-designer/references/error-handling.md +0 -541
  436. package/skills/api-designer/references/openapi.md +0 -824
  437. package/skills/api-designer/references/pagination.md +0 -494
  438. package/skills/api-designer/references/rest-patterns.md +0 -335
  439. package/skills/api-designer/references/versioning.md +0 -391
  440. package/skills/architecture-designer/SKILL.md +0 -117
  441. package/skills/architecture-designer/references/adr-template.md +0 -116
  442. package/skills/architecture-designer/references/architecture-patterns.md +0 -111
  443. package/skills/architecture-designer/references/database-selection.md +0 -102
  444. package/skills/architecture-designer/references/nfr-checklist.md +0 -112
  445. package/skills/architecture-designer/references/system-design.md +0 -100
  446. package/skills/brainstorming/SKILL.md +0 -164
  447. package/skills/brainstorming/scripts/helper.js +0 -88
  448. package/skills/brainstorming/scripts/start-server.sh +0 -148
  449. package/skills/brainstorming/scripts/stop-server.sh +0 -56
  450. package/skills/brainstorming/spec-document-reviewer-prompt.md +0 -49
  451. package/skills/brainstorming/visual-companion.md +0 -287
  452. package/skills/chaos-engineer/SKILL.md +0 -182
  453. package/skills/chaos-engineer/references/chaos-tools.md +0 -511
  454. package/skills/chaos-engineer/references/experiment-design.md +0 -229
  455. package/skills/chaos-engineer/references/game-days.md +0 -434
  456. package/skills/chaos-engineer/references/infrastructure-chaos.md +0 -348
  457. package/skills/chaos-engineer/references/kubernetes-chaos.md +0 -432
  458. package/skills/cli-developer/SKILL.md +0 -113
  459. package/skills/cli-developer/references/design-patterns.md +0 -221
  460. package/skills/cli-developer/references/go-cli.md +0 -540
  461. package/skills/cli-developer/references/node-cli.md +0 -383
  462. package/skills/cli-developer/references/python-cli.md +0 -422
  463. package/skills/cli-developer/references/ux-patterns.md +0 -448
  464. package/skills/cloud-architect/SKILL.md +0 -216
  465. package/skills/cloud-architect/references/aws.md +0 -394
  466. package/skills/cloud-architect/references/azure.md +0 -562
  467. package/skills/cloud-architect/references/cost.md +0 -582
  468. package/skills/cloud-architect/references/gcp.md +0 -633
  469. package/skills/cloud-architect/references/multi-cloud.md +0 -483
  470. package/skills/code-documenter/SKILL.md +0 -147
  471. package/skills/code-documenter/references/api-docs-fastapi-django.md +0 -166
  472. package/skills/code-documenter/references/api-docs-nestjs-express.md +0 -220
  473. package/skills/code-documenter/references/coverage-reports.md +0 -125
  474. package/skills/code-documenter/references/documentation-systems.md +0 -333
  475. package/skills/code-documenter/references/interactive-api-docs.md +0 -531
  476. package/skills/code-documenter/references/python-docstrings.md +0 -121
  477. package/skills/code-documenter/references/typescript-jsdoc.md +0 -145
  478. package/skills/code-documenter/references/user-guides-tutorials.md +0 -530
  479. package/skills/code-reviewer/SKILL.md +0 -119
  480. package/skills/code-reviewer/references/common-issues.md +0 -142
  481. package/skills/code-reviewer/references/feedback-examples.md +0 -144
  482. package/skills/code-reviewer/references/receiving-feedback.md +0 -238
  483. package/skills/code-reviewer/references/report-template.md +0 -109
  484. package/skills/code-reviewer/references/review-checklist.md +0 -88
  485. package/skills/code-reviewer/references/spec-compliance-review.md +0 -258
  486. package/skills/cpp-pro/SKILL.md +0 -115
  487. package/skills/cpp-pro/references/build-tooling.md +0 -440
  488. package/skills/cpp-pro/references/concurrency.md +0 -437
  489. package/skills/cpp-pro/references/memory-performance.md +0 -397
  490. package/skills/cpp-pro/references/modern-cpp.md +0 -304
  491. package/skills/cpp-pro/references/templates.md +0 -357
  492. package/skills/csharp-developer/SKILL.md +0 -125
  493. package/skills/csharp-developer/references/aspnet-core.md +0 -394
  494. package/skills/csharp-developer/references/blazor.md +0 -553
  495. package/skills/csharp-developer/references/entity-framework.md +0 -409
  496. package/skills/csharp-developer/references/modern-csharp.md +0 -248
  497. package/skills/csharp-developer/references/performance.md +0 -498
  498. package/skills/database-optimizer/SKILL.md +0 -147
  499. package/skills/database-optimizer/references/index-strategies.md +0 -331
  500. package/skills/database-optimizer/references/monitoring-analysis.md +0 -501
  501. package/skills/database-optimizer/references/mysql-tuning.md +0 -452
  502. package/skills/database-optimizer/references/postgresql-tuning.md +0 -413
  503. package/skills/database-optimizer/references/query-optimization.md +0 -251
  504. package/skills/debugging-wizard/SKILL.md +0 -105
  505. package/skills/debugging-wizard/references/common-patterns.md +0 -132
  506. package/skills/debugging-wizard/references/debugging-tools.md +0 -140
  507. package/skills/debugging-wizard/references/quick-fixes.md +0 -177
  508. package/skills/debugging-wizard/references/strategies.md +0 -142
  509. package/skills/debugging-wizard/references/systematic-debugging.md +0 -367
  510. package/skills/devops-engineer/SKILL.md +0 -144
  511. package/skills/devops-engineer/references/deployment-strategies.md +0 -241
  512. package/skills/devops-engineer/references/docker-patterns.md +0 -113
  513. package/skills/devops-engineer/references/github-actions.md +0 -139
  514. package/skills/devops-engineer/references/incident-response.md +0 -331
  515. package/skills/devops-engineer/references/kubernetes.md +0 -154
  516. package/skills/devops-engineer/references/platform-engineering.md +0 -417
  517. package/skills/devops-engineer/references/release-automation.md +0 -527
  518. package/skills/devops-engineer/references/terraform-iac.md +0 -141
  519. package/skills/django-expert/SKILL.md +0 -162
  520. package/skills/django-expert/references/authentication.md +0 -145
  521. package/skills/django-expert/references/drf-serializers.md +0 -148
  522. package/skills/django-expert/references/models-orm.md +0 -151
  523. package/skills/django-expert/references/testing-django.md +0 -204
  524. package/skills/django-expert/references/viewsets-views.md +0 -153
  525. package/skills/documentation/SKILL.md +0 -45
  526. package/skills/dotnet-core-expert/SKILL.md +0 -138
  527. package/skills/dotnet-core-expert/references/authentication.md +0 -546
  528. package/skills/dotnet-core-expert/references/clean-architecture.md +0 -455
  529. package/skills/dotnet-core-expert/references/cloud-native.md +0 -548
  530. package/skills/dotnet-core-expert/references/entity-framework.md +0 -440
  531. package/skills/dotnet-core-expert/references/minimal-apis.md +0 -319
  532. package/skills/entropy-management/SKILL.md +0 -115
  533. package/skills/executing-plans/SKILL.md +0 -70
  534. package/skills/fastapi-expert/SKILL.md +0 -185
  535. package/skills/fastapi-expert/references/async-sqlalchemy.md +0 -146
  536. package/skills/fastapi-expert/references/authentication.md +0 -159
  537. package/skills/fastapi-expert/references/endpoints-routing.md +0 -142
