Invoke IMMEDIATELY via python script when user requests codebase analysis, architecture review, security assessment, or quality evaluation. Do NOT explore first - the script orchestrates exploration.

Static analysis, code quality checks, and security scanning agent

Use when user wants detailed status report for single autonomy branch including iteration timeline and metrics progression

Analyzes business models including revenue models, unit economics, competitive moats, scalability, and value creation/capture mechanisms using frameworks like Business Model Canvas and strategic analysis. Use when the user requests business model analysis, unit economics review, moat assessment, or wants to understand how a company creates and captures value.

Generates LLM-optimized code context with function call graphs, side effect detection, and incremental updates. Processes JavaScript/TypeScript codebases to create compact semantic representations including multi-level summaries, entry point identification, and hash-based change tracking. Provides 74-97% token reduction compared to reading raw source files. Useful for understanding code architecture, debugging complex systems, reviewing pull requests, and onboarding to unfamiliar projects.

Identifies weak cryptographic algorithms, hardcoded keys, and insecure key management practices in binary code. Use when analyzing encryption/decryption, authentication mechanisms, or reviewing cryptographic implementations.

Analyzes customer behavior, needs, pain points, and sentiment through review mining, social listening, buyer persona development, and jobs-to-be-done framework. Use when the user requests customer analysis, voice of customer research, buyer personas, pain point analysis, or wants to understand customer needs and motivations.

Analyzes git commits and changes within a timeframe or commit range, providing structured summaries for code review, retrospectives, work logs, or session documentation.

Analyze the CustomGPT.ai Labs Innovation workbook and cost tracking data to surface portfolio-level insights, trends, and recommendations for where to focus Innovation efforts.

Detects session management vulnerabilities including session fixation, session hijacking, and insecure cookie handling. Use when analyzing authentication sessions, cookie security, or investigating session-related vulnerabilities.

Help users synthesize and act on customer feedback. Use when someone is analyzing NPS responses, processing support tickets, reviewing user research, synthesizing feedback from multiple channels, or trying to identify patterns in customer input.

Analyze user/customer feedback and produce a User Feedback Analysis Pack (source inventory, normalized feedback table, taxonomy/codebook, themes + evidence, recommendations, and feedback loop). Use for voice of customer, feature request analysis, support ticket synthesis, churn reason synthesis, and survey open-ends.

Critical Android code review for Payoo Android app. Focuses on high-impact issues - naming conventions, memory leaks, UIState patterns, business logic placement, lifecycle management, and MVI/MVVM pattern violations. Use when reviewing Kotlin files, pull requests, or checking ViewModels, Activities, Fragments, UseCases, and Repositories.

Standards, architecture patterns, and best practices for Android app development with Kotlin, Jetpack Compose, and Android Jetpack libraries using clean architecture and MVVM. Use for any Android coding, review, refactor, or design task, especially when acting as an AI coding agent that must follow established project conventions.

Android development expert including Jetpack Compose, Kotlin, and Material Design

Angular framework expert including components, services, RxJS, templates, and testing

Write and review Ansible playbooks, roles, and tasks following best practices.

Transform AI-assisted drafts into authentic, human-sounding content. This skill provides patterns to detect and eliminate AI tells, frameworks for natural writing, and techniques for creating prose that reads as genuinely human. Use when reviewing any AI-generated content or when writing content that must not appear AI-assisted.

Validate claims through tool execution, avoid superlatives and unsubstantiated metrics. Use when reviewing codebases, analyzing systems, reporting test results, or making any factual claims about code or capabilities.

>

AI operational modes (brainstorm, implement, debug, review, teach, ship, orchestrate). Use to adapt behavior based on task type.

Elite code review expert specializing in modern AI-powered code

Guide for continuous improvement, error proofing, and standardization. Use this skill when the user wants to improve code quality, refactor, or discuss process improvements.

Comprehensive fullstack development skill for building complete web applications with React, Next.js, Node.js, GraphQL, and PostgreSQL. Includes project scaffolding, code quality analysis, architecture patterns, and complete tech stack guidance. Use when building new projects, analyzing code quality, implementing design patterns, or setting up development workflows.

