Product management expertise for story creation, backlog management, validation, and release coordination

Security audits, vulnerability analysis, and security best practices enforcement

Full 9-phase workflow for complex features, epics, and security-critical changes (2-4 hours)

Orchestrates Atlas workflow tier selection for software development tasks

Quick 2-phase workflow for trivial changes - typos, colors, config updates (5-15 min)

Standard 5-phase workflow for most development tasks - bugs, small features, refactors (30-60 min)

atlas14-spatial-variance

Atlassian API integration for Jira and Confluence automation. Activate for Atlassian REST APIs, webhooks, and platform integration.

Attach documents, screenshots, PDFs, and files to Jira issues and Confluence pages via REST API. Use when uploading evidence, documentation, or media to Atlassian products.

Use when querying Jira issues, searching Confluence pages, creating tickets, updating documentation, or integrating Atlassian tools via MCP protocol.

Search and retrieve information from Jira and Confluence using the atlassian-cli tool. Use this skill to find issues, search documentation, manage projects, and track sprints in Atlassian products.

The `SystemPromptGenerator` creates structured, effective system prompts for agents. It combines static instructions with dynamic context from providers.

Generate use-case-specific Attio workflow skills from templates. Use when creating new skills for lead qualification, deal management, customer onboarding, or custom Attio workflows.

Synthesize audience insights from multiple data sources into unified personas and segments. Use when relevant to the task.

Aggregate and deduplicate findings from multiple audit reports

Security audit with automatic fixes: $ARGUMENTS (package names or '.')

Run all 7 domain audits in staged waves and aggregate results

Orchestrates comprehensive audits of Claude Code customizations using specialized auditors. Use when auditing multiple components, asking about naming/organization best practices, or needing thorough validation before deployment.

**Version:** 2.0 **Total Agents:** 18 parallel agents across 5 stages + 1

Run a single-session engineering productivity audit on the codebase

Implement immutable audit logging and SIEM integration.

Run a single-session performance audit on the codebase

**Version:** 2.2 (Recovery Safeguards - Session #122)

Run a single-session refactoring audit on the codebase

Run a single-session security audit on the codebase

Quick security audit checking for hardcoded secrets, SSRF vectors, injection points, dependency issues, and missing security headers

**Version:** 1.0 **Purpose:** Validate TDMS and Documentation Standards

Analyze existing libraries for convention violations and report issues.

<objective>

Use this skill when auditing websites for SEO, analyzing search performance, checking technical SEO issues, or optimizing sites for search engines. Performs comprehensive SEO audits covering technical, on-page, and off-page factors. Invoke for SEO analysis, search optimization, keyword research, or improving search rankings.

Adds BetterAuth authentication to Apso backends. Handles entity setup, code generation, auto-fixes, and verification. Triggers when user needs to add authentication, setup auth, or integrate BetterAuth.

auth-js

This skill should be used when the user requests to audit, check, or generate authentication and authorization protection for Next.js routes, server components, API routes, and server actions. It analyzes existing routes for missing auth checks and generates protection logic based on user roles and permissions. Trigger terms include auth check, route protection, protect routes, secure endpoints, auth middleware, role-based routes, authorization check, api security, server action security, protect pages.

OAuth 2.1 compliant authentication flows (MANDATORY Q2 2026). PKCE required for ALL clients, Implicit Flow removed, modern token security.

Authentication and authorization including JWT, OAuth2, OIDC, sessions, RBAC, and security analysis. Activate for login, auth flows, security audits, threat modeling, access control, and identity management.

Implement OAuth2/OIDC/JWT, MFA, SSO, and session management.

Analyze content sequences and determine authoring approach (default content vs blocks). Validates block selection and section styling for import/migration to AEM Edge Delivery Services.

Comprehensive authorization guidance covering RBAC, ABAC, ACL, ReBAC, and policy-as-code patterns. Use when designing permission systems, implementing access control, or choosing authorization strategies.

Validate authorization failures including IDOR, privilege escalation, and missing access controls. Test by attempting unauthorized access with lower-privileged credentials. Use when testing CWE-639 (IDOR), CWE-269 (Improper Privilege Management), CWE-862 (Missing Authorization), CWE-863 (Incorrect Authorization), CWE-284 (Improper Access Control), CWE-285 (Improper Authorization), or CWE-425 (Direct Request / Forced Browsing) findings.

Autonomous multi-agent coding with git worktree isolation, QA validation, and memory. Use for complex features requiring autonomous implementation.

**The skill you cannot invoke. It invokes itself.**

Automatically commits and pushes significant changes to git after completing features, fixes, or milestones. This skill should be used proactively by Claude when meaningful work is completed, or invoked manually via /auto-commit. Triggers on feature completion, bug fixes, configuration changes, documentation updates, or when explicitly requested.

Automatically deploy oh-my-gemini to npm and GitHub

Generate comprehensive documentation from codebase analysis - creates README sections, API docs, migration guides, and examples from code

Automate detection and removal of duplicate files/functions in TypeScript, JavaScript, and Python projects. Safely refactor imports, validate with tests, and deploy changes with zero risk of breaking the system.

CCv2 inicjalizacja trybu auto - wywiad + CONTINUITY + VALIDATION. Triggers: auto-init, auto init, inicjuj auto, plan auto

Automatic learning from session command patterns

You are the **Orchestration Intelligence**. You automatically detect when work should be parallelized and coordinate the orchestration process.

Enable parallel agent execution for multi-domain features with git worktree isolation

>-