  538. package/skills/fastapi-expert/references/migration-from-django.md +0 -997
  539. package/skills/fastapi-expert/references/pydantic-v2.md +0 -135
  540. package/skills/fastapi-expert/references/testing-async.md +0 -159
  541. package/skills/feature-forge/SKILL.md +0 -98
  542. package/skills/feature-forge/references/acceptance-criteria.md +0 -104
  543. package/skills/feature-forge/references/ears-syntax.md +0 -99
  544. package/skills/feature-forge/references/interview-questions.md +0 -150
  545. package/skills/feature-forge/references/pre-discovery-subagents.md +0 -54
  546. package/skills/feature-forge/references/specification-template.md +0 -103
  547. package/skills/fine-tuning-expert/SKILL.md +0 -162
  548. package/skills/fine-tuning-expert/references/dataset-preparation.md +0 -540
  549. package/skills/fine-tuning-expert/references/deployment-optimization.md +0 -673
  550. package/skills/fine-tuning-expert/references/evaluation-metrics.md +0 -597
  551. package/skills/fine-tuning-expert/references/hyperparameter-tuning.md +0 -565
  552. package/skills/fine-tuning-expert/references/lora-peft.md +0 -347
  553. package/skills/finishing-a-development-branch/SKILL.md +0 -200
  554. package/skills/flutter-expert/SKILL.md +0 -138
  555. package/skills/flutter-expert/references/bloc-state.md +0 -259
  556. package/skills/flutter-expert/references/gorouter-navigation.md +0 -119
  557. package/skills/flutter-expert/references/performance.md +0 -99
  558. package/skills/flutter-expert/references/project-structure.md +0 -118
  559. package/skills/flutter-expert/references/riverpod-state.md +0 -130
  560. package/skills/flutter-expert/references/widget-patterns.md +0 -123
  561. package/skills/fullstack-guardian/SKILL.md +0 -105
  562. package/skills/fullstack-guardian/references/api-design-standards.md +0 -307
  563. package/skills/fullstack-guardian/references/architecture-decisions.md +0 -350
  564. package/skills/fullstack-guardian/references/backend-patterns.md +0 -237
  565. package/skills/fullstack-guardian/references/common-patterns.md +0 -134
  566. package/skills/fullstack-guardian/references/deliverables-checklist.md +0 -354
  567. package/skills/fullstack-guardian/references/design-template.md +0 -91
  568. package/skills/fullstack-guardian/references/error-handling.md +0 -135
  569. package/skills/fullstack-guardian/references/frontend-patterns.md +0 -340
  570. package/skills/fullstack-guardian/references/integration-patterns.md +0 -333
  571. package/skills/fullstack-guardian/references/security-checklist.md +0 -106
  572. package/skills/golang-pro/SKILL.md +0 -122
  573. package/skills/golang-pro/references/concurrency.md +0 -329
  574. package/skills/golang-pro/references/generics.md +0 -442
  575. package/skills/golang-pro/references/interfaces.md +0 -432
  576. package/skills/golang-pro/references/project-structure.md +0 -477
  577. package/skills/golang-pro/references/testing.md +0 -451
  578. package/skills/graphql-architect/SKILL.md +0 -146
  579. package/skills/graphql-architect/references/federation.md +0 -418
  580. package/skills/graphql-architect/references/migration-from-rest.md +0 -1141
  581. package/skills/graphql-architect/references/resolvers.md +0 -425
  582. package/skills/graphql-architect/references/schema-design.md +0 -393
  583. package/skills/graphql-architect/references/security.md +0 -569
  584. package/skills/graphql-architect/references/subscriptions.md +0 -510
  585. package/skills/java-architect/SKILL.md +0 -132
  586. package/skills/java-architect/references/jpa-optimization.md +0 -393
  587. package/skills/java-architect/references/reactive-webflux.md +0 -356
  588. package/skills/java-architect/references/spring-boot-setup.md +0 -269
  589. package/skills/java-architect/references/spring-security.md +0 -445
  590. package/skills/java-architect/references/testing-patterns.md +0 -500
  591. package/skills/javascript-pro/SKILL.md +0 -132
  592. package/skills/javascript-pro/references/async-patterns.md +0 -334
  593. package/skills/javascript-pro/references/browser-apis.md +0 -398
  594. package/skills/javascript-pro/references/modern-syntax.md +0 -272
  595. package/skills/javascript-pro/references/modules.md +0 -357
  596. package/skills/javascript-pro/references/node-essentials.md +0 -471
  597. package/skills/kotlin-specialist/SKILL.md +0 -147
  598. package/skills/kotlin-specialist/references/android-compose.md +0 -419
  599. package/skills/kotlin-specialist/references/coroutines-flow.md +0 -276
  600. package/skills/kotlin-specialist/references/dsl-idioms.md +0 -421
  601. package/skills/kotlin-specialist/references/ktor-server.md +0 -426
  602. package/skills/kotlin-specialist/references/multiplatform-kmp.md +0 -380
  603. package/skills/kubernetes-specialist/SKILL.md +0 -241
  604. package/skills/kubernetes-specialist/references/configuration.md +0 -452
  605. package/skills/kubernetes-specialist/references/cost-optimization.md +0 -458
  606. package/skills/kubernetes-specialist/references/custom-operators.md +0 -563
  607. package/skills/kubernetes-specialist/references/gitops.md +0 -530
  608. package/skills/kubernetes-specialist/references/helm-charts.md +0 -912
  609. package/skills/kubernetes-specialist/references/multi-cluster.md +0 -507
  610. package/skills/kubernetes-specialist/references/networking.md +0 -447
  611. package/skills/kubernetes-specialist/references/service-mesh.md +0 -459
  612. package/skills/kubernetes-specialist/references/storage.md +0 -535
  613. package/skills/kubernetes-specialist/references/troubleshooting.md +0 -414
  614. package/skills/kubernetes-specialist/references/workloads.md +0 -377
  615. package/skills/laravel-specialist/SKILL.md +0 -262
  616. package/skills/laravel-specialist/references/eloquent.md +0 -351
  617. package/skills/laravel-specialist/references/livewire.md +0 -512
  618. package/skills/laravel-specialist/references/queues.md +0 -423
  619. package/skills/laravel-specialist/references/routing.md +0 -362
  620. package/skills/laravel-specialist/references/testing.md +0 -522
  621. package/skills/legacy-modernizer/SKILL.md +0 -137
  622. package/skills/legacy-modernizer/references/legacy-testing.md +0 -381
  623. package/skills/legacy-modernizer/references/migration-strategies.md +0 -423
  624. package/skills/legacy-modernizer/references/refactoring-patterns.md +0 -395
  625. package/skills/legacy-modernizer/references/strangler-fig-pattern.md +0 -281
  626. package/skills/legacy-modernizer/references/system-assessment.md +0 -487
  627. package/skills/mcp-developer/SKILL.md +0 -143
  628. package/skills/mcp-developer/references/protocol.md +0 -244
  629. package/skills/mcp-developer/references/python-sdk.md +0 -367
  630. package/skills/mcp-developer/references/resources.md +0 -554
  631. package/skills/mcp-developer/references/tools.md +0 -480
  632. package/skills/mcp-developer/references/typescript-sdk.md +0 -350
  633. package/skills/microservices-architect/SKILL.md +0 -164
  634. package/skills/microservices-architect/references/communication.md +0 -499
  635. package/skills/microservices-architect/references/data.md +0 -721
