aigroup-workflow 2.1.2 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (916) hide show
  1. package/.codex/AGENTS.md +1 -1
  2. package/CLAUDE.md +1 -4
  3. package/README.md +333 -333
  4. package/cli/commands/init.mjs +20 -6
  5. package/cli/utils/scaffold.mjs +39 -9
  6. package/docs/red-flags.md +1 -1
  7. package/docs/rules/entropy.md +1 -1
  8. package/docs/rules/performance.md +1 -1
  9. package/docs/workflow-pipeline.md +8 -6
  10. package/manifests/install-modules.json +223 -133
  11. package/package.json +39 -39
  12. package/scripts/hooks/checks/orchestration-artifacts.cjs +28 -23
  13. package/scripts/hooks/checks/workflow-state.cjs +4 -5
  14. package/scripts/orchestration/lib/orchestrator.cjs +353 -92
  15. package/scripts/orchestration/lib/validate.cjs +145 -0
  16. package/scripts/orchestration/session.cjs +100 -33
  17. package/skills/ai-ml/fine-tuning-expert/SKILL.md +162 -0
  18. package/skills/ai-ml/fine-tuning-expert/references/dataset-preparation.md +540 -0
  19. package/skills/ai-ml/fine-tuning-expert/references/deployment-optimization.md +673 -0
  20. package/skills/ai-ml/fine-tuning-expert/references/evaluation-metrics.md +597 -0
  21. package/skills/ai-ml/fine-tuning-expert/references/hyperparameter-tuning.md +565 -0
  22. package/skills/ai-ml/fine-tuning-expert/references/lora-peft.md +347 -0
  23. package/skills/ai-ml/ml-pipeline/SKILL.md +159 -0
  24. package/skills/ai-ml/ml-pipeline/references/experiment-tracking.md +833 -0
  25. package/skills/ai-ml/ml-pipeline/references/feature-engineering.md +631 -0
  26. package/skills/ai-ml/ml-pipeline/references/model-validation.md +978 -0
  27. package/skills/ai-ml/ml-pipeline/references/pipeline-orchestration.md +907 -0
  28. package/skills/ai-ml/ml-pipeline/references/training-pipelines.md +782 -0
  29. package/skills/ai-ml/rag-architect/SKILL.md +194 -0
  30. package/skills/ai-ml/rag-architect/references/chunking-strategies.md +878 -0
  31. package/skills/ai-ml/rag-architect/references/embedding-models.md +561 -0
  32. package/skills/ai-ml/rag-architect/references/rag-evaluation.md +833 -0
  33. package/skills/ai-ml/rag-architect/references/retrieval-optimization.md +795 -0
  34. package/skills/ai-ml/rag-architect/references/vector-databases.md +589 -0
  35. package/skills/ai-ml/spark-engineer/SKILL.md +148 -0
  36. package/skills/ai-ml/spark-engineer/references/partitioning-caching.md +543 -0
  37. package/skills/ai-ml/spark-engineer/references/performance-tuning.md +544 -0
  38. package/skills/ai-ml/spark-engineer/references/rdd-operations.md +599 -0
  39. package/skills/ai-ml/spark-engineer/references/spark-sql-dataframes.md +474 -0
  40. package/skills/ai-ml/spark-engineer/references/streaming-patterns.md +786 -0
  41. package/skills/backend/api-designer/SKILL.md +217 -0
  42. package/skills/backend/api-designer/references/error-handling.md +541 -0
  43. package/skills/backend/api-designer/references/openapi.md +824 -0
  44. package/skills/backend/api-designer/references/pagination.md +494 -0
  45. package/skills/backend/api-designer/references/rest-patterns.md +335 -0
  46. package/skills/backend/api-designer/references/versioning.md +391 -0
  47. package/skills/backend/architecture-designer/SKILL.md +117 -0
  48. package/skills/backend/architecture-designer/references/adr-template.md +116 -0
  49. package/skills/backend/architecture-designer/references/architecture-patterns.md +111 -0
  50. package/skills/backend/architecture-designer/references/database-selection.md +102 -0
  51. package/skills/backend/architecture-designer/references/nfr-checklist.md +112 -0
  52. package/skills/backend/architecture-designer/references/system-design.md +100 -0
  53. package/skills/backend/code-documenter/SKILL.md +147 -0
  54. package/skills/backend/code-documenter/references/api-docs-fastapi-django.md +166 -0
  55. package/skills/backend/code-documenter/references/api-docs-nestjs-express.md +220 -0
  56. package/skills/backend/code-documenter/references/coverage-reports.md +125 -0
  57. package/skills/backend/code-documenter/references/documentation-systems.md +333 -0
  58. package/skills/backend/code-documenter/references/interactive-api-docs.md +531 -0
  59. package/skills/backend/code-documenter/references/python-docstrings.md +121 -0
  60. package/skills/backend/code-documenter/references/typescript-jsdoc.md +145 -0
  61. package/skills/backend/code-documenter/references/user-guides-tutorials.md +530 -0
  62. package/skills/backend/debugging-wizard/SKILL.md +105 -0
  63. package/skills/backend/debugging-wizard/references/common-patterns.md +132 -0
  64. package/skills/backend/debugging-wizard/references/debugging-tools.md +140 -0
  65. package/skills/backend/debugging-wizard/references/quick-fixes.md +177 -0
  66. package/skills/backend/debugging-wizard/references/strategies.md +142 -0
  67. package/skills/backend/debugging-wizard/references/systematic-debugging.md +367 -0
  68. package/skills/backend/feature-forge/SKILL.md +98 -0
  69. package/skills/backend/feature-forge/references/acceptance-criteria.md +104 -0
  70. package/skills/backend/feature-forge/references/ears-syntax.md +99 -0
  71. package/skills/backend/feature-forge/references/interview-questions.md +150 -0
  72. package/skills/backend/feature-forge/references/pre-discovery-subagents.md +54 -0
  73. package/skills/backend/feature-forge/references/specification-template.md +103 -0
  74. package/skills/backend/fullstack-guardian/SKILL.md +105 -0
  75. package/skills/backend/fullstack-guardian/references/api-design-standards.md +307 -0
  76. package/skills/backend/fullstack-guardian/references/architecture-decisions.md +350 -0
  77. package/skills/backend/fullstack-guardian/references/backend-patterns.md +237 -0
  78. package/skills/backend/fullstack-guardian/references/common-patterns.md +134 -0
  79. package/skills/backend/fullstack-guardian/references/deliverables-checklist.md +354 -0
  80. package/skills/backend/fullstack-guardian/references/design-template.md +91 -0
  81. package/skills/backend/fullstack-guardian/references/error-handling.md +135 -0
  82. package/skills/backend/fullstack-guardian/references/frontend-patterns.md +340 -0
  83. package/skills/backend/fullstack-guardian/references/integration-patterns.md +333 -0
  84. package/skills/backend/fullstack-guardian/references/security-checklist.md +106 -0
  85. package/skills/backend/graphql-architect/SKILL.md +146 -0
  86. package/skills/backend/graphql-architect/references/federation.md +418 -0
  87. package/skills/backend/graphql-architect/references/migration-from-rest.md +1141 -0
  88. package/skills/backend/graphql-architect/references/resolvers.md +425 -0
  89. package/skills/backend/graphql-architect/references/schema-design.md +393 -0
  90. package/skills/backend/graphql-architect/references/security.md +569 -0
  91. package/skills/backend/graphql-architect/references/subscriptions.md +510 -0
  92. package/skills/backend/legacy-modernizer/SKILL.md +137 -0
  93. package/skills/backend/legacy-modernizer/references/legacy-testing.md +381 -0
  94. package/skills/backend/legacy-modernizer/references/migration-strategies.md +423 -0
  95. package/skills/backend/legacy-modernizer/references/refactoring-patterns.md +395 -0
  96. package/skills/backend/legacy-modernizer/references/strangler-fig-pattern.md +281 -0
  97. package/skills/backend/legacy-modernizer/references/system-assessment.md +487 -0
  98. package/skills/backend/microservices-architect/SKILL.md +164 -0
  99. package/skills/backend/microservices-architect/references/communication.md +499 -0
  100. package/skills/backend/microservices-architect/references/data.md +721 -0
  101. package/skills/backend/microservices-architect/references/decomposition.md +344 -0
  102. package/skills/backend/microservices-architect/references/observability.md +805 -0
  103. package/skills/backend/microservices-architect/references/patterns.md +603 -0
  104. package/skills/database/database-optimizer/SKILL.md +147 -0
  105. package/skills/database/database-optimizer/references/index-strategies.md +331 -0
  106. package/skills/database/database-optimizer/references/monitoring-analysis.md +501 -0
  107. package/skills/database/database-optimizer/references/mysql-tuning.md +452 -0
  108. package/skills/database/database-optimizer/references/postgresql-tuning.md +413 -0
  109. package/skills/database/database-optimizer/references/query-optimization.md +251 -0
  110. package/skills/database/postgres-pro/SKILL.md +152 -0
  111. package/skills/database/postgres-pro/references/extensions.md +404 -0
  112. package/skills/database/postgres-pro/references/jsonb.md +321 -0
  113. package/skills/database/postgres-pro/references/maintenance.md +481 -0
  114. package/skills/database/postgres-pro/references/performance.md +265 -0
  115. package/skills/database/postgres-pro/references/replication.md +446 -0
  116. package/skills/database/sql-pro/SKILL.md +129 -0
  117. package/skills/database/sql-pro/references/database-design.md +402 -0
  118. package/skills/database/sql-pro/references/dialect-differences.md +419 -0
  119. package/skills/database/sql-pro/references/optimization.md +384 -0
  120. package/skills/database/sql-pro/references/query-patterns.md +285 -0
  121. package/skills/database/sql-pro/references/window-functions.md +328 -0
  122. package/skills/dotnet/csharp-developer/SKILL.md +125 -0
  123. package/skills/dotnet/csharp-developer/references/aspnet-core.md +394 -0
  124. package/skills/dotnet/csharp-developer/references/blazor.md +553 -0
  125. package/skills/dotnet/csharp-developer/references/entity-framework.md +409 -0
  126. package/skills/dotnet/csharp-developer/references/modern-csharp.md +248 -0
  127. package/skills/dotnet/csharp-developer/references/performance.md +498 -0
  128. package/skills/dotnet/dotnet-core-expert/SKILL.md +138 -0
  129. package/skills/dotnet/dotnet-core-expert/references/authentication.md +546 -0
  130. package/skills/dotnet/dotnet-core-expert/references/clean-architecture.md +455 -0
  131. package/skills/dotnet/dotnet-core-expert/references/cloud-native.md +548 -0
  132. package/skills/dotnet/dotnet-core-expert/references/entity-framework.md +440 -0
  133. package/skills/dotnet/dotnet-core-expert/references/minimal-apis.md +319 -0
  134. package/skills/frontend/angular-architect/SKILL.md +152 -0
  135. package/skills/frontend/angular-architect/references/components.md +297 -0
  136. package/skills/frontend/angular-architect/references/ngrx.md +401 -0
  137. package/skills/frontend/angular-architect/references/routing.md +361 -0
  138. package/skills/frontend/angular-architect/references/rxjs.md +319 -0
  139. package/skills/frontend/angular-architect/references/testing.md +405 -0
  140. package/skills/frontend/flutter-expert/SKILL.md +138 -0
  141. package/skills/frontend/flutter-expert/references/bloc-state.md +259 -0
  142. package/skills/frontend/flutter-expert/references/gorouter-navigation.md +119 -0
  143. package/skills/frontend/flutter-expert/references/performance.md +99 -0
  144. package/skills/frontend/flutter-expert/references/project-structure.md +118 -0
  145. package/skills/frontend/flutter-expert/references/riverpod-state.md +130 -0
  146. package/skills/frontend/flutter-expert/references/widget-patterns.md +123 -0
  147. package/skills/frontend/nextjs-developer/SKILL.md +143 -0
  148. package/skills/frontend/nextjs-developer/references/app-router.md +311 -0
  149. package/skills/frontend/nextjs-developer/references/data-fetching.md +482 -0
