Skip to main content
Exécutez n'importe quel Skill dans Manus
en un clic
Dépôt GitHub

ai-plugins

ai-plugins contient 55 skills collectées depuis bitwarden, avec une couverture métier par dépôt et des pages de détail sur le site.

skills collectés
55
Stars
124
mis à jour
2026-07-06
Forks
14
Couverture métier
8 catégories métier · 100% classifié
explorateur de dépôts

Skills dans ce dépôt

action-remediate
Développeurs de logiciels

Remediate GitHub Actions action findings identified by the action-audit skill. Applies the appropriate fix per action type — `@main` ref for internal `bitwarden/` actions, full SHA with inline version comment for external actions, or full replacement — across selected repos and creates draft PRs. Run the action-audit skill first to identify findings before using this skill. <example> User: Go ahead and fix the unpinned actions from the audit Action: Trigger action-remediate to apply fixes and create PRs </example> <example> User: Replace tj-actions/changed-files with the safe version across those repos Action: Trigger action-remediate to swap the action and create PRs </example>

2026-07-06
workflow-fix
Développeurs de logiciels

Apply fixes for workflow linter findings identified by the workflow-audit skill. Applies mechanical fixes automatically, pauses for judgment calls, verifies with a re-lint, and creates draft PRs. Run the workflow-audit skill first to identify findings before using this skill. <example> User: Go ahead and fix the linter findings from the audit Action: Trigger workflow-fix to apply fixes and create PRs </example> <example> User: Fix the workflow linter issues in server and clients Action: Trigger workflow-fix for those repos </example>

2026-07-06
reviewing-dependency-changes
Analystes en assurance qualité des logiciels et testeurs

Use this skill when a PR diff contains changes to dependency manifest files (package.json, .csproj, Cargo.toml, go.mod, requirements.txt, etc.) or when reviewing Renovate/Dependabot bot PRs. Evaluates new dependencies for AppSec approval process compliance, major version bump significance, lock file hygiene, and dependency removal completeness. Does NOT perform deep security or license analysis — that is handled by the bitwarden-security-engineer plugin's reviewing-dependencies skill.

2026-07-01
performing-multi-agent-code-review
Analystes en assurance qualité des logiciels et testeurs

Perform a rigorous, multi-agent code review with architecture-compliance, parallel quality/security analysis, finding validation, and severity audit. Use when the user asks for a structured, deep, thorough, multi-pass, or multi-agent code review — or a review that includes architecture/pattern compliance, confidence-scored findings, or a severity audit. Use when the user asks for a code review across a commit range, time window, or N most recent commits in a locally checked-out repo.

2026-06-23
decomposing-into-tasks
Spécialistes en gestion de projets

Decompose a breakdown Plan into a tasks.md document with one entry per future Jira work item. Also handles resumption against a partly-drafted task list. Triggers: "decompose into tasks", "draft the tasks section", "break this into stories", "split into Jira tickets", "fill in the tasks table", "continue task decomposition".

2026-06-23
developing-breakdown-spec
Spécialistes en gestion de projets

Resolve open design questions, then capture what's being built into the Specification section of a Bitwarden Tech Breakdown. Use after a breakdown document has been created in its empty state or resuming a partly-resolved specification. Triggered by phrasings such as "understand the work", "define breakdown scope", "write the breakdown spec", "develop the specification", "continue the breakdown spec".

2026-06-23
navigating-the-initiative-funnel
Spécialistes en gestion de projets

Phase-by-phase guidance for participating in Bitwarden's Software Initiative Funnel. Covers ownership boundaries between shepherd and tech lead at each phase, how to run an epic breakdown after handoff, sizing and estimation, cross-team dependency tracking, and the escalation paths that protect team autonomy. Use when a team is about to receive an initiative epic, when participating in an Architectural Assessment or PoC, when preparing a team breakdown, or when surfacing concerns back to the shepherd or engineering leadership.

