Code Review
Automated code review and analysis
pipeline
by johnlindquist
Chain multiple operations together in pipelines. Use for multi-step workflows, combining research with analysis, and complex automated tasks.
think
by johnlindquist
Deep multi-framework reasoning using Gemini. Use for complex problem analysis, challenging ideas, and evaluating multiple options with structured thinking.
packx
by johnlindquist
Bundle code context for AI. ALWAYS use --limit 49k unless user explicitly requests otherwise. Use for creating shareable code bundles and preparing context for LLMs.
design
by johnlindquist
Design system and token management. Use for managing design tokens, colors, typography, and maintaining design consistency.
council
by johnlindquist
Query multiple AI agents in parallel for diverse perspectives. Use when you want multiple viewpoints on a question, to compare approaches, or to find consensus among AI models.
deps
by johnlindquist
Manage dependencies with npm/yarn/pnpm. Use for auditing vulnerabilities, checking outdated packages, understanding dependency trees, and upgrading packages safely.
brainstorm
by johnlindquist
Generate ideas and explore possibilities with AI. Use for creative problem solving, generating alternatives, and expanding on concepts.
review
by johnlindquist
Centralizes persona-driven code reviews (Fowler, Torvalds, Carmack, React core, etc.) so Claude can pick or combine expert viewpoints when the user asks for a code review or perspective-specific critique.
lessons
by johnlindquist
Capture and review lessons learned from coding sessions. Use to record insights, read past lessons, and improve over time.
diagram
by johnlindquist
Use this skill whenever a "diagram" is mentioned. Maintain and synchronize Unified Impact Diagrams following Diagram Driven Development (DDD) methodology. Create, update, and manage diagrams that connect user value to technical implementation.
diff-preview
by johnlindquist
Preview and analyze git diffs with AI explanations. Use to understand changes before committing, get impact analysis, and compare branches or commits.
code-reviewer
by QuestNova502
Comprehensive code review skill for TypeScript, JavaScript, Python, Swift, Kotlin, Go. Includes automated code analysis, best practice checking, security scanning, and review checklist generation. Use when reviewing pull requests, providing code feedback, identifying issues, or ensuring code quality standards.
isms-audit-expert
by QuestNova502
Senior ISMS Audit Expert for internal and external information security management system auditing. Provides ISO 27001 audit expertise, security audit program management, security control assessment, and compliance verification. Use for ISMS internal auditing, external audit preparation, security control testing, and ISO 27001 certification support.
create-github-action
by richfrem
Scaffold a traditional deterministic GitHub Actions CI/CD workflow. Use this when creating build, test, deploy, lint, release, or security scan pipelines. This is distinct from agentic workflows — no AI is involved at runtime.
dependency-risk-audit
by ragnarok22
Review Python dependencies for known security advisories, stale version pins, and unsafe upgrade paths. Use when users ask for dependency security reviews, requirements or lockfile audits, upgrade planning, pre-release risk checks, or remediation prioritization for Python projects.
docker-doctor
by ragnarok22
Verify Dockerfiles and Docker Compose manifests for security issues, reliability risks, optimization opportunities, syntax errors, and misconfiguration before builds or deploys. Run deterministic checks (scripts/verify-docker.sh, docker compose config -q, optional hadolint) and produce a 0-100 health score with prioritized fixes. Use when users ask to validate Dockerfile(s), docker-compose/compose YAML files, harden container configuration, optimize image/runtime setup, debug configuration failures, or run a pre-deploy Docker audit.
gdpr-dsgvo-expert
by QuestNova502
Senior GDPR/DSGVO expert and internal/external auditor for data protection compliance. Provides EU GDPR and German DSGVO expertise, privacy impact assessments, data protection auditing, and compliance verification. Use for GDPR compliance assessments, privacy audits, data protection planning, and regulatory compliance verification.
faion-sdd-execution
by faionfaion
"SDD execution: quality gates, reflexion learning, pattern/mistake memory, code review."
information-security-manager-iso27001
by QuestNova502
Senior Information Security Manager specializing in ISO 27001 and ISO 27002 implementation for HealthTech and MedTech companies. Provides ISMS implementation, cybersecurity risk assessment, security controls management, and compliance oversight. Use for ISMS design, security risk assessments, control implementation, and ISO 27001 certification activities.
review-buddy
by zb-sj
Chunked interactive PR review — walks you through PRs chunk by chunk, surfaces existing reviewer feedback, and helps post thoughtful comments without cognitive overload. Use when the user wants to review a pull request, examine PR changes, or post review comments to GitHub.
dead-code-removal
by 89jobrien
Detects and safely removes unused code (imports, functions, classes)
platonic-specs
by caesar0301
Manage RFC-style specifications with validation, and dynamic generation of history, index, and namings files. Use when validating RFC documents, checking taxonomy compliance, or generating specification indices and terminology references.
django-doctor
by ragnarok22
Audit Django codebases for security, performance, correctness, and architecture antipatterns. Run system checks, migration drift checks, and static rule scans, then output a 0-100 health score with actionable fixes. Use when users ask to scan a Django backend, run a Django health check, review backend code quality, or perform a pre-deploy audit.
faion-ba-core
by faionfaion
"BA Core: Planning, elicitation, requirements lifecycle, strategy analysis, solution evaluation. 21 methodologies."