claude-hangar

Autonomous audit runner (separate sessions, no context limit). Use when: "audit-runner", "autonomous audit", "audit automatically".

Generate a structural overview of the codebase for context recovery. Use when: "map", "codebase map", "overview", "orient", "what is this project", or after /compact.

Custom auth security audit (bcryptjs + sessions, no OAuth/external provider). Use when: "auth-audit", "auth check", "auth security", "login audit", "session audit", "password audit".

Next.js App Router Best-Practice Audit with state persistence. Use when: "nextjs-audit", "nextjs upgrade", "next check", "nextjs version", "app router".

Critical review (min. 5 findings). Modes: code, audit, plan. Use when: "review", "critical review", "code review", "plan review", "audit review".

Universal Pre-Scan → Analysis → Optimization → Report orchestrator for ANY project type — web apps (Astro/SvelteKit/Next), infrastructure/homelab repos, CLI tools, libraries, backend services, monorepos, data/ML projects, docs. Self-detects project type and runs the matching analysis track. Session state lives in `.audit-session/<date>-<slug>/` with INDEX.md + STATUS.md so any instance (or a diffe

Analyzes where context tokens are being spent and identifies optimization opportunities. Use when sessions feel slow or context is running out.

Favicon/app icon completeness check. Use when: "favicon", "icon check", "app icon", "icons".

Structured session handoff — preserves context for seamless continuation across sessions.

Repository audit for non-website projects (CLI, libs, backend, monorepo). Use when: "project-audit", "project audit", "repo audit", "code audit".

Launch parallel refactoring agents: one restructures code in an isolated worktree, one writes tests to lock behavior, one reviews the result. Use when: "refactor team", "refactor-team", "safe refactor", "restructure code".

SvelteKit & Svelte 5 Migration, Best-Practice Audit with state persistence. Use when: "sveltekit-audit", "sveltekit upgrade", "svelte migration", "svelte check", "sveltekit version", "svelte 5 runes".

Interactive project consultant. Scans your project, asks targeted questions, and creates a structured improvement plan.

Context-aware design intelligence with curated CSV databases for styles, palettes, typography, UX rules, and wow effects. Provides industry-matched color palettes, font pairings, layout patterns, spacing/radius/shadow scales, gradient recipes, micro-animations, and accessibility-safe UX rules. Stack-agnostic — outputs design decisions for any frontend (Astro, SvelteKit, Next.js, React). Use when:

Launch parallel documentation agents: one detects what changed, one updates docs, one verifies completeness against the codebase. Use when: "docs team", "docs-team", "update docs", "documentation sweep", "stale docs".

Project health check meta-skill. Runs git-hygiene, deploy-check, and freshness-check in sequence. Use when: "doctor", "health check", "project health", "is everything ok", "check project".

Analyzes the current task and recommends the optimal Claude Code effort level (low | medium | high | xhigh | max) based on complexity heuristics. Helps avoid burning xhigh/max on trivial tasks or shipping undercooked analysis at low/medium. Use when: "effort tuner", "what effort", "effort level", "which effort should I use", "effort recommendation".

Systematic root-cause analysis for build failures, test errors, and runtime issues. Use when: "error", "failed", "broken", "debug", "why did this fail", "root cause".

Export Claude Hangar skills and rules to other AI coding tool formats. Use when: "export rules", "cursor rules", "windsurf rules", "export-rules", "convert to mdc".

Analyzes captured patterns from continuous learning to extract reusable workflows and anti-patterns. Use when you want to review what's been learned across sessions.

Systematic website audit (stack detection, 9 phases). Use when: "audit", "website audit", "site audit", "check website".

Website-to-PDF capture (all pages + interactive states). Use when: "capture", "pdf", "print", "screenshot", "capture pages".

Orchestrates GSD v1 end-to-end (map → discuss → plan → execute → verify) with three intelligence modes. Default: checkpoint mode (ask on architecture only). Full-auto for overnight batch runs across multiple projects. Always uses Opus-grade reasoning — never generic defaults. Use when: "gsd orchestrate", "autonomous gsd run", "over night optimize", "batch optimize projects", "gsd-orchestrate".

