security-review
MANDATORY for security-sensitive code changes - OWASP-based security review with dedicated checklist, required before PR for auth, input handling, API, database, or credential code
speckit-checklist-zh
基于用户需求为当前功能生成定制检查清单的专业工具。专门用于需求质量验证,生成"英语的单元测试",验证需求的完整性、清晰度和一致性。触发词:speckit-checklist、检查清单、需求验证、质量检查、checklist、requirements validation、质量审查、spec review
release-prep
Use when preparing a production release or release candidate - provides a checklist-driven workflow for validation, versioning, build optimization, documentation updates, and deployment readiness.
starting-the-task
A short checklist for kicking off work effectively: plan, branch, track with bd, and set up validation.
landing-the-plane
Checklist for finishing work, pushing a branch, and opening a ready-for-review PR with tests and tracker updates.
heuristics-and-checklists
Use when making decisions under time pressure or uncertainty, preventing errors in complex procedures, designing decision rules or checklists, simplifying complex choices, or when user mentions heuristics, rules of thumb, mental models, checklists, error prevention, cognitive biases, satisficing, or needs practical decision shortcuts and systematic error reduction.
Pentest Checklist
This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "follow security testing best practices", or needs a structured methodology for penetration testing engagements.
