natureco-cli 5.18.3 → 5.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (346) hide show
  1. package/CHANGELOG.md +32 -0
  2. package/package.json +1 -1
  3. package/skills/a-b-testing/SKILL.md +34 -0
  4. package/skills/accessibility-audit/SKILL.md +34 -0
  5. package/skills/agent-memory/SKILL.md +34 -0
  6. package/skills/agent-orchestration/SKILL.md +34 -0
  7. package/skills/airunway-aks-setup/SKILL.md +73 -0
  8. package/skills/algorithmic-art/SKILL.md +405 -0
  9. package/skills/analytics-setup/SKILL.md +34 -0
  10. package/skills/api-design/SKILL.md +34 -0
  11. package/skills/api-versioning/SKILL.md +34 -0
  12. package/skills/appinsights-instrumentation/SKILL.md +76 -0
  13. package/skills/audio-transcription/SKILL.md +34 -0
  14. package/skills/authentication-patterns/SKILL.md +34 -0
  15. package/skills/authorization-rbac/SKILL.md +34 -0
  16. package/skills/azure-ai/SKILL.md +71 -0
  17. package/skills/azure-aigateway/SKILL.md +129 -0
  18. package/skills/azure-cloud-migrate/SKILL.md +52 -0
  19. package/skills/azure-compliance/SKILL.md +108 -0
  20. package/skills/azure-compute/SKILL.md +46 -0
  21. package/skills/azure-cost/SKILL.md +45 -0
  22. package/skills/azure-deploy/SKILL.md +97 -0
  23. package/skills/azure-diagnostics/SKILL.md +151 -0
  24. package/skills/azure-enterprise-infra-planner/SKILL.md +54 -0
  25. package/skills/azure-hosted-copilot-sdk/SKILL.md +89 -0
  26. package/skills/azure-kubernetes/SKILL.md +153 -0
  27. package/skills/azure-kusto/SKILL.md +231 -0
  28. package/skills/azure-messaging/SKILL.md +57 -0
  29. package/skills/azure-prepare/SKILL.md +165 -0
  30. package/skills/azure-quotas/SKILL.md +276 -0
  31. package/skills/azure-rbac/SKILL.md +17 -0
  32. package/skills/azure-reliability/SKILL.md +387 -0
  33. package/skills/azure-resource-lookup/SKILL.md +108 -0
  34. package/skills/azure-resource-visualizer/SKILL.md +183 -0
  35. package/skills/azure-storage/SKILL.md +100 -0
  36. package/skills/azure-upgrade/SKILL.md +91 -0
  37. package/skills/azure-validate/SKILL.md +72 -0
  38. package/skills/backup-strategy/SKILL.md +34 -0
  39. package/skills/bash-scripting/SKILL.md +34 -0
  40. package/skills/batch-api-calls/SKILL.md +34 -0
  41. package/skills/batch-processing/SKILL.md +34 -0
  42. package/skills/brainstorming/SKILL.md +159 -0
  43. package/skills/brand-guidelines/SKILL.md +73 -0
  44. package/skills/brandkit/SKILL.md +798 -0
  45. package/skills/brutalist-skill/SKILL.md +92 -0
  46. package/skills/bulk-file-operations/SKILL.md +34 -0
  47. package/skills/cache-responses/SKILL.md +34 -0
  48. package/skills/caching-strategy/SKILL.md +34 -0
  49. package/skills/calendar-optimization/SKILL.md +34 -0
  50. package/skills/canvas-design/SKILL.md +130 -0
  51. package/skills/cavecrew/SKILL.md +82 -0
  52. package/skills/caveman-commit/SKILL.md +65 -0
  53. package/skills/caveman-help/SKILL.md +63 -0
  54. package/skills/caveman-review/SKILL.md +55 -0
  55. package/skills/caveman-stats/SKILL.md +10 -0
  56. package/skills/changelog-generation/SKILL.md +34 -0
  57. package/skills/chat-bot-design/SKILL.md +34 -0
  58. package/skills/chunking-strategy/SKILL.md +34 -0
  59. package/skills/ci-cd-pipeline/SKILL.md +34 -0
  60. package/skills/classification-pipeline/SKILL.md +34 -0
  61. package/skills/claude-api/SKILL.md +356 -0
  62. package/skills/clipboard-master/SKILL.md +34 -0
  63. package/skills/code-explanation/SKILL.md +34 -0
  64. package/skills/code-generation/SKILL.md +34 -0
  65. package/skills/code-migration/SKILL.md +34 -0
  66. package/skills/code-review-checklist/SKILL.md +34 -0
  67. package/skills/composition-patterns/SKILL.md +89 -0
  68. package/skills/contact-management/SKILL.md +34 -0
  69. package/skills/content-generation/SKILL.md +34 -0
  70. package/skills/context-pruning/SKILL.md +34 -0
  71. package/skills/context-window-management/SKILL.md +34 -0
  72. package/skills/continuous-improvement/SKILL.md +34 -0
  73. package/skills/cron-scheduling/SKILL.md +34 -0
  74. package/skills/cross-platform-compat/SKILL.md +34 -0
  75. package/skills/csv-processing/SKILL.md +34 -0
  76. package/skills/daily-journal/SKILL.md +34 -0
  77. package/skills/data-analysis/SKILL.md +34 -0
  78. package/skills/data-backup/SKILL.md +34 -0
  79. package/skills/data-cleaning/SKILL.md +34 -0
  80. package/skills/data-extraction/SKILL.md +34 -0
  81. package/skills/data-validation/SKILL.md +34 -0
  82. package/skills/database-migrations/SKILL.md +34 -0
  83. package/skills/database-schema-design/SKILL.md +34 -0
  84. package/skills/decision-mapping/SKILL.md +84 -0
  85. package/skills/decision-matrix/SKILL.md +34 -0
  86. package/skills/dependency-management/SKILL.md +34 -0
  87. package/skills/deploy-to-vercel/SKILL.md +296 -0
  88. package/skills/design-an-interface/SKILL.md +94 -0
  89. package/skills/design-doc-mermaid/SKILL.md +498 -0
  90. package/skills/dev-environment-setup/SKILL.md +34 -0
  91. package/skills/develop-userscripts/SKILL.md +84 -0
  92. package/skills/distraction-blocker/SKILL.md +34 -0
  93. package/skills/doc-coauthoring/SKILL.md +375 -0
  94. package/skills/docker-optimization/SKILL.md +34 -0
  95. package/skills/document-template/SKILL.md +34 -0
  96. package/skills/documentation/SKILL.md +109 -0
  97. package/skills/documentation-gen/SKILL.md +34 -0
  98. package/skills/docx/SKILL.md +590 -0
