Analyze code changes and determine semantic version bumps. Detect breaking changes automatically, suggest version bump (major/minor/patch), generate changelog entries, and validate version consistency.
Skills(SKILL.md)は、AIエージェント(Claude Code、Cursor、Codexなど)に特定の能力を追加するための設定ファイルです。
詳しく見る →Analyze code changes and determine semantic version bumps. Detect breaking changes automatically, suggest version bump (major/minor/patch), generate changelog entries, and validate version consistency.
TypeScript SDK development with Node.js and browser support. Design SDK architecture, implement type-safe API clients, support ESM and CommonJS modules, and configure bundling for browsers.
Microsoft TypeSpec-based API and SDK generation
Privacy-respecting SDK usage analytics collection
Automated OWASP Top 10 vulnerability detection and assessment. Run OWASP ZAP automated scans, detect injection vulnerabilities, identify broken authentication patterns, check for sensitive data exposure, analyze security misconfigurations, and generate OWASP-compliant reports.
Static Application Security Testing orchestration and analysis. Execute Semgrep, Bandit, ESLint security plugins, CodeQL, and other SAST tools. Parse, prioritize, and deduplicate findings across multiple tools with remediation guidance.
Detect secrets, credentials, and sensitive data in code and configurations. Scan git history for secrets, detect API keys, tokens, passwords, check environment files, monitor CI/CD logs for exposure, generate remediation steps, and track secret rotation status.
AI/ML model security testing and adversarial research capabilities. Generate adversarial examples, test model robustness, perform model extraction attacks, test for data poisoning, analyze model fairness, and support ART framework integration.
Web application security testing with Burp Suite integration
Multi-cloud security assessment and penetration testing capabilities. Execute Prowler/ScoutSuite assessments, analyze IAM policies, identify cloud misconfigurations, test permissions, and enumerate cloud resources across AWS/GCP/Azure.
Comprehensive fuzzing operations with AFL++, libFuzzer, and OSS-Fuzz integration
Digital forensics and incident response capabilities. Analyze memory dumps with Volatility, parse filesystem artifacts, extract browser forensics, analyze Windows event logs, create forensic timelines, recover deleted files, and generate forensic reports.
Android and iOS application security testing
Isolated analysis environment management for malware and exploit testing. Create and manage isolated VMs, configure Cuckoo Sandbox, set up REMnux/FlareVM environments, manage Docker-based analysis containers, and capture filesystem and process changes.
YARA rule creation, testing, and deployment
Specialized skill for generating C4 model architecture diagrams. Supports Structurizr DSL, PlantUML, and Mermaid formats with multi-level abstraction (Context, Container, Component, Code).
Generate load test scripts for k6, Locust, and Gatling from OpenAPI specs
Specialized skill for processing Markdown and MDX documentation. Supports parsing, rendering, TOC generation, link validation, frontmatter processing, and diagram embedding.
Generate metrics schemas for Prometheus, OpenTelemetry, and Grafana dashboards
Specialized skill for generating and validating OpenAPI 3.0/3.1 specifications. Supports code-first and spec-first approaches, schema inference, validation, and mock server generation.
Validate OpenAPI specifications for correctness, security, and best practices
Specialized skill for analyzing Terraform configurations. Supports parsing, security scanning (tfsec, checkov), cost estimation (infracost), drift detection, and plan visualization across AWS, Azure, and GCP.
Extract, validate, and test code samples in documentation. Verify syntax, execute samples, check outputs, validate imports, and ensure code samples are up-to-date with current APIs.
Documentation accessibility validation and remediation. Check WCAG 2.1 compliance, validate alt text, analyze heading hierarchy, verify color contrast, and generate accessibility reports.
JavaScript and TypeScript documentation generation using JSDoc and TSDoc. Parse source code, generate API documentation, validate coverage, and integrate with TypeDoc for comprehensive developer documentation.
Expert skill for OpenAPI/Swagger specification analysis, validation, and documentation generation. Parse and validate specs, detect breaking changes, generate code samples, and lint for best practices.
ReadMe.com platform integration for API documentation. Sync OpenAPI specs, manage versions, configure API reference settings, automate changelogs, and integrate with metrics dashboards.
Generate animation specifications, easing curves, and motion design documentation
Automated accessibility testing using axe-core API for WCAG compliance validation. Run accessibility scans, generate violation reports, suggest code fixes, and track accessibility debt.
Cross-browser and cross-device testing using BrowserStack or Sauce Labs
Direct Figma API interactions for design asset management. Fetch files and components, extract design tokens, export images, manage comments, and access version history.
Performance and accessibility auditing using Google Lighthouse. Measure Core Web Vitals, accessibility scores, SEO, and best practices. Generate reports and track performance budgets.
Extracts design specifications from mock images including colors, typography, spacing, and component details
Define and document prototype interactions, transitions, and hotspots
Visual regression testing through screenshot capture and comparison. Pixel-diff analysis, responsive screenshot capture across viewports, and visual change reporting with highlighted differences.
Multi-dimensional visual scoring using pixel-diff and structural analysis for design-to-implementation comparison
WAI-ARIA implementation, roles, states, and properties.
Cypress testing patterns, custom commands, component testing, and CI integration.
GitHub Actions for web app CI/CD, testing, and deployment.
Jest configuration, mocking strategies, snapshot testing, and coverage.
Mock Service Worker API mocking, request handlers, and integration testing.
Next.js specific patterns including App Router, React Server Components, Server Actions, streaming, caching, and Vercel deployment.
OpenAPI/Swagger specification, code generation, documentation, and validation.
Playwright E2E testing, page objects, fixtures, visual regression, accessibility testing, and CI integration patterns.
Specialized skill for React component development, hooks patterns, state management, context API, performance optimization, and modern React best practices.
Deep expertise in React hooks patterns including custom hooks, composition, optimization, and testing strategies.
React Testing Library patterns, queries, user events, and accessibility testing.
Screen reader compatibility, testing, and optimization.
shadcn/ui component patterns, customization, theming, and integration.
Storybook configuration, stories, addons, interaction testing, and documentation.