π―Skills186
Validates and secures code by providing comprehensive security checks for authentication, input handling, secrets management, and sensitive feature implementation.
Provides reusable design patterns and idiomatic Go solutions for efficient, scalable, and maintainable software architecture.
Validates and enforces consistent code quality, style guidelines, and best practices across programming languages and project structures.
Provides reusable React component patterns like composition, compound components, and render props to enhance code modularity and flexibility.
Implements robust backend design patterns like repository, factory, singleton, and dependency injection for scalable and maintainable server-side architectures.
Streamlines Go testing with comprehensive unit, integration, and benchmark strategies, mocking frameworks, and test coverage analysis.
Spring Boot development patterns skill covering REST API design, layered service architecture, data access, caching, async processing, and logging for production-grade Java services
Dynamically updates and refines AI model knowledge through iterative feedback, adaptive learning techniques, and intelligent knowledge integration.
Provides reusable SQL query patterns, database design strategies, and performance optimization techniques for PostgreSQL development
Enforces test-driven development by guiding developers to write comprehensive tests first, ensuring 80%+ code coverage across unit, integration, and E2E testing.
Python development patterns skill covering Pythonic idioms, PEP 8 standards, type hints, and best practices for building robust and maintainable applications
REST API design patterns covering resource naming conventions, HTTP status codes, pagination, filtering, error responses, versioning, and rate limiting for building consistent, developer-friendly production APIs.
Java coding standards for Spring Boot services covering naming conventions, immutability, Optional usage, streams, exception handling, generics, records, sealed classes, and project layout.
Python testing patterns skill covering pytest, TDD methodology, fixtures, mocking, parametrization, and coverage requirements for robust test suites
Creates animation-rich HTML slide presentations from scratch or by converting PowerPoint files.
Implements comprehensive security best practices for Spring Boot services, covering authentication, authorization, input validation, and common vulnerability protection
Django development patterns skill covering REST API design with DRF, ORM best practices, caching, signals, middleware, and production-grade project structure
Docker and Docker Compose patterns for local development, covering multi-container architectures, container security, networking, volume strategies, and multi-service orchestration with health checks.
Django security best practices covering authentication, authorization, CSRF protection, SQL injection prevention, XSS prevention, and secure production deployment configurations.
Dynamically adapts and improves AI performance through iterative feedback, knowledge expansion, and self-optimization techniques.
Test-driven development skill for Spring Boot using JUnit 5, Mockito, MockMvc, Testcontainers, and JaCoCo with 80%+ coverage targets
Suggests manual context compaction at strategic workflow boundaries rather than relying on arbitrary auto-compaction, using a hook-based system to detect tool call thresholds and remind users to run /compact.
Database migration best practices for safe, reversible schema changes across PostgreSQL, MySQL, and common ORMs (Prisma, Drizzle, Django, TypeORM), covering data migrations, rollbacks, and zero-downtime deployments.
Scan Claude Code configuration files (.claude/ directory) for security vulnerabilities, misconfigurations, and injection risks using AgentShield, checking CLAUDE.md, settings.json, MCP servers, hooks, and agent definitions.
Implements JPA/Hibernate best practices for efficient entity design, relationships, querying, and performance optimization in Spring Boot applications.
Comprehensive Playwright E2E testing patterns covering Page Object Model, test configuration, CI/CD integration, artifact management, and strategies for handling flaky tests.
ClickHouse database patterns for high-performance analytics and data engineering, covering MergeTree engine selection, table schema design, analytical queries, partition pruning, projections, and materialized views.
Production deployment workflows and CI/CD best practices covering rolling, blue-green, and canary deployment strategies, Docker containerization, health checks, rollback strategies, and production readiness checklists.
Implements a rigorous evaluation framework for Claude Code sessions using systematic testing, grading, and pass@k metrics
Django TDD skill covering test-driven development with pytest-django, factory_boy, mocking patterns, coverage requirements, and Django REST Framework API testing
Comprehensive collection of Claude Code configurations, tips, and resources including CLAUDE.md templates, custom commands, agent workflows, and best practices across multiple programming languages.
Iterative retrieval pattern skill that solves the subagent context problem in multi-agent workflows through a 4-phase loop of progressively refining context retrieval
Market research skill from Everything Claude Code, a comprehensive guide and skills collection for maximizing Claude Code productivity.
Writes articles, guides, blog posts, and long-form content in a distinctive voice from supplied examples.
Skill
Interactive installer for Everything Claude Code (ECC) that guides users through selecting and installing skills and rules to user-level or project-level directories with step-by-step wizard using AskUserQuestion.
Comprehensive verification system for Claude Code sessions that runs build, type check, lint, test suite, security scan, and diff review phases before PRs or deployments.
A skill for implementing Apple's liquid glass design language in apps, part of a comprehensive Claude Code configuration collection from an Anthropic hackathon winner.
C++ testing workflow using GoogleTest/GoogleMock with CMake/CTest, covering TDD loop, unit and integration test patterns, sanitizer configuration, and flaky test diagnosis for modern C++ (C++17/20).
Process, convert, OCR, extract, redact, sign, and fill documents using the Nutrient DWS API, supporting PDFs, DOCX, XLSX, PPTX, HTML, images, and 30+ other input formats.
Verification loop for Spring Boot projects covering build, static analysis with SpotBugs/PMD/Checkstyle, tests with JaCoCo coverage thresholds, security scans, and diff review before release or PR.
Comprehensive collection of Claude Code configurations, tips, and resources including CLAUDE.md templates, custom commands, agent workflows, and best practices across multiple programming languages.
Comprehensive collection of Claude Code configurations, tips, and resources including CLAUDE.md templates, custom commands, agent workflows, and best practices across multiple programming languages.
Verification loop for Django projects covering environment checks, code quality with mypy/ruff/black, migration safety, tests with coverage, security scans, and deployment readiness checks.
A skill from the Everything Claude Code project that provides a complete performance optimization system for AI agent harnesses, including skills, instincts, memory optimization, continuous learning, and security scanning. Works across Claude Code, Codex, Cursor, OpenCode, Gemini, and other AI agent harnesses.
Comprehensive collection of Claude Code configurations, tips, and resources including CLAUDE.md templates, custom commands, agent workflows, and best practices across multiple programming languages.
Comprehensive collection of Claude Code configurations, tips, and resources including CLAUDE.md templates, custom commands, agent workflows, and best practices across multiple programming languages.
Skill
Skill
A skill from the Everything Claude Code performance system that optimizes system prompts and instructions for AI agent harnesses, focusing on token reduction, context management, and prompt slimming techniques to improve agent efficiency.
Creates platform-native content for X, LinkedIn, TikTok, YouTube, and newsletters.
Skill
Comprehensive collection of Claude Code configurations, tips, and resources including CLAUDE.md templates, custom commands, agent workflows, and best practices across multiple programming languages.
A skill for SwiftUI patterns and best practices, part of a comprehensive Claude Code configuration collection with production-ready agents, skills, hooks, and commands.
Comprehensive collection of Claude Code configurations, tips, and resources including CLAUDE.md templates, custom commands, agent workflows, and best practices across multiple programming languages.
A skill from the Everything Claude Code project that provides AI-first engineering practices and patterns for optimizing AI agent workflows. Part of a complete system including skills, memory optimization, continuous learning, and research-first development, evolved from 10+ months of intensive daily use.
Skill
Investor materials skill from Everything Claude Code, a comprehensive resource collection for Claude Code development.
A skill for Swift 6.2 concurrency patterns and best practices, part of a production-ready Claude Code configuration collection evolved over 10+ months of daily use.
Drafts investor outreach emails including cold emails, warm intros, and follow-ups for fundraising.
A skill for working with Apple Foundation Models on-device, part of a comprehensive Claude Code configuration collection from an Anthropic hackathon winner.
Skill
A skill for translating visa and immigration documents, part of a comprehensive Claude Code configuration collection with 6 supported languages.
A skill from the Everything Claude Code performance system that provides autonomous loop patterns including sequential pipelines, PR loops, and DAG orchestration for continuous agent operation across Claude Code and other AI harnesses.
A skill from the Everything Claude Code system that enforces write-time code quality through Plankton hooks, catching issues before they enter the codebase as part of a comprehensive AI agent harness performance optimization framework.
Laravel security best-practice guide covering session/cookie hardening, Sanctum/Passport token auth, password hashing, policies and gates, Form Request validation, mass-assignment protection, parameter binding for SQL, XSS escaping, CSRF middleware, file upload safety, signed routes, and production secrets/rate limiting.
A skill from the Everything Claude Code performance system providing Kotlin coroutines and Flow patterns for AI agent harnesses, part of a comprehensive collection covering 12+ language ecosystems with production-ready coding standards and best practices.
A skill from the Everything Claude Code performance system that provides implementation planning and blueprint workflows, helping AI agents create structured implementation plans before writing code as part of a research-first development approach.
Skill
Skill
A skill from the Everything Claude Code performance system that provides an RFC (Request for Comments) pipeline workflow for structured proposal review and approval processes within AI agent harness development workflows.
Skill
Skill
A domain-specific skill from the Everything Claude Code performance system covering customs and trade compliance workflows, part of the operational domain skills collection within a comprehensive AI agent harness framework supporting 183+ skills.
A skill from the Everything Claude Code performance system that provides patterns and best practices for working with the Claude API, part of a comprehensive harness framework with 48 agents, 183 skills, and production-ready configurations.
Skill
Rust testing patterns covering unit tests with `#[cfg(test)]` modules, integration tests, async/Tokio testing, rstest for parameterized tests, proptest for property-based tests, mockall-based mocking, and cargo-llvm-cov coverage targeting 80%+ β applied via a RED-GREEN-REFACTOR TDD workflow.
