security-review
>
creating-branch
Creates feature branches with optimized short naming, auto-incrementing, and commit type detection (feat/fix/refactor). Supports manual descriptions and auto-generation from uncommitted git changes. Use when user requests to create branch, start new branch, make branch, checkout new branch, switch branch, new task, start working on, begin work on feature, begin feature, create feature branch, run /create-branch command, or mentions "branch", "feature", "new feature", "feat", "fix", or "checkout".
diagramming
Creates Mermaid and ASCII diagrams for flowcharts, architecture, ERDs, state machines, mindmaps, and more. Use when user mentions diagram, flowchart, mermaid, ASCII diagram, text diagram, terminal diagram, visualize, C4, mindmap, architecture diagram, sequence diagram, ERD, or needs visual documentation.
doc-coauthoring
Guide users through structured collaborative documentation creation. Use when user wants to write documentation, update README, create architecture docs, draft proposals, technical specs, decision docs, refactor documentation, create API docs, or document code.
jd-docs
>
managing-adrs
Create and manage Architecture Decision Records (ADRs) with auto-numbering, template detection, and index maintenance. Use when user mentions "ADR", "architecture decision", "document this decision", "create ADR", editing ADR files (docs/adr/, doc/adr/, .adr/), or discussing architectural choices and tradeoffs.
cleaning-up-branches
Deletes merged git branches (local and remote) and flags stale unmerged branches for manual review. Use when user mentions "cleanup branches", "delete merged branches", "prune old branches", "remove stale branches", "branch cleanup", or runs /cleanup-branches command.
generating-changelog
Analyzes git commit history and generates professional changelogs with semantic versioning, conventional commit support, and multiple output formats (Keep a Changelog, Conventional, GitHub). Use when editing CHANGELOG.md, CHANGELOG.txt, or HISTORY.md files, preparing release notes, creating releases, bumping versions, updating changelog, documenting changes, writing release notes, tracking changes, version bump, tag release, or when user mentions "changelog", "release notes", "version history", "release", "semantic versioning", or "conventional commits".
creating-pr
Creates GitHub Pull Requests with existing PR detection, branch pushing, and intelligent title/body generation. Use when user requests to create pull request, open PR, update PR, push for review, ready for review, send for review, get this reviewed, make a PR, share code, request review, create draft PR, submit for review, run /create-pr command, or mentions "PR", "pull request", "merge request", "code review", "GitHub PR", or "draft".
creating-commit
Creates context-aware git commits with smart pre-commit checks, submodule support, and conventional commit message generation. Use when user requests to commit changes, stage and commit, check in code, save work, save changes, push my code, finalize changes, add to git, create commits, run /commit command, or mentions "git commit", "commit message", "conventional commits", "stage files", "git add", or needs help with commits.
spring-boot-security
Spring Security 7 implementation for Spring Boot 4. Use when configuring authentication, authorization, OAuth2/JWT resource servers, method security, or CORS/CSRF. Covers the mandatory Lambda DSL migration, SecurityFilterChain patterns, @PreAuthorize, and password encoding. For testing secured endpoints, see spring-boot-testing skill.
spring-boot-scanner
Smart code scanner that detects Spring Boot patterns and routes to appropriate skills. Use when editing Java or Kotlin files in Spring Boot projects, working with pom.xml/build.gradle containing spring-boot-starter, or when context suggests Spring Boot development. Detects annotations (@RestController, @Entity, @EnableWebSecurity, @SpringBootTest) to determine relevant skills and provides contextual guidance. Uses progressive automation - auto-invokes for low-risk patterns (web-api, data, DDD), confirms before loading high-risk skills (security, testing, verify).
spring-boot-observability
Spring Boot 4 observability with Actuator, Micrometer, and OpenTelemetry. Use when configuring health indicators, custom metrics, distributed tracing, production endpoint exposure, or Kubernetes/Cloud Run probes. Covers Actuator security, Micrometer Timer/Counter/Gauge patterns, and OpenTelemetry span customization.
spring-boot-modulith
Spring Modulith 2.0 implementation for bounded contexts in Spring Boot 4. Use when structuring application modules, implementing @ApplicationModuleListener for event-driven communication, testing with Scenario API, enforcing module boundaries, or externalizing events to Kafka/AMQP. For modular monolith architecture decisions, see the domain-driven-design skill.
