Loading...
Loading...
Found 23 Skills
Harvest every `ponytail:` comment in the codebase into a debt ledger, so the deliberate shortcuts and deferrals ponytail leaves behind get tracked instead of rotting into "later means never". Use when the user says "ponytail debt", "/ponytail-debt", "what did ponytail defer", "list the shortcuts", "ponytail ledger", or "what did we mark to do later". One-shot report, changes nothing.
GoPlus AgentGuard — AI agent security guard. Automatically blocks dangerous commands, prevents data leaks, and protects secrets. Use when reviewing third-party code, auditing skills, checking for vulnerabilities, evaluating action safety, or viewing security logs.
Scans source code, configuration files, and git history for hardcoded credentials, API keys, and tokens. Use when auditing repositories for security leaks or ensuring sensitive data is not committed to version control.
Verify code for security issues including hardcoded secrets, input validation, error exposure, and dependency vulnerabilities. Use when asked to "verify security", "check for secrets", or "scan for vulnerabilities".
Run Salesforce Code Analyzer to scan code for security, performance, best practice, and code style violations. Supports all engines (PMD, ESLint, CPD, RetireJS, Flow, SFGE, ApexGuru), targets (files, folders, git diff), categories, and severities. TRIGGER when: user says 'scan my code', 'check for security issues', 'run PMD/ESLint', 'find duplicates', 'analyze Flows', 'check vulnerable libraries', 'AppExchange review', 'lint my LWC', 'static analysis', 'code quality', or mentions engines/file types (.cls, .trigger, .js, .flow-meta.xml). DO NOT TRIGGER when: user wants to fix code without scanning, or asks about installation/configuration.
Generate marketing demo HTML for any repository using a hook+demo pipeline. This skill scans source code into <code="..."> blocks, creates plan outlines, generates hook/demo HTML, and optionally merges them. Use when you need one-click demo generation for arbitrary repos with Gemini CLI (`gemini -m`), including selectable hook templates (`text`, `shorts`, `4methods`).
Scans code for performance and scalability issues — N+1 queries, missing indexes, unbounded queries, memory inefficiencies, caching gaps, algorithmic complexity, concurrency bugs, and frontend performance problems. Generates severity-scored findings with copy-pasteable fix prompts. Trigger phrases: "performance audit", "performance check", "N+1 detection", "query optimization", "slow code", "performance review".
Semgrep integration. Manage Rules, Scans. Use when the user wants to interact with Semgrep data.
Detects common LLM coding agent artifacts in codebases. Identifies test quality issues, dead code, over-abstraction, and verbose LLM style patterns. Use when cleaning up AI-generated code or reviewing for agent-introduced cruft.
Provides comprehensive guidance for generating API documentation by scanning code interfaces, extracting request/response information, and creating standardized API documentation. Use ONLY when the user explicitly mentions generating API documentation, creating API docs, scanning interfaces, or documenting APIs. The skill scans Controller classes, extracts interface information (URL, method, parameters, response), and generates documentation following standard templates. Do NOT trigger for generic documentation requests without explicit API documentation mention.
This skill should be used when the user asks to 'optimize performance', 'check for memory leaks', 'improve performance', 'performance tuning', 'adjust performance', or mentions performance issues in Adobe Animate or CreateJS projects.
Scans code for error handling and resilience issues — swallowed exceptions, missing try/catch on external calls, unhandled promise rejections, missing transactions, validation gaps, retry/timeout omissions, and logging blind spots. Generates severity-scored findings with copy-pasteable fix prompts. Trigger phrases: "error handling check", "exception audit", "resilience check", "try/catch review", "error handling audit".