  99. package/skills/edit-article/SKILL.md +15 -0
  100. package/skills/efficient-formatting/SKILL.md +34 -0
  101. package/skills/email-management/SKILL.md +34 -0
  102. package/skills/email-service/SKILL.md +34 -0
  103. package/skills/embedding-generation/SKILL.md +34 -0
  104. package/skills/entity-extraction/SKILL.md +34 -0
  105. package/skills/entra-agent-id/SKILL.md +356 -0
  106. package/skills/entra-app-registration/SKILL.md +191 -0
  107. package/skills/environment-config/SKILL.md +34 -0
  108. package/skills/error-handling/SKILL.md +34 -0
  109. package/skills/estimation-techniques/SKILL.md +34 -0
  110. package/skills/event-driven-architecture/SKILL.md +34 -0
  111. package/skills/excel-automation/SKILL.md +34 -0
  112. package/skills/execution-monitoring/SKILL.md +34 -0
  113. package/skills/expense-tracking/SKILL.md +34 -0
  114. package/skills/faceless-explainer/SKILL.md +202 -0
  115. package/skills/fastify/SKILL.md +75 -0
  116. package/skills/feature-engineering/SKILL.md +34 -0
  117. package/skills/feature-flags/SKILL.md +34 -0
  118. package/skills/file-conversion/SKILL.md +34 -0
  119. package/skills/file-upload-handling/SKILL.md +34 -0
  120. package/skills/fine-tuning-prep/SKILL.md +34 -0
  121. package/skills/focus-mode/SKILL.md +34 -0
  122. package/skills/form-validation/SKILL.md +34 -0
  123. package/skills/function-calling/SKILL.md +34 -0
  124. package/skills/general-video/SKILL.md +143 -0
  125. package/skills/git-guardrails-claude-code/SKILL.md +95 -0
  126. package/skills/git-workflow/SKILL.md +34 -0
  127. package/skills/github-actions-docs/SKILL.md +98 -0
  128. package/skills/goal-setting/SKILL.md +34 -0
  129. package/skills/gpt-tasteskill/SKILL.md +74 -0
  130. package/skills/graphql-design/SKILL.md +34 -0
  131. package/skills/grill-me/SKILL.md +7 -0
  132. package/skills/grilling/SKILL.md +10 -0
  133. package/skills/habit-tracker/SKILL.md +34 -0
  134. package/skills/hallucination-detection/SKILL.md +34 -0
  135. package/skills/handoff/SKILL.md +16 -0
  136. package/skills/hyperframes/SKILL.md +152 -0
  137. package/skills/hyperframes-animation/SKILL.md +82 -0
  138. package/skills/hyperframes-cli/SKILL.md +109 -0
  139. package/skills/hyperframes-core/SKILL.md +78 -0
  140. package/skills/hyperframes-creative/SKILL.md +68 -0
  141. package/skills/hyperframes-media/SKILL.md +97 -0
  142. package/skills/image-processing/SKILL.md +34 -0
  143. package/skills/image-to-code-skill/SKILL.md +1228 -0
  144. package/skills/imagegen-frontend-mobile/SKILL.md +1465 -0
  145. package/skills/imagegen-frontend-web/SKILL.md +987 -0
  146. package/skills/implement/SKILL.md +15 -0
  147. package/skills/init/SKILL.md +91 -0
  148. package/skills/internal-comms/SKILL.md +32 -0
  149. package/skills/json-transformation/SKILL.md +34 -0
  150. package/skills/keyboard-shortcuts/SKILL.md +34 -0
  151. package/skills/knowledge-base/SKILL.md +34 -0
  152. package/skills/knowledge-graph/SKILL.md +34 -0
  153. package/skills/kubernetes-deployment/SKILL.md +34 -0
  154. package/skills/language-translation/SKILL.md +34 -0
  155. package/skills/lark-approval/SKILL.md +56 -0
  156. package/skills/lark-base/SKILL.md +157 -0
  157. package/skills/lark-doc/SKILL.md +81 -0
  158. package/skills/lark-shared/SKILL.md +168 -0
  159. package/skills/lark-workflow-meeting-summary/SKILL.md +122 -0
  160. package/skills/linting-neostandard-eslint9/SKILL.md +64 -0
  161. package/skills/llm-chaining/SKILL.md +34 -0
  162. package/skills/localization-i18n/SKILL.md +34 -0
  163. package/skills/logging-best-practices/SKILL.md +34 -0
  164. package/skills/loop-me/SKILL.md +32 -0
  165. package/skills/machine-learning-pipeline/SKILL.md +34 -0
  166. package/skills/meeting-notes/SKILL.md +34 -0
  167. package/skills/meeting-scheduler/SKILL.md +34 -0
  168. package/skills/message-queues/SKILL.md +34 -0
  169. package/skills/message-summarization/SKILL.md +34 -0
  170. package/skills/microservices-architecture/SKILL.md +34 -0
  171. package/skills/microsoft-foundry/SKILL.md +262 -0
  172. package/skills/migrate-to-shoehorn/SKILL.md +118 -0
  173. package/skills/milestone-tracking/SKILL.md +34 -0
  174. package/skills/minimalist-skill/SKILL.md +85 -0
  175. package/skills/model-deployment/SKILL.md +34 -0
  176. package/skills/model-evaluation/SKILL.md +34 -0
  177. package/skills/monitoring-setup/SKILL.md +34 -0
  178. package/skills/monorepo-setup/SKILL.md +34 -0
  179. package/skills/motion-graphics/SKILL.md +170 -0
  180. package/skills/multi-agent-systems/SKILL.md +34 -0
  181. package/skills/music-to-video/SKILL.md +197 -0
  182. package/skills/network-troubleshooting/SKILL.md +34 -0
  183. package/skills/node/SKILL.md +94 -0
  184. package/skills/nodejs-core/SKILL.md +156 -0
  185. package/skills/note-organization/SKILL.md +34 -0
  186. package/skills/oauth/SKILL.md +186 -0
  187. package/skills/obsidian-vault/SKILL.md +59 -0
  188. package/skills/octocat/SKILL.md +93 -0
  189. package/skills/openclaw-secure-linux-cloud/SKILL.md +157 -0
  190. package/skills/opensource-guide-coach/SKILL.md +218 -0
  191. package/skills/output-skill/SKILL.md +49 -0
  192. package/skills/package-publishing/SKILL.md +34 -0
  193. package/skills/password-generator/SKILL.md +34 -0
  194. package/skills/pdf/SKILL.md +314 -0
  195. package/skills/pdf-processing/SKILL.md +34 -0
  196. package/skills/performance-optimization/SKILL.md +34 -0
  197. package/skills/pomodoro-timer/SKILL.md +34 -0
  198. package/skills/powershell-automation/SKILL.md +34 -0
  199. package/skills/pptx/SKILL.md +232 -0
  200. package/skills/pr-to-video/SKILL.md +235 -0
  201. package/skills/priority-filtering/SKILL.md +34 -0
  202. package/skills/product-launch-video/SKILL.md +205 -0
  203. package/skills/project-tracking/SKILL.md +34 -0
  204. package/skills/prompt-compression/SKILL.md +34 -0
  205. package/skills/prompt-engineering/SKILL.md +34 -0
  206. package/skills/push-notifications/SKILL.md +34 -0
  207. package/skills/python-appservice-deploy/SKILL.md +36 -0
  208. package/skills/qa/SKILL.md +130 -0
  209. package/skills/rag-implementation/SKILL.md +34 -0
  210. package/skills/rate-limiting/SKILL.md +34 -0
  211. package/skills/react-best-practices/SKILL.md +149 -0
  212. package/skills/react-native-skills/SKILL.md +121 -0
  213. package/skills/react-view-transitions/SKILL.md +320 -0
  214. package/skills/readme-i18n/SKILL.md +176 -0
  215. package/skills/real-time-communication/SKILL.md +34 -0
  216. package/skills/redesign-skill/SKILL.md +178 -0
  217. package/skills/refactoring-strategy/SKILL.md +34 -0
  218. package/skills/regex-mastery/SKILL.md +34 -0
  219. package/skills/remotion/SKILL.md +364 -0
  220. package/skills/report-generation/SKILL.md +34 -0
  221. package/skills/request-refactor-plan/SKILL.md +68 -0
  222. package/skills/research-compiler/SKILL.md +34 -0
  223. package/skills/resolving-merge-conflicts/SKILL.md +14 -0
  224. package/skills/responsive-design/SKILL.md +34 -0
  225. package/skills/rest-api-patterns/SKILL.md +34 -0
  226. package/skills/retrospectives/SKILL.md +34 -0
  227. package/skills/risk-assessment/SKILL.md +34 -0
  228. package/skills/roadmap-creation/SKILL.md +34 -0
  229. package/skills/running-claude-code-via-litellm-copilot/SKILL.md +263 -0
  230. package/skills/scaffold-exercises/SKILL.md +106 -0
  231. package/skills/search-implementation/SKILL.md +34 -0
  232. package/skills/secrets-management/SKILL.md +34 -0
  233. package/skills/secure-linux-web-hosting/SKILL.md +162 -0
  234. package/skills/security-audit/SKILL.md +34 -0
  235. package/skills/selective-memory/SKILL.md +34 -0
  236. package/skills/semantic-search/SKILL.md +34 -0
  237. package/skills/semantic-versioning/SKILL.md +34 -0
  238. package/skills/sentiment-analysis/SKILL.md +34 -0
  239. package/skills/seo-optimization/SKILL.md +34 -0
  240. package/skills/setup-pre-commit/SKILL.md +91 -0
  241. package/skills/shadcn/SKILL.md +267 -0
  242. package/skills/simple/SKILL.md +52 -0
  243. package/skills/skill-creator/SKILL.md +485 -0
  244. package/skills/skill-optimizer/SKILL.md +47 -0
  245. package/skills/skills-cli/SKILL.md +281 -0
  246. package/skills/slack-gif-creator/SKILL.md +254 -0
  247. package/skills/snipgrapher/SKILL.md +58 -0
  248. package/skills/snippet-manager/SKILL.md +34 -0
  249. package/skills/soft-skill/SKILL.md +98 -0
  250. package/skills/sprint-planning/SKILL.md +34 -0
  251. package/skills/sql-query-optimization/SKILL.md +34 -0
  252. package/skills/stakeholder-communication/SKILL.md +34 -0
  253. package/skills/state-management/SKILL.md +34 -0
  254. package/skills/statistical-analysis/SKILL.md +34 -0
  255. package/skills/stitch-skill/SKILL.md +184 -0
  256. package/skills/streaming-responses/SKILL.md +34 -0
  257. package/skills/structured-output/SKILL.md +34 -0
  258. package/skills/summarization-techniques/SKILL.md +34 -0
  259. package/skills/supabase/SKILL.md +135 -0
  260. package/skills/supabase-postgres-best-practices/SKILL.md +64 -0
  261. package/skills/system-diagnostics/SKILL.md +34 -0
  262. package/skills/systematic-debugging/SKILL.md +296 -0
  263. package/skills/talking-head-recut/SKILL.md +1191 -0
  264. package/skills/task-decomposition/SKILL.md +34 -0
  265. package/skills/task-prioritization/SKILL.md +34 -0
  266. package/skills/taste-skill/SKILL.md +1206 -0
  267. package/skills/taste-skill-v1/SKILL.md +226 -0
  268. package/skills/tdd/SKILL.md +108 -0
  269. package/skills/teach/SKILL.md +140 -0
  270. package/skills/template-library/SKILL.md +34 -0
  271. package/skills/test-driven-development/SKILL.md +371 -0
  272. package/skills/test-generation/SKILL.md +34 -0
  273. package/skills/testing-strategy/SKILL.md +34 -0
  274. package/skills/text-expansion/SKILL.md +34 -0
  275. package/skills/theme-factory/SKILL.md +59 -0
  276. package/skills/time-blocking/SKILL.md +34 -0
  277. package/skills/to-prd/SKILL.md +75 -0
  278. package/skills/token-budgeting/SKILL.md +34 -0
  279. package/skills/token-optimization/SKILL.md +34 -0
  280. package/skills/tool-calling-patterns/SKILL.md +34 -0
  281. package/skills/typescript-magician/SKILL.md +117 -0
  282. package/skills/tzst/SKILL.md +68 -0
  283. package/skills/ubiquitous-language/SKILL.md +93 -0
  284. package/skills/use-my-browser/SKILL.md +110 -0
  285. package/skills/using-superpowers/SKILL.md +121 -0
  286. package/skills/vector-database-setup/SKILL.md +34 -0
  287. package/skills/vercel-cli-with-tokens/SKILL.md +353 -0
  288. package/skills/vercel-optimize/SKILL.md +322 -0
  289. package/skills/video-editing/SKILL.md +34 -0
  290. package/skills/viral-instagram-reels/SKILL.md +180 -0
  291. package/skills/viral-short-form/SKILL.md +147 -0
  292. package/skills/viral-short-form-ideas/SKILL.md +184 -0
