Menu
Startup runbook for MERN projects. Establishes stack decisions, scaffolds the project, configures GitHub security, and confirms governing constraints.
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
Scaffold a pnpm + Turborepo MERN monorepo with Next.js, tooling, tests, CI, and optional GitHub repo creation.
Configure GitHub repository security with branch protection, Dependabot, security scanning, and CI workflows. Integrates with mern-scaffold, nean-scaffold, and iOS projects.
Harden a Vercel deployment with security headers, CSP, bot protection, and deployment configuration
Add authentication to an iOS app with Sign in with Apple, biometrics, and Keychain storage.
Scaffold a new feature with View, ViewModel, and tests following ios-std conventions.
Review iOS code for compliance with standards, NFRs, and security policy.
| name | mern-kit |
| description | Startup runbook for MERN projects. Establishes stack decisions, scaffolds the project, configures GitHub security, and confirms governing constraints. |
Initialize a new MERN project with the standard stack, scaffolding, GitHub security, and constraints.
Input: <app-name> (optional, default: "app"). Use . to scaffold in the current (empty) directory.
/mern-stack
Establishes: toolchain, monorepo layout, Next.js conventions, database approach, environments.
/mern-scaffold <app-name> [--github]
Creates: build-green baseline with CI, tests, shared packages, server utilities, tooling.
The scaffold step includes git init at the end.
Prerequisite: The scaffold step must have completed git init first.
/github-hooks --platform mern
Installs: Husky + lint-staged, pre-commit validation (lint, format, secrets), commit message enforcement, pre-push tests.
/github-secure
Applies: branch protection, Dependabot alerts, auto-merge. Skips files already created by scaffold.
Confirm these always-on skills are enabled:
mern-sec — security policymern-nfr — non-functional requirementsmern-std — coding standardsmern-styleguide — design/UX standardsTrigger CI and wait for it to complete:
gh workflow run ci.yml --ref main (or wait for push-triggered run)gh run watch --exit-status — blocks until complete, exits non-zero on failuregh run view --log-failed
b. Fix the issue locally
c. If push to main is blocked by branch protection, temporarily disable enforcement:
REPO=$(gh repo view --json nameWithOwner -q .nameWithOwner)
gh api -X PATCH "/repos/$REPO/branches/main/protection/enforce_admins" -f enforcement=false
git push
gh api -X POST "/repos/$REPO/branches/main/protection/enforce_admins"
gh run watch --exit-status/mern-unit-test — run tests, report failures, fix with approval/mern-code-review — review against policies, fix with approval/mern-design-review — visual review with Playwright, fix with approval/mern-add-feature — scaffold new features/mern-add-auth — add authentication/mern-deploy — prepare for deployment/mern-e2e — E2E test management/mern-api-docs — generate API documentation/mern-deps — dependency management/mern-teardown — tear down project and optionally delete GitHub repoAfter running this kit, confirm: