Explorar skills

Repository audit for non-website projects (CLI, libs, backend, monorepo). Use when: "project-audit", "project audit", "repo audit", "code audit".

SvelteKit & Svelte 5 Migration, Best-Practice Audit with state persistence. Use when: "sveltekit-audit", "sveltekit upgrade", "svelte migration", "svelte check", "sveltekit version", "svelte 5 runes".

Systematic website audit (stack detection, 9 phases). Use when: "audit", "website audit", "site audit", "check website".

Pre-publication audit for repositories about to go public or already public. Catches what other skills miss: secrets in git history (not just HEAD), license compliance, internal references (private URLs, internal hostnames, employee names), trademark exposure, attribution gaps, and community-readiness gaps (CONTRIBUTING, CODE_OF_CONDUCT, SECURITY.md, LICENSE headers). Use when: "open source readin

Astro Migration & Best-Practice Audit with state persistence. Use when: "astro-audit", "astro upgrade", "astro migration", "astro check", "astro version".

Launch parallel security analysis agents for comprehensive vulnerability assessment. Use when: "security team", "security audit", "security-team", "pentest", "vulnerability scan".

Use when handling user input, authentication, data storage, or external integrations. Use when building any feature that accepts untrusted data, manages user sessions, or interacts with third-party services.

Use when preparing a codebase for first-time public/open-source release. Full lifecycle from audit through documentation, hardening, and final review.

Ongoing maintenance for your assembled expert team. Add expertise, audit for bloat, restructure messy setups, or upgrade older projects. Auto-detects severity — targeted addition, health check, or full restructure. Use gigo:maintain, /maintain, or when gigo:blueprint or gigo:snap detect gaps.

Docker guidance for fast-moving teams. Starts with "do you need a Dockerfile?" (often no - use mounted code pattern). When Dockerfiles are needed, provides 2025 best practices for multi-stage builds, security hardening, BuildKit optimization, and language-specific patterns. Use when setting up Docker for a project, auditing Dockerfiles, or optimizing builds/images.

Perform thorough code reviews with security, performance, and maintainability analysis. Use when user asks to review code, check for bugs, or audit a codebase.

Code review for TenantFlow. Checks security, correctness, and quality. Focuses on tenant isolation, Stripe webhooks, and Clerk auth.