  150. package/skills/frontend/nextjs-developer/references/deployment.md +545 -0
  151. package/skills/frontend/nextjs-developer/references/server-actions.md +462 -0
  152. package/skills/frontend/nextjs-developer/references/server-components.md +384 -0
  153. package/skills/frontend/react-expert/SKILL.md +149 -0
  154. package/skills/frontend/react-expert/references/hooks-patterns.md +162 -0
  155. package/skills/frontend/react-expert/references/migration-class-to-modern.md +1119 -0
  156. package/skills/frontend/react-expert/references/performance.md +168 -0
  157. package/skills/frontend/react-expert/references/react-19-features.md +174 -0
  158. package/skills/frontend/react-expert/references/server-components.md +143 -0
  159. package/skills/frontend/react-expert/references/state-management.md +171 -0
  160. package/skills/frontend/react-expert/references/testing-react.md +174 -0
  161. package/skills/frontend/react-native-expert/SKILL.md +185 -0
  162. package/skills/frontend/react-native-expert/references/expo-router.md +187 -0
  163. package/skills/frontend/react-native-expert/references/list-optimization.md +204 -0
  164. package/skills/frontend/react-native-expert/references/platform-handling.md +188 -0
  165. package/skills/frontend/react-native-expert/references/project-structure.md +171 -0
  166. package/skills/frontend/react-native-expert/references/storage-hooks.md +173 -0
  167. package/skills/frontend/vue-expert/SKILL.md +98 -0
  168. package/skills/frontend/vue-expert/references/build-tooling.md +480 -0
  169. package/skills/frontend/vue-expert/references/components.md +448 -0
  170. package/skills/frontend/vue-expert/references/composition-api.md +299 -0
  171. package/skills/frontend/vue-expert/references/mobile-hybrid.md +636 -0
  172. package/skills/frontend/vue-expert/references/nuxt.md +669 -0
  173. package/skills/frontend/vue-expert/references/state-management.md +449 -0
  174. package/skills/frontend/vue-expert/references/typescript.md +584 -0
  175. package/skills/frontend/vue-expert-js/SKILL.md +167 -0
  176. package/skills/frontend/vue-expert-js/references/component-architecture.md +219 -0
  177. package/skills/frontend/vue-expert-js/references/composables-patterns.md +183 -0
  178. package/skills/frontend/vue-expert-js/references/jsdoc-typing.md +535 -0
  179. package/skills/frontend/vue-expert-js/references/state-management.md +249 -0
  180. package/skills/frontend/vue-expert-js/references/testing-patterns.md +237 -0
  181. package/skills/go-rust-cpp/cpp-pro/SKILL.md +115 -0
  182. package/skills/go-rust-cpp/cpp-pro/references/build-tooling.md +440 -0
  183. package/skills/go-rust-cpp/cpp-pro/references/concurrency.md +437 -0
  184. package/skills/go-rust-cpp/cpp-pro/references/memory-performance.md +397 -0
  185. package/skills/go-rust-cpp/cpp-pro/references/modern-cpp.md +304 -0
  186. package/skills/go-rust-cpp/cpp-pro/references/templates.md +357 -0
  187. package/skills/go-rust-cpp/golang-pro/SKILL.md +122 -0
  188. package/skills/go-rust-cpp/golang-pro/references/concurrency.md +329 -0
  189. package/skills/go-rust-cpp/golang-pro/references/generics.md +442 -0
  190. package/skills/go-rust-cpp/golang-pro/references/interfaces.md +432 -0
  191. package/skills/go-rust-cpp/golang-pro/references/project-structure.md +477 -0
  192. package/skills/go-rust-cpp/golang-pro/references/testing.md +451 -0
  193. package/skills/go-rust-cpp/rust-engineer/SKILL.md +167 -0
  194. package/skills/go-rust-cpp/rust-engineer/references/async.md +458 -0
  195. package/skills/go-rust-cpp/rust-engineer/references/error-handling.md +334 -0
  196. package/skills/go-rust-cpp/rust-engineer/references/ownership.md +278 -0
  197. package/skills/go-rust-cpp/rust-engineer/references/testing.md +470 -0
  198. package/skills/go-rust-cpp/rust-engineer/references/traits.md +413 -0
  199. package/skills/infra/cli-developer/SKILL.md +113 -0
  200. package/skills/infra/cli-developer/references/design-patterns.md +221 -0
  201. package/skills/infra/cli-developer/references/go-cli.md +540 -0
  202. package/skills/infra/cli-developer/references/node-cli.md +383 -0
  203. package/skills/infra/cli-developer/references/python-cli.md +422 -0
  204. package/skills/infra/cli-developer/references/ux-patterns.md +448 -0
  205. package/skills/infra/cloud-architect/SKILL.md +216 -0
  206. package/skills/infra/cloud-architect/references/aws.md +394 -0
  207. package/skills/infra/cloud-architect/references/azure.md +562 -0
  208. package/skills/infra/cloud-architect/references/cost.md +582 -0
  209. package/skills/infra/cloud-architect/references/gcp.md +633 -0
  210. package/skills/infra/cloud-architect/references/multi-cloud.md +483 -0
  211. package/skills/infra/devops-engineer/SKILL.md +144 -0
  212. package/skills/infra/devops-engineer/references/deployment-strategies.md +241 -0
  213. package/skills/infra/devops-engineer/references/docker-patterns.md +113 -0
  214. package/skills/infra/devops-engineer/references/github-actions.md +139 -0
  215. package/skills/infra/devops-engineer/references/incident-response.md +331 -0
  216. package/skills/infra/devops-engineer/references/kubernetes.md +154 -0
  217. package/skills/infra/devops-engineer/references/platform-engineering.md +417 -0
  218. package/skills/infra/devops-engineer/references/release-automation.md +527 -0
  219. package/skills/infra/devops-engineer/references/terraform-iac.md +141 -0
  220. package/skills/infra/kubernetes-specialist/SKILL.md +241 -0
  221. package/skills/infra/kubernetes-specialist/references/configuration.md +452 -0
  222. package/skills/infra/kubernetes-specialist/references/cost-optimization.md +458 -0
  223. package/skills/infra/kubernetes-specialist/references/custom-operators.md +563 -0
  224. package/skills/infra/kubernetes-specialist/references/gitops.md +530 -0
  225. package/skills/infra/kubernetes-specialist/references/helm-charts.md +912 -0
  226. package/skills/infra/kubernetes-specialist/references/multi-cluster.md +507 -0
  227. package/skills/infra/kubernetes-specialist/references/networking.md +447 -0
  228. package/skills/infra/kubernetes-specialist/references/service-mesh.md +459 -0
  229. package/skills/infra/kubernetes-specialist/references/storage.md +535 -0
  230. package/skills/infra/kubernetes-specialist/references/troubleshooting.md +414 -0
  231. package/skills/infra/kubernetes-specialist/references/workloads.md +377 -0
  232. package/skills/infra/mcp-developer/SKILL.md +143 -0
  233. package/skills/infra/mcp-developer/references/protocol.md +244 -0
  234. package/skills/infra/mcp-developer/references/python-sdk.md +367 -0
  235. package/skills/infra/mcp-developer/references/resources.md +554 -0
  236. package/skills/infra/mcp-developer/references/tools.md +480 -0
  237. package/skills/infra/mcp-developer/references/typescript-sdk.md +350 -0
  238. package/skills/infra/monitoring-expert/SKILL.md +176 -0
  239. package/skills/infra/monitoring-expert/references/alerting-rules.md +141 -0
  240. package/skills/infra/monitoring-expert/references/application-profiling.md +331 -0
  241. package/skills/infra/monitoring-expert/references/capacity-planning.md +344 -0
  242. package/skills/infra/monitoring-expert/references/dashboards.md +126 -0
  243. package/skills/infra/monitoring-expert/references/opentelemetry.md +123 -0
  244. package/skills/infra/monitoring-expert/references/performance-testing.md +269 -0
  245. package/skills/infra/monitoring-expert/references/prometheus-metrics.md +136 -0
  246. package/skills/infra/monitoring-expert/references/structured-logging.md +142 -0
  247. package/skills/infra/sre-engineer/SKILL.md +181 -0
  248. package/skills/infra/sre-engineer/references/automation-toil.md +492 -0
  249. package/skills/infra/sre-engineer/references/error-budget-policy.md +334 -0
  250. package/skills/infra/sre-engineer/references/incident-chaos.md +576 -0
  251. package/skills/infra/sre-engineer/references/monitoring-alerting.md +424 -0
  252. package/skills/infra/sre-engineer/references/slo-sli-management.md +238 -0
  253. package/skills/infra/terraform-engineer/SKILL.md +143 -0
  254. package/skills/infra/terraform-engineer/references/best-practices.md +583 -0
  255. package/skills/infra/terraform-engineer/references/module-patterns.md +297 -0
  256. package/skills/infra/terraform-engineer/references/providers.md +452 -0
  257. package/skills/infra/terraform-engineer/references/state-management.md +371 -0
  258. package/skills/infra/terraform-engineer/references/testing.md +486 -0
  259. package/skills/infra/websocket-engineer/SKILL.md +168 -0
  260. package/skills/infra/websocket-engineer/references/alternatives.md +391 -0
  261. package/skills/infra/websocket-engineer/references/patterns.md +400 -0
  262. package/skills/infra/websocket-engineer/references/protocol.md +195 -0
  263. package/skills/infra/websocket-engineer/references/scaling.md +333 -0
  264. package/skills/infra/websocket-engineer/references/security.md +474 -0
  265. package/skills/java/java-architect/SKILL.md +132 -0
  266. package/skills/java/java-architect/references/jpa-optimization.md +393 -0
  267. package/skills/java/java-architect/references/reactive-webflux.md +356 -0
  268. package/skills/java/java-architect/references/spring-boot-setup.md +269 -0
  269. package/skills/java/java-architect/references/spring-security.md +445 -0
  270. package/skills/java/java-architect/references/testing-patterns.md +500 -0
  271. package/skills/java/kotlin-specialist/SKILL.md +147 -0
  272. package/skills/java/kotlin-specialist/references/android-compose.md +419 -0
  273. package/skills/java/kotlin-specialist/references/coroutines-flow.md +276 -0
  274. package/skills/java/kotlin-specialist/references/dsl-idioms.md +421 -0
  275. package/skills/java/kotlin-specialist/references/ktor-server.md +426 -0
  276. package/skills/java/kotlin-specialist/references/multiplatform-kmp.md +380 -0
  277. package/skills/java/spring-boot-engineer/SKILL.md +195 -0
  278. package/skills/java/spring-boot-engineer/references/cloud.md +498 -0
  279. package/skills/java/spring-boot-engineer/references/data.md +381 -0
  280. package/skills/java/spring-boot-engineer/references/security.md +459 -0
  281. package/skills/java/spring-boot-engineer/references/testing.md +545 -0
  282. package/skills/java/spring-boot-engineer/references/web.md +295 -0
  283. package/skills/javascript/javascript-pro/SKILL.md +132 -0
  284. package/skills/javascript/javascript-pro/references/async-patterns.md +334 -0
  285. package/skills/javascript/javascript-pro/references/browser-apis.md +398 -0
  286. package/skills/javascript/javascript-pro/references/modern-syntax.md +272 -0
  287. package/skills/javascript/javascript-pro/references/modules.md +357 -0
  288. package/skills/javascript/javascript-pro/references/node-essentials.md +471 -0
  289. package/skills/javascript/nestjs-expert/SKILL.md +206 -0
  290. package/skills/javascript/nestjs-expert/references/authentication.md +166 -0
  291. package/skills/javascript/nestjs-expert/references/controllers-routing.md +111 -0
  292. package/skills/javascript/nestjs-expert/references/dtos-validation.md +153 -0
  293. package/skills/javascript/nestjs-expert/references/migration-from-express.md +1237 -0
  294. package/skills/javascript/nestjs-expert/references/services-di.md +140 -0
  295. package/skills/javascript/nestjs-expert/references/testing-patterns.md +186 -0
  296. package/skills/javascript/typescript-pro/SKILL.md +145 -0
  297. package/skills/javascript/typescript-pro/references/advanced-types.md +259 -0
