claude-skills-cli 0.0.5 → 0.0.7

package/docs/SKILLS-OPPORTUNITIES.md

@@ -0,0 +1,652 @@
+# Claude Skills: Ecosystem Gaps & Opportunities
+
+Analysis of underserved domains, missing skill types, and strategic
+opportunities for skill development.
+
+## Executive Summary
+
+**Current ecosystem state**: 100+ community skills, strong in project
+management and documentation, weak in testing, security, and
+cross-tool integration.
+
+**Biggest opportunities**:
+
+1. **Testing & Quality Assurance** - Massive gap, high demand
+2. **Security & Compliance** - Critical need, few solutions
+3. **Cross-tool orchestration** - Integration patterns emerging
+4. **Learning & Onboarding** - New users need guidance
+5. **Performance & Optimization** - Growing concern as codebases scale
+
+## Domain Coverage Analysis
+
+### Well-Served Domains (10+ skills each)
+
+| Domain              | Skill Count | Quality | Examples                                             |
+| ------------------- | ----------- | ------- | ---------------------------------------------------- |
+| Documentation       | 15+         | High    | maintain-docs, architecture-documenter, doc-migrator |
+| Project Management  | 12+         | Medium  | work_plan, github-sync, requirements-analyzer        |
+| Skill Creation      | 8+          | High    | skill-creator, skill-builder, writing-skills         |
+| Framework Expertise | 10+         | Varies  | shadcn-expert, google-adk, moai-claude-code          |
+
+### Underserved Domains (<5 skills each)
+
+| Domain       | Current Count | Demand Signal | Priority        |
+| ------------ | ------------- | ------------- | --------------- |
+| Testing/QA   | 2             | Very High     | 🔴 Critical     |
+| Security     | 1             | High          | 🔴 Critical     |
+| Performance  | 1             | High          | 🟡 Important    |
+| DevOps/CI/CD | 3             | High          | 🟡 Important    |
+| Database     | 2             | Medium        | 🟢 Nice to have |
+| API Design   | 1             | Medium        | 🟢 Nice to have |
+
+### Completely Missing Domains
+
+1. **Accessibility** (a11y testing, WCAG compliance)
+2. **Internationalization** (i18n/l10n workflows)
+3. **Mobile Development** (React Native, Flutter, etc.)
+4. **Machine Learning Ops** (model training, deployment)
+5. **Game Development** (Unity, Unreal, Godot)
+6. **Embedded Systems** (Arduino, Raspberry Pi)
+7. **Data Engineering** (ETL, pipelines, orchestration)
+8. **Cloud Infrastructure** (AWS, GCP, Azure patterns)
+
+## High-Impact Skill Opportunities
+
+### 1. Testing & Quality Assurance
+
+**Gap**: Only 2 skills (test-validator,
+testing-skills-with-subagents), huge demand.
+
+#### test-runner
+
+```markdown
+---
+name: test-runner
+description:
+  Smart test execution based on changes. Runs relevant tests, analyzes
+  failures, suggests fixes. Use when running tests or debugging test
+  failures.
+---
+
+# Test Runner
+
+Intelligently runs tests based on file changes, analyzes failures, and
+provides actionable feedback.
+
+## Core Workflow
+
+1. **Detect changes**: Git diff or file paths
+2. **Find relevant tests**: Map changes → test files
+3. **Execute tests**: Framework detection (Jest, pytest, cargo test,
+   etc.)
+4. **Analyze failures**: Parse output, identify patterns
+5. **Suggest fixes**: Based on error messages and code context
+
+## Framework Support
+
+- JavaScript: Jest, Vitest, Mocha, Cypress
+- Python: pytest, unittest
+- Rust: cargo test
+- Go: go test
+- Java: JUnit, TestNG
+
+See
+[references/framework-patterns.md](references/framework-patterns.md)
+for test detection logic.
+```
+
+**Value**: Every project needs this. High reuse potential.
+
+#### coverage-analyzer
+
+```markdown
+---
+name: coverage-analyzer
+description:
+  Analyzes test coverage, identifies untested code paths, generates
+  test stubs. Use when improving test coverage or adding tests for new
+  features.