  293. package/skills/viral-tiktok-content/SKILL.md +180 -0
  294. package/skills/visualization-creation/SKILL.md +34 -0
  295. package/skills/web-artifacts-builder/SKILL.md +74 -0
  296. package/skills/web-design-guidelines/SKILL.md +39 -0
  297. package/skills/web-scraping/SKILL.md +34 -0
  298. package/skills/webapp-testing/SKILL.md +96 -0
  299. package/skills/webhook-handling/SKILL.md +34 -0
  300. package/skills/website-to-video/SKILL.md +145 -0
  301. package/skills/weekly-review/SKILL.md +34 -0
  302. package/skills/workflow-automation/SKILL.md +34 -0
  303. package/skills/writing-beats/SKILL.md +67 -0
  304. package/skills/writing-fragments/SKILL.md +79 -0
  305. package/skills/writing-great-skills/SKILL.md +82 -0
  306. package/skills/writing-guidelines/SKILL.md +39 -0
  307. package/skills/writing-plans/SKILL.md +174 -0
  308. package/skills/writing-shape/SKILL.md +79 -0
  309. package/skills/xdrop/SKILL.md +78 -0
  310. package/skills/xget/SKILL.md +87 -0
  311. package/skills/xlsx/SKILL.md +292 -0
  312. package/src/commands/code_v5.js +377 -73
  313. package/src/commands/repl.js +505 -86
  314. package/src/providers/model/anthropic.js +84 -0
  315. package/src/providers/model/gemini.js +49 -0
  316. package/src/providers/model/minimax.js +48 -0
  317. package/src/providers/model/ollama.js +42 -0
  318. package/src/providers/model/openai.js +49 -0
  319. package/src/providers/search/duckduckgo.js +45 -0
  320. package/src/providers/search/exa.js +52 -0
  321. package/src/providers/search/searxng.js +51 -0
  322. package/src/providers/search/tavily.js +47 -0
  323. package/src/tools/model_provider.js +71 -0
  324. package/src/tools/parallel_search.js +40 -49
  325. package/src/tools/search_provider.js +79 -0
  326. package/src/tools/skills_download.js +217 -0
  327. package/src/tools/web_search.js +42 -62
  328. package/src/tools/workflow.js +21 -9
  329. package/src/utils/cron.js +82 -126
  330. package/src/utils/effort-levels.js +42 -0
  331. package/src/utils/fallback-chain.js +72 -0
  332. package/src/utils/file-history.js +78 -0
  333. package/src/utils/model-provider.js +113 -0
  334. package/src/utils/permissions.js +147 -0
  335. package/src/utils/plan-mode.js +164 -0
  336. package/src/utils/provider-detect.js +7 -32
  337. package/src/utils/sandbox.js +60 -0
  338. package/src/utils/search-provider.js +62 -0
  339. package/src/utils/session-search.js +66 -0
  340. package/src/utils/structured-output.js +20 -0
  341. package/src/utils/system-prompt.js +28 -2
  342. package/src/utils/tasks.js +132 -0
  343. package/src/utils/tool-hooks.js +154 -0
  344. package/src/utils/tools.js +18 -2
  345. package/src/utils/ultra-review.js +59 -0
  346. package/src/utils/worktree.js +192 -0
@@ -0,0 +1,135 @@
1
+ ---
2
+ name: supabase
3
+ description: "Use when doing ANY task involving Supabase. Triggers: Supabase products (Database, Auth, Edge Functions, Realtime, Storage, Vectors, Cron, Queues); client libraries and SSR integrations (supabase-js, @supabase/ssr) in Next.js, React, SvelteKit, Astro, Remix; auth issues (login, logout, sessions, JWT, cookies, getSession, getUser, getClaims, RLS); Supabase CLI or MCP server; schema changes, migrations, security audits, Postgres extensions (pg_graphql, pg_cron, pg_vector)."
4
+ metadata:
5
+ author: supabase
6
+ version: "0.1.2"
7
+ ---
8
+
9
+ # Supabase
10
+
11
+ ## Core Principles
12
+
13
+ **1. Supabase changes frequently — verify against changelog and current docs before implementing.**
14
+ Do not rely on training data for Supabase features. Function signatures, config.toml settings, and API conventions change between versions.
15
+
16
+ First, fetch `https://supabase.com/changelog.md` (a lightweight summary index — not a heavy pull), scan for `breaking-change` tags relevant to your task, and follow the linked page for any that apply. Then look up the relevant topic using the documentation access methods below.
17
+
18
+ **2. Verify your work.**
19
+ After implementing any fix, run a test query to confirm the change works. A fix without verification is incomplete.
20
+
21
+ **3. Recover from errors, don't loop.**
22
+ If an approach fails after 2-3 attempts, stop and reconsider. Try a different method, check documentation, inspect the error more carefully, and review relevant logs when available. Supabase issues are not always solved by retrying the same command, and the answer is not always in the logs, but logs are often worth checking before proceeding.
23
+
24
+ **4. Exposing tables to the Data API:** Depending on the user's [Data API settings](https://supabase.com/dashboard/project/<ref>/integrations/data_api/settings), newly created tables may not be automatically exposed via the Data (REST) API. If this is the case, `anon` and `authenticated` roles will need to be explicitly granted access.
25
+
26
+ > Note that this is separate from RLS, which controls which _rows_ are visible once a table is accessible, not whether the table is accessible at all.
27
+
28
+ When a user reports a SQL-created table is unexpectedly inaccessible, check their Data API settings and whether the roles have been granted access via explicit `GRANT` SQL. When granting public (`anon`/`authenticated`) access, always enable RLS too. See [Exposing a Table to the Data API](https://supabase.com/docs/guides/api/securing-your-api.md) for the full setup workflow.