spring-boot-data-ddd
Spring Boot 4 data layer implementation for Domain-Driven Design. Use when implementing JPA or JDBC aggregates, Spring Data repositories, transactional services, projections, or entity auditing. Covers aggregate roots with AbstractAggregateRoot, value object mapping, EntityGraph for N+1 prevention, and Spring Boot 4 specifics (JSpecify null-safety, AOT repositories). For DDD concepts and design decisions, see the domain-driven-design skill.
flyway-consolidate
Analyze and consolidate Flyway SQL migrations into clean, domain-grouped CREATE TABLE migrations for pre-production projects. Use when consolidating database migrations, refactoring Flyway schemas, simplifying migration history, grouping tables by domain, or when user mentions "consolidate migrations", "merge migrations", "clean up Flyway", "refactor schema", "baseline migrations".
domain-driven-design
Expert guidance for Domain-Driven Design architecture and implementation. Use when designing complex business systems, defining bounded contexts, structuring domain models, choosing between modular monolith vs microservices, implementing aggregates/entities/value objects, or when users mention "DDD", "domain-driven design", "bounded context", "aggregate", "domain model", "ubiquitous language", "event storming", "context mapping", "domain events", "anemic domain model", strategic design, tactical patterns, or domain modeling. Helps make architectural decisions, identify subdomains, design aggregates, and avoid common DDD pitfalls.
roadmap
>
pm
>
scripting-bash
Master defensive Bash scripting for production automation, CI/CD pipelines, and system utilities. Expert in safe, portable, and testable shell scripts with POSIX compliance, modern Bash 5.x features, and comprehensive error handling. Use when writing shell scripts, bash automation, CI/CD scripts, system utilities, or mentions "bash", "shell script", "automation", "defensive programming", or needs production-grade shell code.
generating-stitch-screens
>
spring-boot-web-api
Spring Boot 4 REST API implementation patterns. Use when creating REST controllers, request validation, exception handlers with ProblemDetail (RFC 9457), API versioning, content negotiation, or WebFlux reactive endpoints. Covers @RestController patterns, Bean Validation 3.1, global error handling, and Jackson 3 configuration.
Skill Name
What this skill does. Use when user mentions "keyword1", "keyword2", or "keyword3". Keep under 1,024 characters and include specific trigger keywords.
spring-boot-verify
Verify Spring Boot 4.x projects for correct dependencies, configuration, and migration readiness. Use when analyzing pom.xml, build.gradle, application.yml, discussing Spring Boot project setup, dependency versions, configuration validation, version compatibility, migration to Spring Boot 4, deprecated dependencies, or when user mentions "verify project", "check dependencies", "upgrade Spring Boot", "migration readiness", "Jackson 3", "@MockBean deprecated", or "Spring Security 7".
spring-boot-testing
Spring Boot 4 testing strategies and patterns. Use when writing unit tests, slice tests (@WebMvcTest, @DataJpaTest), integration tests, Testcontainers with @ServiceConnection, security testing (@WithMockUser, JWT), or Modulith event testing with Scenario API. Covers the critical @MockitoBean migration from @MockBean.
playwright-cli
>-
ralph-loop
Execute an autonomous development loop that picks one task per iteration, implements it, verifies it, and commits the result — each iteration in a fresh context window. Use when user runs /ralph, mentions "ralph loop", "autonomous loop", "builder verifier", "run tasks automatically", "iterate on tasks", "develop autonomously", or wants an automated build-verify-commit cycle with task tracking.
skill-tutor
Personal tutor that teaches any topic. Use when user says "teach me", "learn about", "quiz me", "/skill-tutor", or wants to understand a new concept deeply. Creates personalized tutorials using user's actual projects, tracks learning progress, uses spaced repetition.
optimize-prompt-gepa
Optimizes prompts using full GEPA methodology (Genetic-Pareto Evolution). Use when user wants to improve a prompt's accuracy on test cases, mentions "optimize prompt", "improve prompt", or has examples of desired input/output pairs. Implements Pareto frontier selection, trace-based reflection, and crossover mutations.
deploy-agentcore
Deploy Python agents to AWS Bedrock AgentCore. Use when deploying agents to AWS, setting up serverless agent hosting, configuring AgentCore components (Runtime, Gateway, Memory, Identity, Policy), or troubleshooting deployment errors.