2026-06-23
developing-breakdown-plan
Développeurs de logiciels

Develop the Plan section of a Bitwarden Tech Breakdown after the Specification is filled — technical architecture, per-layer impact, in-flight collision scan, cross-team impact mapping, and self-review. Supports resumption against a partly-developed Plan. Triggers: "develop the plan", "draft the implementation plan", "map per-layer impact", "scan for in-flight work", "identify cross-team impacts", "continue planning", "plan the breakdown".

2026-06-19
starting-breakdown
Développeurs de logiciels

Sets up a new Bitwarden Tech Breakdown in the bitwarden/tech-breakdowns repo. Creates a per-breakdown folder (`<team>/<JIRA-KEY>-<short-slug>/`) containing `breakdown.md` from the template, so the future `tasks.md` and any specification artifacts can live alongside it. Use when a team is creating a new breakdown — triggered by phrasings such as "start a tech breakdown", "create a new breakdown for X", "set up the breakdown file", "spin up a breakdown".

2026-06-19
architecting-solutions
Développeurs de logiciels

Framework for architecting solutions inside a team's domain while staying coherent with Bitwarden's holistic architecture. Covers security mindset, blast radius assessment, architectural judgment, Bitwarden-specific constraints, working with the architecture group, and working with initiative shepherds. Use when planning a solution, reviewing architecture within a team's scope, assessing blast radius, evaluating trade-offs, or deciding whether a choice needs architecture-group input.

2026-06-19
applying-bitwarden-branding
Graphistes

Apply Bitwarden brand standards — logo usage, color palette, typography, iconography, and capitalization rules — grounded in bitwarden.com/brand and the bitwarden/brand repository.

2026-06-05
content-style-guide
Rédacteurs techniques

Bitwarden's product content style guide for end-user-facing GUI copy — voice, tone, AP-style-with-exceptions grammar, sentence case in UI, and accessibility-first language at a U.S. 7th-grade reading level.

2026-06-05
evolving-design-system-components
Concepteurs web et d'interfaces numériques

Propose a new UI pattern or modify an existing Design System component per Bitwarden's published governance process — design-team alignment, Core vs. Recipe/Snowflake decision with UI Foundation, Figma branching and property conventions, review gates, merge timing.

2026-06-05
navigating-design-jira-process
Spécialistes en gestion de projets

Move design work through Bitwarden's Product and Design Jira workflow — final designs attached to tickets, the 30/60/90 critique cadence tracked in Figma, status transitions on engineering epics and stories, and the one-off engineering story flow.

2026-06-05
preparing-design-handoff
Spécialistes en gestion de projets

Prepare a Bitwarden design handoff — the Figma file in Ready-for-Dev state and the Jira state transitions that go with it. The end-of-In-Design gate / checklist.

2026-06-05
using-figma
Concepteurs web et d'interfaces numériques

Read and inspect Figma designs via the Dev Mode MCP server — selects the right tool, parses Figma URLs into fileKey and nodeId, and turns design context into useful input for critique, copy review, handoff prep, and Design System work.

2026-06-05
design-review
Concepteurs web et d'interfaces numériques

Bitwarden design team's Code of Conduct combined with the 30/60/90 critique framework — stage-appropriate critique, product-not-designer focus, content evaluated alongside visual design at 60% and 90%.

2026-06-05
facilitating-design-critique
Spécialistes en gestion de projets

Run or participate in a Bitwarden design critique session — the weekly team critique and one-off product design reviews — grounded in the team's published etiquette guide and the Product Design Review Guidelines.

2026-06-05
creating-pull-request
Développeurs de logiciels

Open a pull request from a branch in a Bitwarden repository — pick the conventional commit type prefix that drives the t: label, fill in the repo's PR template, choose an ai-review label, and confirm a full submission preview before running gh pr create.