Skill
A domain-specific skill from the Everything Claude Code performance system for quality nonconformance management workflows, part of the operational domain skills within a comprehensive AI agent harness framework spanning 12+ language ecosystems.
A foundational skill from the Everything Claude Code performance system that defines coding conventions and project guidelines for AI agent harnesses, covering commit formats, PR processes, testing requirements, and the overall system philosophy.
A skill from the Everything Claude Code performance system that provides AI-powered regression testing patterns and verification loops for ensuring agent output quality, part of a comprehensive framework with 1282+ internal tests and continuous evaluation.
A domain-specific skill from the Everything Claude Code performance system for production scheduling workflows, part of the operational domain skills collection within a comprehensive AI agent harness framework with 48 agents and 183+ skills.
Guidance for Next.js 16+ with Turbopack as the default dev bundler β when to use Turbopack vs webpack (`--webpack`/`--no-turbopack`), incremental Rust-based bundling, file-system caching under `.next` for 5β14x faster restarts, and the experimental Next.js 16.1+ Bundle Analyzer.
Skill
Neural search via the Exa MCP server covering web, code, companies, and people β wraps `web_search_exa` (current web info, news, company/people research with live crawl and category filters) and `get_code_context_exa` (code examples, API usage, 1kβ50k token depth) with tested query patterns.
Skill
A domain-specific skill from the Everything Claude Code performance system for energy procurement workflows, part of the operational domain skills collection within a comprehensive AI agent harness framework supporting multiple industry verticals.
Skill
Skill
Skill
Kotlin testing patterns using Kotest (StringSpec, FunSpec, BehaviorSpec, DescribeSpec), MockK for mocking and coroutine testing, argument capture, property-based tests, Ktor `testApplication`, and Kover coverage β applied via a RED-GREEN-REFACTOR TDD workflow targeting 80%+ coverage.
Test-driven development workflow for Laravel using PHPUnit or Pest β factories, Unit/Feature/Integration layering, `RefreshDatabase` vs `DatabaseTransactions` strategies, `actingAs`/`postJson`/`assertDatabaseHas` patterns, and an 80%+ coverage target, following a RED-GREEN-REFACTOR cycle.
Bun as an all-in-one JavaScript runtime, package manager, bundler, and test runner β when to choose Bun vs Node, npm/yarn migration notes (`bun install`, `bun run`, `bun x`), `bun test`, `Bun.serve`, `Bun.file`, and Vercel deployment with `bun install --frozen-lockfile`.
A skill from the Everything Claude Code performance system that provides data scraping agent patterns and workflows, part of a comprehensive AI agent harness framework featuring 48 specialized subagents and 183+ skills for production-ready development.
A skill from the Everything Claude Code performance system providing Kotlin Ktor framework patterns and best practices for building server-side applications, part of a comprehensive collection covering 12+ language ecosystems with production-ready standards.
Skill
Multi-platform content distribution across X, LinkedIn, Threads, and Bluesky that preserves the author's voice (optionally sourced from the `brand-voice` skill) and adapts a single source idea per platform constraint β while banning duplicate copy, fake founder-reflection posts, and filler CTAs like "What do you think?".
Skill
Skill
Skill
Unified media generation via the fal.ai MCP β image (Nano Banana 2 and Pro), video (Seedance 1.0 Pro, Kling Video v3 Pro, Veo 3), text-to-speech (CSM-1B), and video-to-audio (ThinkSound) β exposing `search`, `find`, `generate`, `result`, `status`, `cancel`, `estimate_cost`, `models`, and `upload` tools.
A skill from the Everything Claude Code performance system providing Perl TDD workflows with Test2::V0, prove, and Devel::Cover, part of a comprehensive multi-language AI agent harness framework with production-ready testing patterns for 12+ ecosystems.
A skill from the Everything Claude Code performance system covering Perl security patterns including taint mode and safe I/O practices, part of a comprehensive multi-language AI agent harness framework with rules and skills for 12+ language ecosystems.
Skill
Multi-agent orchestration using dmux (a tmux pane manager for AI agent harnesses) to run Claude Code, Codex, OpenCode, Cline, Gemini, and Qwen sessions in parallel and merge their output β with patterns for research+implement, multi-file features, test/fix loops, cross-harness tasks, and parallel code review.
X (Twitter) API integration skill using OAuth 2.0 Bearer tokens for read-heavy operations and OAuth 1.0a for write flows β covers posting tweets and threads (`/2/tweets`), reading user timelines, recent-search queries, and pulling original posts for voice modeling via `requests_oauthlib` in Python.
A comprehensive performance optimization system for AI agent harnesses, providing production-ready skills, instincts, memory optimization, continuous learning, security scanning, and research-first development configurations across Claude Code, Codex, Cursor, and other AI coding agents.
Skill
Skill
Lightweight CLI for running reproducible head-to-head comparisons of coding agents (Claude Code, Aider, Codex, etc.) on YAML-defined tasks, measuring pass rate, cost, time, and consistency. Use it to make data-backed agent selection decisions instead of relying on vibes.
