cpp-core-guidelines
C++ Core Guidelines by Stroustrup and Sutter for writing modern, safe, and efficient C++ code. Use when writing, reviewing, or refactoring C++ code to ensure type safety, resource safety, and performa…
Browse curated skills with source links, package snapshots, README assets and install signals in one calm, searchable catalog.
C++ Core Guidelines by Stroustrup and Sutter for writing modern, safe, and efficient C++ code. Use when writing, reviewing, or refactoring C++ code to ensure type safety, resource safety, and performa…
Wrap up completed work. Council validates the implementation, then extract and process learnings. Triggers: "post-mortem", "wrap up", "close epic", "what did we learn".
Step-by-step guidance for evaluating llms harness.
SonarQube/SonarCloud integration for continuous code quality. Setup, configuration, quality gates, and CI/CD integration. USE WHEN: user mentions "SonarQube", "SonarCloud", "quality gates", asks about…
Use when reviewing Kubernetes CustomResourceDefinition (CRD) YAML (full manifests or diffs) as the compiled API contract. Topics: schema/validation (3-step hierarchy: schema → CEL → webhooks only if n…
Use when selecting statistical methods, performing power analysis, guiding uncertainty quantification, or validating MCMC/Monte Carlo implementations.
Plan penetration test planner operations. Auto-activating skill for Security Advanced. Triggers on: penetration test planner, penetration test planner Part of the Security Advanced skill category. Use…
Create .agent/baseline.md and later compare against it. Use when capturing baseline build/lint/test results or investigating newly introduced findings.
Guidance for analyzing network packet captures (PCAP files) and computing network statistics using Python, with tested utility functions.
Produces structured U.S. transactional due diligence summaries with risk ratings, document citations, and follow-up actions. Triggers when the user requests a due diligence summary, diligence report, …
Godot GDScript interface design specifications and guidelines, emphasizing TDD-friendly, testable, and maintainable design principles.
Use when the user asks to analyze code for test coverage, list what test cases are needed, or review testing strategy — WITHOUT generating actual test code.
Analyze Angular / Cumulocity Web SDK code for anti-patterns, bugs, and quality issues. Use when reviewing components, services, or modules for code quality, maintainability, performance, and correctne…
Conducts comprehensive backend code reviews including API design (REST/GraphQL/gRPC), database patterns, authentication/authorization, caching strategies, message queues, microservices architecture, s…
Test network latency tester operations. Auto-activating skill for Performance Testing. Triggers on: network latency tester, network latency tester Part of the Performance Testing skill category. Use w…
Systematically deconstruct written content into verifiable claims, validate each using search/documentation, and facilitate informed discussion through structured interviewing.
This skill should be used when the user asks to "evaluate agent performance", "build test framework", "measure agent quality", "create evaluation rubrics", or mentions LLM-as-judge, multi-dimensional …
Java Layered Architecture Design Pattern — A complete implementation guide for the classic five-layer architecture using Spring Boot + MyBatis-Plus. Suitable for bootstrapping new Java projects, refac…
Smoke test for alicloud-ai-image-zimage-turbo. Validate minimal authentication, API reachability, and one read-only query path.
Generate or refresh a STRIDE-based threat model for the current repository using Bug Hunter-native artifacts. Use whenever the repository has no threat model yet, the architecture changed materially, …
Use when parameter values appear in multiple documents and consistency must be verified, especially for quantitative values that may differ due to measurement context or require reconciliation
Conducts comprehensive security code reviews including vulnerability detection (OWASP Top 10, CWE), authentication/authorization flaws, injection attacks, cryptography issues, sensitive data exposure,…
Use when reviewing, auditing, or improving E2E test specs for Playwright, Cypress, or Puppeteer — static code analysis of existing test files, not diagnosing runtime failures. Triggers on "review my t…
Systematically deconstruct written content into verifiable claims, validate each using search/documentation, and facilitate informed discussion through structured interviewing.