+---
+```
+
+**Unique angle**: Not just showing coverage %, but generating test
+stubs for uncovered branches.
+
+#### snapshot-manager
+
+```markdown
+---
+name: snapshot-manager
+description:
+  Manages snapshot tests (Jest, Insta), reviews changes, updates
+  safely. Use when snapshot tests fail or need updating.
+---
+```
+
+**Value**: Snapshot tests are common but poorly understood. Skill can
+explain WHY snapshots changed.
+
+### 2. Security & Compliance
+
+**Gap**: Only 1 generic security skill, no specialized tools.
+
+#### dependency-auditor
+
+```markdown
+---
+name: dependency-auditor
+description:
+  Audits dependencies for vulnerabilities, suggests updates, validates
+  licenses. Use when updating dependencies or security review needed.
+---
+
+# Dependency Auditor
+
+Scans dependencies for security issues and license compliance.
+
+## Capabilities
+
+1. **Vulnerability scanning**: npm audit, cargo audit, pip-audit, etc.
+2. **Update recommendations**: Safe upgrade paths with changelog
+   review
+3. **License compliance**: Check for license conflicts
+4. **Supply chain**: Verify package integrity, detect typosquatting
+
+## Detection
+
+Automatically detects:
+
+- package.json + package-lock.json → npm audit
+- Cargo.toml + Cargo.lock → cargo audit
+- requirements.txt / pyproject.toml → pip-audit
+- go.mod → go list -m all + OSV database
+
+See
+[references/vulnerability-databases.md](references/vulnerability-databases.md)
+```
+
+**Differentiator**: Cross-language support, automated remediation
+suggestions.
+
+#### secrets-scanner
+
+```markdown
+---
+name: secrets-scanner
+description:
+  Scans for hardcoded secrets, API keys, credentials. Prevents commits
+  with secrets. Use before commits or when security audit needed.
+---
+```
+
+**Hook integration**: Perfect for PreToolUse/git commit hook.
+
+#### security-reviewer
+
+```markdown
+---
+name: security-reviewer
+description:
+  Reviews code for security issues (injection, XSS, CSRF, auth bugs).
+  Use when reviewing PRs or implementing authentication.
+---
+```
+
+**Value**: Democratizes security expertise. OWASP Top 10 built-in.
+
+### 3. Cross-Tool Orchestration
+
+**Gap**: Tools exist in isolation, no orchestration patterns.
+
+#### git-workflow-manager
+
+```markdown
+---
+name: git-workflow-manager
+description:
+  Manages git workflows (feature branches, PR creation, merge
+  strategies). Enforces commit conventions, generates changelogs. Use
+  for git operations and PR workflows.
+---
+
+# Git Workflow Manager
+
+Orchestrates git operations with best practices built-in.
+
+## Workflows
+
+1. **Feature branch**: Create → commit → push → PR
+2. **Hotfix**: Branch from main → fix → PR with urgency labels
+3. **Release**: Tag → changelog → GitHub release → merge to main
+
+## Conventions
+
+- Commit messages: Conventional Commits (feat, fix, docs, etc.)
+- Branch naming: feature/_, bugfix/_, hotfix/\*
+- PR templates: Auto-generated based on changes
+
+## Integration
+
+Works with:
+
+- GitHub CLI (gh)
+- Changesets
+- Conventional Changelog
+- Semantic Release
+
+See [references/git-patterns.md](references/git-patterns.md)
+```
+
+**Value**: Reduces git workflow cognitive load, enforces consistency.
+
+#### package-manager-smart
+
+```markdown
+---
+name: package-manager-smart
+description:
+  Intelligently manages dependencies across npm, pnpm, yarn, pip,
+  cargo, go modules. Detects package manager, runs correct commands,
+  handles workspaces.
+---
+```
+
+**Unique**: Detects lock files and workspace configs, uses correct
+package manager automatically.
+
+#### ci-cd-helper
+
+```markdown
+---
+name: ci-cd-helper
+description:
+  Creates and maintains CI/CD configs for GitHub Actions, GitLab CI,
+  CircleCI. Adds test runs, linting, deployment. Use when setting up
+  CI/CD or adding workflows.