Skill
Skill
A comprehensive performance optimization system for AI agent harnesses, providing production-ready skills, hooks, rules, MCP configurations, and development patterns evolved over months of intensive daily use across Claude Code, Codex, Cursor, and other AI coding tools.
Skill
Automated compliance measurement tool that generates test scenarios at three prompt-strictness levels (supportive, neutral, competing), runs `claude -p` to capture tool-call traces, and reports whether agents actually follow a given skill, rule, or agent definition. Use it to verify adherence after adding new skills or rules.
Behavioural flow audit that traces every user-facing button through its full handler sequence to find bugs where shared-state functions silently cancel each other or leave the UI in an inconsistent state. Use when systematic debugging turned up nothing but users still report broken buttons, or after major refactors touching shared stores.
Multi-agent adversarial verification loop where a Generator produces the output and two independent Reviewer agents must both pass it before it ships, with a Fixer revising until convergence. Use for deployable code, compliance-sensitive content, customer-facing copy, or any output with elevated hallucination risk.
Three-mode design system tool for Claude Code: **Generate** (scan CSS/Tailwind/styled-components, propose design tokens, emit `DESIGN.md` + `design-tokens.json` + interactive HTML preview), **Audit** (score UI 0-10 across colour, typography, spacing, components, dark mode, a11y, etc. with file:line fixes), and **AI Slop Detection** (catch generic gradients, glass morphism, purple-blue defaults, gratuitous animation). Use to start a new design system, audit existing styling, or review styling-touching PRs.
Reference for Git workflow choices and execution: when to pick GitHub Flow vs trunk-based vs GitFlow (with team-size/cadence guidance), Conventional Commits format with type table, merge vs rebase with concrete `git` commands, PR title/description/checklist templates, and a step-by-step conflict resolution flow including `--ours`/`--theirs`. Use when setting up Git practice for a new project, picking a branching strategy, or onboarding new team members.
Build distinctive, production-grade frontend interfaces with a clear point of view rather than generic AI-looking UI. Enforces picking one direction (brutally minimal, editorial, industrial, luxury, playful, etc.) and executing it cleanly across typography, composition, and motion for landing pages, dashboards, and app shells.
Example project-specific skill template based on a real production application, showing how to document architecture overview, file structure, code patterns, testing requirements, and deployment workflows.
Runs four-phase automated browser QA on a deployed URL via a browser MCP (claude-in-chrome, Playwright, or Puppeteer): smoke test (console errors, network, Core Web Vitals), interaction test (nav links, form valid/invalid states, auth flow, critical journeys), visual regression at 375/768/1440px with dark mode, and accessibility (axe-core, keyboard nav, screen reader landmarks). Outputs a structured QA report with a SHIP/SHIP WITH FIXES/BLOCK verdict.
Performance baseline and regression detector with four modes: page perf (Core Web Vitals + page weight + JS/CSS/image bundle sizes via browser MCP), API perf (100 hits per endpoint with p50/p95/p99 plus 10-concurrent load), build perf (cold build, HMR, test/typecheck/lint, Docker), and `baseline`/`compare` mode that diffs metrics before vs after a change. Stores baselines in git-tracked `.ecc/benchmarks/*.json` and is meant to run on every PR.
Cross-stack source code asset audit across C/C++, Java/Android, iOS (Obj-C/Swift), and Web (TS/JS/Vue) that classifies every file, detects 50+ embedded third-party libraries with versions, and delivers four-level verdicts (Core Asset / Extract & Merge / Rebuild / Deprecate). Outputs interactive HTML reports and supports fast/standard/deep/full analysis depths plus monorepo hierarchical scans.
PreToolUse-hook safety net that intercepts destructive Bash/Write/Edit operations (rm -rf, git push --force, DROP TABLE, kubectl delete, --no-verify, etc.) and optionally restricts edits to a specific directory tree. Three modes: Careful (warn on destructive commands), Freeze (lock edits to a dir), and Guard (both combined) for autonomous-agent safety.
Context Keeper β persistent per-project memory for Claude Code that auto-loads project context on session start, tracks sessions with git activity, and writes into Claude native memory via `/ck:*` commands backed by deterministic Node.js scripts for consistent behavior across models.
YC-office-hours-style product diagnostic that pressure-tests the "why" before any feature is built β asks who it's for, what the pain is, the 10-star version, the MVP, the anti-goal, and the success metric, then outputs a `PRODUCT-BRIEF.md` with go/no-go. Also runs founder review, user journey audit, and feature prioritization modes.
Intercepts the response flow to offer the user an informed choice about answer depth *before* Claude answers β estimates input tokens, classifies prompt complexity (simple/medium/complex), and presents response-size options. Triggers on phrases like "short version", "tldr", "token budget", or Spanish equivalents; silently maintained once a level is chosen in a session.
