Code Review
Automated code review and analysis
gc-review-security
by dougkeefe
"Use when reviewing code changes for Protected B security compliance. Triggers: security review, ITSG-33 compliance, GoC security, Protected B data handling, access control review, PII protection check, or requests to audit security-sensitive code."
role-aqa:security-testing
by rnavarych
Security test automation with OWASP ZAP (active/passive scanning), Burp Suite, SAST (SonarQube, CodeQL), DAST, dependency scanning (Snyk, Dependabot, npm audit), penetration test planning, vulnerability management, and threat modeling integration. Use when implementing security testing or evaluating application security posture.
manuscript-writing
by YSLAB-ai
Use when revising or reviewing scientific, technical, or academic manuscripts, proposals, abstracts, reports, or related writing for precision, concision, logical cohesion, citation support, evidence alignment, and objective scholarly tone.
flow-verifier
by khgs2411
Verify plan consistency, generate summaries, maintain plan health. Use for review, verification, summaries, or plan maintenance. Mostly read-only with maintenance operations.
brand-guidelines
by AutumnsGrove
"Professional brand consistency enforcement and corporate identity management with support for color palettes, typography, logo usage, tone of voice, and multi-channel brand application. Use for: (1) Creating brand style guides, (2) Enforcing brand consistency across documents, (3) Logo usage validation, (4) Typography standards, (5) Color palette management, (6) Brand voice guidelines"
github-pr-review
by aidankinzett
Use when reviewing GitHub pull requests with gh CLI - creates pending reviews with code suggestions, batches comments, and chooses appropriate event types (COMMENT/APPROVE/REQUEST_CHANGES)
feature-radar-scan
by runkids
Discover new feature opportunities from creative brainstorming, user feedback, ecosystem trends, and cross-project research. Writes results to .feature-radar/opportunities/. MUST use this skill when the user wants to GENERATE new ideas — not evaluate existing ones. Trigger on any request to brainstorm, explore, discover, or find new feature ideas, even casual ones like "I wonder what else we could do" or "give me ideas". Use when the user: - Asks "what else could we build?", "give me feature ideas", "what are we missing?" - Wants to brainstorm, explore new directions, or refresh the opportunity backlog - Says "scan ecosystem", "scan opportunities", "find new features" - Asks to review GitHub issues, community feedback, or adjacent tools for inspiration - Mentions "explore", "discover", or "new directions" in a feature context Do NOT use for evaluating/prioritizing existing features — that's feature-radar's job.
gemini-review
by mauromedda
Invoke Gemini for design/code review. PROACTIVE: (1) BEFORE proposing new features/architecture, (2) AFTER >100 lines or >3 files changed (before tests), (3) AFTER security/perf changes, (4) ON SESSION RESUME - check thresholds first. Triggers on "new feature", "architectural decision", "security review", "performance review", "code review", "gemini review", "debug", "cross-service", "data flow", "frontend backend", "analysis", "implementation complete", "run the tests", "commit these", "modified multiple files", "session resumed", "context compaction", "left off", "I've implemented", "I've added", "I've modified", "changes are done", "done implementing", "finished implementing", "implementation is complete", "let me run", "now let me test", "rebuild", "make rebuild", "pytest", "all tests pass", "tests pass", "fixed the", "added the", "updated the".
requirements-gathering
by DauQuangThanh
Guides comprehensive requirements gathering and analysis including stakeholder interviews, user story creation, use case documentation, acceptance criteria, requirements prioritization, and traceability. Produces requirements documents, user stories, use cases, and development roadmaps. Use when gathering requirements, writing user stories, creating acceptance criteria, analyzing stakeholder needs, prioritizing features, or when users mention requirements analysis, business analysis, user stories, use cases, or requirements documentation.
performance-audit
by patrickserrano
Audit and improve SwiftUI runtime performance. Use for requests to diagnose slow rendering, janky scrolling, high CPU/memory usage, excessive view updates, or layout thrash in SwiftUI apps.
suparank/optimize
by egebese
Content optimization phase - quality check, GEO optimization, internal links, and schema markup.