  298. package/skills/javascript/typescript-pro/references/configuration.md +445 -0
  299. package/skills/javascript/typescript-pro/references/patterns.md +484 -0
  300. package/skills/javascript/typescript-pro/references/type-guards.md +352 -0
  301. package/skills/javascript/typescript-pro/references/utility-types.md +329 -0
  302. package/skills/php/laravel-specialist/SKILL.md +262 -0
  303. package/skills/php/laravel-specialist/references/eloquent.md +351 -0
  304. package/skills/php/laravel-specialist/references/livewire.md +512 -0
  305. package/skills/php/laravel-specialist/references/queues.md +423 -0
  306. package/skills/php/laravel-specialist/references/routing.md +362 -0
  307. package/skills/php/laravel-specialist/references/testing.md +522 -0
  308. package/skills/php/php-pro/SKILL.md +206 -0
  309. package/skills/php/php-pro/references/async-patterns.md +412 -0
  310. package/skills/php/php-pro/references/laravel-patterns.md +377 -0
  311. package/skills/php/php-pro/references/modern-php-features.md +323 -0
  312. package/skills/php/php-pro/references/symfony-patterns.md +466 -0
  313. package/skills/php/php-pro/references/testing-quality.md +466 -0
  314. package/skills/python/django-expert/SKILL.md +162 -0
  315. package/skills/python/django-expert/references/authentication.md +145 -0
  316. package/skills/python/django-expert/references/drf-serializers.md +148 -0
  317. package/skills/python/django-expert/references/models-orm.md +151 -0
  318. package/skills/python/django-expert/references/testing-django.md +204 -0
  319. package/skills/python/django-expert/references/viewsets-views.md +153 -0
  320. package/skills/python/fastapi-expert/SKILL.md +185 -0
  321. package/skills/python/fastapi-expert/references/async-sqlalchemy.md +146 -0
  322. package/skills/python/fastapi-expert/references/authentication.md +159 -0
  323. package/skills/python/fastapi-expert/references/endpoints-routing.md +142 -0
  324. package/skills/python/fastapi-expert/references/migration-from-django.md +997 -0
  325. package/skills/python/fastapi-expert/references/pydantic-v2.md +135 -0
  326. package/skills/python/fastapi-expert/references/testing-async.md +159 -0
  327. package/skills/python/pandas-pro/SKILL.md +178 -0
  328. package/skills/python/pandas-pro/references/aggregation-groupby.md +545 -0
  329. package/skills/python/pandas-pro/references/data-cleaning.md +500 -0
  330. package/skills/python/pandas-pro/references/dataframe-operations.md +420 -0
  331. package/skills/python/pandas-pro/references/merging-joining.md +596 -0
  332. package/skills/python/pandas-pro/references/performance-optimization.md +597 -0
  333. package/skills/python/python-pro/SKILL.md +177 -0
  334. package/skills/python/python-pro/references/async-patterns.md +356 -0
  335. package/skills/python/python-pro/references/packaging.md +460 -0
  336. package/skills/python/python-pro/references/standard-library.md +378 -0
  337. package/skills/python/python-pro/references/testing.md +404 -0
  338. package/skills/python/python-pro/references/type-system.md +290 -0
  339. package/skills/quality/chaos-engineer/SKILL.md +182 -0
  340. package/skills/quality/chaos-engineer/references/chaos-tools.md +511 -0
  341. package/skills/quality/chaos-engineer/references/experiment-design.md +229 -0
  342. package/skills/quality/chaos-engineer/references/game-days.md +434 -0
  343. package/skills/quality/chaos-engineer/references/infrastructure-chaos.md +348 -0
  344. package/skills/quality/chaos-engineer/references/kubernetes-chaos.md +432 -0
  345. package/skills/quality/code-reviewer/SKILL.md +119 -0
  346. package/skills/quality/code-reviewer/references/common-issues.md +142 -0
  347. package/skills/quality/code-reviewer/references/feedback-examples.md +144 -0
  348. package/skills/quality/code-reviewer/references/receiving-feedback.md +238 -0
  349. package/skills/quality/code-reviewer/references/report-template.md +109 -0
  350. package/skills/quality/code-reviewer/references/review-checklist.md +88 -0
  351. package/skills/quality/code-reviewer/references/spec-compliance-review.md +258 -0
  352. package/skills/quality/playwright-expert/SKILL.md +169 -0
  353. package/skills/quality/playwright-expert/references/api-mocking.md +140 -0
  354. package/skills/quality/playwright-expert/references/configuration.md +155 -0
  355. package/skills/quality/playwright-expert/references/debugging-flaky.md +150 -0
  356. package/skills/quality/playwright-expert/references/page-object-model.md +152 -0
  357. package/skills/quality/playwright-expert/references/selectors-locators.md +119 -0
  358. package/skills/quality/secure-code-guardian/SKILL.md +191 -0
  359. package/skills/quality/secure-code-guardian/references/authentication.md +136 -0
  360. package/skills/quality/secure-code-guardian/references/input-validation.md +146 -0
  361. package/skills/quality/secure-code-guardian/references/owasp-prevention.md +135 -0
  362. package/skills/quality/secure-code-guardian/references/security-headers.md +133 -0
  363. package/skills/quality/secure-code-guardian/references/xss-csrf.md +157 -0
  364. package/skills/quality/security-reviewer/SKILL.md +103 -0
  365. package/skills/quality/security-reviewer/references/infrastructure-security.md +268 -0
  366. package/skills/quality/security-reviewer/references/penetration-testing.md +268 -0
  367. package/skills/quality/security-reviewer/references/report-template.md +170 -0
  368. package/skills/quality/security-reviewer/references/sast-tools.md +117 -0
  369. package/skills/quality/security-reviewer/references/secret-scanning.md +125 -0
  370. package/skills/quality/security-reviewer/references/vulnerability-patterns.md +152 -0
  371. package/skills/quality/tdd-guide/assets/sample_coverage_report.lcov +0 -0
  372. package/skills/quality/test-master/SKILL.md +94 -0
  373. package/skills/quality/test-master/references/automation-frameworks.md +294 -0
  374. package/skills/quality/test-master/references/e2e-testing.md +128 -0
  375. package/skills/quality/test-master/references/integration-testing.md +120 -0
  376. package/skills/quality/test-master/references/performance-testing.md +118 -0
  377. package/skills/quality/test-master/references/qa-methodology.md +247 -0
  378. package/skills/quality/test-master/references/security-testing.md +127 -0
  379. package/skills/quality/test-master/references/tdd-iron-laws.md +174 -0
  380. package/skills/quality/test-master/references/test-reports.md +104 -0
  381. package/skills/quality/test-master/references/testing-anti-patterns.md +231 -0
  382. package/skills/quality/test-master/references/unit-testing.md +113 -0
  383. package/skills/ruby/rails-expert/SKILL.md +154 -0
  384. package/skills/ruby/rails-expert/references/active-record.md +244 -0
  385. package/skills/ruby/rails-expert/references/api-development.md +401 -0
  386. package/skills/ruby/rails-expert/references/background-jobs.md +272 -0
  387. package/skills/ruby/rails-expert/references/hotwire-turbo.md +228 -0
  388. package/skills/ruby/rails-expert/references/rspec-testing.md +367 -0
  389. package/skills/swift/swift-expert/SKILL.md +163 -0
  390. package/skills/swift/swift-expert/references/async-concurrency.md +360 -0
  391. package/skills/swift/swift-expert/references/memory-performance.md +377 -0
  392. package/skills/swift/swift-expert/references/protocol-oriented.md +354 -0
  393. package/skills/swift/swift-expert/references/swiftui-patterns.md +291 -0
  394. package/skills/swift/swift-expert/references/testing-patterns.md +399 -0
  395. package/skills/workflow/brainstorming/SKILL.md +164 -0
  396. package/skills/workflow/brainstorming/scripts/helper.js +88 -0
  397. package/skills/workflow/brainstorming/scripts/start-server.sh +148 -0
  398. package/skills/workflow/brainstorming/scripts/stop-server.sh +56 -0
  399. package/skills/workflow/brainstorming/spec-document-reviewer-prompt.md +49 -0
  400. package/skills/workflow/brainstorming/visual-companion.md +287 -0
  401. package/skills/workflow/documentation/SKILL.md +45 -0
  402. package/skills/workflow/entropy-management/SKILL.md +115 -0
  403. package/skills/workflow/executing-plans/SKILL.md +70 -0
  404. package/skills/workflow/finishing-a-development-branch/SKILL.md +200 -0
  405. package/skills/workflow/receiving-code-review/SKILL.md +213 -0
  406. package/skills/workflow/requesting-code-review/SKILL.md +105 -0
  407. package/skills/workflow/requesting-code-review/code-reviewer.md +146 -0
  408. package/skills/workflow/requirement-engineering/SKILL.md +111 -0
  409. package/skills/workflow/systematic-debugging/CREATION-LOG.md +119 -0
  410. package/skills/workflow/systematic-debugging/SKILL.md +296 -0
  411. package/skills/workflow/systematic-debugging/condition-based-waiting-example.ts +158 -0
  412. package/skills/workflow/systematic-debugging/condition-based-waiting.md +115 -0
  413. package/skills/workflow/systematic-debugging/defense-in-depth.md +122 -0
  414. package/skills/workflow/systematic-debugging/find-polluter.sh +63 -0
  415. package/skills/workflow/systematic-debugging/root-cause-tracing.md +169 -0
  416. package/skills/workflow/systematic-debugging/test-academic.md +14 -0
  417. package/skills/workflow/systematic-debugging/test-pressure-1.md +58 -0
  418. package/skills/workflow/systematic-debugging/test-pressure-2.md +68 -0
  419. package/skills/workflow/systematic-debugging/test-pressure-3.md +69 -0
  420. package/skills/workflow/using-git-worktrees/SKILL.md +218 -0
  421. package/skills/workflow/verification-before-completion/SKILL.md +139 -0
  422. package/skills/workflow/writing-plans/SKILL.md +151 -0
  423. package/skills/workflow/writing-plans/plan-document-reviewer-prompt.md +49 -0
  424. package/skills/workflow/writing-skills/SKILL.md +655 -0
  425. package/skills/workflow/writing-skills/anthropic-best-practices.md +1150 -0
  426. package/skills/workflow/writing-skills/examples/CLAUDE_MD_TESTING.md +189 -0
  427. package/skills/workflow/writing-skills/graphviz-conventions.dot +0 -0
  428. package/skills/workflow/writing-skills/persuasion-principles.md +187 -0
  429. package/skills/workflow/writing-skills/render-graphs.js +168 -0
  430. package/skills/workflow/writing-skills/testing-skills-with-subagents.md +384 -0
  431. package/skills/angular-architect/SKILL.md +0 -152
  432. package/skills/angular-architect/references/components.md +0 -297
  433. package/skills/angular-architect/references/ngrx.md +0 -401
  434. package/skills/angular-architect/references/routing.md +0 -361
  435. package/skills/angular-architect/references/rxjs.md +0 -319
  436. package/skills/angular-architect/references/testing.md +0 -405
  437. package/skills/api-designer/SKILL.md +0 -217
  438. package/skills/api-designer/references/error-handling.md +0 -541
  439. package/skills/api-designer/references/openapi.md +0 -824
  440. package/skills/api-designer/references/pagination.md +0 -494
  441. package/skills/api-designer/references/rest-patterns.md +0 -335
  442. package/skills/api-designer/references/versioning.md +0 -391
  443. package/skills/architecture-designer/SKILL.md +0 -117
  444. package/skills/architecture-designer/references/adr-template.md +0 -116
  445. package/skills/architecture-designer/references/architecture-patterns.md +0 -111
  446. package/skills/architecture-designer/references/database-selection.md +0 -102
  447. package/skills/architecture-designer/references/nfr-checklist.md +0 -112
  448. package/skills/architecture-designer/references/system-design.md +0 -100
  449. package/skills/brainstorming/SKILL.md +0 -164