Give AI agents autonomous payment ability via the x402 HTTP 402 protocol and MCP tools β including per-task and per-session budgets, allowlisted recipients, rate limits, and non-custodial ERC-4337 wallets so agents can pay for APIs or other agents without custodial risk. Spending policy is set by the orchestrator, not the agent.
Patterns for protecting patient and clinician data across HIPAA (US), DISHA (India), and GDPR (EU) β data classification (PHI vs PII), Row-Level Security policies, tamper-proof audit logs, encryption, and common leak vectors. Applies when building patient-record features, clinical APIs, or multi-tenant healthcare RLS.
Post-deploy regression monitor that watches a deployed URL for HTTP status, console errors, network failures, Core Web Vitals (LCP/CLS/INP), missing key elements, and API SLA. Supports quick single-pass, sustained interval watches (`--interval 5m --duration 2h`), and staging-vs-prod diff mode with critical/warning/info alert tiers.
Pre-PR / pre-deploy verification pipeline for Laravel projects that runs phases sequentially: env checks, Composer validate, Pint + PHPStan/Psalm, `php artisan test` with coverage, `composer audit`, migration `--pretend` review, and build/deploy readiness checks. Each failing phase gates the next.
EMR/EHR engineering patterns covering single-page encounter flow (complaint β exam β diagnosis β prescription), smart templates with red-flag alerts, medication safety, ICD-10/SNOMED search, lab-result reference-range highlighting, and tamper-proof audit trails. Every design decision is judged against "could this harm a patient?".
Discover, evaluate, and pick healthy Laravel packages through the LaraPlugins.io MCP server β `SearchPluginTool` for keyword / health-score / Laravel / PHP / vendor filtering, and `GetPluginDetailsTool` for per-package metrics, README, and version history. Free, no API key required.
Patient-safety verification harness that blocks healthcare-app deployments on a single failure across five test categories: CDSS Accuracy, PHI Exposure, Data Integrity (CRITICAL β 100% pass required) plus Clinical Workflow and Integration (HIGH β 95% required). Framework-agnostic (Jest/Vitest/pytest/PHPUnit) with CI `--bail`, coverage thresholds, and clear gating order.
Clinical Decision Support System patterns implemented as a pure, side-effect-free function library: `checkInteractions`, `validateDose`, and `calculateNEWS2` for NEWS2/qSOFA/APACHE/GCS scoring. Covers drug interaction severity, weight/age/renal-adjusted dose validation, alert classification, and integration into EMR workflows β zero tolerance for false negatives.
Remotion (React video creation) best-practices skill bundling 29 domain-specific rule files covering 3D with Three.js/R3F, animations, audio, captions, compositions, fonts, Lottie, sequencing, Tailwind, text animations, and interpolation/spring timing. Load whenever you are writing Remotion code.
Turn Claude Code into a persistent, self-directing agent system using only native features (crons, dispatch, built-in memory) and MCP servers, replacing standalone frameworks like Hermes and AutoGPT. Use when the user wants continuous autonomous operation, scheduled tasks, computer use, or an assistant that remembers context across sessions.
Design, implement, and refactor Ports & Adapters (hexagonal) systems across TypeScript, Java, Kotlin, and Go β with a domain model, use-case application layer, inbound/outbound ports, and adapters wired at a single composition root. Use when introducing domain boundaries, refactoring framework-heavy code, supporting multiple transports for one use case, or swapping infrastructure.
Forge a complete "lobster soul" persona for an OpenClaw AI agent β identity, SOUL.md / IDENTITY.md, character-bound rules, name, and avatar prompt β via guided Q&A or a gacha engine (`gacha.py`) that draws from 8 million combinations. If an approved image-gen skill is installed, automatically produces a matching avatar image.
Record polished UI demo videos for web apps using Playwright β producing WebM output with a visible cursor, natural pacing, and storytelling flow. Enforces a three-phase process (Discover β Rehearse β Record) so scripts match the actual DOM instead of breaking silently on custom inputs or dropdowns.
Production-grade NestJS patterns for modular TypeScript backends β modules, controllers, providers, DTO validation, guards, interceptors, exception filters, environment-aware config, database integrations, and unit/HTTP testing. Use when building or structuring NestJS APIs and services.
Build a durable voice profile from 5β20 real samples β X posts, essays, launch notes, working emails, product docs β then reuse it across content and outreach instead of re-deriving style or defaulting to generic AI copy. Extracts rhythm, sentence length, capitalization norms, claim sharpness, and what the author never does.
Agent-powered lead intelligence and outreach pipeline that replaces Apollo, Clay, and ZoomInfo by doing signal scoring, mutual ranking, warm-path discovery, voice modeling from real sources, and channel-specific outreach across email, LinkedIn, and X. Requires Exa MCP plus X API, with optional LinkedIn, Apollo/Clay, GitHub MCP, and Mail.app integrations.