Pre-publication audit for repositories about to go public or already public. Catches what other skills miss: secrets in git history (not just HEAD), license compliance, internal references (private URLs, internal hostnames, employee names), trademark exposure, attribution gaps, and community-readiness gaps (CONTRIBUTING, CODE_OF_CONDUCT, SECURITY.md, LICENSE headers). Use when: "open source readin

Frontend quick wins to wow effects (6 dimensions). Use when: "polish", "beautify", "improve", "wow", "improve design", "enhance", "quick wins".

Launch parallel code review agents for comprehensive multi-perspective review. Use when: "review team", "full review", "multi-review", "review-team".

Scans all skills and rules to extract cross-cutting principles that should become shared rules. Meta-governance tool for keeping rules synchronized with growing skill collections.

3-mode protection system for autonomous agent runs. Careful (confirm risky ops), Freeze (restrict writes to directory), Guard (combined). Use when running autonomous loops or untrusted agent tasks.

Pre-PR verification pipeline with plan validation, build, types, lint, test, security, diff review, and consistency checks. Verification gate — use before creating a PR or merging.

Launch parallel debugging agents for systematic root-cause analysis. Use when: "debug team", "help me debug", "debug-team", "find the bug".

Deployment readiness check for Docker/Traefik projects. Use when: "deploy check", "deployment check", "ready for deployment", "deploy-check", "before deploy", "production ready".

Pipeline source freshness check (frameworks, tools, standards). Use when: "freshness", "update check", "is everything current", "check versions".

Git repository hygiene check. Stale branches, large files, commit conventions. Use when: "git cleanup", "git hygiene", "clean up branches", "git-hygiene", "stale branches", "git cleanup".

Generate Claude Code hook configurations from natural language descriptions. Use when: "create hook", "add hook", "hook for", "when X happens do Y", "hook-gen".

Quick self-review checklist after code changes. Lightweight alternative to adversarial-review. Use when: "review my changes", "self-review", "quick review", "check my work", or automatically after significant edits.

Extract learnings and save as memory files (file-based memory system). Use when: "lesson learned", "what did we learn", "learning", "remember".

Core Web Vitals performance check (LCP, CLS, INP). Use when: "lighthouse", "pagespeed", "performance", "core web vitals", "speed".

OG/Twitter/Structured Data meta tag check. Use when: "meta tags", "open graph", "og tags", "twitter card", "structured data", "seo meta".

Analyzes draft prompts, identifies gaps, matches available skills/agents, and recommends optimal workflows. Advisory only — never executes, only optimizes. Use when unsure which skills or approach to use for a task.

Scans a project to detect tech stack, architecture, and quality indicators. Can auto-generate CLAUDE.md.

Summarize the pre-compact snapshot produced by the PreCompact hook into a human-readable recap. Equivalent to Claude Code's `/recap` but driven by Hangar snapshots so it works across sessions even without telemetry. Use when: "recap", "where did we stop", "what was going on", "session summary", "catch me up", "session-recap".

Astro Migration & Best-Practice Audit with state persistence. Use when: "astro-audit", "astro upgrade", "astro migration", "astro check", "astro version".

Database audit for Drizzle ORM + PostgreSQL with state persistence. Use when: "db-audit", "database audit", "drizzle check", "db check", "schema audit", "migration check", "postgresql audit".

Security scan for Claude Code projects (secrets, MCP permissions, hook safety, dependencies). Use when: "security scan", "check security", "is this secure", "before deploy security", "scan for secrets".

Launch parallel security analysis agents for comprehensive vulnerability assessment. Use when: "security team", "security audit", "security-team", "pentest", "vulnerability scan".

Audits skill quality across four dimensions (actionability, scope fit, uniqueness, currency). Quick Scan for changed skills, Full Stocktake for complete audit. Use for maintenance as the skill collection grows.

Suggests optimal moments for /compact based on workflow state and context usage. Proactive context management to prevent quality degradation.