Getting Started with Research Superpowers
Introduction to literature search & review skills - systematic paper finding, screening, extraction, and citation traversal
design-production
Creates production-ready design files, prototypes, and specifications for development teams. Translates validated concepts into detailed, implementable designs with comprehensive specs for developers. Produces Figma files (via API), high-fidelity prototypes, design specifications, and animation files.
design-qa
Reviews finished and in-progress digital products to assess adherence to design specifications and discover potential issues. Use when user says "design review", "design QA", "QA review", "check implementation", "visual bugs", "compare to design", "match the specs", "review the build", "before launch", "pre-launch review", "implementation review", "verify design", "design validation", "spacing issues", "visual discrepancies", "accessibility review", "WCAG compliance", or "responsive testing". Validates implementation against design intent, identifies visual and interaction discrepancies, and provides actionable feedback. Do NOT use when still designing concepts (use design-concepts), need to understand users (use design-research), or nothing has been built yet.
design-research
Conducts user experience research and analysis to inform design decisions. Use when user says "user research", "persona", "personas", "who are our users", "target audience", "customer segments", "design principles", "user needs", "pain points", "jobs to be done", "JTBD", "user interviews", "discussion guide", "research plan", "competitive analysis", "understand the users", "user data", or "analytics review". Reviews first-party and third-party user data, analyzes industry trends from UX and visual design perspectives, and plans user research studies. Creates personas, customer segments, design principles, design roadmaps, and research discussion guides. Do NOT use when already have approved personas, in implementation/coding phase, need visual mockups (use design-concepts), or reviewing built product (use design-qa).
design-concepts
Creates conceptual designs that illustrate design strategy and approach. Use when user says "mockup", "wireframe", "concept", "mood board", "visual direction", "design options", "explore designs", "UI design", "prototype", "design this", "show me designs", "create a design", "look and feel", or "design variations". Leverages research insights and design briefs to develop UI concepts, mood boards, and interactive prototypes. Do NOT use when user needs to understand users first (use design-research), is reviewing an implemented product (use design-qa), or is writing code.
memory-user-edits
Expert guidance for Claude's memory_user_edits tool. Helps users understand how to effectively use memory edits for persistent facts across conversations. Key insight - memory edits work for FACTS, not BEHAVIORS. Triggers on memory-related questions, "remember", "forget", or memory_user_edits tool usage.
github-integration
Use when building GitHub-based features - Explains auth token usage, Gist reading/writing and rendering helpers.
llm-inference
Use when wanting to interact with any LLM - Explains available inference endpoints so the agent selects suitable models.
maps
Use when building interactive map tools - Explains MapLibre setup, tiles, and common UI patterns.
writing-skills
Use when creating or updating SKILL.md documentation - Explains how and why to create a skill.
cdn-usage
Use when adding external browser dependencies via CDN - Provides CDN selection guidance to ensure reliable script loading.
cloudflare-kv
Use when persisting tool data in Cloudflare KV - Describes bindings, key naming, and function conventions.
healthsim-trialsim
Generate realistic clinical trial synthetic data including study definitions, sites, subjects, visits, adverse events, efficacy assessments, and disposition. Use when user requests: clinical trial data, CDISC/SDTM/ADaM datasets, trial cohorts (Phase I/II/III/IV), FDA submission test data, or specific therapeutic areas like oncology or biologics/CGT.
healthsim-rxmembersim
RxMemberSim generates realistic synthetic pharmacy data for testing PBM systems, claims adjudication, and drug utilization review. Use when user requests: (1) pharmacy claims or prescription data, (2) DUR alerts or drug interactions, (3) formulary or tier cohorts, (4) pharmacy prior authorization, (5) NCPDP formatted output.
healthsim-patientsim
Generate realistic clinical patient data including demographics, encounters, diagnoses, medications, labs, and vitals. Use when user requests: (1) patient records or clinical data, (2) EMR test data, (3) specific clinical cohorts like diabetes or heart failure, (4) HL7v2 or FHIR patient resources.
healthsim-networksim
>
Generative Framework
Conversation-driven specification and execution of healthcare data generation at scale
healthsim-populationsim
>
healthsim-membersim
MemberSim generates realistic synthetic claims and payer data for testing claims processing systems, payment integrity, and benefits administration.
code-reviewer
Use when asked to review MERN stack code - comprehensive code reviewer that checks project health, security, maintainability, performance, testing, and architecture. Combines general code quality analysis with MERN-specific expertise.
Page 1143 of 1636 · 81770 results
