setup-dab
Install and configure Data API Builder (DAB) for production SQL Server MCP access with RBAC
milan-jovanovic-blog
Search Milan Jovanovic's .NET blog for Clean Architecture, DDD, CQRS, EF Core, and ASP.NET Core patterns. Use for finding applicable patterns, code examples, and architecture guidance. Invoke when working with .NET projects that could benefit from proven architectural patterns.
scrape-posts
Scrape new articles from Milan Jovanovic's blog (November 2025+). Optimized - pre-filters from listing page, only scrapes new articles.
codex-cli-docs
Single source of truth and librarian for ALL OpenAI Codex CLI documentation. Manages local documentation storage, scraping, discovery, and resolution. Use when finding, locating, searching, or resolving Codex CLI documentation; discovering docs by keywords, category, tags, or natural language queries; scraping from llms.txt; managing index metadata (keywords, tags, aliases); or rebuilding index from filesystem. Run scripts to scrape, find, and resolve documentation. Handles doc_id resolution, keyword search, natural language queries, category/tag filtering, alias resolution, llms.txt parsing, markdown subsection extraction for internal use, hash-based drift detection, and comprehensive index maintenance.
analyze-transcript
Analyze meeting transcripts to extract requirements, decisions, and action items. Specialized extraction for conversational content.
brainstorm
Facilitate AI-assisted brainstorming sessions for requirements discovery. Uses divergent-convergent thinking patterns to generate ideas, then filters and refines them. Supports multiple brainstorming techniques.
business-rules-analysis
Business rules elicitation and analysis techniques. Covers rule types (constraints, derivations, inferences), decision tables, rule templates, and policy documentation. Use when identifying business policies, constraints, calculations, and decision logic during requirements elicitation.
discover
Main orchestrator for full requirements elicitation workflow. Coordinates interviews, document extraction, simulation, research, and synthesis.
document-extraction
Extract requirements from existing documents including PDFs, Word docs, meeting transcripts, specifications, and web content. Identifies requirement candidates, categorizes them, and outputs in pre-canonical format.
domain-research
MCP-powered domain research for requirements elicitation. Uses perplexity, context7, firecrawl, and other MCP servers to research domain knowledge, best practices, and industry requirements.
elicitation-methodology
Hub skill for requirements elicitation. Provides technique selection, orchestration guidance, LLMREI patterns, and autonomy level configuration. Use when gathering requirements from stakeholders, conducting elicitation sessions, or preparing requirements for specification.
extract
Extract requirements from documents (PDF, Markdown, Word, URLs). Identifies requirement candidates and outputs in pre-canonical format.
gaps
Analyze current requirements for completeness and identify missing areas. Uses domain checklists, NFR categories, and INVEST criteria.
interview-conducting
AI-led stakeholder interviews using LLMREI research-backed patterns. Conducts structured interviews to elicit requirements through context-adaptive questioning, active listening, and systematic requirement extraction.
interview
Conduct an AI-led requirements elicitation interview with a stakeholder. Uses LLMREI research-backed patterns for effective requirement capture.
journey-map
Create a customer journey map from elicited requirements. Visualizes end-to-end user experience with stages, touchpoints, emotions, and pain points. Outputs Mermaid diagrams.
jtbd-analysis
Jobs to Be Done (JTBD) framework by Clayton Christensen. Analyzes requirements through the lens of what 'job' customers hire products to do. Covers functional, emotional, and social jobs. Use when understanding underlying customer motivations or reframing features as outcomes.
prioritization-methods
Requirements prioritization techniques including MoSCoW, Kano Model, WSJF (SAFe), and Wiegers' Value/Cost/Risk matrix. Provides scoring frameworks, trade-off analysis, and priority visualization. Use when ranking requirements by business value, customer impact, or implementation efficiency.
prioritize
Apply prioritization methods to elicited requirements. Supports MoSCoW, Kano Model, WSJF, and Wiegers' scoring. Outputs ranked requirements with justification.
research
Research domain knowledge using MCP servers (perplexity, context7, firecrawl). Gathers best practices, regulatory requirements, and competitive insights.
simulate
Run multi-stakeholder simulation to generate requirements from diverse perspectives. Simulates End User, Technical, Business, Compliance, and Operations stakeholders.
stakeholder-simulation
Multi-persona stakeholder simulation for solo requirements work. Generates diverse perspectives from simulated End User, Technical, Business, Compliance, and Operations stakeholders when real stakeholders are unavailable.
story-map
Create a user story map from elicited requirements. Visualizes user journey with backbone activities, walking skeleton, and release slices. Outputs Mermaid diagrams.
survey
Generate stakeholder surveys for requirements gathering and analyze responses. Creates questionnaires based on domain context, collects structured feedback, and produces statistical analysis with requirement candidates.