  450. package/skills/brainstorming/scripts/helper.js +0 -88
  451. package/skills/brainstorming/scripts/start-server.sh +0 -148
  452. package/skills/brainstorming/scripts/stop-server.sh +0 -56
  453. package/skills/brainstorming/spec-document-reviewer-prompt.md +0 -49
  454. package/skills/brainstorming/visual-companion.md +0 -287
  455. package/skills/chaos-engineer/SKILL.md +0 -182
  456. package/skills/chaos-engineer/references/chaos-tools.md +0 -511
  457. package/skills/chaos-engineer/references/experiment-design.md +0 -229
  458. package/skills/chaos-engineer/references/game-days.md +0 -434
  459. package/skills/chaos-engineer/references/infrastructure-chaos.md +0 -348
  460. package/skills/chaos-engineer/references/kubernetes-chaos.md +0 -432
  461. package/skills/cli-developer/SKILL.md +0 -113
  462. package/skills/cli-developer/references/design-patterns.md +0 -221
  463. package/skills/cli-developer/references/go-cli.md +0 -540
  464. package/skills/cli-developer/references/node-cli.md +0 -383
  465. package/skills/cli-developer/references/python-cli.md +0 -422
  466. package/skills/cli-developer/references/ux-patterns.md +0 -448
  467. package/skills/cloud-architect/SKILL.md +0 -216
  468. package/skills/cloud-architect/references/aws.md +0 -394
  469. package/skills/cloud-architect/references/azure.md +0 -562
  470. package/skills/cloud-architect/references/cost.md +0 -582
  471. package/skills/cloud-architect/references/gcp.md +0 -633
  472. package/skills/cloud-architect/references/multi-cloud.md +0 -483
  473. package/skills/code-documenter/SKILL.md +0 -147
  474. package/skills/code-documenter/references/api-docs-fastapi-django.md +0 -166
  475. package/skills/code-documenter/references/api-docs-nestjs-express.md +0 -220
  476. package/skills/code-documenter/references/coverage-reports.md +0 -125
  477. package/skills/code-documenter/references/documentation-systems.md +0 -333
  478. package/skills/code-documenter/references/interactive-api-docs.md +0 -531
  479. package/skills/code-documenter/references/python-docstrings.md +0 -121
  480. package/skills/code-documenter/references/typescript-jsdoc.md +0 -145
  481. package/skills/code-documenter/references/user-guides-tutorials.md +0 -530
  482. package/skills/code-reviewer/SKILL.md +0 -119
  483. package/skills/code-reviewer/references/common-issues.md +0 -142
  484. package/skills/code-reviewer/references/feedback-examples.md +0 -144
  485. package/skills/code-reviewer/references/receiving-feedback.md +0 -238
  486. package/skills/code-reviewer/references/report-template.md +0 -109
  487. package/skills/code-reviewer/references/review-checklist.md +0 -88
  488. package/skills/code-reviewer/references/spec-compliance-review.md +0 -258
  489. package/skills/cpp-pro/SKILL.md +0 -115
  490. package/skills/cpp-pro/references/build-tooling.md +0 -440
  491. package/skills/cpp-pro/references/concurrency.md +0 -437
  492. package/skills/cpp-pro/references/memory-performance.md +0 -397
  493. package/skills/cpp-pro/references/modern-cpp.md +0 -304
  494. package/skills/cpp-pro/references/templates.md +0 -357
  495. package/skills/csharp-developer/SKILL.md +0 -125
  496. package/skills/csharp-developer/references/aspnet-core.md +0 -394
  497. package/skills/csharp-developer/references/blazor.md +0 -553
  498. package/skills/csharp-developer/references/entity-framework.md +0 -409
  499. package/skills/csharp-developer/references/modern-csharp.md +0 -248
  500. package/skills/csharp-developer/references/performance.md +0 -498
  501. package/skills/database-optimizer/SKILL.md +0 -147
  502. package/skills/database-optimizer/references/index-strategies.md +0 -331
  503. package/skills/database-optimizer/references/monitoring-analysis.md +0 -501
  504. package/skills/database-optimizer/references/mysql-tuning.md +0 -452
  505. package/skills/database-optimizer/references/postgresql-tuning.md +0 -413
  506. package/skills/database-optimizer/references/query-optimization.md +0 -251
  507. package/skills/debugging-wizard/SKILL.md +0 -105
  508. package/skills/debugging-wizard/references/common-patterns.md +0 -132
  509. package/skills/debugging-wizard/references/debugging-tools.md +0 -140
  510. package/skills/debugging-wizard/references/quick-fixes.md +0 -177
  511. package/skills/debugging-wizard/references/strategies.md +0 -142
  512. package/skills/debugging-wizard/references/systematic-debugging.md +0 -367
  513. package/skills/devops-engineer/SKILL.md +0 -144
  514. package/skills/devops-engineer/references/deployment-strategies.md +0 -241
  515. package/skills/devops-engineer/references/docker-patterns.md +0 -113
  516. package/skills/devops-engineer/references/github-actions.md +0 -139
  517. package/skills/devops-engineer/references/incident-response.md +0 -331
  518. package/skills/devops-engineer/references/kubernetes.md +0 -154
  519. package/skills/devops-engineer/references/platform-engineering.md +0 -417
  520. package/skills/devops-engineer/references/release-automation.md +0 -527
  521. package/skills/devops-engineer/references/terraform-iac.md +0 -141
  522. package/skills/django-expert/SKILL.md +0 -162
  523. package/skills/django-expert/references/authentication.md +0 -145
  524. package/skills/django-expert/references/drf-serializers.md +0 -148
  525. package/skills/django-expert/references/models-orm.md +0 -151
  526. package/skills/django-expert/references/testing-django.md +0 -204
  527. package/skills/django-expert/references/viewsets-views.md +0 -153
  528. package/skills/documentation/SKILL.md +0 -45
  529. package/skills/dotnet-core-expert/SKILL.md +0 -138
  530. package/skills/dotnet-core-expert/references/authentication.md +0 -546
  531. package/skills/dotnet-core-expert/references/clean-architecture.md +0 -455
  532. package/skills/dotnet-core-expert/references/cloud-native.md +0 -548
  533. package/skills/dotnet-core-expert/references/entity-framework.md +0 -440
  534. package/skills/dotnet-core-expert/references/minimal-apis.md +0 -319
  535. package/skills/entropy-management/SKILL.md +0 -115
  536. package/skills/executing-plans/SKILL.md +0 -70
  537. package/skills/fastapi-expert/SKILL.md +0 -185
  538. package/skills/fastapi-expert/references/async-sqlalchemy.md +0 -146
  539. package/skills/fastapi-expert/references/authentication.md +0 -159
  540. package/skills/fastapi-expert/references/endpoints-routing.md +0 -142
  541. package/skills/fastapi-expert/references/migration-from-django.md +0 -997
  542. package/skills/fastapi-expert/references/pydantic-v2.md +0 -135
  543. package/skills/fastapi-expert/references/testing-async.md +0 -159
  544. package/skills/feature-forge/SKILL.md +0 -98
  545. package/skills/feature-forge/references/acceptance-criteria.md +0 -104
  546. package/skills/feature-forge/references/ears-syntax.md +0 -99
  547. package/skills/feature-forge/references/interview-questions.md +0 -150
  548. package/skills/feature-forge/references/pre-discovery-subagents.md +0 -54
  549. package/skills/feature-forge/references/specification-template.md +0 -103
  550. package/skills/fine-tuning-expert/SKILL.md +0 -162
  551. package/skills/fine-tuning-expert/references/dataset-preparation.md +0 -540
  552. package/skills/fine-tuning-expert/references/deployment-optimization.md +0 -673
  553. package/skills/fine-tuning-expert/references/evaluation-metrics.md +0 -597
  554. package/skills/fine-tuning-expert/references/hyperparameter-tuning.md +0 -565
  555. package/skills/fine-tuning-expert/references/lora-peft.md +0 -347
  556. package/skills/finishing-a-development-branch/SKILL.md +0 -200
  557. package/skills/flutter-expert/SKILL.md +0 -138
  558. package/skills/flutter-expert/references/bloc-state.md +0 -259
  559. package/skills/flutter-expert/references/gorouter-navigation.md +0 -119
  560. package/skills/flutter-expert/references/performance.md +0 -99
  561. package/skills/flutter-expert/references/project-structure.md +0 -118
  562. package/skills/flutter-expert/references/riverpod-state.md +0 -130
  563. package/skills/flutter-expert/references/widget-patterns.md +0 -123
  564. package/skills/fullstack-guardian/SKILL.md +0 -105
  565. package/skills/fullstack-guardian/references/api-design-standards.md +0 -307
  566. package/skills/fullstack-guardian/references/architecture-decisions.md +0 -350
  567. package/skills/fullstack-guardian/references/backend-patterns.md +0 -237
  568. package/skills/fullstack-guardian/references/common-patterns.md +0 -134
  569. package/skills/fullstack-guardian/references/deliverables-checklist.md +0 -354
  570. package/skills/fullstack-guardian/references/design-template.md +0 -91
  571. package/skills/fullstack-guardian/references/error-handling.md +0 -135
  572. package/skills/fullstack-guardian/references/frontend-patterns.md +0 -340
  573. package/skills/fullstack-guardian/references/integration-patterns.md +0 -333
  574. package/skills/fullstack-guardian/references/security-checklist.md +0 -106
  575. package/skills/golang-pro/SKILL.md +0 -122
  576. package/skills/golang-pro/references/concurrency.md +0 -329
  577. package/skills/golang-pro/references/generics.md +0 -442
  578. package/skills/golang-pro/references/interfaces.md +0 -432
  579. package/skills/golang-pro/references/project-structure.md +0 -477
  580. package/skills/golang-pro/references/testing.md +0 -451
  581. package/skills/graphql-architect/SKILL.md +0 -146
  582. package/skills/graphql-architect/references/federation.md +0 -418
  583. package/skills/graphql-architect/references/migration-from-rest.md +0 -1141
  584. package/skills/graphql-architect/references/resolvers.md +0 -425
  585. package/skills/graphql-architect/references/schema-design.md +0 -393
  586. package/skills/graphql-architect/references/security.md +0 -569
  587. package/skills/graphql-architect/references/subscriptions.md +0 -510
  588. package/skills/java-architect/SKILL.md +0 -132
  589. package/skills/java-architect/references/jpa-optimization.md +0 -393
  590. package/skills/java-architect/references/reactive-webflux.md +0 -356
  591. package/skills/java-architect/references/spring-boot-setup.md +0 -269
  592. package/skills/java-architect/references/spring-security.md +0 -445
  593. package/skills/java-architect/references/testing-patterns.md +0 -500
  594. package/skills/javascript-pro/SKILL.md +0 -132
  595. package/skills/javascript-pro/references/async-patterns.md +0 -334
  596. package/skills/javascript-pro/references/browser-apis.md +0 -398
  597. package/skills/javascript-pro/references/modern-syntax.md +0 -272
  598. package/skills/javascript-pro/references/modules.md +0 -357
  599. package/skills/javascript-pro/references/node-essentials.md +0 -471
  600. package/skills/kotlin-specialist/SKILL.md +0 -147
  601. package/skills/kotlin-specialist/references/android-compose.md +0 -419
  602. package/skills/kotlin-specialist/references/coroutines-flow.md +0 -276
  603. package/skills/kotlin-specialist/references/dsl-idioms.md +0 -421
  604. package/skills/kotlin-specialist/references/ktor-server.md +0 -426
  605. package/skills/kotlin-specialist/references/multiplatform-kmp.md +0 -380
  606. package/skills/kubernetes-specialist/SKILL.md +0 -241
  607. package/skills/kubernetes-specialist/references/configuration.md +0 -452
  608. package/skills/kubernetes-specialist/references/cost-optimization.md +0 -458
  609. package/skills/kubernetes-specialist/references/custom-operators.md +0 -563
  610. package/skills/kubernetes-specialist/references/gitops.md +0 -530
