Loading...
Loading...
Found 53 Skills
Use when you need to perform I2 (Implementation Execution) in the Spec Pack of sdlc-dev, implement in batches with `{FEATURE_DIR}/implementation/plan.md` as the only SSOT, run minimal verification, write back audit information, and report at batch checkpoints; stop immediately when encountering blocking or clarification required items.
Initialize a repository for ASDLC adoption with AGENTS.md and directory structure
Use when you need to execute R3 (Prototype Generation) in the product requirement Spec process of sdlc-dev, generate requirements/prototype.md based on requirements/prd.md (including task flow + page structure + ASCII wireframe + AC mapping + walkthrough script), and avoid proceeding with generation without context/PRD, using Open Questions instead of verification checklists, or using non-ASCII formats that make the prototype untraceable and unreviewable.
Use when you need to generate `{FEATURE_DIR}/verification/report-{date}-{version}.md` (test report) during the verification phase of Spec Pack, provide deliverable conclusions that are traceable to test cases and defect references.
Used when a Spec Pack is completed, reusable assets need to be promoted to the project SSOT (ADR/contract/ops/NFR/registry), and there are risks of "contaminating the project with full package replication / skipping spec-context / mistaking merge-back for git merge".
Use when you need to generate or update `{FEATURE_DIR}/verification/suites.md` (test suite) during the verification phase of Spec Pack, organize test cases into executable sets and define blocking rules and execution order.
Use when you need to generate or update `{FEATURE_DIR}/verification/usecase.md` (test cases) during the verification phase of the Spec Pack, and require AC traceability and a structure that supports automated script generation.
Create a living specification (Spec) or plan for a feature by analyzing requirements and codebase
Use this when the Discover (reverse engineering) of legacy projects tends to get out of control in coverage. You need to first conduct module classification (P0/P1/P2) and constrain the depth of reverse engineering, ensuring that high-ROI modules are made traceable first instead of "writing everything but making it unmaintainable."
Detect common Python vulnerabilities such as SQL injection, unsafe deserialization, and hardcoded secrets. Use as part of a secure SDLC for Python projects.
AI-native software development lifecycle that replaces traditional SDLC. Triggers on "plan and build", "break this into tasks", "build this feature end-to-end", "sprint plan this", "superhuman this", or any multi-step development task. Decomposes work into dependency-graphed sub-tasks, executes in parallel waves with TDD verification, and tracks progress on a persistent board. Handles features, refactors, greenfield projects, and migrations.
Elite Application Security engineer specializing in secure SDLC, OWASP Top 10 2025, SAST/DAST/SCA integration, threat modeling (STRIDE), and vulnerability remediation. Expert in security testing, cryptography, authentication patterns, and DevSecOps automation. Use when securing applications, implementing security controls, or conducting security assessments.