use-case-2.0
Use Case 2.0 methodology by Ivar Jacobson. Covers use case slices, lightweight documentation, user story derivation, and value-driven prioritization. Modern approach to use case modeling for agile teams.
user-story-mapping
Jeff Patton's User Story Mapping technique for Agile discovery. Visualizes user journey as a map, identifies backbone activities, walking skeleton, and release slices. Use when organizing requirements into deliverable increments or defining MVP scope.
workshop
Facilitate structured requirements workshops (JAD-style). Guides through agenda, captures decisions, resolves conflicts, and produces consolidated requirements. Supports multiple workshop formats.
conduct
Research a topic comprehensively and create detailed research documentation
api-security
Comprehensive API security guidance covering authentication methods, rate limiting, input validation, CORS, security headers, and protection against OWASP API Top 10 vulnerabilities. Use when designing API authentication, implementing rate limiting, configuring CORS, setting security headers, or reviewing API security.
audit
Run security audit on code for OWASP Top 10, CWE vulnerabilities, and security anti-patterns
authentication-patterns
Comprehensive authentication implementation guidance including JWT best practices, OAuth 2.0/OIDC flows, Passkeys/FIDO2/WebAuthn, MFA patterns, and secure session management. Use when implementing login systems, token-based auth, SSO, passwordless authentication, or reviewing authentication security.
authorization-models
Comprehensive authorization guidance covering RBAC, ABAC, ACL, ReBAC, and policy-as-code patterns. Use when designing permission systems, implementing access control, or choosing authorization strategies.
check-deps
Check dependencies for known CVEs and security vulnerabilities
container-security
Container and Kubernetes security patterns including Docker hardening, image scanning, pod security standards, network policies, RBAC, secrets management, and runtime protection. Use when securing containerized applications, building secure images, or configuring Kubernetes security controls.
cryptography
Comprehensive cryptography guidance covering encryption algorithms, password hashing, TLS configuration, key management, and post-quantum considerations. Use when implementing encryption, choosing hashing algorithms, configuring TLS/SSL, managing cryptographic keys, or reviewing cryptographic implementations.
devsecops-practices
DevSecOps methodology guidance covering shift-left security, SAST/DAST/IAST integration, security gates in CI/CD pipelines, vulnerability management workflows, and security champions programs.
scan-secrets
Scan codebase for hardcoded secrets, API keys, credentials, and sensitive data
secrets-management
Comprehensive guidance for secure secrets management including storage solutions (Vault, AWS Secrets Manager, Azure Key Vault), environment variables, secret rotation, scanning tools, and CI/CD pipeline security. Use when implementing secrets storage, configuring secret rotation, preventing secret leaks, or reviewing credentials handling.
secure-coding
Provides guidance on secure coding practices including OWASP Top 10 2025, CWE Top 25, input validation, output encoding, and language-specific security patterns. Use when reviewing code for security vulnerabilities, implementing security controls, or learning secure development practices.
supply-chain-security
Software supply chain security guidance covering SBOM generation, SLSA framework, dependency scanning, SCA tools, and protection against supply chain attacks like dependency confusion and typosquatting.
threat-modeling
Threat modeling methodologies (STRIDE, DREAD), attack trees, threat modeling as code, and integration with SDLC for proactive security design
vulnerability-management
Vulnerability lifecycle management including CVE tracking, CVSS scoring, risk prioritization, remediation workflows, and coordinated disclosure practices
ears-convert
Convert specifications to/from EARS format.
zero-trust
Zero Trust architecture principles including ZTNA, micro-segmentation, identity-first security, continuous verification, and BeyondCorp patterns. Use when designing network security, implementing identity-based access, or building cloud-native applications with zero trust principles.
ai-writing-assistant
Leverage AI tools effectively for professional writing tasks. Provides prompt patterns, refinement workflows, voice preservation techniques, and quality checkpoints for AI-augmented drafting.
brand-statement
Develop your personal brand statement using the Skills x Interests x Market Needs framework. Use when crafting your professional positioning, LinkedIn headline, or elevator pitch.
career-strategy
Internal vs external career growth paths, goal setting, career maintenance, and long-term planning for software engineers. Use when deciding between internal promotion vs external job search, setting career goals, or planning long-term career trajectory.
code-review-communication
Frameworks for giving and receiving code review feedback effectively. Use for PR comments, review strategies, handling disagreements, and balancing thoroughness with kindness.
craft-linkedin-post
Generate an engaging LinkedIn post using proven storytelling frames. Use when you want to share learnings, celebrate wins, or build professional visibility.
developer-visibility
Build professional visibility through LinkedIn, GitHub, conference speaking, and internal branding. Provides frameworks for personal brand development, content creation, and career growth.
Page 544 of 1447 · 72311 results