  611. package/skills/kubernetes-specialist/references/helm-charts.md +0 -912
  612. package/skills/kubernetes-specialist/references/multi-cluster.md +0 -507
  613. package/skills/kubernetes-specialist/references/networking.md +0 -447
  614. package/skills/kubernetes-specialist/references/service-mesh.md +0 -459
  615. package/skills/kubernetes-specialist/references/storage.md +0 -535
  616. package/skills/kubernetes-specialist/references/troubleshooting.md +0 -414
  617. package/skills/kubernetes-specialist/references/workloads.md +0 -377
  618. package/skills/laravel-specialist/SKILL.md +0 -262
  619. package/skills/laravel-specialist/references/eloquent.md +0 -351
  620. package/skills/laravel-specialist/references/livewire.md +0 -512
  621. package/skills/laravel-specialist/references/queues.md +0 -423
  622. package/skills/laravel-specialist/references/routing.md +0 -362
  623. package/skills/laravel-specialist/references/testing.md +0 -522
  624. package/skills/legacy-modernizer/SKILL.md +0 -137
  625. package/skills/legacy-modernizer/references/legacy-testing.md +0 -381
  626. package/skills/legacy-modernizer/references/migration-strategies.md +0 -423
  627. package/skills/legacy-modernizer/references/refactoring-patterns.md +0 -395
  628. package/skills/legacy-modernizer/references/strangler-fig-pattern.md +0 -281
  629. package/skills/legacy-modernizer/references/system-assessment.md +0 -487
  630. package/skills/mcp-developer/SKILL.md +0 -143
  631. package/skills/mcp-developer/references/protocol.md +0 -244
  632. package/skills/mcp-developer/references/python-sdk.md +0 -367
  633. package/skills/mcp-developer/references/resources.md +0 -554
  634. package/skills/mcp-developer/references/tools.md +0 -480
  635. package/skills/mcp-developer/references/typescript-sdk.md +0 -350
  636. package/skills/microservices-architect/SKILL.md +0 -164
  637. package/skills/microservices-architect/references/communication.md +0 -499
  638. package/skills/microservices-architect/references/data.md +0 -721
  639. package/skills/microservices-architect/references/decomposition.md +0 -344
  640. package/skills/microservices-architect/references/observability.md +0 -805
  641. package/skills/microservices-architect/references/patterns.md +0 -603
  642. package/skills/ml-pipeline/SKILL.md +0 -159
  643. package/skills/ml-pipeline/references/experiment-tracking.md +0 -833
  644. package/skills/ml-pipeline/references/feature-engineering.md +0 -631
  645. package/skills/ml-pipeline/references/model-validation.md +0 -978
  646. package/skills/ml-pipeline/references/pipeline-orchestration.md +0 -907
  647. package/skills/ml-pipeline/references/training-pipelines.md +0 -782
  648. package/skills/monitoring-expert/SKILL.md +0 -176
  649. package/skills/monitoring-expert/references/alerting-rules.md +0 -141
  650. package/skills/monitoring-expert/references/application-profiling.md +0 -331
  651. package/skills/monitoring-expert/references/capacity-planning.md +0 -344
  652. package/skills/monitoring-expert/references/dashboards.md +0 -126
  653. package/skills/monitoring-expert/references/opentelemetry.md +0 -123
  654. package/skills/monitoring-expert/references/performance-testing.md +0 -269
  655. package/skills/monitoring-expert/references/prometheus-metrics.md +0 -136
  656. package/skills/monitoring-expert/references/structured-logging.md +0 -142
  657. package/skills/nestjs-expert/SKILL.md +0 -206
  658. package/skills/nestjs-expert/references/authentication.md +0 -166
  659. package/skills/nestjs-expert/references/controllers-routing.md +0 -111
  660. package/skills/nestjs-expert/references/dtos-validation.md +0 -153
  661. package/skills/nestjs-expert/references/migration-from-express.md +0 -1237
  662. package/skills/nestjs-expert/references/services-di.md +0 -140
  663. package/skills/nestjs-expert/references/testing-patterns.md +0 -186
  664. package/skills/nextjs-developer/SKILL.md +0 -143
  665. package/skills/nextjs-developer/references/app-router.md +0 -311
  666. package/skills/nextjs-developer/references/data-fetching.md +0 -482
  667. package/skills/nextjs-developer/references/deployment.md +0 -545
  668. package/skills/nextjs-developer/references/server-actions.md +0 -462
  669. package/skills/nextjs-developer/references/server-components.md +0 -384
  670. package/skills/pandas-pro/SKILL.md +0 -178
  671. package/skills/pandas-pro/references/aggregation-groupby.md +0 -545
  672. package/skills/pandas-pro/references/data-cleaning.md +0 -500
  673. package/skills/pandas-pro/references/dataframe-operations.md +0 -420
  674. package/skills/pandas-pro/references/merging-joining.md +0 -596
  675. package/skills/pandas-pro/references/performance-optimization.md +0 -597
  676. package/skills/php-pro/SKILL.md +0 -206
  677. package/skills/php-pro/references/async-patterns.md +0 -412
  678. package/skills/php-pro/references/laravel-patterns.md +0 -377
  679. package/skills/php-pro/references/modern-php-features.md +0 -323
  680. package/skills/php-pro/references/symfony-patterns.md +0 -466
  681. package/skills/php-pro/references/testing-quality.md +0 -466
  682. package/skills/playwright-expert/SKILL.md +0 -169
  683. package/skills/playwright-expert/references/api-mocking.md +0 -140
  684. package/skills/playwright-expert/references/configuration.md +0 -155
  685. package/skills/playwright-expert/references/debugging-flaky.md +0 -150
  686. package/skills/playwright-expert/references/page-object-model.md +0 -152
  687. package/skills/playwright-expert/references/selectors-locators.md +0 -119
  688. package/skills/postgres-pro/SKILL.md +0 -152
  689. package/skills/postgres-pro/references/extensions.md +0 -404
  690. package/skills/postgres-pro/references/jsonb.md +0 -321
  691. package/skills/postgres-pro/references/maintenance.md +0 -481
  692. package/skills/postgres-pro/references/performance.md +0 -265
  693. package/skills/postgres-pro/references/replication.md +0 -446
  694. package/skills/python-pro/SKILL.md +0 -177
  695. package/skills/python-pro/references/async-patterns.md +0 -356
  696. package/skills/python-pro/references/packaging.md +0 -460
  697. package/skills/python-pro/references/standard-library.md +0 -378
  698. package/skills/python-pro/references/testing.md +0 -404
  699. package/skills/python-pro/references/type-system.md +0 -290
  700. package/skills/rag-architect/SKILL.md +0 -194
  701. package/skills/rag-architect/references/chunking-strategies.md +0 -878
  702. package/skills/rag-architect/references/embedding-models.md +0 -561
  703. package/skills/rag-architect/references/rag-evaluation.md +0 -833
  704. package/skills/rag-architect/references/retrieval-optimization.md +0 -795
  705. package/skills/rag-architect/references/vector-databases.md +0 -589
  706. package/skills/rails-expert/SKILL.md +0 -154
  707. package/skills/rails-expert/references/active-record.md +0 -244
  708. package/skills/rails-expert/references/api-development.md +0 -401
  709. package/skills/rails-expert/references/background-jobs.md +0 -272
  710. package/skills/rails-expert/references/hotwire-turbo.md +0 -228
  711. package/skills/rails-expert/references/rspec-testing.md +0 -367
  712. package/skills/react-expert/SKILL.md +0 -149
  713. package/skills/react-expert/references/hooks-patterns.md +0 -162
  714. package/skills/react-expert/references/migration-class-to-modern.md +0 -1119
  715. package/skills/react-expert/references/performance.md +0 -168
  716. package/skills/react-expert/references/react-19-features.md +0 -174
  717. package/skills/react-expert/references/server-components.md +0 -143
  718. package/skills/react-expert/references/state-management.md +0 -171
  719. package/skills/react-expert/references/testing-react.md +0 -174
  720. package/skills/react-native-expert/SKILL.md +0 -185
  721. package/skills/react-native-expert/references/expo-router.md +0 -187
  722. package/skills/react-native-expert/references/list-optimization.md +0 -204
  723. package/skills/react-native-expert/references/platform-handling.md +0 -188
  724. package/skills/react-native-expert/references/project-structure.md +0 -171
  725. package/skills/react-native-expert/references/storage-hooks.md +0 -173
  726. package/skills/receiving-code-review/SKILL.md +0 -213
  727. package/skills/requesting-code-review/SKILL.md +0 -105
  728. package/skills/requesting-code-review/code-reviewer.md +0 -146
  729. package/skills/requirement-engineering/SKILL.md +0 -111
  730. package/skills/rust-engineer/SKILL.md +0 -167
  731. package/skills/rust-engineer/references/async.md +0 -458
  732. package/skills/rust-engineer/references/error-handling.md +0 -334
  733. package/skills/rust-engineer/references/ownership.md +0 -278
  734. package/skills/rust-engineer/references/testing.md +0 -470
  735. package/skills/rust-engineer/references/traits.md +0 -413
  736. package/skills/secure-code-guardian/SKILL.md +0 -191
  737. package/skills/secure-code-guardian/references/authentication.md +0 -136
  738. package/skills/secure-code-guardian/references/input-validation.md +0 -146
  739. package/skills/secure-code-guardian/references/owasp-prevention.md +0 -135
  740. package/skills/secure-code-guardian/references/security-headers.md +0 -133
  741. package/skills/secure-code-guardian/references/xss-csrf.md +0 -157
  742. package/skills/security-reviewer/SKILL.md +0 -103
  743. package/skills/security-reviewer/references/infrastructure-security.md +0 -268
  744. package/skills/security-reviewer/references/penetration-testing.md +0 -268
  745. package/skills/security-reviewer/references/report-template.md +0 -170
  746. package/skills/security-reviewer/references/sast-tools.md +0 -117
  747. package/skills/security-reviewer/references/secret-scanning.md +0 -125
  748. package/skills/security-reviewer/references/vulnerability-patterns.md +0 -152
  749. package/skills/spark-engineer/SKILL.md +0 -148
  750. package/skills/spark-engineer/references/partitioning-caching.md +0 -543
  751. package/skills/spark-engineer/references/performance-tuning.md +0 -544
  752. package/skills/spark-engineer/references/rdd-operations.md +0 -599
  753. package/skills/spark-engineer/references/spark-sql-dataframes.md +0 -474
  754. package/skills/spark-engineer/references/streaming-patterns.md +0 -786
  755. package/skills/spring-boot-engineer/SKILL.md +0 -195
  756. package/skills/spring-boot-engineer/references/cloud.md +0 -498
  757. package/skills/spring-boot-engineer/references/data.md +0 -381
  758. package/skills/spring-boot-engineer/references/security.md +0 -459
  759. package/skills/spring-boot-engineer/references/testing.md +0 -545
  760. package/skills/spring-boot-engineer/references/web.md +0 -295
  761. package/skills/sql-pro/SKILL.md +0 -129
  762. package/skills/sql-pro/references/database-design.md +0 -402
  763. package/skills/sql-pro/references/dialect-differences.md +0 -419
  764. package/skills/sql-pro/references/optimization.md +0 -384
  765. package/skills/sql-pro/references/query-patterns.md +0 -285
  766. package/skills/sql-pro/references/window-functions.md +0 -328
  767. package/skills/sre-engineer/SKILL.md +0 -181
  768. package/skills/sre-engineer/references/automation-toil.md +0 -492
  769. package/skills/sre-engineer/references/error-budget-policy.md +0 -334
  770. package/skills/sre-engineer/references/incident-chaos.md +0 -576
  771. package/skills/sre-engineer/references/monitoring-alerting.md +0 -424
  772. package/skills/sre-engineer/references/slo-sli-management.md +0 -238
  773. package/skills/swift-expert/SKILL.md +0 -163
