claude-skills

Use when going beyond basic linting to enforce advanced Python code quality gates. Triggers on: cognitive complexity, code duplication detection, architectural enforcement, import boundaries, dependency hygiene, test quality beyond coverage, mutation testing, docstring coverage, type coverage, AI-generated code detection, AI slop detection, complexipy, jscpd, import-linter, deptry, diff-cover, mutmut, interrogate, sloppylint, refurb, pylint design checks, wily, radon maintainability, pytestarch, griffe, "bulletproof Python", "tighten quality gates", "advanced quality checks", "beyond ruff and mypy", "catch AI-generated code issues", "code duplication", "architectural boundaries", "dependency drift", "test effectiveness". Complements the code-quality skill (ruff, mypy, xenon, vulture, pre-commit) with 20+ additional tools.

Use when writing a technical blog post from raw project data like research notes, session logs, Reddit/LinkedIn drafts, code, hex dumps, or screenshots. Also use when Sam says "write a blog post about [project]" or "turn this into a post".

Automatically triggered when setting up Python code quality tooling, configuring linters, adding type checking, improving code standards, running code quality checks, setting up pre-commit hooks, or auditing Python code for quality issues. Applies when discussing: ruff setup, mypy configuration, code formatting, linting rules, cyclomatic complexity, dead code detection, file length limits, pre-commit hooks, Makefile targets for quality, uv-based workflows, pyproject.toml configuration, or "check my code quality". Also triggers on: "set up linting", "add type checking", "configure ruff", "format my code", "run quality checks", "set up pre-commit", "code smells", "clean up this code", "add code quality", "quality gate", "CI quality pipeline".

Automatically triggered when running security scans, auditing code for vulnerabilities, checking dependencies for CVEs, reviewing code for security issues, or hardening Python applications. Applies when discussing: security audit, vulnerability scan, bandit, pip-audit, dependency vulnerabilities, OWASP, injection, path traversal, secrets detection, insecure deserialization, auth bypass, or "is this code secure?". Also triggers on: "run security checks", "find vulnerabilities", "security review", "check for CVEs", "audit dependencies", "security lint", "pen test this code", "harden this application", "check for secrets", "SAST scan", "code security scan", "security pipeline", "supply chain security".

Use when the user asks to check if a band is sketch, fascist, NSBM, or far-right. Also trigger for: "is [band] sketch?", "is [band] safe?", "sketch check [band]", "check [band] for fascist ties", "is [band] NSBM?", "is [band] fash?", "should I listen to [band]?", "is [band] problematic?", "are [band] nazis?", "RABM check", "band vetting", "is it sketch", "sketch report", "any red flags for [band]", "does [band] have far-right connections", "sketch check", "vet this band", "is [band] safe to support".

Apply Sam Dumont's personal writing voice and style when drafting reports, blog posts, technical documentation, client communications, Slack messages, LinkedIn posts, or any written content. Use this skill whenever Sam asks to write, draft, review, or improve text in his voice - including phrases like "write this for me", "draft a post", "in my style", "my voice", "write a report", "blog post", "client email", "Slack message", or any content creation task where Sam's personal tone should come through. Also trigger when Sam asks to translate content while maintaining his voice. Works in both English and French.

Use when starting significant features, evaluating build-vs-buy decisions, reframing failed approaches, or when the user mentions "outcome engineering", "o16g", "outcome-first", "what's the outcome", or "frame this as an outcome". Also use proactively when a task description focuses on implementation ("build X", "add Y") without defining the desired outcome or verification criteria.

Automatically triggered when designing system architecture, planning new projects, creating implementation plans, conducting architecture reviews, or auditing existing codebases for consistency. Applies when discussing: system design, technology choices, architectural patterns, infrastructure decisions, API design, testing strategies, CI/CD pipelines, security architecture, or code organization. Works for Python web APIs, infrastructure/DevOps, Garmin/embedded systems, and frontend projects. Distinguishes between personal projects (strict standards) and client work (adaptive approach).