Loading...
Loading...
Found 128 Skills
Designs and implements CI/CD pipelines for automated testing, building, deployment, and security scanning across multiple platforms. Covers pipeline optimization, test integration, artifact management, and release automation.
Check for security risks in Skills/code repositories. When the user wants to check if a skill, GitHub repository, npm package, or local code is safe to download or use. This includes detecting malicious code, malware, key stealing, environment variable modification, suspicious network behavior, and evaluating repository reputation (stars, forks, contributors, age). Use this skill whenever the user mentions checking skills for security risks, scanning repositories for malware, verifying code safety, checking npm packages for threats, or asking if a download is safe.
One-time project onboarding for swain. Migrates existing CLAUDE.md content to AGENTS.md (with the @AGENTS.md include pattern), verifies vendored tk (ticket) for task tracking, configures pre-commit security hooks (gitleaks default), and offers to add swain governance rules. Run once when adopting swain in a new project — use swain-doctor for ongoing per-session health checks.
System Audit - Proactively identify bug risks, security vulnerabilities, performance issues, maintainability debt, and architecture drift from code, and generate a batch list of findings. Triggers: Users say "review the system", "audit code", "scan for issues", "find bugs", "what can be optimized".
Use when the user asks to review pull requests, analyze code changes, check for security issues in PRs, or assess code quality of diffs.
Use when reviewing a PR/MR diff and producing a structured finding list — covers security, logic, performance, cross-file impact, test coverage, and spec compliance. Posts a sticky summary comment plus inline review comments to the PR. NOT for writing PR descriptions, design reviews requiring business judgment, or deep CVE/supply-chain audits.
This skill should be used when the user asks for "security status", "show findings", "security dashboard", "security posture", or invokes /appsec:status. Shows current security posture overview.
Diff Review - analyzes code changes and provides structured feedback before commit