  636. package/skills/microservices-architect/references/decomposition.md +0 -344
  637. package/skills/microservices-architect/references/observability.md +0 -805
  638. package/skills/microservices-architect/references/patterns.md +0 -603
  639. package/skills/ml-pipeline/SKILL.md +0 -159
  640. package/skills/ml-pipeline/references/experiment-tracking.md +0 -833
  641. package/skills/ml-pipeline/references/feature-engineering.md +0 -631
  642. package/skills/ml-pipeline/references/model-validation.md +0 -978
  643. package/skills/ml-pipeline/references/pipeline-orchestration.md +0 -907
  644. package/skills/ml-pipeline/references/training-pipelines.md +0 -782
  645. package/skills/monitoring-expert/SKILL.md +0 -176
  646. package/skills/monitoring-expert/references/alerting-rules.md +0 -141
  647. package/skills/monitoring-expert/references/application-profiling.md +0 -331
  648. package/skills/monitoring-expert/references/capacity-planning.md +0 -344
  649. package/skills/monitoring-expert/references/dashboards.md +0 -126
  650. package/skills/monitoring-expert/references/opentelemetry.md +0 -123
  651. package/skills/monitoring-expert/references/performance-testing.md +0 -269
  652. package/skills/monitoring-expert/references/prometheus-metrics.md +0 -136
  653. package/skills/monitoring-expert/references/structured-logging.md +0 -142
  654. package/skills/nestjs-expert/SKILL.md +0 -206
  655. package/skills/nestjs-expert/references/authentication.md +0 -166
  656. package/skills/nestjs-expert/references/controllers-routing.md +0 -111
  657. package/skills/nestjs-expert/references/dtos-validation.md +0 -153
  658. package/skills/nestjs-expert/references/migration-from-express.md +0 -1237
  659. package/skills/nestjs-expert/references/services-di.md +0 -140
  660. package/skills/nestjs-expert/references/testing-patterns.md +0 -186
  661. package/skills/nextjs-developer/SKILL.md +0 -143
  662. package/skills/nextjs-developer/references/app-router.md +0 -311
  663. package/skills/nextjs-developer/references/data-fetching.md +0 -482
  664. package/skills/nextjs-developer/references/deployment.md +0 -545
  665. package/skills/nextjs-developer/references/server-actions.md +0 -462
  666. package/skills/nextjs-developer/references/server-components.md +0 -384
  667. package/skills/pandas-pro/SKILL.md +0 -178
  668. package/skills/pandas-pro/references/aggregation-groupby.md +0 -545
  669. package/skills/pandas-pro/references/data-cleaning.md +0 -500
  670. package/skills/pandas-pro/references/dataframe-operations.md +0 -420
  671. package/skills/pandas-pro/references/merging-joining.md +0 -596
  672. package/skills/pandas-pro/references/performance-optimization.md +0 -597
  673. package/skills/php-pro/SKILL.md +0 -206
  674. package/skills/php-pro/references/async-patterns.md +0 -412
  675. package/skills/php-pro/references/laravel-patterns.md +0 -377
  676. package/skills/php-pro/references/modern-php-features.md +0 -323
  677. package/skills/php-pro/references/symfony-patterns.md +0 -466
  678. package/skills/php-pro/references/testing-quality.md +0 -466
  679. package/skills/playwright-expert/SKILL.md +0 -169
  680. package/skills/playwright-expert/references/api-mocking.md +0 -140
  681. package/skills/playwright-expert/references/configuration.md +0 -155
  682. package/skills/playwright-expert/references/debugging-flaky.md +0 -150
  683. package/skills/playwright-expert/references/page-object-model.md +0 -152
  684. package/skills/playwright-expert/references/selectors-locators.md +0 -119
  685. package/skills/postgres-pro/SKILL.md +0 -152
  686. package/skills/postgres-pro/references/extensions.md +0 -404
  687. package/skills/postgres-pro/references/jsonb.md +0 -321
  688. package/skills/postgres-pro/references/maintenance.md +0 -481
  689. package/skills/postgres-pro/references/performance.md +0 -265
  690. package/skills/postgres-pro/references/replication.md +0 -446
  691. package/skills/python-pro/SKILL.md +0 -177
  692. package/skills/python-pro/references/async-patterns.md +0 -356
  693. package/skills/python-pro/references/packaging.md +0 -460
  694. package/skills/python-pro/references/standard-library.md +0 -378
  695. package/skills/python-pro/references/testing.md +0 -404
  696. package/skills/python-pro/references/type-system.md +0 -290
  697. package/skills/rag-architect/SKILL.md +0 -194
  698. package/skills/rag-architect/references/chunking-strategies.md +0 -878
  699. package/skills/rag-architect/references/embedding-models.md +0 -561
  700. package/skills/rag-architect/references/rag-evaluation.md +0 -833
  701. package/skills/rag-architect/references/retrieval-optimization.md +0 -795
  702. package/skills/rag-architect/references/vector-databases.md +0 -589
  703. package/skills/rails-expert/SKILL.md +0 -154
  704. package/skills/rails-expert/references/active-record.md +0 -244
  705. package/skills/rails-expert/references/api-development.md +0 -401
  706. package/skills/rails-expert/references/background-jobs.md +0 -272
  707. package/skills/rails-expert/references/hotwire-turbo.md +0 -228
  708. package/skills/rails-expert/references/rspec-testing.md +0 -367
  709. package/skills/react-expert/SKILL.md +0 -149
  710. package/skills/react-expert/references/hooks-patterns.md +0 -162
  711. package/skills/react-expert/references/migration-class-to-modern.md +0 -1119
  712. package/skills/react-expert/references/performance.md +0 -168
  713. package/skills/react-expert/references/react-19-features.md +0 -174
  714. package/skills/react-expert/references/server-components.md +0 -143
  715. package/skills/react-expert/references/state-management.md +0 -171
  716. package/skills/react-expert/references/testing-react.md +0 -174
  717. package/skills/react-native-expert/SKILL.md +0 -185
  718. package/skills/react-native-expert/references/expo-router.md +0 -187
  719. package/skills/react-native-expert/references/list-optimization.md +0 -204
  720. package/skills/react-native-expert/references/platform-handling.md +0 -188
  721. package/skills/react-native-expert/references/project-structure.md +0 -171
  722. package/skills/react-native-expert/references/storage-hooks.md +0 -173
  723. package/skills/receiving-code-review/SKILL.md +0 -213
  724. package/skills/requesting-code-review/SKILL.md +0 -105
  725. package/skills/requesting-code-review/code-reviewer.md +0 -146
  726. package/skills/requirement-engineering/SKILL.md +0 -111
  727. package/skills/rust-engineer/SKILL.md +0 -167
  728. package/skills/rust-engineer/references/async.md +0 -458
  729. package/skills/rust-engineer/references/error-handling.md +0 -334
  730. package/skills/rust-engineer/references/ownership.md +0 -278
  731. package/skills/rust-engineer/references/testing.md +0 -470
  732. package/skills/rust-engineer/references/traits.md +0 -413
  733. package/skills/secure-code-guardian/SKILL.md +0 -191
  734. package/skills/secure-code-guardian/references/authentication.md +0 -136
  735. package/skills/secure-code-guardian/references/input-validation.md +0 -146
  736. package/skills/secure-code-guardian/references/owasp-prevention.md +0 -135
  737. package/skills/secure-code-guardian/references/security-headers.md +0 -133
