بنقرة واحدة
devprofile
يحتوي devprofile على 17 من skills المجمعة من p10ns11y، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.
Skills في هذا المستودع
Fission engine for token-efficient coding (JS, TS, Node.js, Rust, Python, ML/AI). Pruning, compression, strict token budgeting. Pair with fusion-sage for synthesis and surplus. Trigger on implementation, debugging, refactoring; hand off architecture to fusion-sage.
Guides modern HTML semantics, WAI-ARIA, WCAG contrast, data-* state attributes, and native elements over div-heavy UI; pairs Tailwind with modern CSS where CSS wins. Use before marketing/UI refactors, landing pages, forms, dialogs, nav, or when the user mentions semantics, WAI-ARIA, accessibility, data attributes, native elements, color contrast, or modern CSS.
Fusion-oriented evolution of Context Sage. Uses the original fission engine as containment field, then adds synthesis, surplus generation, and self-amplifying knowledge loops. For AI coding tasks where you want not just efficiency, but compounding intelligence.
Create a new project SKILL.md for a repeatable workflow. Use when user asks to add a skill for vulnerabilities, package upgrades, audits, supply-chain checks, or any named agent workflow.
Delegate broad exploration to a subagent with a fixed Return format. Use when the task needs readonly repo mapping, token/CSS/prosody surveys, QA module exploration, or "explore thoroughly" with numbered deliverables.
Harden pnpm workspace and fix vulnerabilities. Use when user asks for pnpm audit, deprecations, supply-chain security, workspace hardening, or sfw/firewall checks.
Generic high-quality BDD/TDD strategist for complex projects of any size. Decomposes large refactors into core-first test slices, contract-first invariants, and safe incremental delivery. Triggers on BDD strategy, TDD plan complex, behavior-driven refactor, legacy migration, make this testable.
Triage every non-trivial task first: single-shot when safe, full orchestration when multi-step, multi-agent, or high-risk. Covers briefs, verification before "done", iterative waves, and resume. Use when coordinating workers, delegating, or reviewing agent output — not for one-file typo fixes.
Runs Hermes, OpenClaw, and Grok Build concurrently on isolated git worktrees or cloud sandboxes (Modal, Daytona, E2B, Fly Sprites). Use when orchestrating multiple CLI coding agents, git worktree isolation, subagents in separate branches, or offloading agent runs to remote sandboxes.
Effective git worktree workflows for agents and humans: branches vs worktrees, safe commit-then-merge integration (never cp into main checkout), conflict handling, when to use or skip worktrees, macOS concurrency, and **disk hygiene for the global `~/.grok/worktrees/` clones** that execute-plan and subagents leave behind. Use when creating worktrees, integrating agent task branches, or cleaning up after large orchestration runs.
Generates minimal, security-first .devcontainer configs (devcontainer.json, optional Dockerfile) with pinned digests, non-root user, cap drops, and small blast radius. Use when the user asks for devcontainer, Dev Containers, Codespaces, remote development in Docker, or hardened containerized dev setup.
Senior client-side React (no RSC for UI): minimal state, deliberate effects, use() + Suspense and TanStack Query for data, XState for complex flows, refs, restrained Context. Use for components, hooks, fetching, effects, or client refactors in .tsx files.
Audits IDE tooling supply chain: Cursor/VS Code extensions, Cursor plugins, and bundled node_modules using pnpm/npm audit where lockfiles exist. Use when the user asks about Cursor plugins, extensions, MCP helpers, IDE malware, or whether editor dependencies were compromised.
Generates editor-agnostic workspace settings from a .editor/profile.json manifest: .vscode/settings.json, extensions.json, and Cursor workspaceOpen plugin loading. Use when setting up per-project extensions, Cursor plugins, editor defaults, or porting workspace config to new repos.
Upgrades npm/pnpm dependencies safely: patch and minor first, framework majors (Next.js, React) with official or community codemods and code fixes. Use when the user asks to update, upgrade, or bump packages, reduce outdated deps, or migrate to a new major of Next, React, TypeScript, Tailwind, or Biome/ESLint.
Audits pnpm allowBuilds whitelist packages for supply-chain risk: resolved lockfile versions, new registry releases, lifecycle scripts, trust downgrades, and incident intel. Runs checks and install verification. Use when the user asks about allowBuilds, postinstall/build scripts, strictDepBuilds, approve-builds, or whether native-build deps were compromised.
Fixes dependency vulnerabilities and deprecations, hardens the supply chain, and wraps package-manager installs with Socket Firewall (sfw). Use when the user asks for pnpm/npm audit, security fixes, deprecated packages, supply-chain attack prevention, StepSecurity-style dependency hygiene, or sfw.