Loading...
Loading...
Found 2,543 Skills
Design MVPs, validated learning experiments, and pivot-or-persevere decisions using Build-Measure-Learn. Use when the user mentions "MVP scope", "validated learning", "pivot or persevere", "vanity metrics", or "test assumptions". Covers innovation accounting and actionable metrics. For 5-day prototype testing, see design-sprint. For customer motivation analysis, see jobs-to-be-done. Trigger with 'lean', 'startup'.
Spring Modulith for modular architecture in Spring Boot 3.x. Covers module structure, API vs internal packages, inter-module events, module testing, documentation generation, and observability. USE WHEN: user mentions "spring modulith", "modular monolith", "@ApplicationModule", "module boundaries", "inter-module events", "@ApplicationModuleTest", "modular architecture" DO NOT USE FOR: simple applications - unnecessary complexity, microservices - use proper service boundaries, existing tightly coupled monoliths - requires significant refactoring
Pre-commit quality checklist covering lint, typecheck, tests, code-spec sync, API changes, database migrations, cross-layer verification, and manual testing. Blocks commit if infra or cross-layer specs lack executable depth. Use when code is written and tested but not yet committed, before submitting changes, or as a final review before git commit.
Records completed work progress to .trellis/workspace/ journal files after human testing and commit. Captures session summaries, commit hashes, and updates developer index files for future session context. Use when a coding session is complete, after the human has committed code, or to persist session knowledge for future AI sessions.
Help the user shape technical blog posts, website articles, devlogs, essays, or long-form drafts without writing the full post for them. Use this whenever the user shares rough notes, a brain dump, unordered ideas, bullet points, or half-written sections, or asks for help turning notes into an outline, finding the angle, sharpening the hook or thesis, improving structure, clarifying the argument, tightening flow, stress-testing the payoff, or making a technical piece more engaging while preserving their voice. Use it even if the user does not explicitly ask for a writing guide, as long as they need help organizing and developing a post rather than having it ghostwritten. Guide with organization, critique, focused questions, and tiny example lines only; do not write the final article.
Use when handling authentication, authorization, encryption, HIPAA compliance, SOC 2, privacy policies, penetration testing, or any security and compliance concerns
Validate Perses resources: run percli lint locally or with --online against a server. Check dashboard definitions, datasource configs, variable schemas. Report errors with actionable fixes. Use for "perses lint", "validate perses", "check dashboard", "perses validate". Do NOT use for plugin schema testing (use perses-plugin-test).
Constructive critique through 5 HackerNews commenter personas with evidence-based claim validation. Use when user wants devil's advocacy, stress testing, or critical review of ideas, docs, architecture, or code. Use for "roast", "critique this", "poke holes", "devil's advocate", "stress test", or "what's wrong with". Do NOT use for code review (use systematic-code-review), implementation changes, or performance profiling without a specific critique request.
Clerk auth with API Keys beta (Dec 2025), Next.js 16 proxy.ts (March 2025 CVE context), API version 2025-11-10 breaking changes, clerkMiddleware() options, webhooks, production considerations (GCP outages), and component reference. Prevents 15 documented errors. Use when: API keys for users/orgs, Next.js 16 middleware filename, troubleshooting JWKS/CSRF/JWT/token-type-mismatch errors, webhook verification, user type inconsistencies, or testing with 424242 OTP.
Senior ISMS Audit Expert for internal and external information security management system auditing. Provides ISO 27001 audit expertise, security audit program management, security control assessment, and compliance verification. Use for ISMS internal auditing, external audit preparation, security control testing, and ISO 27001 certification support.
Design and implement CI/CD pipelines with GitHub Actions, GitLab CI, Jenkins, or CircleCI. Use for automated testing, building, and deployment workflows.
Elite Application Security engineer specializing in secure SDLC, OWASP Top 10 2025, SAST/DAST/SCA integration, threat modeling (STRIDE), and vulnerability remediation. Expert in security testing, cryptography, authentication patterns, and DevSecOps automation. Use when securing applications, implementing security controls, or conducting security assessments.