29
+
30
+ **5. RLS in exposed schemas.**
31
+ Enable RLS on every table in any exposed schema, which includes `public` by default. This is critical in Supabase because tables in exposed schemas can be reachable through the Data API when the `anon`/`authenticated` roles have access (see [Exposing a Table to the Data API](https://supabase.com/docs/guides/api/securing-your-api.md)). For private schemas, prefer RLS as defense in depth. After enabling RLS, create policies that match the actual access model rather than defaulting every table to the same `auth.uid()` pattern.
32
+
33
+ **6. Security checklist.**
34
+ When working on any Supabase task that touches auth, RLS, views, storage, or user data, run through this checklist. These are Supabase-specific security traps that silently create vulnerabilities:
35
+
36
+ - **Auth and session security**
37
+ - **Never use `user_metadata` claims in JWT-based authorization decisions.** In Supabase, `raw_user_meta_data` is user-editable and can appear in `auth.jwt()`, so it is unsafe for RLS policies or any other authorization logic. Store authorization data in `raw_app_meta_data` / `app_metadata` instead.
38
+ - **Deleting a user does not invalidate existing access tokens.** Sign out or revoke sessions first, keep JWT expiry short for sensitive apps, and for strict guarantees validate `session_id` against `auth.sessions` on sensitive operations.
39
+ - **If you use `app_metadata` or `auth.jwt()` for authorization, remember JWT claims are not always fresh until the user's token is refreshed.**
40
+
41
+ - **API key and client exposure**
42
+ - **Never expose the `service_role` or secret key in public clients.** Prefer publishable keys for frontend code. Legacy `anon` keys are only for compatibility. In Next.js, any `NEXT_PUBLIC_` env var is sent to the browser.
43
+
44
+ - **RLS, views, and privileged database code**
45
+ - **Views bypass RLS by default.** In Postgres 15 and above, use `CREATE VIEW ... WITH (security_invoker = true)`. In older versions of Postgres, protect your views by revoking access from the `anon` and `authenticated` roles, or by putting them in an unexposed schema.
46
+ - **UPDATE requires a SELECT policy.** In Postgres RLS, an UPDATE needs to first SELECT the row. Without a SELECT policy, updates silently return 0 rows — no error, just no change.
47
+ - **`auth.role()` is deprecated — use the `TO` clause instead.** Supabase has deprecated `auth.role()` in favour of specifying the target role directly on the policy with `TO authenticated` or `TO anon`. Beyond deprecation, `auth.role() = 'authenticated'` breaks silently when anonymous sign-ins are enabled, because anonymous users carry the `authenticated` Postgres role and pass the check regardless of whether the user is genuinely signed in.
48
+ ```sql
49
+ -- Deprecated (do not use)
50
+ create policy "example" on table_name for select
51
+ using ( auth.role() = 'authenticated' );
52
+ ```
53
+ - **`TO authenticated` alone is authentication without authorization (BOLA / IDOR).** Using `TO authenticated` only checks the role — it does not restrict which rows a user can access. The correct pattern combines `TO authenticated` with an ownership predicate in `USING`:
54
+ ```sql
55
+ create policy "example" on table_name for select
56
+ to authenticated
57
+ using ( (select auth.uid()) = user_id );
58
+ ```
59
+ - **UPDATE policies require both `USING` and `WITH CHECK`.** Without `WITH CHECK`, a user can reassign a row's `user_id` to another user:
60
+ ```sql
61
+ create policy "example" on table_name for update
62
+ to authenticated
63
+ using ( (select auth.uid()) = user_id )
64
+ with check ( (select auth.uid()) = user_id );
65
+ ```
66
+ - **`SECURITY DEFINER` functions bypass RLS.** A `SECURITY DEFINER` function runs with its creator's privileges — typically a role with `bypassrls` (e.g., `postgres`). Never add `SECURITY DEFINER` to resolve a permission error; it silently removes access control without fixing the underlying cause. Prefer `SECURITY INVOKER`.
67
+ - **`SECURITY DEFINER` functions in `public` are callable by all roles.** Postgres grants `EXECUTE` to `PUBLIC` by default for every new function, so any `SECURITY DEFINER` function in `public` is a public API endpoint callable by `anon` and `authenticated` (which inherit from `PUBLIC`) without any additional grant. When `SECURITY DEFINER` is genuinely needed (e.g., bypassing RLS on an internal lookup table), keep the function in a non-exposed schema, always include an `auth.uid()` check in the function body, and run `supabase db advisors` after making changes.
68
+
69
+ - **Storage access control**
70
+ - **Storage upsert requires INSERT + SELECT + UPDATE.** Granting only INSERT allows new uploads but file replacement (upsert) silently fails. You need all three.
71
+
72
+ - **Dependency and supply-chain security**
73
+ - **Always pin package versions and commit lockfiles** when installing Supabase packages (`supabase-js`, `@supabase/ssr`, `supabase-py`, etc.). See the [npm security guide](https://supabase.com/docs/guides/security/npm-security.md) for the full checklist.
74
+
75
+ For any security concern not covered above, fetch the Supabase product security index: `https://supabase.com/docs/guides/security/product-security.md`
76
+
77
+ ## Supabase CLI
78
+
79
+ Always discover commands via `--help` — never guess. The CLI structure changes between versions.
80
+
81
+ ```bash
82
+ supabase --help # All top-level commands
83
+ supabase <group> --help # Subcommands (e.g., supabase db --help)
84
+ supabase <group> <command> --help # Flags for a specific command
85
+ ```
86
+
87
+ **Supabase CLI Known gotchas:**
88
+
89
+ - `supabase db query` requires **CLI v2.79.0+** → use MCP `execute_sql` or `psql` as fallback
90
+ - `supabase db advisors` requires **CLI v2.81.3+** → use MCP `get_advisors` as fallback
91
+ - When you need a new migration SQL file, **always** create it with `supabase migration new <name>` first. Never invent a migration filename or rely on memory for the expected format.
92
+
93
+ **Version check and upgrade:** Run `supabase --version` to check. For CLI changelogs and version-specific features, consult the [CLI documentation](https://supabase.com/docs/reference/cli/introduction) or [GitHub releases](https://github.com/supabase/cli/releases).
94
+
95
+ ## Supabase MCP Server
96
+
97
+ For setup instructions, server URL, and configuration, see the [MCP setup guide](https://supabase.com/docs/guides/getting-started/mcp).
