Explore skills

Generates a human-readable architecture document for any codebase. Use when onboarding contributors, presenting to stakeholders, explaining how a system works to non-technical collaborators, or after a major architectural change. Outputs docs/ARCHITECTURE.md with a Mermaid system diagram, plain English narrative, data flow walkthrough, and tech stack rationale. Trigger on: "map the architecture",

Activate when the user wants to reduce token usage, manage context efficiently, or says "be frugal", "save tokens", "token usage", "frugal mode", "reduce context", "don't waste tokens", "context limit", or "token efficient". Reviews current behaviour and enforces minimal-token rules for the rest of the session. Always active via CLAUDE.md — this skill is a mid-session audit and reminder.

Post AI Thinking — unbiased solution space explorer. Strips inherited human heuristics, enumerates ALL possible approaches, then lets the user choose. No paradigm gets priority. Auto-calibrates depth: simple problems get a quick scan (3 paradigms), architectural decisions get the full space (7 paradigms, all phases). Existing solutions are fully included — if they fit best, use them. Invoke as: /p

Product pressure test before you build. Two modes: Startup (6 YC-style forcing questions that expose demand reality, status quo, target user, narrowest wedge, observation, and future-fit) and Builder (generative brainstorming for side projects, hackathons, and open source). Produces a design doc. Invoke when the user describes a new idea, asks whether something is worth building, or wants to press

Scan the current codebase or a specified file/diff for production bugs, logic errors, and risky code before it ships. Use when the user says "review", "check my code", "is this safe to ship", or "any bugs in this?". Produces a prioritised bug list with exact file:line references and optional auto-fixes.

Audit code for security vulnerabilities. Use when the user says "security-audit", "security check", "is this secure", "audit for vulnerabilities", or before any public deployment. Covers OWASP Top 10 and common API/backend attack surfaces.

Audit any system for human usability against Nielsen's 10 heuristics. Deterministic checklist — same 10 heuristics, same severity scale, same report structure every run. Works on UI screens, CLI flows, API response patterns, user journeys, component code, or any described interface. Invoke when user says "usability audit", "UX review", "heuristic evaluation", "audit for usability", "check this for

Trace the root cause of a bug or unexpected behaviour. Use when the user says "why is this broken", "why does this fail", "whybroken", "something's wrong with X", or pastes an error. Never patches symptoms — always finds the cause first.

Use when about to emit a warning, flag, or alert for a LOW-confidence issue — the alert-fatigue / signal-credibility discipline. False alarms have an asymmetric cost: after repeated low-confidence warnings, the operator stops reading the channel, and the one true warning gets ignored. Fires on choosing a log level (warn vs info vs error), inflating a PR title/commit to "CRITICAL", marking speculat

Use when about to extract maximum present value from a RENEWABLE source in a way that degrades the source itself — the kill-the-source / unsustainable-extraction anti-pattern. Fires when about to max out an API rate limit or quota to ship one task faster (risks the access), flood the operator with low-priority pings (burns attention/trust budget), sacrifice maintainability for one task's throughpu

Use when, just after abandoning or failing at something, you catch yourself concluding "that wasn't worth reaching anyway" — the post-mortem self-deception / motivated-reasoning anti-pattern. Fires when writing a post-mortem after a failure or rollback, recording a lesson after a retreat, or when an operator/agent's stated reason for quitting smells like comfort rather than analysis. The tell: a g

Run the repo's make targets in dependency order (setup → lint → test → end-to-end) and verify each command's terminal output against its `logs/dev-<ts>-<cmd>.log` archive. Supports a full audit and a fast variant. Use whenever the user wants to validate the toolchain is clean, run lint+test locally before pushing, or reconcile terminal output against the dev-runner log archives — phrasings like "r