Plan features spanning multiple domains: billing (Stripe), auth (RBAC), real-time (Presence), webhooks, jobs (Oban). Use when designing interconnected systems or converting review findings into tasks.

Address PR review comments on Elixir/Phoenix code — fetch comments, draft responses, optionally fix code. Use when the user shares a PR URL or mentions reviewer feedback.

Review code with parallel agents — tests, security, Ecto, LiveView, Oban. Use after implementation to catch bugs and anti-patterns before committing.

Triage review findings interactively — approve, skip, or prioritize each issue. Use after /phx:review to filter findings before fixing.

This skill should be used only when the user explicitly asks to use `$ralph-specum-design`, or explicitly asks Ralph Specum in Codex to run the design phase.

This skill should be used only when the user explicitly asks to use `$ralph-specum-refactor`, or explicitly asks Ralph Specum in Codex to revise spec artifacts after implementation learnings.

For each reviewer question thread, recall the implementer's reasoning and compose a raw answer. The answers are plain text and feed into a downstream reply-drafting skill that applies voice rules and

AI-powered code review via the codex CLI. Runs non-interactively.

Draft a concise and descriptive title and a short paragraph for a PR. Explain the purpose of the changes, the problem they solve, and the general approach taken. When the changes involve clear runtime

Assess external feedback (code reviews, AI suggestions, PR comments) with adversarial verification. Triage findings into actionable verdicts. Do not apply fixes.

Fetch unresolved review comments, top-level review body comments, and PR conversation comments from a GitHub PR and present them in a readable summary. This is a read-only skill -- it does not evaluat

Developer onboarding pipeline. Composes `/map-codebase`, `/review-tooling`, and `/review-agentic-setup` with inline agents, then synthesizes everything into `.turbo/onboarding.md` and `.turbo/onboardi

Independent peer review via codex. Translates a natural-language review request into a codex-specific prompt so invocations stay implementation-agnostic.

At the start of every invocation (including re-runs from Step 7), use `TaskCreate` to create a task for each step:

Locate the Claude Code transcript that produced a given change and extract the implementer's reasoning. Useful for answering reviewer questions, writing post-hoc explanations, or recovering forgotten

Loop the review pipeline over a planning artifact until no new findings are accepted. Writes back to the artifact file(s) in place. Supports plans, shells, and specs.

Draft replies for a processed review-thread list, confirm with the user, and post the surviving drafts.

Fetch unresolved review comments from a GitHub PR (inline threads, review-body observations, and issue-comment observations from the PR conversation), evaluate each one, fix or skip based on confidenc

Detect agentic coding infrastructure and flag gaps across Claude Code and Codex CLI conventions. Analysis only. Does not install or configure anything.

Review code against type-specific criteria. Runs internal reviews and `/peer-review` in parallel by default. Returns combined structured findings.

Detect package managers and discover outdated or vulnerable dependencies. Analysis only. Does not upgrade.

Review a planning artifact against type-specific criteria. Runs internal review and `/peer-review` in parallel by default. Returns combined structured findings.

Fetch PR context, run a comprehensive code review, evaluate findings, and dispatch accepted findings to implementation.

Detect dev tooling infrastructure and flag gaps. Analysis only. Does not install or configure tools.

Review the current conversation to extract durable lessons and route each one to the right knowledge layer.

Review code for reuse, quality, efficiency, and clarity issues, then fix them.

Upgrade project dependencies, researching breaking changes for major version updates.

Use SwarmVault when the user needs a local-first knowledge vault that writes durable markdown, graph, search, dashboard, review, and MCP artifacts to disk from books, notes, transcripts, exports, datasets, slide decks, files, URLs, code, and recurring source workflows.

Security intelligence for code analysis. Detects SQL injection, XSS, CSRF, authentication issues, crypto failures, and more. Actions: scan, analyze, fix, audit, check, review, secure, validate, sanitize, protect. Languages: JavaScript, TypeScript, Python, PHP, Java, Go, Ruby. Frameworks: Express, Django, Flask, Laravel, Spring, Rails. Vulnerabilities: SQL injection, XSS, CSRF, authentication bypass, authorization issues, command injection, path traversal, insecure deserialization, weak crypto, sensitive data exposure. Topics: input validation, output encoding, parameterized queries, password hashing, session management, CORS, CSP, security headers, rate limiting, dependency scanning.

Enhanced git operations using lazygit, gh (GitHub CLI), and delta. Triggers on: stage changes, create PR, review PR, check issues, git diff, commit interactively, GitHub operations, rebase, stash, bisect.

Security patterns and OWASP guidelines. Triggers on: security review, OWASP, XSS, SQL injection, CSRF, authentication, authorization, secrets management, input validation, secure coding.

Helps write conventional commit messages, create atomic commits, and follow git best practices. Use when the agent needs to help with git commits, commit message writing, or git workflow guidance.

Provides a structured workflow for planning and executing code reviews like a senior engineer. Use when asked to review code, PRs, or plan a code review task.

Design systems, plan implementations, review architecture decisions - Use when you need to plan a complex feature, design system architecture, or make high-level technical decisions.

Perform thorough code review analyzing quality, potential bugs, security issues, and suggesting improvements.

Reviews existing CSS code against established patterns and provides specific, actionable feedback:

React 19 and TypeScript coding standards for Portfolio Buddy 2. Use when: writing new components, reviewing code, refactoring, or ensuring consistency. Contains component patterns, TypeScript rules, and best practices.

Expert code review specialist for quality, security, and maintainability.

Git workflow and pull request specialist. Use when creating PRs, managing

Meta-cognitive reasoning specialist for evidence-based analysis, hypothesis

Security auditing and vulnerability assessment specialist. Use when conducting

This skill should be used when generating lesson summaries for educational content. It extracts key concepts, mental models, patterns, and common mistakes from lesson markdown files using a Socratic extraction process. Use this skill when a lesson file needs a `.summary.md` companion file, or when reviewing/refreshing existing summaries.

Audit technical writing for learner comprehension and accessibility. Use when reviewing documentation, tutorials, or educational content for clarity.

Use when asked to review MERN stack code - comprehensive code reviewer that checks project health, security, maintainability, performance, testing, and architecture. Combines general code quality analysis with MERN-specific expertise.

Synthesizes provided sources neutrally; separates quotes from paraphrase and avoids ungrounded claims.

Builds and refactors code safely; prefers small diffs, clear validation steps, and testable outcomes.

This skill provides comprehensive guidance for reviewing code, features, and content for cultural sensitivity and Indigenous data sovereignty compliance.

This skill provides comprehensive guidance for implementing and reviewing GDPR-compliant features in Empathy Ledger.

Battle-tested code review practices optimizing for codebase health and team velocity