98
+
99
+ **Troubleshooting connection issues** — follow these steps in order:
100
+
101
+ 1. **Check if the server is reachable:**
102
+ `curl -so /dev/null -w "%{http_code}" https://mcp.supabase.com/mcp`
103
+ A `401` is expected (no token) and means the server is up. Timeout or "connection refused" means it may be down.
104
+
105
+ 2. **Check `.mcp.json` configuration:**
106
+ Verify the project root has a valid `.mcp.json` with the correct server URL. If missing, create one pointing to `https://mcp.supabase.com/mcp`.
107
+
108
+ 3. **Authenticate the MCP server:**
109
+ If the server is reachable and `.mcp.json` is correct but tools aren't visible, the user needs to authenticate. The Supabase MCP server uses OAuth 2.1 — tell the user to trigger the auth flow in their agent, complete it in the browser, and reload the session.
110
+
111
+ ## Supabase Documentation
112
+
113
+ Before implementing any Supabase feature, find the relevant documentation. Use these methods in priority order:
114
+
115
+ 1. **MCP `search_docs` tool** (preferred — returns relevant snippets directly)
116
+ 2. **Fetch docs pages as markdown** — any docs page can be fetched by appending `.md` to the URL path.
117
+ 3. **Web search** for Supabase-specific topics when you don't know which page to look at.
118
+
119
+ ## Making and Committing Schema Changes
120
+
121
+ **To make schema changes, use `execute_sql` (MCP) or `supabase db query` (CLI).** These run SQL directly on the database without creating migration history entries, so you can iterate freely and generate a clean migration when ready.
122
+
123
+ Do NOT use `apply_migration` to change a local database schema — it writes a migration history entry on every call, which means you can't iterate, and `supabase db diff` / `supabase db pull` will produce empty or conflicting diffs. If you use it, you'll be stuck with whatever SQL you passed on the first try.
124
+
125
+ **When ready to commit** your changes to a migration file:
126
+
127
+ 1. **Run advisors** → `supabase db advisors` (CLI v2.81.3+) or MCP `get_advisors`. Fix any issues.
128
+ 2. **Review the Security Checklist above** if your changes involve views, functions, triggers, or storage.
129
+ 3. **Generate the migration** → `supabase db pull <descriptive-name> --local --yes`
130
+ 4. **Verify** → `supabase migration list --local`
131
+
132
+ ## Reference Guides
133
+
134
+ - **Skill Feedback** → [references/skill-feedback.md](references/skill-feedback.md)
135
+ **MUST read when** the user reports that this skill gave incorrect guidance or is missing information.
@@ -0,0 +1,64 @@
1
+ ---
2
+ name: supabase-postgres-best-practices
3
+ description: Postgres performance optimization and best practices from Supabase. Use this skill when writing, reviewing, or optimizing Postgres queries, schema designs, or database configurations.
4
+ license: MIT
5
+ metadata:
6
+ author: supabase
7
+ version: "1.1.1"
8
+ organization: Supabase
9
+ date: January 2026
10
+ abstract: Comprehensive Postgres performance optimization guide for developers using Supabase and Postgres. Contains performance rules across 8 categories, prioritized by impact from critical (query performance, connection management) to incremental (advanced features). Each rule includes detailed explanations, incorrect vs. correct SQL examples, query plan analysis, and specific performance metrics to guide automated optimization and code generation.
11
+ ---
12
+
13
+ # Supabase Postgres Best Practices
14
+
15
+ Comprehensive performance optimization guide for Postgres, maintained by Supabase. Contains rules across 8 categories, prioritized by impact to guide automated query optimization and schema design.
16
+
17
+ ## When to Apply
18
+
19
+ Reference these guidelines when:
20
+ - Writing SQL queries or designing schemas
21
+ - Implementing indexes or query optimization
22
+ - Reviewing database performance issues
23
+ - Configuring connection pooling or scaling
24
+ - Optimizing for Postgres-specific features
25
+ - Working with Row-Level Security (RLS)
26
+
27
+ ## Rule Categories by Priority
28
+
29
+ | Priority | Category | Impact | Prefix |
30
+ |----------|----------|--------|--------|
31
+ | 1 | Query Performance | CRITICAL | `query-` |
32
+ | 2 | Connection Management | CRITICAL | `conn-` |
33
+ | 3 | Security & RLS | CRITICAL | `security-` |
34
+ | 4 | Schema Design | HIGH | `schema-` |
35
+ | 5 | Concurrency & Locking | MEDIUM-HIGH | `lock-` |
36
+ | 6 | Data Access Patterns | MEDIUM | `data-` |
37
+ | 7 | Monitoring & Diagnostics | LOW-MEDIUM | `monitor-` |
38
+ | 8 | Advanced Features | LOW | `advanced-` |
39
+
40
+ ## How to Use
41
+
42
+ Read individual rule files for detailed explanations and SQL examples:
43
+
44
+ ```
45
+ references/query-missing-indexes.md
46
+ references/query-partial-indexes.md
47
+ references/_sections.md
48
+ ```
49
+
50
+ Each rule file contains:
51
+ - Brief explanation of why it matters
52
+ - Incorrect SQL example with explanation
53
+ - Correct SQL example with explanation
54
+ - Optional EXPLAIN output or metrics
55
+ - Additional context and references
56
+ - Supabase-specific notes (when applicable)
57
+
58
+ ## References
59
+
60
+ - https://www.postgresql.org/docs/current/
61
+ - https://supabase.com/docs
62
+ - https://wiki.postgresql.org/wiki/Performance_Optimization
63
+ - https://supabase.com/docs/guides/database/overview
64
+ - https://supabase.com/docs/guides/auth/row-level-security
@@ -0,0 +1,34 @@
1
+ ---
2
+ name: system-diagnostics
3
+ description: Diagnose system issues with logs, metrics, traces, and performance profiling
4
+ category: Intelligence & General
5
+ ---
6
+
7
+ # System Diagnostics
8
+
9
+ ## Overview
10
+ Diagnose system issues with logs, metrics, traces, and performance profiling. This skill helps you apply structured, repeatable methods for consistent results.