+---
+```
+
+**Value**: CI/CD is intimidating. This skill makes it accessible.
+
+### 4. Learning & Onboarding
+
+**Gap**: Few skills help users learn Claude Code itself.
+
+#### claude-code-tutor
+
+```markdown
+---
+name: claude-code-tutor
+description:
+  Interactive tutorial for Claude Code features, skills, slash
+  commands, and workflows. Use when learning Claude Code or exploring
+  available features.
+---
+
+# Claude Code Tutor
+
+Helps users discover and learn Claude Code capabilities.
+
+## Topics
+
+1. **Basic workflows**: Reading code, making edits, running tests
+2. **Agent system**: When to use agents, which agent for what
+3. **Skills**: Discovery, creation, management
+4. **Slash commands**: Available commands, when to use them
+5. **MCP integration**: What it is, how to use plugins
+6. **Settings**: Hooks, permissions, customization
+
+## Learning Modes
+
+- **Interactive**: Step-by-step with exercises
+- **Reference**: Quick lookup of features
+- **Examples**: Real-world usage patterns
+
+See [references/feature-catalog.md](references/feature-catalog.md)
+```
+
+**Impact**: Reduces onboarding time from days to hours.
+
+#### skill-discovery-helper
+
+```markdown
+---
+name: skill-discovery-helper
+description:
+  Helps find relevant skills for tasks. Searches personal and project
+  skills, suggests installations. Use when looking for skills or
+  exploring capabilities.
+---
+```
+
+**Value**: Discoverability is currently terrible. This fixes it.
+
+#### best-practices-advisor
+
+```markdown
+---
+name: best-practices-advisor
+description:
+  Suggests language and framework best practices for current context.
+  Use when starting new files, refactoring, or learning new
+  frameworks.
+---
+```
+
+**Unique**: Context-aware suggestions based on file type and detected
+frameworks.
+
+### 5. Performance & Optimization
+
+**Gap**: Growing concern, almost no skills addressing it.
+
+#### performance-profiler
+
+```markdown
+---
+name: performance-profiler
+description:
+  Profiles code performance, identifies bottlenecks, suggests
+  optimizations. Supports Python, Node.js, Rust, Go. Use when
+  investigating performance issues.
+---
+
+# Performance Profiler
+
+Measures and analyzes code performance across languages.
+
+## Capabilities
+
+1. **Profiling**: Run profilers (py-spy, clinic, perf, etc.)
+2. **Analysis**: Identify hot paths, memory leaks, I/O bottlenecks
+3. **Suggestions**: Concrete optimization recommendations
+4. **Benchmarking**: Before/after comparisons
+
+## Language Support
+
+- **Python**: cProfile, py-spy, memory_profiler
+- **Node.js**: clinic, 0x, node --prof
+- **Rust**: cargo flamegraph, perf
+- **Go**: pprof
+
+See [references/profiling-tools.md](references/profiling-tools.md)
+```
+
+**Value**: Performance optimization requires expertise. This
+democratizes it.
+
+#### bundle-analyzer
+
+```markdown
+---
+name: bundle-analyzer
+description:
+  Analyzes JS/TS bundle sizes, identifies bloat, suggests tree-shaking
+  and code-splitting opportunities. Use for frontend performance
+  optimization.
+---
+```
+
+**Target**: Frontend developers struggling with bundle size.
+
+#### database-optimizer
+
+```markdown
+---
+name: database-optimizer
+description:
+  Analyzes SQL queries, suggests indexes, identifies N+1 problems,
+  recommends query optimizations. Use when experiencing database
+  performance issues.
+---
+```
+
+**Value**: Most developers aren't DB experts. This skill helps.
