Total 44,144 skills, Code Quality has 2071 skills
Showing 12 of 2071 skills
Detect package managers and discover outdated or vulnerable dependencies. Returns structured findings without upgrading. Use when the user asks to "review dependencies", "check for outdated packages", "check dependencies", "scan dependencies", or "dependency review".
Reviewer-only pass for /plan --review and cleanup artifact review
Comprehensive Rust coding guidelines covering ownership, error handling, async patterns, traits, testing, performance, clippy, and documentation. Use when writing new Rust code, reviewing or refactoring existing Rust, implementing async systems with Tokio, designing error hierarchies, choosing between borrowing and cloning, setting up tests or benchmarks, configuring linting, or optimizing performance. Do not use for non-Rust languages or general software architecture unrelated to Rust idioms.
Review only changes since last commit using impact analysis. Token-efficient delta review with automatic blast-radius detection.
Compare pre-edit and post-edit compiled artifacts to report execution timing % diff, energy consumption, and control-flow analysis.
**Mandatory** before any commit or push. Run Definition-of-Done checks from change scope and report exact pass/fail per command.
Managing third-party dependencies — version pinning, security auditing, license compliance, update workflows, lockfile management, supply chain security. Activate on "npm audit", "dependabot", "renovate", "pin versions", "dependency update", "supply chain", "license compliance", "lockfile", "security advisory", "typosquatting", "SBOM". NOT for internal monorepo package management (use monorepo-management) or publishing your own packages to npm/PyPI.
Weed the Allium garden. Find where Allium specifications and implementation code have diverged, and help resolve the divergences. Use when the user wants to check spec-code alignment, compare specs against implementation, audit for spec drift or violations, sync specs with code or code with specs, or verify whether the implementation matches what the spec says.
Bug → spec protocol. When a bug is found or a test fails, trace the cause, decide whether a new §V invariant would catch recurrence, append to §B. This is the one non-obvious thing SDD does that plan-then-execute doesn't. Triggers on test failure, bug report, post-mortem, or explicit user ask.
Read-only drift detector. Diffs SPEC.md against current code and reports violations grouped by severity. Writes nothing — suggests remedies via the spec or build skills but never invokes them. Triggers when the user asks to check drift, audit the spec, verify invariants, or ask whether code still matches the spec. Phrasings: "check drift", "audit the spec", "does the code still match §V", "check invariants", "spec vs code".
Run OpenAI Codex CLI as an independent reviewer over the current branch, a specific commit, or uncommitted changes. Builds a focused instruction file from the real diff and returns a compact review summary.
Acts as a Senior Staff Engineer to enforce high-quality software development standards. Use this skill when the user asks for code implementation, architectural review, debugging, or technical design. It ensures all code is production-ready, typed, and architecturally sound.