  774. package/skills/swift-expert/references/async-concurrency.md +0 -360
  775. package/skills/swift-expert/references/memory-performance.md +0 -377
  776. package/skills/swift-expert/references/protocol-oriented.md +0 -354
  777. package/skills/swift-expert/references/swiftui-patterns.md +0 -291
  778. package/skills/swift-expert/references/testing-patterns.md +0 -399
  779. package/skills/systematic-debugging/CREATION-LOG.md +0 -119
  780. package/skills/systematic-debugging/SKILL.md +0 -296
  781. package/skills/systematic-debugging/condition-based-waiting-example.ts +0 -158
  782. package/skills/systematic-debugging/condition-based-waiting.md +0 -115
  783. package/skills/systematic-debugging/defense-in-depth.md +0 -122
  784. package/skills/systematic-debugging/find-polluter.sh +0 -63
  785. package/skills/systematic-debugging/root-cause-tracing.md +0 -169
  786. package/skills/systematic-debugging/test-academic.md +0 -14
  787. package/skills/systematic-debugging/test-pressure-1.md +0 -58
  788. package/skills/systematic-debugging/test-pressure-2.md +0 -68
  789. package/skills/systematic-debugging/test-pressure-3.md +0 -69
  790. package/skills/tdd-guide/assets/sample_coverage_report.lcov +0 -56
  791. package/skills/terraform-engineer/SKILL.md +0 -143
  792. package/skills/terraform-engineer/references/best-practices.md +0 -583
  793. package/skills/terraform-engineer/references/module-patterns.md +0 -297
  794. package/skills/terraform-engineer/references/providers.md +0 -452
  795. package/skills/terraform-engineer/references/state-management.md +0 -371
  796. package/skills/terraform-engineer/references/testing.md +0 -486
  797. package/skills/test-master/SKILL.md +0 -94
  798. package/skills/test-master/references/automation-frameworks.md +0 -294
  799. package/skills/test-master/references/e2e-testing.md +0 -128
  800. package/skills/test-master/references/integration-testing.md +0 -120
  801. package/skills/test-master/references/performance-testing.md +0 -118
  802. package/skills/test-master/references/qa-methodology.md +0 -247
  803. package/skills/test-master/references/security-testing.md +0 -127
  804. package/skills/test-master/references/tdd-iron-laws.md +0 -174
  805. package/skills/test-master/references/test-reports.md +0 -104
  806. package/skills/test-master/references/testing-anti-patterns.md +0 -231
  807. package/skills/test-master/references/unit-testing.md +0 -113
  808. package/skills/typescript-pro/SKILL.md +0 -145
  809. package/skills/typescript-pro/references/advanced-types.md +0 -259
  810. package/skills/typescript-pro/references/configuration.md +0 -445
  811. package/skills/typescript-pro/references/patterns.md +0 -484
  812. package/skills/typescript-pro/references/type-guards.md +0 -352
  813. package/skills/typescript-pro/references/utility-types.md +0 -329
  814. package/skills/using-git-worktrees/SKILL.md +0 -218
  815. package/skills/verification-before-completion/SKILL.md +0 -139
  816. package/skills/vue-expert/SKILL.md +0 -98
  817. package/skills/vue-expert/references/build-tooling.md +0 -480
  818. package/skills/vue-expert/references/components.md +0 -448
  819. package/skills/vue-expert/references/composition-api.md +0 -299
  820. package/skills/vue-expert/references/mobile-hybrid.md +0 -636
  821. package/skills/vue-expert/references/nuxt.md +0 -669
  822. package/skills/vue-expert/references/state-management.md +0 -449
  823. package/skills/vue-expert/references/typescript.md +0 -584
  824. package/skills/vue-expert-js/SKILL.md +0 -167
  825. package/skills/vue-expert-js/references/component-architecture.md +0 -219
  826. package/skills/vue-expert-js/references/composables-patterns.md +0 -183
  827. package/skills/vue-expert-js/references/jsdoc-typing.md +0 -535
  828. package/skills/vue-expert-js/references/state-management.md +0 -249
  829. package/skills/vue-expert-js/references/testing-patterns.md +0 -237
  830. package/skills/websocket-engineer/SKILL.md +0 -168
  831. package/skills/websocket-engineer/references/alternatives.md +0 -391
  832. package/skills/websocket-engineer/references/patterns.md +0 -400
  833. package/skills/websocket-engineer/references/protocol.md +0 -195
  834. package/skills/websocket-engineer/references/scaling.md +0 -333
  835. package/skills/websocket-engineer/references/security.md +0 -474
  836. package/skills/writing-plans/SKILL.md +0 -151
  837. package/skills/writing-plans/plan-document-reviewer-prompt.md +0 -49
  838. package/skills/writing-skills/SKILL.md +0 -655
  839. package/skills/writing-skills/anthropic-best-practices.md +0 -1150
  840. package/skills/writing-skills/examples/CLAUDE_MD_TESTING.md +0 -189
  841. package/skills/writing-skills/graphviz-conventions.dot +0 -172
  842. package/skills/writing-skills/persuasion-principles.md +0 -187
  843. package/skills/writing-skills/render-graphs.js +0 -168
  844. package/skills/writing-skills/testing-skills-with-subagents.md +0 -384
  845. /package/skills/{design-commands → frontend/design-commands}/design.md +0 -0
  846. /package/skills/{design-commands → frontend/design-commands}/handoff.md +0 -0
  847. /package/skills/{design-commands → frontend/design-commands}/prototype.md +0 -0
  848. /package/skills/{design-commands → frontend/design-commands}/spec.md +0 -0
  849. /package/skills/{design-commands → frontend/design-commands}/style.md +0 -0
  850. /package/skills/{senior-frontend → frontend/senior-frontend}/SKILL.md +0 -0
  851. /package/skills/{senior-frontend → frontend/senior-frontend}/references/frontend_best_practices.md +0 -0
  852. /package/skills/{senior-frontend → frontend/senior-frontend}/references/nextjs_optimization_guide.md +0 -0
  853. /package/skills/{senior-frontend → frontend/senior-frontend}/references/react_patterns.md +0 -0
  854. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/bundle_analyzer.py +0 -0
  855. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/component_generator.py +0 -0
  856. /package/skills/{senior-frontend → frontend/senior-frontend}/scripts/frontend_scaffolder.py +0 -0
  857. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/SKILL.md +0 -0
  858. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/charts.csv +0 -0
  859. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/colors.csv +0 -0
  860. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/icons.csv +0 -0
  861. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/landing.csv +0 -0
  862. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/products.csv +0 -0
  863. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/react-performance.csv +0 -0
  864. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/astro.csv +0 -0
  865. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/flutter.csv +0 -0
  866. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/html-tailwind.csv +0 -0
  867. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/jetpack-compose.csv +0 -0
  868. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nextjs.csv +0 -0
  869. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nuxt-ui.csv +0 -0
  870. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/nuxtjs.csv +0 -0
  871. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/react-native.csv +0 -0
  872. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/react.csv +0 -0
  873. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/shadcn.csv +0 -0
  874. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/svelte.csv +0 -0
  875. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/swiftui.csv +0 -0
  876. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/stacks/vue.csv +0 -0
  877. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/styles.csv +0 -0
  878. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/typography.csv +0 -0
  879. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/ui-reasoning.csv +0 -0
  880. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/ux-guidelines.csv +0 -0
  881. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/data/web-interface.csv +0 -0
  882. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/core.py +0 -0
  883. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/design_system.py +0 -0
  884. /package/skills/{ui-ux-pro-max → frontend/ui-ux-pro-max}/scripts/search.py +0 -0
  885. /package/skills/{competitive-analysis → product/competitive-analysis}/SKILL.md +0 -0
  886. /package/skills/{meeting-notes → product/meeting-notes}/SKILL.md +0 -0
  887. /package/skills/{prd-template → product/prd-template}/SKILL.md +0 -0
  888. /package/skills/{stakeholder-update → product/stakeholder-update}/SKILL.md +0 -0
  889. /package/skills/{user-research-synthesis → product/user-research-synthesis}/SKILL.md +0 -0
  890. /package/skills/{senior-qa → quality/senior-qa}/README.md +0 -0
  891. /package/skills/{senior-qa → quality/senior-qa}/SKILL.md +0 -0
  892. /package/skills/{senior-qa → quality/senior-qa}/references/qa_best_practices.md +0 -0
  893. /package/skills/{senior-qa → quality/senior-qa}/references/test_automation_patterns.md +0 -0
  894. /package/skills/{senior-qa → quality/senior-qa}/references/testing_strategies.md +0 -0
  895. /package/skills/{senior-qa → quality/senior-qa}/scripts/coverage_analyzer.py +0 -0
  896. /package/skills/{senior-qa → quality/senior-qa}/scripts/e2e_test_scaffolder.py +0 -0
  897. /package/skills/{senior-qa → quality/senior-qa}/scripts/test_suite_generator.py +0 -0
  898. /package/skills/{tdd-guide → quality/tdd-guide}/HOW_TO_USE.md +0 -0
  899. /package/skills/{tdd-guide → quality/tdd-guide}/README.md +0 -0
  900. /package/skills/{tdd-guide → quality/tdd-guide}/SKILL.md +0 -0
  901. /package/skills/{tdd-guide → quality/tdd-guide}/assets/expected_output.json +0 -0
  902. /package/skills/{tdd-guide → quality/tdd-guide}/assets/sample_input_python.json +0 -0
  903. /package/skills/{tdd-guide → quality/tdd-guide}/assets/sample_input_typescript.json +0 -0
  904. /package/skills/{tdd-guide → quality/tdd-guide}/references/ci-integration.md +0 -0
  905. /package/skills/{tdd-guide → quality/tdd-guide}/references/framework-guide.md +0 -0
  906. /package/skills/{tdd-guide → quality/tdd-guide}/references/tdd-best-practices.md +0 -0
  907. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/coverage_analyzer.py +0 -0
  908. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/fixture_generator.py +0 -0
  909. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/format_detector.py +0 -0
  910. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/framework_adapter.py +0 -0
  911. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/metrics_calculator.py +0 -0
  912. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/output_formatter.py +0 -0
  913. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/tdd_workflow.py +0 -0
  914. /package/skills/{tdd-guide → quality/tdd-guide}/scripts/test_generator.py +0 -0
  915. /package/skills/{brainstorming → workflow/brainstorming}/scripts/frame-template.html +0 -0
  916. /package/skills/{brainstorming → workflow/brainstorming}/scripts/server.cjs +0 -0
package/skills/security-reviewer/SKILL.md DELETED
@@ -1,103 +0,0 @@
1
- ---
2
- name: security-reviewer
3
- description: Identifies security vulnerabilities, generates structured audit reports with severity ratings, and provides actionable remediation guidance. Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews, dependency audits, secrets scanning, or compliance checks. Produces vulnerability reports, prioritized recommendations, and compliance checklists.