11
+
12
+ ## When to Use
13
+ - When you need to apply system diagnostics best practices
14
+ - When establishing processes or standards for your workflow
15
+ - When training team members on system diagnostics
16
+ - When automating or optimizing system diagnostics tasks
17
+
18
+ ## Instructions
19
+ 1. **Assess**: Evaluate the current state, requirements, and constraints
20
+ 2. **Plan**: Define the approach, steps, and success criteria
21
+ 3. **Execute**: Follow the established patterns and best practices
22
+ 4. **Verify**: Check results against expected outcomes and quality standards
23
+ 5. **Iterate**: Refine based on feedback and lessons learned
24
+
25
+ ## Examples
26
+ ```
27
+ User: Help me apply system diagnostics for my current project
28
+ Assistant: I'll help you apply system diagnostics step by step...
29
+ ```
30
+
31
+ ## Related Skills
32
+ - Use with `workflow` tool for orchestrated execution
33
+ - Combine with `task` tool for delegated processing
34
+ - Reference `system-prompt` for system-level integration
@@ -0,0 +1,296 @@
1
+ ---
2
+ name: systematic-debugging
3
+ description: Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes
4
+ ---
5
+
6
+ # Systematic Debugging
7
+
8
+ ## Overview
9
+
10
+ Random fixes waste time and create new bugs. Quick patches mask underlying issues.
11
+
12
+ **Core principle:** ALWAYS find root cause before attempting fixes. Symptom fixes are failure.
13
+
14
+ **Violating the letter of this process is violating the spirit of debugging.**
15
+
16
+ ## The Iron Law
17
+
18
+ ```
19
+ NO FIXES WITHOUT ROOT CAUSE INVESTIGATION FIRST
20
+ ```
21
+
22
+ If you haven't completed Phase 1, you cannot propose fixes.
23
+
24
+ ## When to Use
25
+
26
+ Use for ANY technical issue:
27
+ - Test failures
28
+ - Bugs in production
29
+ - Unexpected behavior
30
+ - Performance problems
31
+ - Build failures
32
+ - Integration issues
33
+
34
+ **Use this ESPECIALLY when:**
35
+ - Under time pressure (emergencies make guessing tempting)
36
+ - "Just one quick fix" seems obvious
37
+ - You've already tried multiple fixes
38
+ - Previous fix didn't work
39
+ - You don't fully understand the issue
40
+
41
+ **Don't skip when:**
42
+ - Issue seems simple (simple bugs have root causes too)
43
+ - You're in a hurry (rushing guarantees rework)
44
+ - Manager wants it fixed NOW (systematic is faster than thrashing)
45
+
46
+ ## The Four Phases
47
+
48
+ You MUST complete each phase before proceeding to the next.
49
+
50
+ ### Phase 1: Root Cause Investigation
51
+
52
+ **BEFORE attempting ANY fix:**
53
+
54
+ 1. **Read Error Messages Carefully**
55
+ - Don't skip past errors or warnings
56
+ - They often contain the exact solution
57
+ - Read stack traces completely
58
+ - Note line numbers, file paths, error codes
59
+
60
+ 2. **Reproduce Consistently**
61
+ - Can you trigger it reliably?
62
+ - What are the exact steps?
63
+ - Does it happen every time?
64
+ - If not reproducible → gather more data, don't guess
65
+
66
+ 3. **Check Recent Changes**
67
+ - What changed that could cause this?
68
+ - Git diff, recent commits
69
+ - New dependencies, config changes
70
+ - Environmental differences
71
+
72
+ 4. **Gather Evidence in Multi-Component Systems**
73
+
74
+ **WHEN system has multiple components (CI → build → signing, API → service → database):**
75
+
76
+ **BEFORE proposing fixes, add diagnostic instrumentation:**
77
+ ```
78
+ For EACH component boundary:
79
+ - Log what data enters component
80
+ - Log what data exits component
81
+ - Verify environment/config propagation
82
+ - Check state at each layer
83
+
84
+ Run once to gather evidence showing WHERE it breaks
85
+ THEN analyze evidence to identify failing component
86
+ THEN investigate that specific component
87
+ ```
88
+
89
+ **Example (multi-layer system):**
90
+ ```bash
91
+ # Layer 1: Workflow
92
+ echo "=== Secrets available in workflow: ==="
93
+ echo "IDENTITY: ${IDENTITY:+SET}${IDENTITY:-UNSET}"
94
+
95
+ # Layer 2: Build script
96
+ echo "=== Env vars in build script: ==="
97
+ env | grep IDENTITY || echo "IDENTITY not in environment"
98
+
99
+ # Layer 3: Signing script
100
+ echo "=== Keychain state: ==="
101
+ security list-keychains
102
+ security find-identity -v
103
+
104
+ # Layer 4: Actual signing
105
+ codesign --sign "$IDENTITY" --verbose=4 "$APP"
106
+ ```
107
+
108
+ **This reveals:** Which layer fails (secrets → workflow ✓, workflow → build ✗)
109
+
110
+ 5. **Trace Data Flow**
111
+
112
+ **WHEN error is deep in call stack:**
113
+
114
+ See `root-cause-tracing.md` in this directory for the complete backward tracing technique.
115
+
116
+ **Quick version:**
117
+ - Where does bad value originate?
118
+ - What called this with bad value?
119
+ - Keep tracing up until you find the source
120
+ - Fix at source, not at symptom
121
+
122
+ ### Phase 2: Pattern Analysis
123
+
124
+ **Find the pattern before fixing:**
125
+
126
+ 1. **Find Working Examples**
127
+ - Locate similar working code in same codebase
128
+ - What works that's similar to what's broken?
129
+
130
+ 2. **Compare Against References**
131
+ - If implementing pattern, read reference implementation COMPLETELY
132
+ - Don't skim - read every line
133
+ - Understand the pattern fully before applying
134
+
135
+ 3. **Identify Differences**
136
+ - What's different between working and broken?
137
+ - List every difference, however small
138
+ - Don't assume "that can't matter"
139
+
140
+ 4. **Understand Dependencies**
141
+ - What other components does this need?
142
+ - What settings, config, environment?
143
+ - What assumptions does it make?
