ai-dev-workflow

Start a work item: triage risk, run structured brainstorming to clarify requirements, compare solution options, and produce a decision log + change package skeleton.

Adversarial evaluation patterns for any output or decision where you want a devil's advocate challenge before committing. Use when: you want to challenge a decision, get an adversarial second opinion, implement self-critique loops, apply rubric-based scoring, run evaluator-optimizer pipelines, judge-and-refine cycles, verify a downstream agent can consume an upstream artifact, or check inter-stage artifact consistency. Triggers on "devil's advocate", "challenge this decision", "挑戰這個決策", "扮演反對者", "adversarial review", "self-critique", "質疑這個方案". Do NOT use for standard code review (use code-security-review skill), general refactoring (use refactor skill), or security audits.

Generate comprehensive specification documents (PRD/Spec). Use when asked to "write spec", "create PRD", "document requirements", "user stories", "acceptance criteria", "產生規格", "寫需求文件", "specifications", or transforming brainstorm results into formal structured requirements for features.

Test-Driven Development workflow enforcement skill. Use when explicitly asked for TDD methodology, test-first development, red-green-refactor cycle, or TDD implementation. Triggers on keywords like "start TDD", "test-driven development", "write tests first", or in Chinese "開始 TDD", "測試先行", "TDD 實作". Provides comprehensive TDD patterns, coverage requirements, and Red-Green-Refactor workflow guidance.

CI/CD pipeline design and automation quality gates. Use when designing or reviewing continuous integration pipelines, setting up quality gates, implementing Shift Left testing strategies, automating deployment workflows, or diagnosing slow/broken pipelines. Triggers on: "CI/CD", "pipeline design", "quality gate", "Shift Left", "automate deployment", "GitHub Actions", "pipeline slow", "build pipeline", "continuous integration", "continuous deployment". Do NOT use for production launch decisions (use shipping-and-launch), code review (use code-security-review), or infrastructure provisioning.

Production deployment and launch management skill. Use when preparing to ship a feature to production: staged rollout planning, rollback plan design, production readiness checklists, launch go/no-go decisions, and post-launch monitoring setup. Triggers on: "deploy to production", "ship this feature", "launch plan", "rollout strategy", "rollback plan", "production checklist", "go-live", "staged rollout". Do NOT use for internal code finalization (use work-archiving), CI/CD pipeline design (use ci-cd-and-automation), or code review (use code-security-review).

Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.

Finalize and archive completed change packages. Use when asked to "archive changes", "finalize work", "close change package", or after code review approval. Handles Git commits, changelog generation, branch cleanup, and documentation updates.

Context structuring and conflict detection for AI-assisted development. Use this skill when: making technical decisions that require understanding full project context, detecting vocabulary or terminology conflicts before implementing, generating or updating CONTEXT.md for persistent project memory, or when architect-agent needs to ground decisions in project-wide context. Triggers on: "context engineering", "context conflict", "vocabulary mismatch", "update context", "project context", "CONTEXT.md", "context bootstrap". Do NOT trigger when doing routine code implementation (use tdd-workflow), simple Q&A, or single-file edits with no cross-cutting concerns.

Surgical code refactoring to improve maintainability without changing behavior. Covers extracting functions, renaming variables, breaking down god functions, improving type safety, eliminating code smells, and applying design patterns. Less drastic than repo-rebuilder; use for gradual improvements.

Break down specifications into executable implementation plans with TDD integration. Use when asked to "create plan", "break down tasks", "implementation roadmap", "規劃實作", "拆解任務", "執行計畫", or need step-by-step implementation guidance with test strategies and impact analysis. Use when asked to "plan from spec", "spec to plan", "generate plan from requirements".

Orchestrate the six-stage development workflow. Use when user asks "what stage am I at?", "what's next?", "workflow status", "where should I start?", "工作流程", "下一步是什麼", "我在哪個階段", or wants guidance on the development process. Detects current state by checking changes/ folder and guides users through brainstorm → spec → plan → tdd → review → archive stages.

For ai-dev-workflow template maintainers only. Do not trigger during normal development workflow. Deterministic pre-review gate that verifies source vs .github/** sync parity and catalog counts before committing changes to the template repo itself. Triggers on: "gate check", "run gate", "pre-review check", "verify before review", "check sync drift", "check catalog parity". Reports GATE PASSED / GATE PASSED WITH NOTES / GATE FAILED.

Cross-cutting quality guardrails for AI-assisted software work. Use when you want an explicit reminder to surface assumptions, prefer the simplest viable change, keep edits surgical, and define verifiable success criteria before brainstorming, specification, planning, implementation, refactoring, or review.

Explore mode for codebase investigation and requirements clarification before committing to a change package. Use when requirements are unclear, a codebase investigation is needed before planning, options are being compared, or a risk scan is needed before a commit. Triggers on: "explore", "investigate", "look around", "understand the codebase", "scan for risks", "what's in here", "before I commit to anything". Stays in read-only observe mode — no files created — until an explicit artifact commit signal is received.

Comprehensive code quality and security audit for financial systems. Use when asked to "review code", "code review", "security audit", "check for issues", "審核程式碼", "檢查安全性", or before merging changes. Focuses on DDD compliance, financial precision (no floats for money), security vulnerabilities, and test coverage.

Generate high-quality Product Requirements Documents (PRDs) for software systems and AI-powered features. Includes executive summaries, user stories, technical specifications, and risk analysis.

Systematic debugging methodology for build failures, test failures, unexpected agent behavior, and drift-related errors. Use when a build fails, tests fail unexpectedly, an agent produces wrong output repeatedly, or sync drift is detected. Triggers on: "debug", "fix build", "tests failing", "unexpected behavior", "drift error", "can't reproduce", "something is broken", "why is this failing", "investigate the failure". Escalates to human after 2 consecutive failed debug cycles.

Pythonic idioms, PEP 8 standards, type hints, pytest testing strategies, TDD methodology, and best practices for building robust Python applications.

GitHub CLI (gh) comprehensive reference for repositories, issues, pull requests, Actions, projects, releases, gists, codespaces, organizations, extensions, and all GitHub operations from the command line.

Convert Markdown files to HTML similar to `marked.js`, `pandoc`, `gomarkdown/markdown`, or similar tools; or writing custom script to convert markdown to html and/or working on web template systems like `jekyll/jekyll`, `gohugoio/hugo`, or similar web templating systems that utilize markdown documents, converting them to html. Use when asked to "convert markdown to html", "transform md to html", "render markdown", "generate html from markdown", or when working with .md files and/or web a templating system that converts markdown to HTML output. Supports CLI and Node.js workflows with GFM, CommonMark, and standard Markdown flavors.

This skill should be used when the user asks to "test this website", "run exploratory testing", "check for accessibility issues", "verify the login flow works", "find bugs on this page", or requests automated QA testing. Triggers on web application testing scenarios including smoke tests, accessibility audits, e-commerce flows, and user flow validation using ScoutQA CLI. IMPORTANT: Use this skill proactively after implementing web application features to verify they work correctly - don't wait for the user to ask for testing.