4
- license: MIT
5
- allowed-tools: Read, Grep, Glob, Bash
6
- metadata:
7
- author: https://github.com/Jeffallan
8
- version: "1.1.1"
9
- domain: security
10
- triggers: security review, vulnerability scan, SAST, security audit, penetration test, code audit, security analysis, infrastructure security, DevSecOps, cloud security, compliance audit
11
- role: specialist
12
- scope: review
13
- output-format: report
14
- related-skills: secure-code-guardian, code-reviewer, devops-engineer, cloud-architect, kubernetes-specialist, api-designer, mcp-developer
15
- ---
16
-
17
- # Security Reviewer
18
-
19
- Security analyst specializing in code review, vulnerability identification, penetration testing, and infrastructure security.
20
-
21
- ## When to Use This Skill
22
-
23
- - Code review and SAST scanning
24
- - Vulnerability scanning and dependency audits
25
- - Secrets scanning and credential detection
26
- - Penetration testing and reconnaissance
27
- - Infrastructure and cloud security audits
28
- - DevSecOps pipelines and compliance automation
29
-
30
- ## Core Workflow
31
-
32
- 1. **Scope** — Map attack surface and critical paths. Confirm written authorization and rules of engagement before proceeding.
33
- 2. **Scan** — Run SAST, dependency, and secrets tools. Example commands:
34
- - `semgrep --config=auto .`
35
- - `bandit -r ./src`
36
- - `gitleaks detect --source=.`
37
- - `npm audit --audit-level=moderate`
38
- - `trivy fs .`
39
- 3. **Review** — Manual review of auth, input handling, and crypto. Tools miss context — manual review is mandatory.
40
- 4. **Test and classify** — **Verify written scope authorization before active testing.** Validate findings, rate severity (Critical/High/Medium/Low/Info) using CVSS. Confirm exploitability with proof-of-concept only; do not exceed it.
41
- 5. **Report** — Confirm findings with stakeholder before finalizing. Document with location, impact, and remediation. Report critical findings immediately.
42
-
43
- ## Reference Guide
44
-
45
- Load detailed guidance based on context:
46
-
47
- | Topic | Reference | Load When |
48
- |-------|-----------|-----------|
49
- | SAST Tools | `references/sast-tools.md` | Running automated scans |
50
- | Vulnerability Patterns | `references/vulnerability-patterns.md` | SQL injection, XSS, manual review |
51
- | Secret Scanning | `references/secret-scanning.md` | Gitleaks, finding hardcoded secrets |
52
- | Penetration Testing | `references/penetration-testing.md` | Active testing, reconnaissance, exploitation |
53
- | Infrastructure Security | `references/infrastructure-security.md` | DevSecOps, cloud security, compliance |
54
- | Report Template | `references/report-template.md` | Writing security report |
55
-
56
- ## Constraints
57
-
58
- ### MUST DO
59
- - Check authentication/authorization first
60
- - Run automated tools before manual review
61
- - Provide specific file/line locations
62
- - Include remediation for each finding
63
- - Rate severity consistently
64
- - Check for secrets in code
65
- - Verify scope and authorization before active testing
66
- - Document all testing activities
67
- - Follow rules of engagement
68
- - Report critical findings immediately
69
-
70
- ### MUST NOT DO
71
- - Skip manual review (tools miss things)
72
- - Test on production systems without authorization
73
- - Ignore "low" severity issues
74
- - Assume frameworks handle everything
75
- - Share detailed exploits publicly
76
- - Exploit beyond proof of concept
77
- - Cause service disruption or data loss
78
- - Test outside defined scope
79
-
80
- ## Output Templates
81
-
82
- 1. Executive summary with risk assessment
83
- 2. Findings table with severity counts
84
- 3. Detailed findings with location, impact, and remediation
85
- 4. Prioritized recommendations
86
-
87
- ### Example Finding Entry
88
-
89
- ```
90
- ID: FIND-001
91
- Severity: High (CVSS 8.1)
92
- Title: SQL Injection in user search endpoint
93
- File: src/api/users.py, line 42
94
- Description: User-supplied input is concatenated directly into a SQL query without parameterization.
95
- Impact: An attacker can read, modify, or delete database contents.
96
- Remediation: Use parameterized queries or an ORM. Replace `cursor.execute(f"SELECT * FROM users WHERE name='{name}'")`
97
- with `cursor.execute("SELECT * FROM users WHERE name=%s", (name,))`.
98
- References: CWE-89, OWASP A03:2021
99
- ```
100
-
101
- ## Knowledge Reference
102
-
103
- OWASP Top 10, CWE, Semgrep, Bandit, ESLint Security, gosec, npm audit, gitleaks, trufflehog, CVSS scoring, nmap, Burp Suite, sqlmap, Trivy, Checkov, HashiCorp Vault, AWS Security Hub, CIS benchmarks, SOC2, ISO27001
package/skills/security-reviewer/references/infrastructure-security.md DELETED
@@ -1,268 +0,0 @@
1
- # Infrastructure Security
2
-
3
- ## DevSecOps Integration
4
-
5
- ### CI/CD Security Pipeline
6
-
7
- ```yaml
8
- # GitHub Actions - Security scanning
9
- name: Security Pipeline
10
- on: [push, pull_request]
11
- jobs:
12
- security:
13
- runs-on: ubuntu-latest
14
- steps:
15
- - uses: returntocorp/semgrep-action@v1
16
- - uses: gitleaks/gitleaks-action@v2
17
- - uses: aquasecurity/trivy-action@master
18
- with:
19
- scan-type: 'fs'
20
- severity: 'CRITICAL,HIGH'
21
- ```
22
-
23
- ### Infrastructure as Code Security
24
-
25
- ```bash
26
- # Terraform/CloudFormation scanning
27
- checkov -d terraform/ --framework terraform
28
- tfsec terraform/
29
- terrascan scan -d terraform/
30
-
31
- # Kubernetes manifest scanning
32
- kubesec scan deployment.yaml
33
- ```
34
-
35
- ## Cloud Security Controls
36
-
37
- ### AWS Security Hardening
38
-
39
- ```bash
40
- # Enable security services
41
- aws guardduty create-detector --enable
42
- aws securityhub enable-security-hub
43
- aws cloudtrail create-trail --name security-trail --s3-bucket-name logs
44
-
45
- # Check S3 bucket security
46
- aws s3api list-buckets --query "Buckets[].Name" | \
47
- xargs -I {} aws s3api get-bucket-acl --bucket {}
48
-
49
- # IAM password policy
50
- aws iam update-account-password-policy \
51
- --minimum-password-length 14 \
52
- --require-symbols --require-numbers \
53
- --require-uppercase-characters --require-lowercase-characters
54
- ```
55
-
56
- ### Azure Security
57
-
58
- ```bash
59
- # Enable Security Center
60
- az security auto-provisioning-setting update --name default --auto-provision on
61
-
62
- # Enable disk encryption
63
- az vm encryption enable --resource-group myRG --name myVM --disk-encryption-keyvault myKV
64
- ```
65
-
66
- ### GCP Security
67
-
68
- ```bash
69
- # Enable Security Command Center
70
- gcloud services enable securitycenter.googleapis.com
71
-
72
- # Enable VPC Flow Logs
73
- gcloud compute networks subnets update SUBNET --enable-flow-logs
74
- ```
75
-
76
- ## Container Security
77
-
78
- ### Secure Dockerfile
79
-
80
- ```dockerfile
81
- FROM node:18-alpine
82
- RUN addgroup -g 1001 -S nodejs && adduser -S nodejs -u 1001
83
- WORKDIR /app
84
- COPY --chown=nodejs:nodejs package*.json ./
85
- RUN npm ci --only=production
86
- USER nodejs
87
- EXPOSE 3000
88
- HEALTHCHECK --interval=30s CMD node healthcheck.js
89
- CMD ["node", "server.js"]
90
- ```
91
-
92
- ### Kubernetes Security
93
-
94
- ```yaml
95
- # Pod Security Standards
96
- apiVersion: v1
97
- kind: Pod
98
- metadata:
99
- name: secure-pod
100
- spec:
101
- securityContext:
102
- runAsNonRoot: true
103
- runAsUser: 1000
104
- fsGroup: 2000
105
- seccompProfile:
106
- type: RuntimeDefault
107
- containers:
108
- - name: app
109
- image: myapp:1.0
110
- securityContext:
111
- allowPrivilegeEscalation: false
112
- readOnlyRootFilesystem: true
113
- capabilities:
114
- drop: [ALL]
115
- resources:
116
- limits:
117
- memory: "128Mi"
118
- cpu: "500m"
119
- ---
120
- # Network Policy - Default deny
121
- apiVersion: networking.k8s.io/v1
122
- kind: NetworkPolicy
123
- metadata:
124
- name: default-deny-all
125
- spec:
126
- podSelector: {}
127
- policyTypes:
128
- - Ingress
129
- - Egress
130
- ```
131
-
132
- ## Compliance Automation
133
-
134
- ### CIS Benchmark Scanning
135
-
136
- ```bash
137
- # Docker CIS benchmark
138
- docker run --net host --pid host --cap-add audit_control \
139
- -v /var/lib:/var/lib -v /var/run/docker.sock:/var/run/docker.sock \
140
- docker/docker-bench-security
141
-
142
- # Kubernetes CIS benchmark
143
- kube-bench run --targets master,node
144
-
145
- # Linux system hardening
146
- lynis audit system --quick
147
- ```
148
-
149
- ### Compliance as Code (InSpec)
150
-
151
- ```ruby
152
- # controls/baseline.rb
153
- control 'ssh-hardening' do
154
- impact 1.0
155
- title 'SSH Security Configuration'
156
-
157
- describe sshd_config do
158
- its('Protocol') { should eq '2' }
159
- its('PermitRootLogin') { should eq 'no' }
160
- its('PasswordAuthentication') { should eq 'no' }
161
- end
162
- end
163
-
164
- control 'encryption-at-rest' do
165
- impact 1.0
166
- title 'S3 Encryption Enabled'
167
-
168
- describe aws_s3_bucket('my-bucket') do
169
- it { should have_default_encryption_enabled }
170
- end
171
- end
172
- ```
173
-
174
- ## Secrets Management
175
-
176
- ### HashiCorp Vault
177
-
178
- ```bash
179
- # Initialize and configure
180
- vault operator init
181
- vault secrets enable -path=secret kv-v2
182
-
183
- # Store secrets
184
- vault kv put secret/app/config api_key="secret123"
185
-
186
- # Dynamic database credentials
187
- vault secrets enable database
188
- vault write database/config/postgresql \
189
- plugin_name=postgresql-database-plugin \
190
- allowed_roles="app" \
191
- connection_url="postgresql://{{username}}:{{password}}@localhost:5432/" \
192