Retrieves and updates Jira tickets from your AI coding workflow via the `mcp-atlassian` MCP server (tools like `jira_search`, `jira_get_issue`, `jira_transition_issue`, `jira_add_comment`) or direct REST API v3 `curl` calls. Includes templates for extracting testable acceptance criteria and posting structured progress comments tied to branches and PRs.
Multi-agent harness inspired by Anthropic's March 2026 harness-design paper that separates Generator from Evaluator in an adversarial GAN-style loop to drive quality far beyond single-agent self-critique. Use for application builds, frontend design, or full-stack work where AI-slop aesthetics are unacceptable and you want to invest $50β200 on production-quality output.
Three-stage pipeline (Fork β Sanitize β Package) that turns any private project into a safely public release β stripping secrets, verifying the repo is clean, then generating CLAUDE.md, setup.sh, and README. Triggered by `/opensource fork|verify|package` or phrases like "open source this" and "make this public".
Operate across Google Drive, Docs, Sheets, and Slides as one workflow surface β finding, summarizing, editing, migrating, or cleaning up shared assets like plans, trackers, and decks. Uses Drive as the entry point, then switches to Docs/Sheets/Slides specialists with index-aware edits for Docs and explicit tab/range targeting for Sheets.
Production-ready Dart/Flutter patterns covering null safety with pattern matching, sealed `AsyncState` hierarchies, `freezed` immutability, structured concurrency via `Future.wait`, widget extraction with `const` propagation, BLoC/Riverpod/Provider state management, GoRouter with `refreshListenable` auth guards, and Dio interceptors with one-shot token refresh.
Operate real customer billing workflows via connected tools like Stripe β subscriptions, refunds, duplicate charges, failed renewals, churn triage, and billing-portal recovery. Enforces classifying the issue (accidental duplicate vs multi-seat vs broken product vs cancellation) before acting, and never refunds blindly or exposes secret keys or PII.
Coordinate execution across GitHub (public truth) and Linear (internal execution truth) by triaging issues/PRs into Merge / Port-Rebuild / Close / Park, then creating Linear items only when work is actively scheduled, cross-functional, or needs internal ownership. Use for backlog control, PR triage, and GitHub-to-Linear coordination β not for coding.
Read-only audit of the active repo, MCP servers, plugins, connectors, env surfaces, and harness setup to answer "what can this workspace actually do right now, and what should we add next?". Separates already-available, available-but-unwrapped, and not-yet-available capabilities, surfacing only key names (never secret values).
Builds reusable Manim explainer animations for technical concepts, graphs, system diagrams, and product walkthroughs using the `manim` CLI with `ffmpeg` post-processing. Follows a thesis-first 3-6 scene workflow with low-quality smoke renders, 16:9 output, a thumbnail frame, and optional handoff to `video-editing` or `remotion-video-creation` for final polish.
Reorganizes the user's X and LinkedIn networks with review-first prune queues, follow/add recommendations, and warm-path identification scored by reciprocity, recent activity, and bridge value across `light-pass`/`default`/`aggressive` modes. Drafts channel-specific outreach (X DM, LinkedIn message, Apple Mail) in the user's voice via `brand-voice`, `lead-intelligence`, and `x-api`.
Audits and remediates SEO across crawlability (`robots.txt`, canonicals, redirect chains), indexability (`hreflang`, sitemaps), Core Web Vitals targets (LCP < 2.5s, INP < 200ms, CLS < 0.1), structured data (`Article`, `Product`, `BreadcrumbList`, `FAQPage`), title/meta rules, and keyword-to-URL mapping. Outputs page-specific recommendations with severity tags rather than generic advice.
Reusable weighted graph-ranking engine for warm-intro discovery across X and LinkedIn networks, computing bridge scores `B(m)` with hop-decay `Ξ»`, second-order expansion via `Ξ±`, and engagement adjustment `Ξ²`. Outputs tiered recommendations: warm intro asks, conditional bridge paths, and graph gaps requiring direct outreach.
Idiomatic C# and .NET patterns for building robust ASP.NET Core applications, covering immutable `record` types, explicit nullability, dependency injection via interfaces, async/await with `CancellationToken`, the Options pattern, the Result pattern, EF Core repositories, custom middleware, and Minimal API route groups.
C# and .NET testing patterns built on xUnit, FluentAssertions, NSubstitute/Moq for mocking, `WebApplicationFactory` for ASP.NET Core integration tests, and Testcontainers for real PostgreSQL infrastructure. Covers Arrange-Act-Assert, `[Theory]` parameterized tests with `MemberData`, test data builders, and common anti-patterns to avoid.
Builds operator-focused monitoring dashboards for Grafana, SigNoz, and similar platforms by starting from operating questions (health, latency, throughput, saturation, service-specific risk) instead of visual layout. Produces structured boards (overview / performance / resources / service-specific) with example panel sets for Elasticsearch, Kafka, and API gateways, plus a quality checklist enforcing units, thresholds, and variables.
