Loading...
Loading...
Found 58 Skills
Use this when you are about to start Discover for an existing project, but you don't know "which portals can be used as evidence (run/test/ci/contract/ops)" and "which modules should be prioritized (P0/P1/P2)", and you are worried that out-of-control scope will lead to unmaintainable results.
Use when you need to generate/update test plans, test cases, test suites or test reports during the verification phase of Spec Pack, and require strict access control, traceable artifact storage, and no unauthorized routing.
Start Task
8-agent QA loop: browser exploration via Playwright MCP, then analyze, plan, test, audit, heal, expand, snapshot. Quality gate score >= 85 to pass.
Use when you need to produce a D2 decision document (RFC/Decision Doc) for a Spec Pack, and need to independently decide whether to execute D0 (bypass design via diversion) and D1 (optional research) even under pressure, avoiding guessing FEATURE_DIR, making up input details, writing design as implementation specifics, or leaving behind TODO/To-Confirm lists.
Use when receiving code review feedback, before implementing suggestions, especially if feedback seems unclear or technically questionable - requires technical rigor and verification, not performative agreement or blind implementation
Use when you already have a components map and multiple module pages, and now need to converge business modules (products <= 6), fix the entry points for operation, troubleshooting and rollback (ops), and implement DoD access control and incremental Discover (Delta Discover, stale expiration detection) to ensure the knowledge base is usable and maintainable.
Use when you need to create defect reports that can be directly pasted into external defect systems (without saving bug files in the Spec Pack) during the verification phase of the Spec Pack, and write the defect references back to `{FEATURE_DIR}/verification/report-*.md`.
Guides security professionals in implementing defense-in-depth security architectures, achieving compliance with industry frameworks (SOC2, ISO27001, GDPR, HIPAA), conducting threat modeling and risk assessments, managing security operations and incident response, and embedding security throughout the SDLC.
Conduct threat modeling using STRIDE methodology. Identify threats, assess risks, and design security controls. Use when designing secure systems or assessing application security.