2026-05-26
championing-a-strategy-idea
Développeurs de logiciels

Primary-Owner playbook for shepherding a Technical Strategy Idea through Architecture's pre-funnel evaluation into the Software Initiative Funnel.

2026-05-18
coordinating-implementation-across-teams
Développeurs de logiciels

Phase 5 (Implementation) deep-dive playbook — shepherd coordinates teams executing the initiative across the support period, pulse check, retrospective, and closure.

2026-05-18
curating-the-strategy-ideas-backlog
Développeurs de logiciels

Peer-Reviewer and portfolio-curator side of the TSI Shepherding Model — backlog stewardship, quarterly prioritization, funnel intake handoff.

2026-05-18
running-a-proof-of-concept
Développeurs de logiciels

Phase 3 (Proof of Concept) deep-dive playbook — validates the Research recommendation in real Bitwarden code and drafts the ADR.

2026-05-18
running-an-architectural-assessment
Développeurs de logiciels

Phase 2 (Research) deep-dive playbook — drafts the Architectural Assessment.

2026-05-18
scoping-and-handing-off-to-teams
Développeurs de logiciels

Phase 4 (Scoping & Commitment) deep-dive playbook — High-Level Architecture Plan, child epics, per-team handoffs, leadership go/no-go.

2026-05-18
shepherding-an-initiative
Développeurs de logiciels

Five-phase umbrella playbook for an initiative shepherd. Dispatches to phase-deep skills (Research, PoC, Scoping, Implementation) at the right moment.

2026-05-18
action-audit
Développeurs de logiciels

Audit GitHub Actions action usage across an org. Searches for a specific action (incident mode) or sweeps all workflow files for non-compliant action references (audit mode). Produces a read-only report of findings with compliance status and resolved SHAs. Does not modify any files. <example> User: We need to check if any repos are using tj-actions/changed-files Action: Trigger action-audit in incident mode for that action </example> <example> User: Can you find all unpinned actions across the org? Action: Trigger action-audit in audit mode </example>

2026-05-12
bitwarden-workflow-linter-rules
Développeurs de logiciels

Reference for all Bitwarden workflow linter (bwwl) rules. Covers all 10 linter rules split into two categories: mechanical rules that can be applied automatically (name_capitalized, permissions_exist, pinned_job_runner, step_pinned, underscore_outputs, job_environment_prefix, check_pr_target) and judgment rules requiring user input (name_exists, step_approved, run_actionlint). Use the workflow-audit skill to run the linter and report findings, and the workflow-fix skill to apply fixes. <example> User: What does the step_pinned rule check for? Action: Consult this skill for the rule definition and fix procedure </example> <example> User: How do I fix a permissions_exist finding? Action: Consult this skill for the fix procedure </example>

2026-05-12
addressing-code-review-comments
Analystes en assurance qualité des logiciels et testeurs

Use when the user is addressing pull request review comments locally and asks for help evaluating, implementing, or drafting responses to reviewer feedback - requires technical rigor and verification, not performative agreement or blind implementation

2026-05-12
auditing-hackerone-vulns
Analystes en sécurité de l'information

Audit all open HackerOne-sourced VULN Jira tickets and their linked engineering child items to identify what needs action. Use this skill whenever the user wants to: check VULN ticket status, see which HackerOne findings need status updates, identify vulnerabilities ready to verify or close, run a remediation audit, check "what do I need to do on my VULN tickets today", or get a prioritized view of open vulnerabilities. Outputs a sorted action table with emoji tokens. Always use this skill for HackerOne/VULN remediation tracking and status correlation tasks — don't try to do it from scratch.

2026-05-12
contributing-to-technical-strategy
Autres occupations informatiques

How team-level patterns flow up into Bitwarden's Technical Strategy Ideas backlog and back down through BW Initiatives into team epics and stories. Covers recognizing which team-level patterns belong in the TSI backlog, framing an idea well enough for Architecture to evaluate it, the ARCH idea ↔ BW Initiative linkage, and defining epic-level and story-level work downward from an initiative. Use when noticing a cross-team pattern of pain that exceeds one team's scope, when surfacing ideas to the architecture group, when understanding how an initiative connects back to its originating idea, or when breaking epic-level work out of an initiative onto a team.

