>

Iterative 3-phase workflow with peer review cycle for changes needing validation (15-30 min)

Standard 5-phase workflow for most development tasks - bugs, small features, refactors (30-60 min)

Use the bundled CLI to control Atlas and inspect local browser data.

Attach documents, screenshots, PDFs, and files to Jira issues and Confluence pages via REST API. Use when uploading evidence, documentation, or media to Atlassian products.

Use when querying Jira issues, searching Confluence pages, creating tickets, updating documentation, or integrating Atlassian tools via MCP protocol.

Search and retrieve information from Jira and Confluence using the atlassian-cli tool. Use this skill to find issues, search documentation, manage projects, and track sprints in Atlassian products.

Create atomic components (atoms) - the fundamental building blocks of your UI with proper TypeScript interfaces and Tailwind v4 styling.

Context providers dynamically inject information into agent system prompts at runtime. They enable agents to access current data without modifying the base prompt.

Use when applying Atomic Design methodology to organize UI components into quarks, atoms, molecules, organisms, templates, and pages. Core principles and hierarchy.

Use when creating page layouts without real content. Templates define the skeletal structure of pages using organisms, molecules, and atoms.

attach-content

Knowledge about attempt tracking and gating patterns for task execution

Universal coding standards and best practices for TypeScript, JavaScript, React, and Node.js. Use when: writing code, reviewing code quality, establishing conventions. Focuses on modern patterns, explicit conventions, and rationale for best practices.

Generate use-case-specific Attio workflow skills from templates. Use when creating new skills for lead qualification, deal management, customer onboarding, or custom Attio workflows.

Establish cause-effect relationships between events or states. Use when analyzing root causes, mapping dependencies, tracing effects, or building causal models.

Synthesize audience insights from multiple data sources into unified personas and segments. Use when relevant to the task.

FFmpeg audio processing, batch editing, normalization, mixing, and automated audio production workflows. Use when processing audio at scale, automating editing tasks, or building audio pipelines.

Test Bob The Skull with virtual audio injection instead of speaking. Use when testing wake word detection, STT accuracy, full conversation pipeline, or automated testing. Covers setup, configuration, injection methods, and troubleshooting.

You are the on-device audio ML specialist for Modcaster's AI-driven audio processing.

Aggregate and deduplicate findings from multiple audit reports

Scan codebase for bad coding practices that violate fail-fast principles

Run a single-session code review audit on the codebase

Run all 7 domain audits in staged waves and aggregate results

Orchestrates comprehensive audits of Claude Code customizations using specialized auditors. Use when auditing multiple components, asking about naming/organization best practices, or needing thorough validation before deployment.

Run a single-session engineering productivity audit on the codebase

Expert-level security auditing, compliance, code review, and vulnerability assessment

Audit codebase for performance bottlenecks and thread-safety issues

Run a single-session performance audit on the codebase

Prepare your codebase for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures accessibility, and generates comprehensive documentation (flowcharts, user stories, inline comments). (project, gitignored)

Run a single-session refactoring audit on the codebase

Template and formatting guidelines for security audit reports. Provides consistent structure for findings, severity classification, ASVS mapping, and remediation recommendations.

Comprehensive audit capabilities for security, code quality, module structure, compliance, and performance analysis. Use this skill when performing security audits, code reviews, vulnerability assessments, module structure validation, or generating audit reports.

Comprehensive guide to implementing audit trails and logging for AI agents including tracing, observability, compliance, and debugging

使用 squirrelscan CLI（squirrel）对网站进行审计，覆盖 SEO、技术、内容、性能、安全等 140+ 规则。当需要分析网站健康、排查技术 SEO、检查死链、校验 meta 与结构化数据、生成站点审计报告、对比改版前后，或提到「网站审计」「audit website」「squirrel」「站点健康检查」时使用。

Auditing and updating npm dependencies to prevent security vulnerabilities in TypeScript projects

Audits notification permission request flows. Use when reviewing or improving permission prompts, settings paths, or denial handling.

<objective>

Use this skill when auditing websites for SEO, analyzing search performance, checking technical SEO issues, or optimizing sites for search engines. Performs comprehensive SEO audits covering technical, on-page, and off-page factors. Invoke for SEO analysis, search optimization, keyword research, or improving search rankings.

Use when reviewing website copy, SEO titles/descriptions, marketing content, or public messaging - applies Anil Dash's shareability framework to ensure others can authentically talk about your work without you present

>

>

>

Adds BetterAuth authentication to Apso backends. Handles entity setup, code generation, auto-fixes, and verification. Triggers when user needs to add authentication, setup auth, or integrate BetterAuth.

Pre-built and custom Clerk authentication component templates with theming and customization patterns. Use when building authentication UI, creating sign-in/sign-up pages, customizing Clerk components, implementing user buttons, theming auth flows, or when user mentions Clerk components, SignIn, SignUp, UserButton, auth UI, appearance customization, or authentication theming.

Configure Supabase authentication providers (OAuth, JWT, email). Use when setting up authentication, configuring OAuth providers (Google/GitHub/Discord), implementing auth flows, configuring JWT settings, or when user mentions Supabase auth, social login, authentication setup, or auth configuration.

Use when you need to implement CloudBase Auth v2 over raw HTTP endpoints (login/signup, tokens, user operations) from backends or scripts that are not using the Web or Node SDKs.

auth-js

This skill should be used when the user requests to audit, check, or generate authentication and authorization protection for Next.js routes, server components, API routes, and server actions. It analyzes existing routes for missing auth checks and generates protection logic based on user roles and permissions. Trigger terms include auth check, route protection, protect routes, secure endpoints, auth middleware, role-based routes, authorization check, api security, server action security, protect pages.