backend-design-review
by DauQuangThanh
Conducts comprehensive backend design reviews covering API design quality, database architecture validation, microservices patterns assessment, integration strategies evaluation, security design review, and scalability analysis. Evaluates API specifications (REST, GraphQL, gRPC), database schemas, service boundaries, authentication/authorization flows, caching strategies, message queues, and deployment architectures. Identifies design flaws, security vulnerabilities, performance bottlenecks, and scalability issues. Produces detailed design review reports with severity-rated findings, architecture diagrams, and implementation recommendations. Use when reviewing backend system designs, validating API specifications, assessing database schemas, evaluating microservices architectures, reviewing integration patterns, or when users mention backend design review, API design validation, database design review, microservices assessment, or backend architecture evaluation.
executing-plans
by lgbarn
Use when you have a written implementation plan to execute in a separate session with review checkpoints
architecture-design-review
by DauQuangThanh
Conducts comprehensive architecture design reviews including system design validation, architecture pattern assessment, quality attributes evaluation, technology stack review, and scalability analysis. Produces detailed review reports with findings, recommendations, and risk assessments. Use when reviewing software architecture designs, validating architecture decisions, assessing system scalability, evaluating technology choices, or when users mention architecture review, design assessment, technical review, or architecture validation.
bug-analysis
by DauQuangThanh
Analyzes software bugs including root cause identification, severity assessment, impact analysis, reproduction steps validation, and fix recommendations. Performs bug triage, categorization, duplicate detection, and regression analysis. Use when investigating bugs, analyzing crash reports, triaging issues, debugging problems, reviewing error logs, or when users mention "analyze bug", "investigate issue", "debug problem", "bug report", "crash analysis", "root cause analysis", or "fix recommendation".
code-quality-review
by DauQuangThanh
Conducts comprehensive code quality reviews including code smells detection, maintainability assessment, complexity analysis, design pattern evaluation, naming conventions, code duplication, technical debt identification, and best practices validation. Produces detailed review reports with specific issues, severity ratings, metrics analysis, and actionable improvement recommendations. Use when reviewing code quality, analyzing code maintainability, detecting code smells, checking coding standards, measuring code complexity, identifying technical debt, or when users mention "code quality review", "code quality check", "maintainability analysis", "code smells", "clean code", "refactoring candidates", or "technical debt assessment".
eda-research
by l3wi
Component research and procurement. Search JLC for components, analyze datasheets, compare options, and document selections with rationale.
using-devops-skills
by lgbarn
Use when starting any conversation - establishes mandatory skill invocation for both Development AND Operations workflows
pull-request-skill
by marcioaltoe
Pull Request review manager for CodeRabbit AI. ALWAYS use when user needs to work with PR reviews, fix CodeRabbit issues, or check review status. Downloads, organizes, and helps resolve review comments systematically. Examples - "download PR reviews", "fix CodeRabbit issues for PR 123", "check review status", "organize review comments by severity".
requesting-code-review
by lgbarn
Use when completing tasks, implementing major features, or before merging to verify work meets requirements
requirement-review
by DauQuangThanh
Conducts comprehensive requirements review including completeness validation, clarity assessment, consistency checking, testability evaluation, and standards compliance. Produces detailed review reports with findings, gaps, conflicts, and improvement recommendations. Use when reviewing requirements documents (BRD, SRS, user stories), validating acceptance criteria, assessing requirements quality, identifying gaps and conflicts, or ensuring standards compliance (IEEE 830, INVEST criteria). Trigger when users mention "review requirements", "validate requirements", "check requirements quality", "find requirement issues", or "assess BRD/SRS quality".
eda-schematics
by l3wi
Schematic capture and wiring. Create schematic sheets, place symbols, add wires and net labels, organize hierarchical designs.
compress-prompt
by jbrukh
Compress a prompt while preserving semantic content. Supports lossy (default, 30-50% reduction) and lossless (--lossless, 100% retention) modes.
quality-engineer
by marcioaltoe
Expert in code quality, formatting, linting, and quality gates workflow. Use when user needs to setup quality tools, fix linting errors, configure Biome/Prettier, setup pre-commit hooks, or run quality checks. Examples - "setup code quality", "fix lint errors", "configure Biome", "setup Husky", "run quality checks", "format code", "type check errors".