Implement technical plans from thoughts/shared/plans with verification

Incident severity classification, runbook templates, root cause analysis, and post-incident review

Detect fail-open configurations, hardcoded secrets, weak authentication defaults, permissive CORS, disabled security features, and other insecure-by-default patterns. Adapted from Trail of Bits. Use during security review or when auditing configuration and initialization code.

JPA/Hibernate patterns for entity design, relationships, query optimization, transactions, auditing, indexing, pagination, and pooling in Spring Boot.

Knowledge graph integration for token-efficient codebase understanding. Uses codebase-memory MCP for AST indexing, dependency graphs, and smart context selection. 6-71x token savings vs raw file reading.

Coroutine patterns, Flow operators, Jetpack Compose state management, Ktor routing, and Kotlin Multiplatform shared code.

Pod design patterns, sidecar containers, init containers, config management, rolling updates, and resource limits.

KVKK and GDPR compliance patterns - consent management, right to erasure, breach notification, audit logging, cookie consent, and data classification.

Progressive memory recall with 4 scope layers AND 3 depth layers. Scope: identity > project > room > deep. Depth: IDs only > summary > full. 10-50x token savings through fetch-on-confirmation pattern.

Hizlica kural/ogrenim kaydet. CLAUDE.md'ye ve memory'ye yazar. Kullanim: /learn <kural>

k6 script templates, load profiles, response time thresholds, SLO validation, and performance testing strategies.

Multi-layer cognitive stack for machine-verified mathematical problem solving across 14 sub-disciplines.

Problem-solving strategies for graph algorithms in graph number theory

Problem-solving strategies for channel capacity in information theory

Problem-solving strategies for entropy in information theory

Hierarchical memory organization for multi-session context retention. Wings (projects) > Rooms (domains) > Drawers (decisions). Semantic search across all memories with zero cloud dependency.

>

Mutation testing ile test suite kalitesini olc. Stryker, mutmut, go-mutesting destegi.

OIDC flows, PKCE implementation, token refresh strategies, social login integration, and secure session management.

Structured logging with Pino/Winston, OpenTelemetry tracing, metrics collection, Grafana dashboards, and alerting rules.

AI-powered paywall optimizasyon. Sektore gore otomatik analiz, A/B test senaryolari, churn prediction sinyalleri, push notification stratejileri, agresif satis teknikleri ve RevenueCat Experiments entegrasyonu. paywall-strategy, revenuecat-patterns ve subscription-pricing skill'lerinin ustune insa eder.

Mobil uygulama paywall strateji rehberi. 14 kategori benchmark database, 4 paywall modeli, trial optimizasyonu, placement mapping, pricing psychology, regional pricing (PPP) ve Apple/Google compliance checklist.

Ethical security testing methodology - 5-phase pipeline, OWASP checklist, proof levels, structured findings

Load testing with k6/Artillery, response time thresholds, memory leak detection, N+1 query detection, and CI integration.

Persistent planning system with 3 markdown files (PLAN.md, PROGRESS.md, CONTEXT.md). Use when starting large features, multi-session work, or complex refactoring. Auto-tracks commits in PROGRESS.md.

Phase-gated commit workflow for clean git history -- implement, review, test, commit per phase

Structured plan file generation for large tasks -- phased planning, completion tracking, and decision documentation

PostgreSQL database patterns for query optimization, schema design, indexing, and security. Based on Supabase best practices.

Generate, edit, and read PowerPoint presentations. Create from scratch with PptxGenJS (cover, TOC, content, section divider, summary slides), edit existing PPTX via XML workflows, or extract text with markitdown. Triggers: PPT, PPTX, PowerPoint, presentation, slide, deck, slides.

Product Requirements Document writing - PRD templates, MoSCoW prioritization, user personas, competitive analysis, feature specs, acceptance criteria, risk assessment

Product analytics - event taxonomy, funnel analysis, A/B testing, retention metrikleri.

Security scan, dead code detection, and code quality audit for any project

Example template for project-specific skill files covering architecture, patterns, testing, and deployment.

Prompt templates, few-shot examples, chain-of-thought, structured output, evals

Property-based testing (PBT) patterns with fast-check (JS/TS), Hypothesis (Python), and gopter (Go). Generate random inputs, define invariants, shrink failures to minimal cases. Adapted from Trail of Bits. Use when testing pure functions, parsers, serializers, state machines, or any code where example-based tests miss edge cases.

Pythonic idioms, PEP 8 standards, type hints, and best practices for building robust, efficient, and maintainable Python applications.

Python testing strategies using pytest, TDD methodology, fixtures, mocking, parametrization, and coverage requirements.

Query the memory system for relevant learnings from past sessions using semantic search.

Analyze repository structure, patterns, conventions, and documentation for understanding a new codebase

Agent reputation scoring, performance tier system, trust calibration, and task affinity matching

Circuit breaker, bulkhead, retry with jitter, graceful shutdown, health check patterns for production resilience.

RevenueCat SDK entegrasyon pattern'leri. iOS (Swift), Android (Kotlin), React Native ve Flutter icin setup, offerings, entitlement checking, webhook integration, StoreKit 2 migration ve sandbox testing.

Generate design docs, ADRs, and concept docs from existing code by reverse engineering intent

SaaS analytics event taxonomy, metric formulas (MRR, churn, LTV), provider-agnostic tracking, funnel analysis, cohort setup, and privacy-respecting instrumentation.

Pre-launch verification across infrastructure, security, legal, payment, email, analytics, and performance. Day-1 monitoring, rollback plan, incident response skeleton, and post-launch week-1 checklist.

Static Application Security Testing patterns, OWASP Top 10 checklist, language-specific vulnerability patterns, Semgrep rule writing guide, and CI/CD integration. Use when scanning code for security vulnerabilities or writing custom SAST rules.

30+ service-specific secret detection regex patterns, entropy-based detection, PEM/JWT/Base64 identification, and false positive filtering.

Pre-push API key and credential scanner - blocks git push if secrets found

Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.

Self-healing codebase system. Monitors runtime errors, test failures, and build breaks. Automatically diagnoses root cause, generates fix, validates fix, and applies if safe. Zero human intervention for routine failures.