Consult with a peer engineer for plan review, code review, implementation discussions, or problem-solving brainstorming. Use when you need a second opinion, want to validate your approach, or check for overlooked issues.

Submit complex code questions to OpenAI GPT-5 Pro for deep analysis when you have 20 minutes. Use when the user asks for architectural analysis, comprehensive code review, debugging complex issues, or requests expert analysis of their codebase that requires extended reasoning. Automatically handles file selection, code packing with Repomix, cost estimation, long-running API requests, and result presentation.

Combine all draft sections into final manuscript, apply formatting constraints, and generate reference list. Final step of writer workflow. Requires academic reviewer approval and all drafts/*.md files.

Assess a codebase for patterns, anti-patterns, and quality opportunities; use when asked to generate coding rules, standards, or quality guidelines.

Analyze branch changes for release readiness, identifying concerns and special instructions.

'Assess a plugin and create refactoring task files for parallel agent execution'

Use to manage co-marketing asset reviews with traceable evidence and

Personal assistant for daily routines, task management, and productivity

Identify and challenge implicit assumptions in plans, proposals, and technical decisions. Use when strategic-cto-mentor needs to surface hidden assumptions and wishful thinking before they become costly mistakes.

Query local Astro Mac app database for ASO insights. Use when the user asks about keyword rankings, historical ranking data, trend analysis, competitor keywords, app ratings, keyword opportunities, or ASO health metrics.

Inject Call-to-Action blocks into Astro site content with intelligent placement strategies. Use when the user wants to add CTAs, newsletter signups, product promotions, or any content blocks to blog posts. Supports multiple placement strategies (end, after 50%, after 60%), content scoring for relevance, and dry-run preview.

Favors the use of async and await for asynchronous programming in Python.

Enforce lint, formatting, typing, testing, and security hygiene across the ATFT-GAT-FAN codebase.

PROACTIVELY USED when reviewing a PR, branch, or Jira story. Handles code review against requirements and provides actionable feedback.

Documentation guidance for competition athletes and volunteers in WODsmith. Use when writing, reviewing, or improving athlete-facing documentation including registration, scheduling, workout viewing, leaderboards, check-in, and volunteer coordination.

Adversarial quality gate agent for code review - finds flaws before users do

Iterative 3-phase workflow with peer review cycle for changes needing validation (15-30 min)

Universal coding standards and best practices for TypeScript, JavaScript, React, and Node.js. Use when: writing code, reviewing code quality, establishing conventions. Focuses on modern patterns, explicit conventions, and rationale for best practices.

Expert in digital signal processing for audio applications. Validates biquad filter implementations, frequency response calculations, and audio algorithms. Use when modifying audio-math.ts, implementing new filter types, or adding spectral analysis features.

Comprehensive security and code quality audit. Use for thorough security, vulnerability, and code quality analysis. Related: project-health-checker for quick diagnostic checks.

Scan codebase for bad coding practices that violate fail-fast principles

Run a single-session code review audit on the codebase

Expert-level security auditing, compliance, code review, and vulnerability assessment

Audit milestone progress and status

Prepare your codebase for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes dead code, ensures accessibility, and generates comprehensive documentation (flowcharts, user stories, inline comments). (project, gitignored)

Comprehensive audit capabilities for security, code quality, module structure, compliance, and performance analysis. Use this skill when performing security audits, code reviews, vulnerability assessments, module structure validation, or generating audit reports.

Audit a checkpoint specification for realism and design decision forcing. Reviews specs to remove hand-holding, hidden corner cases, and architectural giveaways. Invoke with /audit-spec <problem> <checkpoint>.

Auditing and updating npm dependencies to prevent security vulnerabilities in TypeScript projects

Audits notification permission request flows. Use when reviewing or improving permission prompts, settings paths, or denial handling.

Use when reviewing website copy, SEO titles/descriptions, marketing content, or public messaging - applies Anil Dash's shareability framework to ensure others can authentically talk about your work without you present

>

Review and analyze authentication and authorization patterns for security vulnerabilities.

OAuth 2.1, JWT (RFC 8725), encryption, and authentication security expert. Enforces 2026 security standards.

Comprehensive security review of authentication systems.

Comprehensive authentication implementation guidance including JWT best practices, OAuth 2.0/OIDC flows, Passkeys/FIDO2/WebAuthn, MFA patterns, and secure session management. Use when implementing login systems, token-based auth, SSO, passwordless authentication, or reviewing authentication security.

Guides decision-making for WPF control authoring including UserControl vs Control vs FrameworkElement selection. Use when creating new controls or evaluating Style/Template/Trigger alternatives.

Review test cases for Authorization Endpoint. Covers response_type=code, request parameters (scope, client_id, redirect_uri, state, nonce, prompt, display, max_age), and authorization response per OIDC Core 1.0 Section 3.1.2.

Merge an existing PR after rebasing, running review-pass, ensuring CI passes, and addressing review comments.

Automatically apply improvements to skills and the ecosystem based on system-reviewer findings and best-practices-learner insights. Workflow for automated improvement identification, priority assessment, safe application, validation, and rollback capability. Use when applying systematic improvements, automating enhancement cycles, bulk updating multiple skills, or implementing ecosystem-wide improvements.

Best practices for writing reliable browser automation scripts with Intuned. Use when writing, reviewing, or editing automation code, scraping scripts, or browser-based workflows. Provides guidance on selectors, waiting strategies, anti-detection, performance optimization, and SDK patterns.

Expert automation workflow refactoring tool for Power Automate, n8n, Make, Zapier and other platforms. Optimizes existing flows by improving performance, reliability, maintainability, and best practices compliance. Triggers when user wants to improve, optimize, refactor, correct values, enhance, or modernize workflows. Analyzes JSON, suggests improvements, outputs refactored flow maintaining original functionality unless changes requested.

Sets guidelines for creating or modifying automation scripts within the project.

Validates automation workflow JSON before deployment for Power Automate, n8n, Make, Zapier and other platforms. Checks syntax, structure, best practices, and potential issues. Analyzes workflow JSON files for platform compliance, missing error handling, performance issues, and security concerns. Use when user wants to validate, review, or check a workflow before deployment/import.

Run comprehensive code quality checks, tests, and fixes autonomously

Autonomous homelab operations using OODA loop (Observe, Orient, Decide, Act) - use when reviewing system state, planning autonomous actions, or investigating operational issues

Skill for adding Stripe checkout and payment flows using Autumn.

Review AXAML files for Avalonia best practices

Use this skill when validating ANY potential code review finding. Apply BEFORE classifying to verify the finding is real; can you trace incorrect behavior, is it handled elsewhere, and are you certain about framework semantics? If any answer is no, DO NOT create the finding.