- Home
- /
- Categories
- /
- Code Review
Code Review
Automated code review and analysis
energy-management
by liqiongyu
"Build an Energy Management Operating System Pack (energy drivers/drains map, calendar energy audit, zone-of-genius expansion plan, energy-aligned weekly schedule, recovery routines, and 2-week experiments). Use for sustainable leadership performance and burnout prevention. Category: Leadership."
aws-cost-operations
by hainamchung
This skill provides AWS cost optimization, monitoring, and operational best practices with integrated MCP servers for billing analysis, cost estimation, observability, and security assessment.
design-engineering
by liqiongyu
"Stand up a Design Engineering practice (hybrid design+engineering) by producing a Design Engineering Execution Pack: charter, prototype→production workflow, design-to-code contract, component delivery plan, and quality bar. Use for design engineering, UI engineering, design systems engineering, and prototype-to-production processes."
3D Modeling
by omer-metin
designing-surveys
by liqiongyu
"Design and launch a product survey and produce a Survey Pack (brief, questionnaire/instrument, analysis plan, launch checklist, reporting outline). Use for customer surveys, onboarding surveys, NPS/CSAT/PMF, cancellation/churn, and feedback surveys."
giving-presentations
by liqiongyu
"Plan and deliver persuasive, confident presentations and produce a Presentation Pack (brief, narrative, slide outline, Q&A bank, pre-brief plan, rehearsal plan, delivery checklist). Use for presentation, deck, keynote, all-hands, exec review, demo talk track. Category: Communication."
dojo-review
by dojoengine
Review Dojo code for best practices, common mistakes, security issues, and optimization opportunities. Use when auditing models, systems, tests, or preparing for deployment.
writing-prds-executable
by liqiongyu
Draft, critique, or rewrite PRDs (product requirements / product specs) and adjacent artifacts (PR/FAQ, acceptance criteria, rollout plan). For AI/LLM features, also draft eval specs (LLM-as-judge) and prompt sets. Output must be in English. Use when the user asks for a PRD/spec/requirements/PRFAQ/evals/prompt sets, or needs help clarifying scope, success metrics, non-goals, user stories, or stakeholder alignment.
evaluating-trade-offs
by liqiongyu
"Evaluate trade-offs and produce a Trade-off Evaluation Pack (trade-off brief, options+criteria matrix, all-in cost/opportunity cost table, impact ranges, recommendation, stop/continue triggers). Use for tradeoff/trade-off, pros and cons, cost-benefit, opportunity cost, build vs buy, ship fast vs ship better, continue vs stop (sunk costs). Category: Leadership."
retrospective
by blacklanternsecurity
Post-engagement lessons-learned retrospective. Reads the engagement directory, analyzes skill routing decisions, identifies knowledge gaps and missing skills, and produces an actionable improvement report.
2fa-bypass
by blacklanternsecurity
Bypass two-factor authentication (2FA/MFA) during authorized penetration testing.
windows-discovery
by blacklanternsecurity
Windows local privilege escalation enumeration and attack surface mapping.
linux-kernel-exploits
by blacklanternsecurity
Exploit Linux kernel vulnerabilities and escape restricted shells for privilege escalation.
check-csrf-protection
by dykyi-roman
Analyzes PHP code for CSRF vulnerabilities. Detects missing CSRF tokens, state-changing GET requests, token validation gaps.
check-cascading-failures
by dykyi-roman
Detects cascading failure risks in PHP systems. Identifies shared resources, unbounded queues, missing backpressure, thread pool exhaustion, and failure propagation paths.
check-docker-healthcheck
by dykyi-roman
Checks Docker health check configuration for PHP services. Verifies PHP-FPM, Nginx, and dependent service health checks.
check-crypto-usage
by dykyi-roman
Analyzes PHP code for cryptography issues. Detects weak algorithms, hardcoded keys, insecure random, poor key management, deprecated functions.
check-abstract-factory
by dykyi-roman
Audits Abstract Factory pattern implementations. Checks family consistency, product hierarchy, factory method completeness, and cross-family compatibility.
supabase-audit-rls
by yoanbernabeu
Test Row Level Security (RLS) policies for common bypass vulnerabilities and misconfigurations.
supabase-extract-service-key
by yoanbernabeu
CRITICAL - Detect if the Supabase service_role key is leaked in client-side code. This is a P0 severity issue.
supabase-extract-db-string
by yoanbernabeu
CRITICAL - Detect exposed PostgreSQL database connection strings in client-side code. Direct DB access is a P0 issue.
supabase-audit-rpc
by yoanbernabeu
List and test exposed PostgreSQL RPC functions for security issues and potential RLS bypass.
disk-cleaner
by gccszs
"High-performance cross-platform disk space monitoring, analysis, and cleaning toolkit with v2.0 optimization enhancements. Use when Claude needs to: (1) Analyze disk space usage and identify large files/directories consuming space, (2) Clean temporary files, caches, logs, and other junk files safely, (3) Monitor disk usage with configurable warning/critical thresholds, (4) Generate detailed reports on disk health and cleanup recommendations. Features advanced optimization: 3-5x faster scanning with os.scandir(), concurrent multi-threaded I/O, intelligent sampling for large directories, memory-adaptive processing, and cross-platform compatibility (Windows/macOS/Linux). Specializes in Windows C drive cleanup while maintaining full compatibility with Unix systems. Provides interactive CLI, automated scripts, detailed reporting modes, and comprehensive test coverage (244 tests). All operations prioritize safety with built-in protection for system files."
APEX Methodology
by fusengine
Systematic development workflow: Analyze → Plan → Execute → eLicit → eXamine. Use for ANY development task: features, bug fixes, refactoring, hotfixes. Triggers: "implement", "create", "build", "fix", "add feature", "refactor", "develop". Auto-detects project type (Laravel, Next.js, React, Swift) and loads framework-specific references. Enforces: files <100 lines, interfaces separated, SOLID principles, expert self-review, sniper validation. Modes: --auto (default), --manual, --skip-elicit