- username="vault" password="vaultpass"
193
-
194
- vault write database/roles/app \
195
- db_name=postgresql \
196
- creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}';" \
197
- default_ttl="1h" max_ttl="24h"
198
- ```
199
-
200
- ### Kubernetes Secrets with External Secrets Operator
201
-
202
- ```yaml
203
- apiVersion: external-secrets.io/v1beta1
204
- kind: SecretStore
205
- metadata:
206
- name: vault-backend
207
- spec:
208
- provider:
209
- vault:
210
- server: "https://vault.example.com"
211
- path: "secret"
212
- auth:
213
- kubernetes:
214
- role: "app-role"
215
- ---
216
- apiVersion: external-secrets.io/v1beta1
217
- kind: ExternalSecret
218
- metadata:
219
- name: app-secrets
220
- spec:
221
- refreshInterval: 1h
222
- secretStoreRef:
223
- name: vault-backend
224
- target:
225
- name: app-secrets
226
- data:
227
- - secretKey: api_key
228
- remoteRef:
229
- key: secret/app/config
230
- property: api_key
231
- ```
232
-
233
- ## Security Monitoring
234
-
235
- ### SIEM Log Shipping (Filebeat)
236
-
237
- ```yaml
238
- filebeat.inputs:
239
- - type: log
240
- paths:
241
- - /var/log/auth.log
242
- - /var/log/nginx/*.log
243
- fields:
244
- environment: production
245
-
246
- output.elasticsearch:
247
- hosts: ["elasticsearch:9200"]
248
- index: "security-logs-%{+yyyy.MM.dd}"
249
- ```
250
-
251
- ## Quick Reference
252
-
253
- | Area | Tool | Purpose |
254
- |------|------|---------|
255
- | Cloud Security | Prowler, ScoutSuite | AWS/Azure/GCP audit |
256
- | Container | Trivy, Clair | Image scanning |
257
- | IaC | Checkov, tfsec | Terraform/CloudFormation |
258
- | Secrets | Vault, Sealed Secrets | Secret management |
259
- | Compliance | InSpec, OpenSCAP | CIS benchmarks |
260
- | Monitoring | ELK, Splunk | SIEM |
261
-
262
- | Framework | Focus | Key Controls |
263
- |-----------|-------|--------------|
264
- | SOC 2 | Security controls | Access, encryption, monitoring |
265
- | ISO 27001 | ISMS | Policy, risk, audit |
266
- | PCI DSS | Payment security | Network segmentation, encryption |
267
- | HIPAA | Healthcare | Encryption, access logs |
268
- | GDPR | Data privacy | Consent, retention, DLP |
package/skills/security-reviewer/references/penetration-testing.md DELETED
@@ -1,268 +0,0 @@
1
- # Penetration Testing
2
-
3
- ## Reconnaissance
4
-
5
- ### Passive Information Gathering
6
-
7
- ```bash
8
- # DNS enumeration
9
- dig example.com ANY
10
- nslookup -type=any example.com
11
-
12
- # Subdomain discovery
13
- subfinder -d example.com
14
- amass enum -d example.com
15
-
16
- # Certificate transparency
17
- curl -s "https://crt.sh/?q=%.example.com&output=json"
18
- ```
19
-
20
- ### Active Scanning
21
-
22
- ```bash
23
- # Port scanning
24
- nmap -sV -p- target.com
25
- nmap -sC -sV -oA scan target.com
26
-
27
- # Web technology detection
28
- whatweb target.com
29
- ```
30
-
31
- ## Web Application Testing
32
-
33
- ### Authentication & Authorization
34
-
35
- ```bash
36
- # Session analysis - Check for:
37
- # - Session timeout, Secure/HttpOnly flags
38
- # - Session fixation, concurrent sessions
39
-
40
- # IDOR testing
41
- GET /api/users/123 # Your ID
42
- GET /api/users/124 # Another user - should fail
43
-
44
- # Privilege escalation
45
- GET /api/admin/users # As standard user
46
- ```
47
-
48
- ### Input Validation
49
-
50
- ```bash
51
- # SQL injection
52
- sqlmap -u "http://target.com/search?q=test" --batch
53
-
54
- # XSS payloads
55
- <script>alert(document.domain)</script>
56
- <img src=x onerror=alert(1)>
57
- <svg onload=alert(1)>
58
-
59
- # Command injection
60
- ; ls -la
61
- | whoami
62
- $(whoami)
63
-
64
- # XXE
65
- <?xml version="1.0"?>
66
- <!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
67
- <root>&xxe;</root>
68
- ```
69
-
70
- ## API Security Testing
71
-
72
- ### JWT & Token Security
73
-
74
- ```bash
75
- # Decode JWT
76
- echo "eyJ..." | base64 -d
77
-
78
- # Test none algorithm
79
- # Modify header: {"alg": "none"}
80
-
81
- # Weak secret brute force
82
- hashcat -m 16500 jwt.txt wordlist.txt
83
- ```
84
-
85
- ### Rate Limiting & Data Exposure
86
-
87
- ```bash
88
- # Test rate limits
89
- for i in {1..1000}; do
90
- curl https://api.target.com/login -d "user=test&pass=test"
91
- done
92
-
93
- # Check for excessive data exposure
94
- GET /api/users/me
95
- # Look for: password hashes, internal IDs, sensitive PII
96
-
97
- # Mass assignment
98
- POST /api/users/profile
99
- {"email": "new@email.com", "isAdmin": true}
100
- ```
101
-
102
- ## Network Penetration
103
-
104
- ### Privilege Escalation (Linux)
105
-
106
- ```bash
107
- # SUID binaries
108
- find / -perm -4000 -type f 2>/dev/null
109
-
110
- # Sudo permissions
111
- sudo -l
112
-
113
- # Writable paths in PATH
114
- echo $PATH | tr ':' '\n' | xargs -I {} ls -ld {}
115
-
116
- # Kernel exploits
117
- uname -a
118
- searchsploit linux kernel $(uname -r)
119
- ```
120
-
121
- ### Lateral Movement
122
-
123
- ```bash
124
- # Network enumeration
125
- arp -a
126
- netstat -ant
127
-
128
- # Service discovery
129
- nmap -sV 192.168.1.0/24
130
-
131
- # Credential harvesting
132
- grep -r "password" /home/*/
133
- cat ~/.bash_history | grep -i "pass\|pwd\|secret"
134
- ```
135
-
136
- ## Mobile Application Testing
137
-
138
- ### Android
139
-
140
- ```bash
141
- # Decompile APK
142
- apktool d app.apk
143
- jadx -d output app.apk
144
-
145
- # Check for secrets
146
- grep -r "api_key\|secret\|password" .
147
-
148
- # Insecure storage
149
- adb shell
150
- run-as com.app.package
151
- find . -type f -exec cat {} \;
152
- ```
153
-
154
- ### iOS
155
-
156
- ```bash
157
- # Class dump
158
- class-dump App.app
159
-
160
- # Check data storage
161
- sqlite3 /var/mobile/Applications/.../Library/Caches/data.db
162
- ```
163
-
164
- ## Cloud Security Testing
165
-
166
- ### AWS
167
-
168
- ```bash
169
- # S3 bucket enumeration
170
- aws s3 ls s3://bucket-name --no-sign-request
171
- aws s3api get-bucket-acl --bucket bucket-name
172
-
173
- # IAM enumeration
174
- aws iam get-user
175
- aws iam list-attached-user-policies --user-name username
176
- ```
177
-
178
- ### Container & Kubernetes
179
-
180
- ```bash
181
- # Docker escape testing
182
- docker inspect container_id | grep -i privileged
183
- docker inspect container_id | grep -A 5 Mounts
184
-
185
- # Kubernetes
186
- kubectl get pods --all-namespaces
187
- kubectl get secrets --all-namespaces
188
- kubectl auth can-i --list
189
- ```
190
-
191
- ## Exploitation Validation
192
-
193
- ### Proof of Concept Guidelines
194
-
195
- ```python
196
- # Always demonstrate impact SAFELY
197
-
198
- # SQL injection PoC
199
- # DON'T: Extract actual data
200
- # DO: Prove injection with sleep
201
- payload = "' OR SLEEP(5)--"
202
-
203
- # DON'T: Delete/modify production data
204
- # DO: Show you COULD with SELECT
205
- payload = "' UNION SELECT 'proof_of_concept'--"
206
- ```
207
-
208
- ### Rules of Engagement
209
-
210
- 1. **Scope verification** - Only test authorized targets
211
- 2. **Time windows** - Respect testing hours
212
- 3. **DoS prevention** - Avoid resource exhaustion
213
- 4. **Data handling** - Don't exfiltrate real data
214
- 5. **Stop on discovery** - Don't exploit beyond proof
215
- 6. **Immediate reporting** - Report critical findings ASAP
216
- 7. **Documentation** - Record all actions
217
- 8. **Cleanup** - Remove test artifacts
218
-
219
- ## Vulnerability Classification
220
-
221
- ### Severity Scoring
222
-
223
- | Severity | Exploitability | Impact | CVSS Range |
224
- |----------|---------------|---------|------------|
225
- | Critical | Easy | Full compromise | 9.0-10.0 |
226
- | High | Medium | Significant access | 7.0-8.9 |
227
- | Medium | Hard | Limited access | 4.0-6.9 |
228
- | Low | Very hard | Minimal impact | 0.1-3.9 |
229
-
230
- ### Impact Assessment
231
-
232
- - **Critical**: Remote code execution, full data access, admin takeover
233
- - **High**: Authentication bypass, privilege escalation, sensitive data exposure
234
- - **Medium**: CSRF, XSS (non-admin), information disclosure
235
- - **Low**: Missing security headers, verbose errors, rate limiting issues
236
-
237
- ## Testing Checklist
238
-
239
- ### OWASP Top 10 Coverage
240
-
241
- - [ ] Broken Access Control (IDOR, path traversal)
242
- - [ ] Cryptographic Failures (weak encryption, plaintext)
243
- - [ ] Injection (SQL, XSS, command)
244
- - [ ] Insecure Design (missing auth flows)
245
- - [ ] Security Misconfiguration (defaults, debug mode)
246
- - [ ] Vulnerable Components (outdated dependencies)
247
- - [ ] Authentication Failures (weak passwords, session issues)
248
- - [ ] Data Integrity (deserialization, lack of verification)
249
- - [ ] Logging Failures (missing logs, exposed sensitive data)
250
- - [ ] SSRF (unvalidated URLs)
251
-
252
- ## Quick Reference
253
-
254
- | Test Type | Tools | Focus |
255
- |-----------|-------|-------|
256
- | Web App | Burp Suite, OWASP ZAP | OWASP Top 10 |
257
- | API | Postman, curl | AuthN/AuthZ, data exposure |
258
- | Network | nmap, Metasploit | Services, exploits |
259
- | Mobile | MobSF, Frida | Data storage, crypto |
260
- | Cloud | ScoutSuite, Prowler | Misconfigurations |
261
-
262
- | Finding Type | Validation Method | Evidence Required |
263
- |--------------|------------------|-------------------|
264
- | SQL Injection | Sleep-based, error-based | Request/response, timing |
265
- | XSS | Alert box, DOM manipulation | Screenshot, payload |
266
- | IDOR | Access other user's resource | Two user accounts, IDs |
267
- | Auth Bypass | Unauthorized access | Before/after screenshots |
268
- | RCE | Command output (safe) | Whoami, id command output |