Manage GitHub repos with the `gh` CLI β issue triage (labels, duplicates, reproduction asks), PR review (`gh pr checks`, stale-PR sweeps), CI failure inspection with `gh run view --log-failed`, release/changelog generation, and Dependabot/secret-scanning monitoring. Enforces a quality gate on labels, PR age, investigated CI failures, and acknowledged security alerts before a triage pass is considered done.
Build a new API connector or provider that exactly matches the host repo's existing integration pattern β connector layout, config schema, auth model, error handling, test style, and registry wiring β instead of inventing a parallel architecture. Guides the workflow from inspecting at least two existing in-repo connectors through building repo-native slices (config, client, mapping, entrypoint, registration, tests) and a quality checklist before completion.
A four-phase self-debugging loop (failure capture β root-cause diagnosis β contained recovery β introspection report) for AI agent runs that are looping, burning tokens, or drifting from the task. Provides a pattern table (tool-call loops, context overflow, `ECONNREFUSED`/429s, stale diffs, wrong hypotheses) and forces the agent to verify world state, shrink scope, and run one discriminating check before retrying.
Hunt for remotely reachable, bounty-worthy vulnerabilities (SSRF, auth bypass, deserialization/upload-to-RCE, SQLi, command injection, path traversal, auto-triggered XSS) instead of low-signal best-practice findings. Enforces scope/`SECURITY.md` checks, duplicate search, a reachable-user-control-to-sink proof requirement, and a standardized report template (Description / Vulnerable Code / PoC / Impact / Affected Version) before submission to Huntr, HackerOne, and similar.
Convene a four-voice decision council (in-context Architect + independent Skeptic, Pragmatist, and Critic subagents) for ambiguous calls like monorepo vs polyrepo, ship now vs hold, or feature flag vs full rollout. Launches the three external voices as fresh subagents with only the question (the anti-anchoring mechanism) and then synthesizes a compact verdict with consensus, strongest dissent, and premise check, keeping raw positions visible.
Run a multi-layered knowledge base β GitHub/Linear as live execution truth, Claude Code memory files, MCP memory graph, a durable KB repo, Supabase/Postgres, and a local archive folder β with a strict ingestion workflow (classify β dedupe β store β index). Syncs conversations and workspace state, redacts secrets before commits, and prefers one canonical home per fact instead of parallel copies.
Sort ECC skills, commands, rules, hooks, and extras into DAILY (always load) vs LIBRARY (keep searchable) buckets for a specific repo by running parallel review passes backed by concrete grep evidence β file extensions, `package.json`/`pyproject.toml`/`Cargo.toml`, CI configs, imports β instead of opinion. Produces an evidence table, install plan, verification report, and optional `skill-library` router so each project loads only what its real stack uses.
Turn a PRD, roadmap item, or founder note into an implementation-ready capability plan (ECC's PRDβSRS lane) that makes constraints, invariants, interfaces, and unresolved decisions explicit before multi-service work begins. Writes into a durable `PRODUCT.md` / `docs/product/` artifact and ends with a handoff label β ready for implementation, architecture review, or product clarification β plus the next ECC lane to take it.
Generate [CodeTour](https://github.com/microsoft/codetour) `.tour` JSON files (saved to `.tours/<persona>-<focus>.tour`) for onboarding, architecture, PR, RCA, and security-review walkthroughs with real file/line anchors that open directly in the CodeTour VS Code extension. Picks persona and step count from the request shape (new-joiner, vibecoder, architect, pr-reviewer, etc.), verifies every anchor exists, and writes steps in a Situation/Mechanism/Implication/Gotcha format.
Operator wrapper for ECC's research stack (`exa-search`, `deep-research`, `market-research`, `lead-intelligence`, `knowledge-ops`) that picks the lightest useful evidence path and separates sourced facts from user-supplied context, inference, and recommendation in every answer. Adds dates to freshness-sensitive outputs and flags recurring lookups that should graduate into a monitoring workflow instead of being re-asked.
Inventory every live automation β local hooks, GitHub Actions, MCP configs, connector/app integrations, wrapper scripts β and classify each as configured / authenticated / recently verified / stale / missing, plus problem type (active breakage, auth outage, stale status, overlap, missing capability). Returns a keep / merge / cut / fix-next recommendation set with proof paths (file, workflow run, hook log) instead of repo rewrites.
Evidence-first mailbox workflow for triage, drafting, replying, and proving a message actually landed in Sent β not a generic writing skill. Resolves which mailbox account and thread are in play, reads thread history before composing, and reports exact status (`drafted` / `approval-pending` / `sent` / `blocked` / `awaiting verification`) with sent-copy proof when claiming a send succeeded.
Thin HIPAA entrypoint that overlays BAA, PHI, covered-entity, minimum-necessary, and audit-trail decision gates on top of `healthcare-phi-compliance` (implementation) and `healthcare-reviewer` (review). Blocks PHI from logs/analytics/crash reports/LLM prompts/URLs and treats third-party SaaS, observability, support tooling, and LLM providers as blocked-by-default until BAA status and data boundaries are proven.