+
+## Bundled Skills Recommendations
+
+For `claude-skills-cli`, consider bundling these high-utility,
+general-purpose skills:
+
+### Core Bundle (Should ship with CLI)
+
+1. **skill-creator** ✅ Already included
+2. **skill-validator** - Automated quality checking
+3. **skill-tester** - Subagent-based behavioral testing
+4. **skill-discovery** - Find and install skills from community
+
+### Extended Bundle (Optional install)
+
+5. **test-runner** - Universal test execution
+6. **git-workflow-manager** - Git best practices
+7. **dependency-auditor** - Security scanning
+8. **claude-code-tutor** - Learn Claude Code features
+
+### Rationale
+
+- **Core bundle**: Essential for skill development lifecycle
+- **Extended bundle**: High-utility, frequently needed across projects
+- **Size**: Core ~20KB, Extended ~100KB (reasonable)
+
+## Strategic Opportunities
+
+### 1. Skills Marketplace
+
+**Problem**: No central discovery mechanism for community skills.
+
+**Solution**: Create skills registry with:
+
+- Search/filter by domain, language, framework
+- Quality ratings based on validation metrics
+- Usage statistics (if opted-in)
+- One-click installation via CLI
+
+**Implementation**:
+
+```bash
+claude-skills-cli search "testing"
+claude-skills-cli install test-runner
+claude-skills-cli browse --domain security
+```
+
+### 2. Skill Testing Framework
+
+**Problem**: No standard way to validate skill effectiveness.
+
+**Solution**: Provide subagent testing harness:
+
+```bash
+claude-skills-cli test my-skill --scenarios test_cases.json
+```
+
+**Test format**:
+
+```json
+{
+	"scenarios": [
+		{
+			"name": "Feature implementation happy path",
+			"input": "Add a login button to the homepage",
+			"expectedBehavior": [
+				"Creates component file",
+				"Adds tests",
+				"Updates imports"
+			],
+			"pressure": ["time constraint", "unclear state management"]
+		}
+	]
+}
+```
+
+### 3. Hook Library
+
+**Problem**: Hook integration is underutilized due to lack of
+examples.
+
+**Solution**: Provide hook templates and common patterns:
+
+```bash
+claude-skills-cli add-hook --template pre-commit-checks
+claude-skills-cli add-hook --template post-edit-validation
+claude-skills-cli add-hook --template resource-tracking
+```
+
+### 4. Skill Analytics
+
+**Problem**: No visibility into skill effectiveness or usage.
+
+**Solution**: Optional analytics collection:
+
+- Which skills are triggered most often
+- Average tokens per skill trigger
+- User satisfaction (thumbs up/down)
+- A/B testing different skill versions
+
+**Privacy**: Opt-in, local-first, aggregated only.
+
+### 5. AI-Assisted Skill Improvement
+
+**Problem**: Skills become stale or drift from best practices.
+
+**Solution**: Automated skill maintenance:
+
+```bash
+claude-skills-cli audit my-skill --suggest-improvements
+```
+
+**Suggestions**:
+
+- "Description could include trigger keywords: testing, coverage, QA"
+- "SKILL.md is 243 lines, consider moving examples to references/"
+- "Script missing error handling for missing dependencies"
+- "Similar to community skill 'test-runner' - consider alignment"
+
+## Market Segmentation
+
+### Skill Types by User Persona
+
+#### 1. Solo Developer
+
+**Needs**: Productivity, learning, code quality **High-value skills**:
+
+- test-runner
+- git-workflow-manager
+- claude-code-tutor
+- best-practices-advisor
+
+#### 2. Team Lead
+
+**Needs**: Consistency, review efficiency, knowledge sharing
+**High-value skills**:
+
+- code-reviewer
+- documentation-generator
+- best-practices-enforcer
+- onboarding-helper
+
+#### 3. DevOps/SRE
+
+**Needs**: Automation, reliability, security **High-value skills**:
+
+- ci-cd-helper
+- dependency-auditor
+- performance-profiler
+- infrastructure-as-code-helper
+
+#### 4. Security Professional
+
+**Needs**: Vulnerability detection, compliance, incident response
+**High-value skills**:
+
+- secrets-scanner
+- security-reviewer
+- dependency-auditor
+- compliance-checker
+
+#### 5. Open Source Maintainer
+
+**Needs**: Issue triage, PR review, community management **High-value
+skills**:
+
+- issue-triager
+- pr-reviewer
+- changelog-generator
+- contributor-onboarding
+
+## Competitive Landscape
+
+### Claude Code vs Other Tools
+
+| Capability             | Claude Code Skills | Cursor Rules    | Copilot Workspace |
+| ---------------------- | ------------------ | --------------- | ----------------- |
+| Progressive Disclosure | ✅ Excellent       | ❌ Flat context | ❌ Flat context   |
+| Executable Scripts     | ✅ Yes             | ❌ No           | ⚠️ Limited        |
+| Hook Integration       | ✅ Yes             | ❌ No           | ❌ No             |
+| Community Sharing      | ⚠️ Emerging        | ⚠️ Emerging     | ❌ No             |
+| Testing Framework      | ❌ None            | ❌ None         | ❌ None           |
+
+**Differentiation opportunity**: Skills testing framework would be
+first-of-its-kind.