2026-05-08
running-work-transitions
Spécialistes en gestion de projets

Six-phase playbook for running ownership transitions in either direction — receiving work from another team (initiative handoffs from shepherds, frameworks from Platform, operational responsibilities from SRE), or originating a transition (handing off a built framework, transitioning a shepherded initiative, or moving operational responsibilities). Applies Bitwarden's Work Transition Playbook from whichever side a team is on. Use when a team is about to take on or hand off transferred work, when preparing materials or sessions, when the support period is underway, or when running a pulse check or retrospective on a handoff.

2026-05-07
threat-modeling
Analystes en sécurité de l'information

This skill should be used when the user asks to "create a threat model", "define security goals", "generate a data flow diagram", "write security definitions", "perform an initial security assessment", or needs to produce threat model artifacts for new features or architecture changes.

2026-05-06
reviewing-security-architecture
Analystes en sécurité de l'information

This skill should be used when the user asks to "review the security architecture", "check authentication patterns", "evaluate trust boundaries", "review encryption implementation", "assess authorization design", or needs to evaluate system designs for authentication, authorization, data protection, or cryptographic correctness.

2026-04-30
committing-changes
Développeurs de logiciels

Git commit conventions and workflow for Bitwarden repositories. Use when committing code, writing commit messages, or preparing changes for commit. Triggered by "commit", "git commit", "commit message", "prepare commit", "stage changes".

2026-04-28
labeling-changes
Développeurs de logiciels

Conventional commit type keywords for PR titles and commit messages. Use when determining the change type for commits or PRs. Triggered by "what type", "label", "change type", "conventional commit", "t: label".

2026-04-28
perform-preflight
Analystes en assurance qualité des logiciels et testeurs

Quality gate checklist to run before committing or creating a PR. Use when finishing implementation, checking work quality, or preparing to commit. Triggered by "preflight", "self review", "ready to commit", "check my work", "quality gate".

2026-04-28
researching-jira-issues
Spécialistes en gestion de projets

Use whenever the user mentions a Jira issue key and wants more than a surface-level lookup — "Read PROJ-123", "What's PROJ-123 about?", "Give me context on PROJ-123", "Deep dive PROJ-123", "What's blocking PROJ-123?", "Summarize PROJ-123 and its dependencies", "I need to work on PROJ-123, what should I know?", or any request to understand an issue's purpose, scope, or requirements. Thoroughly researches and synthesizes a Jira issue including all linked issues, sub-tasks, blocked dependencies, and supporting Confluence documentation.

2026-04-15
workflow-audit
Analystes en assurance qualité des logiciels et testeurs

Run the Bitwarden workflow linter (bwwl) against one or more repos and report findings. Strictly read-only — does not modify any files. Categorizes findings as mechanical or judgment using the bitwarden-workflow-linter-rules skill. Supports single repo, multiple repos, or single file/directory scope. <example> User: Run the workflow linter on the server repo Action: Trigger workflow-audit for that repo </example> <example> User: Lint the workflows across server, clients, and android Action: Trigger workflow-audit in multi-repo mode </example>

2026-04-15
perform-security-review
Analystes en sécurité de l'information

Performs a security-focused code review by launching multiple specialized agents and a verification agent to ensure comprehensive coverage and accurate findings. Use this skill when the user asks for a "perform-security-review", "bitwarden-security-review", "execute a security review", "run a comprehensive security audit", "perform an end-to-end security assessment", or needs to coordinate multiple security checks across code, dependencies, secrets, and configurations. The skill manages the workflow, delegates tasks to specialized agents, and presents final findings to the user.

2026-04-07
Affichage des 40 principaux skills collectés sur 55 dans ce dépôt.