Find the perfect skill
XSS Injection and Client-Side Attacks
Security
Executes Cross-Site Scripting (XSS) and client-side injection attacks such as clickjacking. Helps identify and exploit vulnerabilities where malicious scripts can be injected into web pages viewed by other users. Works with Burp Suite, Dalfox, and XSStrike to test reflected, stored, and DOM-based XSS.
OpenAI SDK Compliance Check
Testing
Audit files or directories against the OpenAI SDK compliance checklist (A1–A11 rules). Produces a Markdown report with PASS/FAIL evidence and suggested fixes. Helps enforce Kira Constitution standards and detect violations like custom routing, missing Zod schemas, or improper tool categories.
Product Roadmap Theme Definition
Productivity
Defines a single roadmap theme with grouped initiatives and success metrics. Helps organize roadmap commitments around strategic priorities. Supports creating new themes, updating existing ones, or finding themes across the project.
Technical Debt Detector
Development
Detects and reports technical debt including TODO comments, duplicate code, unused imports, long functions, deep nesting, magic numbers, and outdated dependencies. Generates a prioritized report to help developers improve code quality and maintainability.
PR Review Pipeline Debugging
Development
Diagnoses why a specific PR review is failing or not triggering in the claude-code-reviewer service. Traces the PR through the full pipeline: state, errors, review history, skip reasons, and simulation of the review gating logic. Useful when a PR is not receiving a review or a review fails unexpectedly.
Project Planning
Development
Creates detailed step-by-step implementation plans with acceptance criteria, exclusive to the planner agent. Leverages MCP helpers like Gemini-Bridge and Context7 for architecture analysis and documentation lookup. Supports PHP/Laravel and Python stacks with independently testable phases and risk matrices.
Understand Your Changes with /doi
Development
Analyzes the diff between your current Git branch and the default branch, then creates interactive multiple-choice questions about the changes. Use it to verify your understanding of vibe-coded modifications and track any unanswered questions as 'vibe debt' for later review.
Operational Runbook Documentation
DevOps
Document CI/CD, deployment, and operational procedures in structured runbooks. Use when creating or updating how-to guides for deployments, database migrations, incident response, and maintenance tasks. Ensures procedures include copy-paste commands, rollback steps, and risk levels.
Scaffold Development Rules
DevOps
Automatically set up development rules and coding conventions for AI coding agents. Manages rule files, updates AGENTS.md and CLAUDE.md with guided workflow.
Pull Request Enhancement
Development
This skill assists in creating high-quality pull requests by generating comprehensive descriptions, summarizing changes, and organizing test coverage and risks. It is useful when writing or improving PR descriptions, reducing PR size, or facilitating faster code reviews.
Arc42 Architecture Documentation
Documentation
Use this skill to create and maintain architecture documentation following the arc42 template. It can initialize a workspace with all 12 sections, check completion status, and update individual sections. Supports 11 languages and output in AsciiDoc or Markdown, making it suitable for documenting system architecture with a proven structure.
Quick Person Note
Productivity
Quickly record observations about a person without breaking your flow. Use natural triggers like 'note about' or 'noticed' to extract the name and observation, then append a dated, contextual note to their profile. Helps when you want to jot down a detail mid-conversation or remember something specific about someone.