+
+## Prioritization Matrix
+
+| Opportunity               | Impact | Effort | Priority |
+| ------------------------- | ------ | ------ | -------- |
+| Test-runner skill         | High   | Medium | 🔴 P0    |
+| Skills marketplace        | High   | High   | 🔴 P0    |
+| Skill testing framework   | High   | High   | 🔴 P0    |
+| Security skills (3 types) | High   | Medium | 🟡 P1    |
+| Git workflow manager      | Medium | Low    | 🟡 P1    |
+| Hook library              | Medium | Low    | 🟡 P1    |
+| Performance profiler      | Medium | High   | 🟢 P2    |
+| Claude Code tutor         | Medium | Medium | 🟢 P2    |
+| Skill analytics           | Low    | High   | ⚪ P3    |
+
+## Action Items
+
+### For claude-skills-cli
+
+1. **Immediate (v0.1.0)**:
+   - Bundle skill-validator and skill-tester
+   - Add `test` command with subagent harness
+   - Create hook template generator
+
+2. **Near-term (v0.2.0)**:
+   - Implement `search` and `install` commands
+   - Create skills registry format
+   - Build 5 high-priority skills (test-runner, dependency-auditor,
+     etc.)
+
+3. **Medium-term (v0.3.0)**:
+   - Skills marketplace integration
+   - Analytics collection (opt-in)
+   - AI-assisted skill improvement
+
+### For Community
+
+1. Contribute skills in underserved domains (testing, security)
+2. Share hook integration patterns
+3. Participate in skills registry curation
+4. Report skill effectiveness metrics
+
+## Conclusion
+
+The Claude Skills ecosystem is early-stage with massive growth
+potential. Key opportunities:
+
+1. **Testing & QA** - Build comprehensive test-runner and coverage
+   tools
+2. **Security** - Create defensive security skill suite
+3. **Discovery** - Solve the discoverability problem with marketplace
+4. **Validation** - Establish behavioral testing as standard practice
+5. **Bundling** - Ship high-utility skills with CLI for immediate
+   value
+
+Your `claude-skills-cli` is perfectly positioned to:
+
+- Lead quality standards via validation
+- Enable behavioral testing via test framework
+- Improve discoverability via search/install
+- Accelerate adoption by bundling essential skills
+
+Next steps: See `CLI-IMPROVEMENTS.md` for implementation details.

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "claude-skills-cli",
-  "version": "0.0.5",
+  "version": "0.0.7",
   "description": "CLI toolkit for creating and managing Claude Agent Skills",
   "type": "module",
   "main": "./dist/index.js",
   "bin": {
-    "claude-skills": "./dist/index.js"
+    "claude-skills-cli": "./dist/index.js"
   },
   "files": [
     "dist",
@@ -39,14 +39,14 @@
   },
   "devDependencies": {
     "@changesets/cli": "^2.29.7",
-    "@types/node": "^24.8.1",
+    "@types/node": "^24.9.0",
     "@types/archiver": "^6.0.3",
     "prettier": "^3.6.2",
     "typescript": "^5.9.3"
   },
   "scripts": {
     "build": "tsc",
-    "postbuild": "mkdir -p dist/skills && cp -r .claude/skills/skill-creator dist/skills/skill-creator",
+    "postbuild": "rm -rf dist/skills && cp -r .claude/skills dist/skills",
     "dev": "tsc --watch",
     "start": "node ./dist/index.js",
     "format": "prettier --write .",