144
+
145
+ ### Phase 3: Hypothesis and Testing
146
+
147
+ **Scientific method:**
148
+
149
+ 1. **Form Single Hypothesis**
150
+ - State clearly: "I think X is the root cause because Y"
151
+ - Write it down
152
+ - Be specific, not vague
153
+
154
+ 2. **Test Minimally**
155
+ - Make the SMALLEST possible change to test hypothesis
156
+ - One variable at a time
157
+ - Don't fix multiple things at once
158
+
159
+ 3. **Verify Before Continuing**
160
+ - Did it work? Yes → Phase 4
161
+ - Didn't work? Form NEW hypothesis
162
+ - DON'T add more fixes on top
163
+
164
+ 4. **When You Don't Know**
165
+ - Say "I don't understand X"
166
+ - Don't pretend to know
167
+ - Ask for help
168
+ - Research more
169
+
170
+ ### Phase 4: Implementation
171
+
172
+ **Fix the root cause, not the symptom:**
173
+
174
+ 1. **Create Failing Test Case**
175
+ - Simplest possible reproduction
176
+ - Automated test if possible
177
+ - One-off test script if no framework
178
+ - MUST have before fixing
179
+ - Use the `superpowers:test-driven-development` skill for writing proper failing tests
180
+
181
+ 2. **Implement Single Fix**
182
+ - Address the root cause identified
183
+ - ONE change at a time
184
+ - No "while I'm here" improvements
185
+ - No bundled refactoring
186
+
187
+ 3. **Verify Fix**
188
+ - Test passes now?
189
+ - No other tests broken?
190
+ - Issue actually resolved?
191
+
192
+ 4. **If Fix Doesn't Work**
193
+ - STOP
194
+ - Count: How many fixes have you tried?
195
+ - If < 3: Return to Phase 1, re-analyze with new information
196
+ - **If ≥ 3: STOP and question the architecture (step 5 below)**
197
+ - DON'T attempt Fix #4 without architectural discussion
198
+
199
+ 5. **If 3+ Fixes Failed: Question Architecture**
200
+
201
+ **Pattern indicating architectural problem:**
202
+ - Each fix reveals new shared state/coupling/problem in different place
203
+ - Fixes require "massive refactoring" to implement
204
+ - Each fix creates new symptoms elsewhere
205
+
206
+ **STOP and question fundamentals:**
207
+ - Is this pattern fundamentally sound?
208
+ - Are we "sticking with it through sheer inertia"?
209
+ - Should we refactor architecture vs. continue fixing symptoms?
210
+
211
+ **Discuss with your human partner before attempting more fixes**
212
+
213
+ This is NOT a failed hypothesis - this is a wrong architecture.
214
+
215
+ ## Red Flags - STOP and Follow Process
216
+
217
+ If you catch yourself thinking:
218
+ - "Quick fix for now, investigate later"
219
+ - "Just try changing X and see if it works"
220
+ - "Add multiple changes, run tests"
221
+ - "Skip the test, I'll manually verify"
222
+ - "It's probably X, let me fix that"
223
+ - "I don't fully understand but this might work"
224
+ - "Pattern says X but I'll adapt it differently"
225
+ - "Here are the main problems: [lists fixes without investigation]"
226
+ - Proposing solutions before tracing data flow
227
+ - **"One more fix attempt" (when already tried 2+)**
228
+ - **Each fix reveals new problem in different place**
229
+
230
+ **ALL of these mean: STOP. Return to Phase 1.**
231
+
232
+ **If 3+ fixes failed:** Question the architecture (see Phase 4.5)
233
+
234
+ ## your human partner's Signals You're Doing It Wrong
235
+
236
+ **Watch for these redirections:**
237
+ - "Is that not happening?" - You assumed without verifying
238
+ - "Will it show us...?" - You should have added evidence gathering
239
+ - "Stop guessing" - You're proposing fixes without understanding
240
+ - "Ultra-think this" - Question fundamentals, not just symptoms
241
+ - "We're stuck?" (frustrated) - Your approach isn't working
242
+
243
+ **When you see these:** STOP. Return to Phase 1.
244
+
245
+ ## Common Rationalizations
246
+
247
+ | Excuse | Reality |
248
+ |--------|---------|
249
+ | "Issue is simple, don't need process" | Simple issues have root causes too. Process is fast for simple bugs. |
250
+ | "Emergency, no time for process" | Systematic debugging is FASTER than guess-and-check thrashing. |
251
+ | "Just try this first, then investigate" | First fix sets the pattern. Do it right from the start. |
252
+ | "I'll write test after confirming fix works" | Untested fixes don't stick. Test first proves it. |
253
+ | "Multiple fixes at once saves time" | Can't isolate what worked. Causes new bugs. |
254
+ | "Reference too long, I'll adapt the pattern" | Partial understanding guarantees bugs. Read it completely. |
255
+ | "I see the problem, let me fix it" | Seeing symptoms ≠ understanding root cause. |
256
+ | "One more fix attempt" (after 2+ failures) | 3+ failures = architectural problem. Question pattern, don't fix again. |
257
+
258
+ ## Quick Reference
259
+
260
+ | Phase | Key Activities | Success Criteria |
261
+ |-------|---------------|------------------|
262
+ | **1. Root Cause** | Read errors, reproduce, check changes, gather evidence | Understand WHAT and WHY |
263
+ | **2. Pattern** | Find working examples, compare | Identify differences |
264
+ | **3. Hypothesis** | Form theory, test minimally | Confirmed or new hypothesis |
265
+ | **4. Implementation** | Create test, fix, verify | Bug resolved, tests pass |
266
+
267
+ ## When Process Reveals "No Root Cause"
268
+
269
+ If systematic investigation reveals issue is truly environmental, timing-dependent, or external:
270
+
271
+ 1. You've completed the process
272
+ 2. Document what you investigated
273
+ 3. Implement appropriate handling (retry, timeout, error message)
274
+ 4. Add monitoring/logging for future investigation
275
+
276
+ **But:** 95% of "no root cause" cases are incomplete investigation.
277
+
278
+ ## Supporting Techniques
279
+
280
+ These techniques are part of systematic debugging and available in this directory:
281
+
282
+ - **`root-cause-tracing.md`** - Trace bugs backward through call stack to find original trigger
283
+ - **`defense-in-depth.md`** - Add validation at multiple layers after finding root cause
284
+ - **`condition-based-waiting.md`** - Replace arbitrary timeouts with condition polling
285
+
286
+ **Related skills:**
287
+ - **superpowers:test-driven-development** - For creating failing test case (Phase 4, Step 1)
288
+ - **superpowers:verification-before-completion** - Verify fix worked before claiming success
289
+
290
+ ## Real-World Impact
291
+
292
+ From debugging sessions:
293
+ - Systematic approach: 15-30 minutes to fix
294
+ - Random fixes approach: 2-3 hours of thrashing
295
+ - First-time fix rate: 95% vs 40%
296
+ - New bugs introduced: Near zero vs common