  738. package/skills/secure-code-guardian/references/xss-csrf.md +0 -157
  739. package/skills/security-reviewer/SKILL.md +0 -103
  740. package/skills/security-reviewer/references/infrastructure-security.md +0 -268
  741. package/skills/security-reviewer/references/penetration-testing.md +0 -268
  742. package/skills/security-reviewer/references/report-template.md +0 -170
  743. package/skills/security-reviewer/references/sast-tools.md +0 -117
  744. package/skills/security-reviewer/references/secret-scanning.md +0 -125
  745. package/skills/security-reviewer/references/vulnerability-patterns.md +0 -152
  746. package/skills/spark-engineer/SKILL.md +0 -148
  747. package/skills/spark-engineer/references/partitioning-caching.md +0 -543
  748. package/skills/spark-engineer/references/performance-tuning.md +0 -544
  749. package/skills/spark-engineer/references/rdd-operations.md +0 -599
  750. package/skills/spark-engineer/references/spark-sql-dataframes.md +0 -474
  751. package/skills/spark-engineer/references/streaming-patterns.md +0 -786
  752. package/skills/spring-boot-engineer/SKILL.md +0 -195
  753. package/skills/spring-boot-engineer/references/cloud.md +0 -498
  754. package/skills/spring-boot-engineer/references/data.md +0 -381
  755. package/skills/spring-boot-engineer/references/security.md +0 -459
  756. package/skills/spring-boot-engineer/references/testing.md +0 -545
  757. package/skills/spring-boot-engineer/references/web.md +0 -295
  758. package/skills/sql-pro/SKILL.md +0 -129
  759. package/skills/sql-pro/references/database-design.md +0 -402
  760. package/skills/sql-pro/references/dialect-differences.md +0 -419
  761. package/skills/sql-pro/references/optimization.md +0 -384
  762. package/skills/sql-pro/references/query-patterns.md +0 -285
  763. package/skills/sql-pro/references/window-functions.md +0 -328
  764. package/skills/sre-engineer/SKILL.md +0 -181
  765. package/skills/sre-engineer/references/automation-toil.md +0 -492
  766. package/skills/sre-engineer/references/error-budget-policy.md +0 -334
  767. package/skills/sre-engineer/references/incident-chaos.md +0 -576
  768. package/skills/sre-engineer/references/monitoring-alerting.md +0 -424
  769. package/skills/sre-engineer/references/slo-sli-management.md +0 -238
  770. package/skills/swift-expert/SKILL.md +0 -163
  771. package/skills/swift-expert/references/async-concurrency.md +0 -360
  772. package/skills/swift-expert/references/memory-performance.md +0 -377
  773. package/skills/swift-expert/references/protocol-oriented.md +0 -354
  774. package/skills/swift-expert/references/swiftui-patterns.md +0 -291
  775. package/skills/swift-expert/references/testing-patterns.md +0 -399
  776. package/skills/systematic-debugging/CREATION-LOG.md +0 -119
  777. package/skills/systematic-debugging/SKILL.md +0 -296
  778. package/skills/systematic-debugging/condition-based-waiting-example.ts +0 -158
  779. package/skills/systematic-debugging/condition-based-waiting.md +0 -115
  780. package/skills/systematic-debugging/defense-in-depth.md +0 -122
  781. package/skills/systematic-debugging/find-polluter.sh +0 -63
  782. package/skills/systematic-debugging/root-cause-tracing.md +0 -169
  783. package/skills/systematic-debugging/test-academic.md +0 -14
  784. package/skills/systematic-debugging/test-pressure-1.md +0 -58
  785. package/skills/systematic-debugging/test-pressure-2.md +0 -68
  786. package/skills/systematic-debugging/test-pressure-3.md +0 -69
  787. package/skills/tdd-guide/assets/sample_coverage_report.lcov +0 -56
  788. package/skills/terraform-engineer/SKILL.md +0 -143
  789. package/skills/terraform-engineer/references/best-practices.md +0 -583
  790. package/skills/terraform-engineer/references/module-patterns.md +0 -297
  791. package/skills/terraform-engineer/references/providers.md +0 -452
  792. package/skills/terraform-engineer/references/state-management.md +0 -371
  793. package/skills/terraform-engineer/references/testing.md +0 -486
  794. package/skills/test-master/SKILL.md +0 -94
  795. package/skills/test-master/references/automation-frameworks.md +0 -294
  796. package/skills/test-master/references/e2e-testing.md +0 -128
  797. package/skills/test-master/references/integration-testing.md +0 -120
  798. package/skills/test-master/references/performance-testing.md +0 -118
  799. package/skills/test-master/references/qa-methodology.md +0 -247
  800. package/skills/test-master/references/security-testing.md +0 -127
  801. package/skills/test-master/references/tdd-iron-laws.md +0 -174
  802. package/skills/test-master/references/test-reports.md +0 -104
  803. package/skills/test-master/references/testing-anti-patterns.md +0 -231
  804. package/skills/test-master/references/unit-testing.md +0 -113
  805. package/skills/typescript-pro/SKILL.md +0 -145
  806. package/skills/typescript-pro/references/advanced-types.md +0 -259
  807. package/skills/typescript-pro/references/configuration.md +0 -445
  808. package/skills/typescript-pro/references/patterns.md +0 -484
  809. package/skills/typescript-pro/references/type-guards.md +0 -352
  810. package/skills/typescript-pro/references/utility-types.md +0 -329
  811. package/skills/using-git-worktrees/SKILL.md +0 -218
  812. package/skills/verification-before-completion/SKILL.md +0 -139
  813. package/skills/vue-expert/SKILL.md +0 -98
  814. package/skills/vue-expert/references/build-tooling.md +0 -480
  815. package/skills/vue-expert/references/components.md +0 -448
  816. package/skills/vue-expert/references/composition-api.md +0 -299
  817. package/skills/vue-expert/references/mobile-hybrid.md +0 -636
  818. package/skills/vue-expert/references/nuxt.md +0 -669
  819. package/skills/vue-expert/references/state-management.md +0 -449
  820. package/skills/vue-expert/references/typescript.md +0 -584
  821. package/skills/vue-expert-js/SKILL.md +0 -167
  822. package/skills/vue-expert-js/references/component-architecture.md +0 -219
  823. package/skills/vue-expert-js/references/composables-patterns.md +0 -183
  824. package/skills/vue-expert-js/references/jsdoc-typing.md +0 -535
  825. package/skills/vue-expert-js/references/state-management.md +0 -249
  826. package/skills/vue-expert-js/references/testing-patterns.md +0 -237
  827. package/skills/websocket-engineer/SKILL.md +0 -168
  828. package/skills/websocket-engineer/references/alternatives.md +0 -391
  829. package/skills/websocket-engineer/references/patterns.md +0 -400
  830. package/skills/websocket-engineer/references/protocol.md +0 -195
  831. package/skills/websocket-engineer/references/scaling.md +0 -333
  832. package/skills/websocket-engineer/references/security.md +0 -474
  833. package/skills/writing-plans/SKILL.md +0 -151
  834. package/skills/writing-plans/plan-document-reviewer-prompt.md +0 -49
  835. package/skills/writing-skills/SKILL.md +0 -655
  836. package/skills/writing-skills/anthropic-best-practices.md +0 -1150
  837. package/skills/writing-skills/examples/CLAUDE_MD_TESTING.md +0 -189
  838. package/skills/writing-skills/graphviz-conventions.dot +0 -172
  839. package/skills/writing-skills/persuasion-principles.md +0 -187
  840. package/skills/writing-skills/render-graphs.js +0 -168
