Code Review
Automated code review and analysis
SKILL.md
by owasp-dep-scan
Read THREAT_MODEL.md for the detailed security model, attack paths, and workflow review guidance.
static-analysis
by gmh5225
Expertise in LLVM-based static analysis including dataflow analysis, pointer analysis, taint tracking, and program verification. Use this skill when implementing security scanners, bug finders, code quality tools, or performing program analysis research.
oss-docs
by boshu2
'Scaffold and audit OSS documentation packs for open source projects. Triggers: "add OSS docs", "setup contributing guide", "add changelog", "prepare for open source", "add AGENTS.md", "OSS documentation".'
code-review
by alinaqi
Mandatory code reviews via /code-review before commits and deploys
existing-repo
by alinaqi
Analyze existing repositories, maintain structure, setup guardrails and best practices
team-coordination
by alinaqi
Multi-person projects - shared state, todo claiming, handoffs
webapp-playwright-testing
by fugazi
Browser automation toolkit using Playwright MCP for testing web applications. Use when asked to navigate pages, click elements, fill forms, take screenshots, verify UI components, check console logs, debug frontend issues, or validate responsive design. Supports live browser interaction and accessibility snapshots.
pr-research
by boshu2
'Upstream codebase exploration for open source contribution. Outputs contribution guidelines, PR patterns, and maintainer expectations. Triggers: "pr research", "upstream research", "contribution research", "explore upstream repo".'
release
by boshu2
'Release your software. Pre-flight validation, changelog generation, version bumps, release commit, tag, curated release notes. Boundary: everything up to the git tag. Triggers: "release", "cut a release", "prepare release", "release check".'
post-mortem
by boshu2
'Wrap up completed work. Council validates the implementation, then extract learnings. Triggers: "post-mortem", "wrap up", "close epic", "what did we learn".'
initialize
by reactive
Setup, install, and onboard new developers to Reactive Data Client monorepo - nvm, yarn, build, test, getting started guide
ux-ui-analyze-single-page
by raphaelmansuy
Analyze exactly one captured UI page (from ux_ui_map screenshots + request JSON) and immediately write/update ux_ui_map/pages/{page}.md in neutral descriptive language. Use when asked to analyze screenshots, rewrite corresponding analysis immediately, or avoid memory/context saturation.
a2a-protocol
by TerminalSkills
Builds Agent-to-Agent (A2A) servers and clients following Google's open protocol for agent interoperability. Use when the user wants to create an A2A-compliant agent, build an Agent Card, implement task management, connect agents across frameworks, set up agent discovery, handle streaming responses, implement push notifications, or orchestrate multi-agent workflows. Trigger words: a2a, agent to agent, agent2agent, a2a protocol, a2a server, a2a client, agent card, agent interoperability, agent collaboration, multi-agent, agent discovery, a2a sdk, a2a task.
code-review
by JackyST0
Smart code review skill that helps review code quality, identify potential issues, and provide improvement suggestions.
pr-validate
by boshu2
'PR-specific validation: isolation, upstream alignment, quality, scope creep. Triggers: "validate PR", "pr validation", "check PR scope", "scope creep check", "isolation check".'
pr-plan
by boshu2
'Plan an open source PR contribution. Takes pr-research output and produces scope, acceptance criteria, and risk assessment. Triggers: "pr plan", "contribution plan", "plan PR", "plan contribution".'
latex-health-check
by flonat
"Compile all LaTeX projects, auto-fix known errors, and check cross-project consistency. Self-healing build agent for the multi-project research ecosystem."
proofread
by flonat
"Academic proofreading for LaTeX papers. Grammar, notation consistency, citation format, tone, LaTeX issues, citation voice balance, and TikZ diagram review. Report-only — never edits source files."
review-command-implementation
by ruby-git
"Verifies a command class follows the Git::Commands::Base architecture contract and contains no duplicated execution behavior. Use after implementing or modifying a command class."
release-management
by ruby-git
"Prepares and publishes new releases of the ruby-git gem including version bumps, changelog updates, tagging, and gem publishing. Use when preparing a release or checking release readiness."
review-arguments-dsl
by ruby-git
"Audits a command class's arguments DSL definition to verify it accurately maps Ruby call arguments to git CLI arguments in the correct order with correct DSL methods and modifiers."
breaking-change-analysis
by ruby-git
"Assesses the impact of API changes before implementation to understand what code would break and plan appropriate migration paths. Use when removing methods, changing interfaces, or planning deprecations."
review-backward-compatibility
by ruby-git
"Audits Git::Lib methods for backward compatibility after commands are moved to Git::Commands::* classes. Use to verify that migrated commands maintain their existing public API."
review-command-yard-documentation
by ruby-git
"Verifies YARD documentation for command classes is complete, accurate, and aligned with the Git::Commands::Base pattern. Use to audit documentation quality for commands."