Detect common technical and organizational anti-patterns in proposals, architectures, and plans. Use when strategic-cto-mentor needs to identify red flags before they become problems.

Reviews Advent of Code TypeScript solutions for code quality, TypeScript idioms, and performance. Use when asked to review a day's solution, critique AoC code, or get feedback on puzzle implementations.

Validates REST API implementations against OpenAPI 3.x specifications. Use when (1) Implementing or reviewing API endpoints, (2) Before deploying API changes to production, (3) Ensuring contract compliance between spec and implementation, or (4) Debugging API integration issues caused by contract mismatches. Works with Python (FastAPI/Flask) backends.

Validate OpenAPI, Swagger, and GraphQL schemas match backend implementation. Detect breaking changes, generate TypeScript clients, and ensure API documentation stays synchronized. Use when working with API spec files (.yaml, .json, .graphql), reviewing API changes, generating frontend types, or validating endpoint implementations.

Activate API design specialist mode. Expert in REST best practices, GraphQL, and OpenAPI specifications. Use when designing API contracts, endpoints, request/response formats, or API documentation.

API development expert including REST design, OpenAPI, and documentation

Update or create API documentation after making changes to the public interface of an API. Use when modifying existing endpoints, introducing new endpoints, or when API implementation changes are complete and tested.

Verifies API documentation against source code to eliminate fabricated claims, ensure accuracy, and validate examples. Zero tolerance for unverified claims, marketing language, or non-runnable code examples. Use before committing API docs or during documentation reviews.

>

Implements API endpoints, routes, controllers, and request/response handling. Use when implementing REST APIs, GraphQL APIs, or other API endpoints. Handles routing, validation, error handling, and response formatting.

Expert guidance for designing, integrating, and maintaining third-party APIs with best practices for authentication, error handling, rate limiting, security, and data transformation. Use when integrating external APIs, troubleshooting API issues, implementing OAuth flows, handling webhooks, or building API wrappers and clients.

Expert API research including discovery, evaluation, integration analysis, and documentation review

api-review

Style and formatting rules for API/SDK documentation, samples, and tutorials.

Structure of ApiResponse class.

Enforce comments-first workflow for new code and improve naming/documentation for existing code. Use when writing new classes, methods, or functions; when code is 'confusing' or 'hard to understand'; when naming precision is poor; or when variable documentation lacks units, bounds, or ownership. Triggers on: new code, comments-first, naming review, documentation review, not obvious, hard to understand. Produces well-documented code with precise naming, or identifies design problems when comments/names are hard to write.

Evaluate module design using APOSD principles with 40-item checklist. Detect complexity symptoms (change amplification, cognitive load, unknown unknowns), shallow modules, information leakage, pass-through methods, and structural anti-patterns. Produce categorized design review (Critical/Moderate/Observations/Positive). Use when reviewing code, assessing interfaces, during PR review, or evaluating 'is this too complex?' Triggers on: code review, design review, module complexity, interface assessment, PR review, structural analysis.

Review and process app submissions for the Pollinations showcase. Parse issues, validate submissions, create PRs, handle user corrections.

Generate optimized Apple App Store metadata recommendations with ASO best practices. Use this skill when analyzing app listings, optimizing metadata (title, subtitle, description, keywords), performing competitive analysis, or validating App Store listing requirements. Triggers on queries about App Store optimization, metadata review, or screenshot strategy.

iOS App Store and Google Play submission requirements and process.

Master App Store deployment - Submission, TestFlight, CI/CD, release management

Secure applications against common vulnerabilities. Use when reviewing code for security, implementing security controls, or hardening applications. Covers OWASP Top 10.

Use after code review - implement ALL findings; any finding not fixed MUST have tracking issue created; no finding disappears without trace

Apply and validate the 7 Key Principles to code - TDD, Fail Fast, Modular, Reuse, Open Source, No Debt, Excellence. Checks code compliance and suggests improvements. Use during code review or refactoring.

Systematically consume QA quality gate outputs and apply prioritized fixes for high-severity issues, NFR failures, and test coverage gaps. Use when quality review identifies issues requiring remediation.

Manages Human-in-the-Loop (HITL) approval workflows for sensitive actions. Use when creating approval requests, processing approved items, or implementing safety controls for autonomous actions.