  841. package/skills/writing-skills/testing-skills-with-subagents.md +0 -384
  842. /package/skills/{design-commands → frontend/design-commands}/design.md +0 -0
  843. /package/skills/{design-commands → frontend/design-commands}/handoff.md +0 -0
  844. /package/skills/{design-commands → frontend/design-commands}/prototype.md +0 -0
  845. /package/skills/{design-commands → frontend/design-commands}/spec.md +0 -0
  846. /package/skills/{design-commands → frontend/design-commands}/style.md +0 -0
  847. /package/skills/{senior-frontend → frontend/senior-frontend}/SKILL.md +0 -0
  848. /package/skills/{senior-frontend → frontend/senior-frontend}/references/frontend_best_practices.md +0 -0
  849. /package/skills/{senior-frontend → frontend/senior-frontend}/references/nextjs_optimization_guide.md +0 -0
  850. /package/skills/{senior-frontend → frontend/senior-frontend}/references/react_patterns.md +0 -0
  851. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/bundle_analyzer.py +0 -0
  852. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/component_generator.py +0 -0
  853. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/frontend_scaffolder.py +0 -0
  854. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/SKILL.md +0 -0
  855. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/charts.csv +0 -0
  856. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/colors.csv +0 -0
  857. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/icons.csv +0 -0
  858. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/landing.csv +0 -0
  859. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/products.csv +0 -0
  860. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/react-performance.csv +0 -0
  861. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/astro.csv +0 -0
  862. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/flutter.csv +0 -0
  863. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/html-tailwind.csv +0 -0
  864. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/jetpack-compose.csv +0 -0
  865. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nextjs.csv +0 -0
  866. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nuxt-ui.csv +0 -0
  867. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nuxtjs.csv +0 -0
  868. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/react-native.csv +0 -0
  869. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/react.csv +0 -0
  870. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/shadcn.csv +0 -0
  871. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/svelte.csv +0 -0
  872. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/swiftui.csv +0 -0
  873. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/vue.csv +0 -0
  874. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/styles.csv +0 -0
  875. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/typography.csv +0 -0
  876. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/ui-reasoning.csv +0 -0
  877. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/ux-guidelines.csv +0 -0
  878. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/web-interface.csv +0 -0
  879. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/core.py +0 -0
  880. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/design_system.py +0 -0
  881. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/search.py +0 -0
  882. /package/skills/{competitive-analysis → product/competitive-analysis}/SKILL.md +0 -0
  883. /package/skills/{meeting-notes → product/meeting-notes}/SKILL.md +0 -0
  884. /package/skills/{prd-template → product/prd-template}/SKILL.md +0 -0
  885. /package/skills/{stakeholder-update → product/stakeholder-update}/SKILL.md +0 -0
  886. /package/skills/{user-research-synthesis → product/user-research-synthesis}/SKILL.md +0 -0
  887. /package/skills/{senior-qa → quality/senior-qa}/README.md +0 -0
  888. /package/skills/{senior-qa → quality/senior-qa}/SKILL.md +0 -0
  889. /package/skills/{senior-qa → quality/senior-qa}/references/qa_best_practices.md +0 -0
  890. /package/skills/{senior-qa → quality/senior-qa}/references/test_automation_patterns.md +0 -0
  891. /package/skills/{senior-qa → quality/senior-qa}/references/testing_strategies.md +0 -0
  892. /package/skills/{senior-qa → quality/senior-qa}/scripts/coverage_analyzer.py +0 -0
  893. /package/skills/{senior-qa → quality/senior-qa}/scripts/e2e_test_scaffolder.py +0 -0
  894. /package/skills/{senior-qa → quality/senior-qa}/scripts/test_suite_generator.py +0 -0
  895. /package/skills/{tdd-guide → quality/tdd-guide}/HOW_TO_USE.md +0 -0
  896. /package/skills/{tdd-guide → quality/tdd-guide}/README.md +0 -0
  897. /package/skills/{tdd-guide → quality/tdd-guide}/SKILL.md +0 -0
  898. /package/skills/{tdd-guide → quality/tdd-guide}/assets/expected_output.json +0 -0
  899. /package/skills/{tdd-guide → quality/tdd-guide}/assets/sample_input_python.json +0 -0
  900. /package/skills/{tdd-guide → quality/tdd-guide}/assets/sample_input_typescript.json +0 -0
  901. /package/skills/{tdd-guide → quality/tdd-guide}/references/ci-integration.md +0 -0
  902. /package/skills/{tdd-guide → quality/tdd-guide}/references/framework-guide.md +0 -0
  903. /package/skills/{tdd-guide → quality/tdd-guide}/references/tdd-best-practices.md +0 -0
  904. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/coverage_analyzer.py +0 -0
  905. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/fixture_generator.py +0 -0
  906. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/format_detector.py +0 -0
  907. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/framework_adapter.py +0 -0
  908. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/metrics_calculator.py +0 -0
  909. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/output_formatter.py +0 -0
  910. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/tdd_workflow.py +0 -0
  911. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/test_generator.py +0 -0
  912. /package/skills/{brainstorming → workflow/brainstorming}/scripts/frame-template.html +0 -0
  913. /package/skills/{brainstorming → workflow/brainstorming}/scripts/server.cjs +0 -0
package/skills/security-reviewer/SKILL.md DELETED
@@ -1,103 +0,0 @@
1
- ---
2
- name: security-reviewer
3
- description: Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance. Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews, dependency audits, secrets scanning, or compliance checks. Produces vulnerability reports, prioritized recommendations, and compliance checklists.
4
- license: MIT
5
- allowed-tools: Read, Grep, Glob, Bash
6
- metadata:
7
- author: https://github.com/Jeffallan
8
- version: "1.1.1"
9
- domain: security
10
- triggers: security review, vulnerability scan, SAST, security audit, penetration test, code audit, security analysis, infrastructure security, DevSecOps, cloud security, compliance audit
11
- role: specialist
12
- scope: review
13
- output-format: report
14
- related-skills: secure-code-guardian, code-reviewer, devops-engineer, cloud-architect, kubernetes-specialist, api-designer, mcp-developer
15
- ---
16
-
17
- # Security Reviewer
18
-
19
- Security analyst specializing in code review, vulnerability identification, penetration testing, and infrastructure security.