Evidence-first workflow for revenue snapshots (Stripe sales, MRR, refunds, disputes, duplicate subscriptions), pricing decisions, team-seat and entitlement truth, and duplicate-charge diagnosis β separating revenue fact, customer impact, and code-backed product truth. Refuses to claim "per seat" unless the actual entitlement path enforces it and returns a refund / preserve / convert / no-op decision plus the product backlog gap that needs to be filed.
Prevent Ethereum hashing bugs in JS/TS by never using Node's `crypto.createHash('sha3-256')` (which is NIST SHA3, not Ethereum Keccak-256) and using Keccak-aware helpers from `ethers`, `viem`, or `web3` instead β selectors, EIP-712 typeHash, storage-slot math, address derivation. Includes copy-paste patterns for ethers v6 (`id`, `solidityPackedKeccak256`), viem, web3.js, and a `grep` snippet for auditing existing code.
Evidence-first terminal-execution workflow for running commands, inspecting git state, debugging CI, making a narrow fix, and reporting exactly what changed and what was proved. Uses strict status words (`inspected` / `changed locally` / `verified locally` / `committed` / `pushed` / `blocked`), refuses to widen a narrow fix into repo-wide churn, and never claims "pushed" unless the branch actually moved upstream.
Write [Hookify](https://claudelog.com/hookify) rules as `.claude/hookify.{name}.local.md` markdown files with YAML frontmatter that watch for patterns (regex or multi-condition) on bash/file/stop/prompt/all events and either `warn` or `block`. Covers frontmatter fields (`name`, `enabled`, `event`, `action`, `pattern`, `conditions`), operators like `regex_match`/`contains`/`starts_with`, common pitfalls (over-broad regexes, YAML escaping), and the `/hookify`, `/hookify-list`, `/hookify-configure` commands.
Evidence-first burn audit for the sibling ECC-Tools GitHub App repo targeting runaway PR creation, quota bypass, premium-model leakage on free tiers, duplicate-job fanout, and app-generated branches re-entering the webhook. Traces webhook β queue β worker paths end to end and fixes in burn order (stop PR multiplication β stop quota bypass β stop premium leakage β stop retry burn β close rerun safety gaps) rather than cosmetic cleanup.
Solidity AMM / liquidity-pool / swap-flow security checklist with hardened OpenZeppelin patterns β enforces CEI ordering and `nonReentrant`, blocks donation/inflation attacks by tracking internal `_totalAssets` instead of `token.balanceOf(address(this))`, requires Uniswap V3 TWAP instead of spot price, mandatory `amountOutMin`/`deadline` on swaps, `FullMath.mulDiv` for overflow-sensitive reserve math, and `Ownable2Step` admin controls. Ends with a slither / echidna / forge fuzz audit step.
Evidence-first live-messaging workflow for iMessage/DM retrieval, recovering a recent one-time code, and inspecting a thread before replying β not email work. Forces the agent to name the exact message surface (local Messages, X/social DM, other browser-gated source), sender/service, and time window, and returns explicit status (`read` / `code-found` / `blocked` / `awaiting reply draft`) instead of improvising raw database access.
Layered security patterns for autonomous trading agents that sign and send transactions β prompt-injection filters on external data, independent per-tx/daily hard spend limits, mandatory pre-send simulation with a required `min_amount_out`, drawdown-based circuit breakers, a dedicated session hot wallet (never the treasury), and private mempool routing (e.g. Flashbots) with per-strategy slippage and deadline. Pre-deploy checklist treats no single check as sufficient.
Prevent silent decimal mismatch bugs across EVM chains β always call `decimals()` at runtime, cache by `(chain_id, token_address)` (not symbol), use `Decimal`/`BigInt` exact math (never float), re-query after bridging, and normalize to 18-decimal WAD when comparing across tokens. Ships Python (`web3.py`), TypeScript (`ethers`), and Solidity examples plus a `cast call <token> "decimals()(uint8)"` quick check.
Unify scattered notifications across GitHub, Linear, local hooks, desktop alerts, and connected chat/email into one ECC-native lane with a severity model (Critical/High/Medium/Low), event pipeline (capture β classify β route β collapse duplicates β attach action), and digest-first defaults. Prefers existing ECC primitives (skill, hook, agent, MCP) over a new notification product and always pairs each signal with the next operator action.
Skill for designing, implementing, and auditing WCAG 2.2 Level AA accessibility on Web, iOS, and Android β mapping component roles, 4.5:1/3:1 contrast, 24Γ24 CSS pixel targets, focus appearance (SC 2.4.11), ARIA/accessibility traits, and assistive-tech compatibility.
Part of the Anthropic-hackathon-winning "Everything Claude Code" (ECC) performance optimization system for AI agent harnesses β a full production stack of skills, instincts, memory optimization, continuous learning, security scanning, and research-first development that works across Claude Code, Codex, Cursor, OpenCode, Gemini, and other harnesses.
Skill
Skill