mit einem Klick
claude-code-methodology
claude-code-methodology enthält 33 gesammelte Skills von AribSudia, mit Repository-Berufsabdeckung und Skill-Detailseiten auf SkillsMP.
Skills in diesem Repository
Memory | Code-graph subsystem — a native lightweight IMPORT graph (which file imports which, god-node candidates) built with ripgrep/grep, so a large monorepo can be navigated by structure instead of re-grepping every session. build/refresh/query. Honest scope: structural import graph, NOT semantic (no call-graph/type resolution); no Graphify dependency. Loads ON DEMAND only (zero always-on tokens). ADR-034.
Dev | Over-engineering review — reads a diff/module and returns a delete-list of bloat (single-use abstractions, premature generalization, speculative config, dead options) WITHOUT stripping legitimate structure. Advisory: returns recommendations, never auto-deletes. The on-demand companion to the ponytail-lite tripwire hook. Authored natively (no Ponytail dependency). ADR-033.
Wave | Pre-wave requirement lock — Act 1 derives the requirements from the codebase + memory (an honest grill, not guesswork), Act 2 hands the locked plan to an independent model (Codex) to tear apart until sign-off. Produces waves/<id>/PLAN.md + PLAN-REVIEW-LOG.md. Auto-chained idempotently from /arib-wave-start. If Act 2 can't run (no Codex), the wave proceeds but HOLDS MERGE for a human. Absorbs grill-me-codex (ADR-032).
Wave | Start a multi-session delivery wave — branch, plan, parallel architect+planner
Engine | Command the engineering team to deliver a known goal — dispatches the engineer-manager to decompose → dispatch specialists (parallel where safe) → integrate → reconcile (verification-agent) → merge gate. Scales its own reach: runs inline for a bounded goal, escalates to a parallel Workflow for a broad one, and paces under /loop for a multi-turn campaign — only when it needs to. Use when a goal needs a coordinated TEAM, not one specialist. Sibling of /arib-engine: the engine DISCOVERS its own backlog; /arib-build EXECUTES a goal you hand it.
Stack | NestJS architecture & patterns reference — modules/providers/DI, DTO+validation, guards/interceptors/pipes/filters, config, async lifecycle, testing, and the security + performance pitfalls that bite at scale. Use when building or reviewing a NestJS backend. Composes with security-auditor (OWASP), database-guardian (TypeORM/Prisma migrations), and performance (N+1). Authored natively (the ECC graft was unsourceable; this is CCM's own, MIT).
Stack | PostgreSQL optimization & safety patterns — indexing, query plans, N+1, safe online migrations, connection pooling, JSONB, and Row-Level Security for multi-tenancy. Use when designing or reviewing Postgres-backed data access. Composes with database-guardian (migration safety) and performance (query budgets). Authored natively (MIT), not an ECC copy.
Memory | Semantic search across project memory — claude-mem MCP with grep fallback
Engine | Autonomous engineering & product-led-growth campaign engine. Use when the operator hands over ownership and wants continuous, self-running improvement of a codebase — triggers include "take over as the expert", "make it all", "rework until you decide it's done", "run the campaign", "harden / audit / sweep the codebase", "keep shipping value autonomously", or any request to autonomously discover, fix, verify, and ship many improvements across CI-green PRs until the evidence says done. It runs adversarial multi-dimensional discovery sweeps (find→refute→confirm), ships one focused reversible PR per concern behind hard verification gates, applies explicit ship/escalate/decline frameworks, records durable memory, and concludes on an evidence-based closure test (handing the operator a decision list). STANDALONE by default (runs the whole methodology self-contained); orchestrates the broader arib-* family ONLY on explicit opt-in (`--with-arib-family`, or "leverage the arib family"). Self-pacing is delegated
Wave | Close a wave — deep-audit gate + wave-level reconciliation (verification-agent: objective ↔ achieved), stakeholder report, audit-hash tag, then AUTO-MERGE by default (held for a human on --hold-merge / high-stakes / GAP / BLOCK)
Wave | Execute wave steps as a reference-based dynamic loop — auto-advance, per-step + wave-level reconciliation (verification-agent: objective ↔ achieved), re-engineer on GAP, AUTO-MERGE on RECONCILED by default (--hold-merge / high-stakes hold for a human)
Audit | Wave-end 21-section deep audit + IMPLEMENT-FROM-FILE mode
Check | Compliance alignment — runs code-checkable rules per framework
Check | Database migration safety review - risk classification, lock analysis, rollback verification
Check | Infrastructure health - adapts to project type, checks only what exists
Dev | Scientific debugging - observe, 3 hypotheses, test, fix, verify, document
Docs | Generate documentation - analyze target, extract interfaces, create docs, commit
Check | Accessibility audit - WCAG 2.1 AA compliance, color contrast, ARIA, keyboard navigation, screen reader
Check | Arabic typography, RTL, numerals, punctuation — MENA compliance
Check | Pre-deployment 7-phase verification - tests, security, DB, env, performance, docs, rollback
Check | Audit dependencies - vulnerabilities, outdated packages, license compliance, supply chain safety
Check | Design system contract — tokens, components, typography, dark mode
Check | Performance audit - N+1 queries, bundle size, latency budgets, memory leaks, caching gaps
Check | Scan for mock data, fake APIs, hardcoded responses - verify the system is genuinely connected
Check | Application security audit — OWASP Top 10 + supply chain
CI | Audit, init, or review CI/PR posture — workflows, templates, CODEOWNERS, branch protection
Dev | Start a new feature with branch, planning, TDD workflow, and safety snapshot
Dev | Code review with quality gates — function length, duplication, security, tests
Docs | Generate or sync API documentation - discover endpoints, produce OpenAPI spec, detect undocumented routes
Docs | Universal language/i18n compliance - RTL, LTR, CJK, Indic, fonts, formatting, accessibility
Session | I/O Channel - check signals, process requests from Cowork, write results, update dashboard
Session | Close session — update all memory files, run tests, commit, push, report next steps
Session | Initialize session — read context, check I/O channel, report status, wait for approval