20
-
21
- ## When to Use This Skill
22
-
23
- - Code review and SAST scanning
24
- - Vulnerability scanning and dependency audits
25
- - Secrets scanning and credential detection
26
- - Penetration testing and reconnaissance
27
- - Infrastructure and cloud security audits
28
- - DevSecOps pipelines and compliance automation
29
-
30
- ## Core Workflow
31
-
32
- 1. **Scope** — Map attack surface and critical paths. Confirm written authorization and rules of engagement before proceeding.
33
- 2. **Scan** — Run SAST, dependency, and secrets tools. Example commands:
34
- - `semgrep --config=auto .`
35
- - `bandit -r ./src`
36
- - `gitleaks detect --source=.`
37
- - `npm audit --audit-level=moderate`
38
- - `trivy fs .`
39
- 3. **Review** — Manual review of auth, input handling, and crypto. Tools miss context — manual review is mandatory.
40
- 4. **Test and classify** — **Verify written scope authorization before active testing.** Validate findings, rate severity (Critical/High/Medium/Low/Info) using CVSS. Confirm exploitability with proof-of-concept only; do not exceed it.
41
- 5. **Report** — Confirm findings with stakeholder before finalizing. Document with location, impact, and remediation. Report critical findings immediately.
42
-
43
- ## Reference Guide
44
-
45
- Load detailed guidance based on context:
46
-
47
- | Topic | Reference | Load When |
48
- |-------|-----------|-----------|
49
- | SAST Tools | `references/sast-tools.md` | Running automated scans |
50
- | Vulnerability Patterns | `references/vulnerability-patterns.md` | SQL injection, XSS, manual review |
51
- | Secret Scanning | `references/secret-scanning.md` | Gitleaks, finding hardcoded secrets |
52
- | Penetration Testing | `references/penetration-testing.md` | Active testing, reconnaissance, exploitation |
53
- | Infrastructure Security | `references/infrastructure-security.md` | DevSecOps, cloud security, compliance |
54
- | Report Template | `references/report-template.md` | Writing security report |
55
-
56
- ## Constraints
57
-
58
- ### MUST DO
59
- - Check authentication/authorization first
60
- - Run automated tools before manual review
61
- - Provide specific file/line locations
62
- - Include remediation for each finding
63
- - Rate severity consistently
64
- - Check for secrets in code
65
- - Verify scope and authorization before active testing
66
- - Document all testing activities
67
- - Follow rules of engagement
68
- - Report critical findings immediately
69
-
70
- ### MUST NOT DO
71
- - Skip manual review (tools miss things)
72
- - Test on production systems without authorization
73
- - Ignore "low" severity issues
74
- - Assume frameworks handle everything
75
- - Share detailed exploits publicly
76
- - Exploit beyond proof of concept
77
- - Cause service disruption or data loss
78
- - Test outside defined scope
79
-
80
- ## Output Templates
81
-
82
- 1. Executive summary with risk assessment
83
- 2. Findings table with severity counts
84
- 3. Detailed findings with location, impact, and remediation
85
- 4. Prioritized recommendations
86
-
87
- ### Example Finding Entry
88
-
89
- ```
90
- ID: FIND-001
91
- Severity: High (CVSS 8.1)
92
- Title: SQL Injection in user search endpoint
93
- File: src/api/users.py, line 42
94
- Description: User-supplied input is concatenated directly into a SQL query without parameterization.
95
- Impact: An attacker can read, modify, or delete database contents.
96
- Remediation: Use parameterized queries or an ORM. Replace `cursor.execute(f"SELECT * FROM users WHERE name='{name}'")`
97
- with `cursor.execute("SELECT * FROM users WHERE name=%s", (name,))`.
98
- References: CWE-89, OWASP A03:2021
99
- ```
100
-
101
- ## Knowledge Reference
102
-
103
- OWASP Top 10, CWE, Semgrep, Bandit, ESLint Security, gosec, npm audit, gitleaks, trufflehog, CVSS scoring, nmap, Burp Suite, sqlmap, Trivy, Checkov, HashiCorp Vault, AWS Security Hub, CIS benchmarks, SOC2, ISO27001
package/skills/security-reviewer/references/infrastructure-security.md DELETED
@@ -1,268 +0,0 @@
1
- # Infrastructure Security
2
-
3
- ## DevSecOps Integration
4
-
5
- ### CI/CD Security Pipeline
6
-
7
- ```yaml
8
- # GitHub Actions - Security scanning
9
- name: Security Pipeline
10
- on: [push, pull_request]
11
- jobs:
12
- security:
13
- runs-on: ubuntu-latest
14
- steps:
15
- - uses: returntocorp/semgrep-action@v1
16
- - uses: gitleaks/gitleaks-action@v2
17
- - uses: aquasecurity/trivy-action@master
18
- with:
19
- scan-type: 'fs'
20
- severity: 'CRITICAL,HIGH'
21
- ```
22
-
23
- ### Infrastructure as Code Security
24
-
25
- ```bash
26
- # Terraform/CloudFormation scanning
27
- checkov -d terraform/ --framework terraform
28
- tfsec terraform/
29
- terrascan scan -d terraform/
30
-
31
- # Kubernetes manifest scanning
32
- kubesec scan deployment.yaml
33
- ```
34
-
35
- ## Cloud Security Controls
36
-
37
- ### AWS Security Hardening
38
-
39
- ```bash
40
- # Enable security services
41
- aws guardduty create-detector --enable
42
- aws securityhub enable-security-hub
43
- aws cloudtrail create-trail --name security-trail --s3-bucket-name logs
44
-
45
- # Check S3 bucket security
46
- aws s3api list-buckets --query "Buckets[].Name" | \
47
- xargs -I {} aws s3api get-bucket-acl --bucket {}
48
-
49
- # IAM password policy
50
- aws iam update-account-password-policy \
51
- --minimum-password-length 14 \
52
- --require-symbols --require-numbers \
53
- --require-uppercase-characters --require-lowercase-characters
54
- ```
55
-
56
- ### Azure Security
57
-
58
- ```bash
59
- # Enable Security Center
60
- az security auto-provisioning-setting update --name default --auto-provision on
61
-
62
- # Enable disk encryption
63
- az vm encryption enable --resource-group myRG --name myVM --disk-encryption-keyvault myKV
64
- ```
65
-
66
- ### GCP Security
67
-
68
- ```bash
69
- # Enable Security Command Center
70
- gcloud services enable securitycenter.googleapis.com
71
-
72
- # Enable VPC Flow Logs
73
- gcloud compute networks subnets update SUBNET --enable-flow-logs
74
- ```
75
-
76
- ## Container Security
77
-
78
- ### Secure Dockerfile
79
-
80
- ```dockerfile
81
- FROM node:18-alpine
82
- RUN addgroup -g 1001 -S nodejs && adduser -S nodejs -u 1001
83
- WORKDIR /app
84
- COPY --chown=nodejs:nodejs package*.json ./
85
- RUN npm ci --only=production
86
- USER nodejs
87
- EXPOSE 3000
88
- HEALTHCHECK --interval=30s CMD node healthcheck.js
89
- CMD ["node", "server.js"]
90
- ```
91
-
92
- ### Kubernetes Security
93
-
94
- ```yaml
95
- # Pod Security Standards
96
- apiVersion: v1
97
- kind: Pod
98
- metadata:
99
- name: secure-pod
100
- spec:
101
- securityContext:
102
- runAsNonRoot: true
103
- runAsUser: 1000
104
- fsGroup: 2000
105
- seccompProfile:
106
- type: RuntimeDefault
107
- containers:
108
- - name: app
109
- image: myapp:1.0
110
- securityContext:
111
- allowPrivilegeEscalation: false
112
- readOnlyRootFilesystem: true
113
- capabilities:
114
- drop: [ALL]
115
- resources:
116
- limits:
117
- memory: "128Mi"
118
- cpu: "500m"
119
- ---
120
- # Network Policy - Default deny
121
- apiVersion: networking.k8s.io/v1
122
- kind: NetworkPolicy
123
- metadata:
124
- name: default-deny-all
125
- spec:
126
- podSelector: {}
127
- policyTypes:
128
- - Ingress
129
- - Egress
130
- ```
131
-
132
- ## Compliance Automation
133
-
134
- ### CIS Benchmark Scanning
135
-
136
- ```bash
137
- # Docker CIS benchmark
138
- docker run --net host --pid host --cap-add audit_control \
139
- -v /var/lib:/var/lib -v /var/run/docker.sock:/var/run/docker.sock \
140
- docker/docker-bench-security
141
-
142
- # Kubernetes CIS benchmark
143
- kube-bench run --targets master,node
144
-
145
- # Linux system hardening
146
- lynis audit system --quick
147
- ```
148
-
149
- ### Compliance as Code (InSpec)
150
-
151
- ```ruby
152
- # controls/baseline.rb
153
- control 'ssh-hardening' do
154
- impact 1.0
155
- title 'SSH Security Configuration'
156
-
157
- describe sshd_config do
158
- its('Protocol') { should eq '2' }
159
- its('PermitRootLogin') { should eq 'no' }
160
- its('PasswordAuthentication') { should eq 'no' }
161
- end
162
- end
163
-
164
- control 'encryption-at-rest' do
165
- impact 1.0
166
- title 'S3 Encryption Enabled'
167
-
168
- describe aws_s3_bucket('my-bucket') do
169
- it { should have_default_encryption_enabled }
170
- end
171
- end
172
- ```
173
-
174
- ## Secrets Management
175
-
176
- ### HashiCorp Vault
177
-
178
- ```bash
179
- # Initialize and configure
180
- vault operator init
181
- vault secrets enable -path=secret kv-v2
182
-
183
- # Store secrets
184
- vault kv put secret/app/config api_key="secret123"
185
-
186
- # Dynamic database credentials
187
- vault secrets enable database
188
- vault write database/config/postgresql \
189
- plugin_name=postgresql-database-plugin \
190
- allowed_roles="app" \
191
- connection_url="postgresql://{{username}}:{{password}}@localhost:5432/" \
192
- username="vault" password="vaultpass"
193
-
194
- vault write database/roles/app \
195
- db_name=postgresql \
196
- creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}';" \
197
- default_ttl="1h" max_ttl="24h"
198
- ```
199
-
200
- ### Kubernetes Secrets with External Secrets Operator
201
-
202
- ```yaml
203
- apiVersion: external-secrets.io/v1beta1
204
- kind: SecretStore
205
- metadata:
206
- name: vault-backend
207
- spec:
208
- provider:
209
- vault:
210
- server: "https://vault.example.com"
211
- path: "secret"
212
- auth:
213
- kubernetes:
214
- role: "app-role"
215
- ---
216
- apiVersion: external-secrets.io/v1beta1
217
- kind: ExternalSecret
218
- metadata:
219
- name: app-secrets
220
- spec:
221
- refreshInterval: 1h
222
- secretStoreRef:
223
- name: vault-backend
224
- target:
225
- name: app-secrets
226
- data:
227
- - secretKey: api_key
228
- remoteRef:
229
- key: secret/app/config
230
- property: api_key
231
- ```
232
-
233
- ## Security Monitoring
234
-
235
- ### SIEM Log Shipping (Filebeat)
236
-
237
- ```yaml
238
- filebeat.inputs:
239
- - type: log
240
- paths:
241
- - /var/log/auth.log
242
- - /var/log/nginx/*.log
243
- fields:
244
- environment: production
245
-
246
- output.elasticsearch:
247
- hosts: ["elasticsearch:9200"]
248
- index: "security-logs-%{+yyyy.MM.dd}"
249
- ```
250
-
251
- ## Quick Reference
252
-
253
- | Area | Tool | Purpose |
254
- |------|------|---------|
255
- | Cloud Security | Prowler, ScoutSuite | AWS/Azure/GCP audit |
256
- | Container | Trivy, Clair | Image scanning |
257
- | IaC | Checkov, tfsec | Terraform/CloudFormation |
258
- | Secrets | Vault, Sealed Secrets | Secret management |
259
- | Compliance | InSpec, OpenSCAP | CIS benchmarks |
260
- | Monitoring | ELK, Splunk | SIEM |
261
-
262
- | Framework | Focus | Key Controls |
263
- |-----------|-------|--------------|
264
- | SOC 2 | Security controls | Access, encryption, monitoring |
265
- | ISO 27001 | ISMS | Policy, risk, audit |
266
- | PCI DSS | Payment security | Network segmentation, encryption |
267
- | HIPAA | Healthcare | Encryption, access logs |
268
- | GDPR | Data privacy | Consent, retention, DLP |
package/skills/security-reviewer/references/penetration-testing.md DELETED
@@ -1,268 +0,0 @@
1
- # Penetration Testing
2
-
3
- ## Reconnaissance
4
-
5
- ### Passive Information Gathering
6
-
7
- ```bash
8
- # DNS enumeration
9
- dig example.com ANY
10
- nslookup -type=any example.com
11
-
12
- # Subdomain discovery
13
- subfinder -d example.com
14
- amass enum -d example.com
15
-
16
- # Certificate transparency
17
- curl -s "https://crt.sh/?q=%.example.com&output=json"
18
- ```
19
-
20
- ### Active Scanning
21
-
22
- ```bash
23
- # Port scanning
24
- nmap -sV -p- target.com
25
- nmap -sC -sV -oA scan target.com
26
-
27
- # Web technology detection
28
- whatweb target.com
29
- ```
30
-
31
- ## Web Application Testing
32
-
33
- ### Authentication & Authorization
34
-
35
- ```bash
36
- # Session analysis - Check for:
37
- # - Session timeout, Secure/HttpOnly flags
38
- # - Session fixation, concurrent sessions
39
-
40
- # IDOR testing
41
- GET /api/users/123 # Your ID
42
- GET /api/users/124 # Another user - should fail
43
-
44
- # Privilege escalation
45
- GET /api/admin/users # As standard user
46
- ```
47
-
48
- ### Input Validation
49
-
50
- ```bash
51
- # SQL injection
52
- sqlmap -u "http://target.com/search?q=test" --batch
53
-
54
- # XSS payloads
55
- <script>alert(document.domain)</script>
