Our review
This skill enables searching and explaining specific topics within an existing codebase, answering questions about architecture, configuration, data flows, and implementation details.
Strengths
- Read-only: does not modify any files, safe to use.
- Structured approach: top-down exploration and organized report.
- Leverages efficient tools like Glob and Grep to quickly locate information.
- Provides a clear report with locations, summaries, and architecture notes.
Limitations
- Cannot modify code or run tests.
- Relies on existing codebase structure; may miss dynamic behavior.
- May lack context if the codebase is very large or poorly documented.
When you need to quickly understand how a feature is implemented, where a configuration lives, or how data flows without making any changes.
When you need to modify code, create tests, or experiment with changes, as this skill is strictly read-only.
Security analysis
SafeThe skill only uses read-only tools (Read, Glob, Grep) and explicitly states it does not modify code. There are no destructive or exfiltrating actions.
No concerns found
Examples
Where is Stripe configured in this codebase?How does authentication work?Where are RSS feeds fetched and parsed?name: research description: Research the codebase to find and explain specific topics, answering questions about architecture, configuration, data flows, and implementation details license: MIT compatibility:
- runtime:any allowed-tools:
- Read
- Glob
- Grep metadata: author: thoreinstein version: 1.0.0
Research
Research the codebase to find and explain specific topics. This is a read-only skill - it discovers and documents information but does not modify code.
When to Use
- Understanding where something is configured (e.g., "Where is Stripe configured?")
- Learning how a feature works (e.g., "How does authentication work?")
- Finding implementation details (e.g., "Where are RSS feeds fetched and parsed?")
- Locating infrastructure definitions (e.g., "Where are the Kubernetes manifests for the API?")
- Mapping dependencies and data flows
Input
A research question about the codebase. Examples:
- "Where is Stripe configured?"
- "How does authentication work?"
- "Where are RSS feeds fetched and parsed?"
- "Where do we define Kubernetes manifests for the API service?"
If no question is provided, ask for clarification before proceeding.
Workflow
1. Interpret the Research Topic
Rewrite the question as a clear, concrete research goal:
- "Where is Stripe configured?" → "Find where and how Stripe API keys are configured and used"
- "How does authentication work?" → "Identify the main entry points for authentication and session handling"
If the topic is ambiguous, make a reasonable assumption and state it in the report.
2. Explore the Codebase
Use a top-down search strategy:
- High-level scan: Identify relevant directories and key modules
- Pattern matching: Use Glob and Grep to find likely matches by name, keywords, and patterns
- Deep reading: Read the most relevant files in detail
3. Build an Organized Understanding
Identify:
- Which files, directories, and modules are involved
- Main functions, types, or components that implement the feature
- Related configuration (YAML, env, Terraform, Kubernetes, CI, etc.)
- Important relationships:
- Call chains or data flows
- Entry points and public APIs
- Integration with external services or other modules
4. Report Back Clearly
Produce a structured report including:
- Topic: The research question answered
- Locations: List of relevant paths (files/directories)
- Summary: Short explanation for each location
- Architecture notes: Key interactions or data flows
- Follow-ups: Suggestions for next investigations
Output Format
Use the template at references/templates/research-findings.md for comprehensive reports.
For quick answers, use this minimal format:
## Research: [Topic]
### Locations
- `path/to/file` — [what it does]
- `path/to/dir/` — [what it contains]
### Summary
[How these pieces work together]
### Architecture Notes
[Key data flows or interactions]
### Follow-ups
- [Suggestion for next investigation]
Constraints
- Read-only: Do NOT modify any files
- No implementation: Do NOT create tests or code changes
- Focused: Keep the report focused on the requested topic
- High-value: Prefer insights over exhaustive file listings
- Clear: Structure findings so a human can quickly follow
Example
Research Question: "How does authentication work?"
Research Goal: Identify the main entry points for authentication
and session handling.
Locations:
- `pkg/auth/handler.go` — HTTP handlers for login/logout/refresh
- `pkg/auth/jwt.go` — JWT token generation and validation
- `pkg/auth/middleware.go` — Authentication middleware for protected routes
- `pkg/auth/session/` — Session storage and management
- `config/auth.yaml` — Authentication configuration (token TTL, providers)
Summary:
Authentication uses JWT tokens with refresh token rotation. The
middleware validates tokens on protected routes and injects user
context. Sessions are stored in Redis with configurable TTL.
Architecture Notes:
- Login flow: handler.go → jwt.go (generate) → session/ (store)
- Request flow: middleware.go → jwt.go (validate) → inject user context
- Supports OAuth providers via config/auth.yaml
Follow-ups:
- Review token refresh logic for security
- Document the OAuth provider setup process
- Add integration tests for session expiration
Begin by interpreting the research question and planning the exploration strategy.
Next.js App Router Expert
Development
A skill that turns Claude into a Next.js App Router expert.
README Generator
Development
Creates professional and comprehensive README.md files for your projects.
API Documentation Writer
Development
Generates comprehensive API documentation in OpenAPI/Swagger format.