56
- <img src=x onerror=alert(1)>
57
- <svg onload=alert(1)>
58
-
59
- # Command injection
60
- ; ls -la
61
- | whoami
62
- $(whoami)
63
-
64
- # XXE
65
- <?xml version="1.0"?>
66
- <!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
67
- <root>&xxe;</root>
68
- ```
69
-
70
- ## API Security Testing
71
-
72
- ### JWT & Token Security
73
-
74
- ```bash
75
- # Decode JWT
76
- echo "eyJ..." | base64 -d
77
-
78
- # Test none algorithm
79
- # Modify header: {"alg": "none"}
80
-
81
- # Weak secret brute force
82
- hashcat -m 16500 jwt.txt wordlist.txt
83
- ```
84
-
85
- ### Rate Limiting & Data Exposure
86
-
87
- ```bash
88
- # Test rate limits
89
- for i in {1..1000}; do
90
- curl https://api.target.com/login -d "user=test&pass=test"
91
- done
92
-
93
- # Check for excessive data exposure
94
- GET /api/users/me
95
- # Look for: password hashes, internal IDs, sensitive PII
96
-
97
- # Mass assignment
98
- POST /api/users/profile
99
- {"email": "new@email.com", "isAdmin": true}
100
- ```
101
-
102
- ## Network Penetration
103
-
104
- ### Privilege Escalation (Linux)
105
-
106
- ```bash
107
- # SUID binaries
108
- find / -perm -4000 -type f 2>/dev/null
109
-
110
- # Sudo permissions
111
- sudo -l
112
-
113
- # Writable paths in PATH
114
- echo $PATH | tr ':' '\n' | xargs -I {} ls -ld {}
115
-
116
- # Kernel exploits
117
- uname -a
118
- searchsploit linux kernel $(uname -r)
119
- ```
120
-
121
- ### Lateral Movement
122
-
123
- ```bash
124
- # Network enumeration
125
- arp -a
126
- netstat -ant
127
-
128
- # Service discovery
129
- nmap -sV 192.168.1.0/24
130
-
131
- # Credential harvesting
132
- grep -r "password" /home/*/
133
- cat ~/.bash_history | grep -i "pass\|pwd\|secret"
134
- ```
135
-
136
- ## Mobile Application Testing
137
-
138
- ### Android
139
-
140
- ```bash
141
- # Decompile APK
142
- apktool d app.apk
143
- jadx -d output app.apk
144
-
145
- # Check for secrets
146
- grep -r "api_key\|secret\|password" .
147
-
148
- # Insecure storage
149
- adb shell
150
- run-as com.app.package
151
- find . -type f -exec cat {} \;
152
- ```
153
-
154
- ### iOS
155
-
156
- ```bash
157
- # Class dump
158
- class-dump App.app
159
-
160
- # Check data storage
161
- sqlite3 /var/mobile/Applications/.../Library/Caches/data.db
162
- ```
163
-
164
- ## Cloud Security Testing
165
-
166
- ### AWS
167
-
168
- ```bash
169
- # S3 bucket enumeration
170
- aws s3 ls s3://bucket-name --no-sign-request
171
- aws s3api get-bucket-acl --bucket bucket-name
172
-
173
- # IAM enumeration
174
- aws iam get-user
175
- aws iam list-attached-user-policies --user-name username
176
- ```
177
-
178
- ### Container & Kubernetes
179
-
180
- ```bash
181
- # Docker escape testing
182
- docker inspect container_id | grep -i privileged
183
- docker inspect container_id | grep -A 5 Mounts
184
-
185
- # Kubernetes
186
- kubectl get pods --all-namespaces
187
- kubectl get secrets --all-namespaces
188
- kubectl auth can-i --list
189
- ```
190
-
191
- ## Exploitation Validation
192
-
193
- ### Proof of Concept Guidelines
194
-
195
- ```python
196
- # Always demonstrate impact SAFELY
197
-
198
- # SQL injection PoC
199
- # DON'T: Extract actual data
200
- # DO: Prove injection with sleep
201
- payload = "' OR SLEEP(5)--"
202
-
203
- # DON'T: Delete/modify production data
204
- # DO: Show you COULD with SELECT
205
- payload = "' UNION SELECT 'proof_of_concept'--"
206
- ```
207
-
208
- ### Rules of Engagement
209
-
210
- 1. **Scope verification** - Only test authorized targets
211
- 2. **Time windows** - Respect testing hours
212
- 3. **DoS prevention** - Avoid resource exhaustion
213
- 4. **Data handling** - Don't exfiltrate real data
214
- 5. **Stop on discovery** - Don't exploit beyond proof
215
- 6. **Immediate reporting** - Report critical findings ASAP
216
- 7. **Documentation** - Record all actions
217
- 8. **Cleanup** - Remove test artifacts
218
-
219
- ## Vulnerability Classification
220
-
221
- ### Severity Scoring
222
-
223
- | Severity | Exploitability | Impact | CVSS Range |
224
- |----------|---------------|---------|------------|
225
- | Critical | Easy | Full compromise | 9.0-10.0 |
226
- | High | Medium | Significant access | 7.0-8.9 |
227
- | Medium | Hard | Limited access | 4.0-6.9 |
228
- | Low | Very hard | Minimal impact | 0.1-3.9 |
229
-
230
- ### Impact Assessment
231
-
232
- - **Critical**: Remote code execution, full data access, admin takeover
233
- - **High**: Authentication bypass, privilege escalation, sensitive data exposure
234
- - **Medium**: CSRF, XSS (non-admin), information disclosure
235
- - **Low**: Missing security headers, verbose errors, rate limiting issues
236
-
237
- ## Testing Checklist
238
-
239
- ### OWASP Top 10 Coverage
240
-
241
- - [ ] Broken Access Control (IDOR, path traversal)
242
- - [ ] Cryptographic Failures (weak encryption, plaintext)
243
- - [ ] Injection (SQL, XSS, command)
244
- - [ ] Insecure Design (missing auth flows)
245
- - [ ] Security Misconfiguration (defaults, debug mode)
246
- - [ ] Vulnerable Components (outdated dependencies)
247
- - [ ] Authentication Failures (weak passwords, session issues)
248
- - [ ] Data Integrity (deserialization, lack of verification)
249
- - [ ] Logging Failures (missing logs, exposed sensitive data)
250
- - [ ] SSRF (unvalidated URLs)
251
-
252
- ## Quick Reference
253
-
254
- | Test Type | Tools | Focus |
255
- |-----------|-------|-------|
256
- | Web App | Burp Suite, OWASP ZAP | OWASP Top 10 |
257
- | API | Postman, curl | AuthN/AuthZ, data exposure |
258
- | Network | nmap, Metasploit | Services, exploits |
259
- | Mobile | MobSF, Frida | Data storage, crypto |
260
- | Cloud | ScoutSuite, Prowler | Misconfigurations |
261
-
262
- | Finding Type | Validation Method | Evidence Required |
263
- |--------------|------------------|-------------------|
264
- | SQL Injection | Sleep-based, error-based | Request/response, timing |
265
- | XSS | Alert box, DOM manipulation | Screenshot, payload |
266
- | IDOR | Access other user's resource | Two user accounts, IDs |
267
- | Auth Bypass | Unauthorized access | Before/after screenshots |
268
- | RCE | Command output (safe) | Whoami, id command output |