ワンクリックで
universal-skills
universal-skills には brenthaertlein から収集した 65 個の skills があり、リポジトリ単位の職業カバレッジとサイト内 skill 詳細ページを表示します。
このリポジトリの skills
Research a work item, draft an implementation plan, and begin work after approval.
Guided one-shot install — discover installed plugins (or help install new ones), pick install scope, calibrate risk tolerance into a concrete allowlist + hooks, scaffold or merge CLAUDE.md, and sanity-check the result.
Finalize work — commit via /commit, push, and create PRs on feature branches.
Reviewer-side PR workflow — checks out the branch in a worktree, runs focus-area reviews plus a senior-engineering pass, optionally cross-checks against an autonomous reviewer, and posts inline findings only on explicit approval. Read-only — never edits, commits, or pushes.
Fetch PR review comments, classify by severity and confidence, and fix the selected subset.
Triage CVE and SBOM scanner output (Trivy, Grype, Snyk, Docker Scout, Dependabot) into a ranked, deduplicated action list.
Review project memory and promote durable lessons into CLAUDE.md / settings (with confirmation); file a GitHub issue when a lesson is a defect in one of this repo's own skills.
Triage open issues for staleness, duplicates, missing context, and mis-labels; post review comments without mutating issue state.
Debug a reported issue like a senior engineer — gather evidence, check environment, scan git history, and diagnose root causes before jumping to code fixes.
Dashboard of outstanding work — open PRs with CI/review status, critical unstarted issues, and stale branches. Read-only.
Analyzes open issues, docs, and git history to recommend your next task. Interactive coaching flow.
Comprehensive security and PII audit for infrastructure repos. Scan for secrets, credentials, and sensitive data before committing.
[pr-review-focus-area: Database] Database schema and query audit for correctness, performance, and conventions.
Use when writing or applying Drizzle ORM database migrations — schema changes (DDL) and data fixes (DML custom migrations).
[pr-review-focus-area: DB Migrations] Review database migrations for safety, deploy ordering, and data integrity.
Draft and open a structured GitHub issue from a rough idea, with clarifying Q&A, labels, and type.
[pr-review-focus-area: Ansible Playbooks] Deeper Ansible role and playbook audit beyond ansible-lint — idempotency smells, handler misuse, secret handling, become-scope, tag discipline.
[pr-review-focus-area: AWS IAM] AWS IAM least-privilege audit for roles, policies, and user permissions declared in Terraform / CloudFormation or live in the account.
[pr-review-focus-area: AWS Tagging] Audit AWS resource tag compliance against an organization taxonomy (cost center, owner, environment, data classification, etc.).
[pr-review-focus-area: AWS Well-Architected] Lightweight Well-Architected Framework review across the five pillars — Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization.
[pr-review-focus-area: Cloud Costs] Flag cost hotspots in Terraform plans and live cloud inventory - oversized instances, orphaned volumes, idle load balancers, untagged resources, NAT egress.
[pr-review-focus-area: Disaster Recovery] Audit DR readiness — backup coverage, declared RTO/RPO vs configured reality, failover paths, and whether DR has been exercised recently.
[pr-review-focus-area: IaC Drift] Detect drift between IaC state (Terraform/Pulumi/CloudFormation) and live cloud or baremetal reality.
[pr-review-focus-area: GCP IAM] GCP IAM least-privilege audit across project, folder, and org policies, including service-account usage and impersonation paths.
[pr-review-focus-area: GKE] GKE cluster hardening and cost review — Autopilot vs Standard, workload identity, node-pool sizing, cluster autoscaler, network policy.
[pr-review-focus-area: Kubernetes RBAC] Audit Kubernetes RBAC across a cluster — ClusterRoles, Roles, bindings, and ServiceAccount permissions. Works on EKS, GKE, AKS, and on-prem.
[pr-review-focus-area: Linux Hardening] Lightweight CIS-benchmark-style audit of Linux host configuration as declared in Ansible inventory / roles / playbooks. Read-only, repo-local.
[pr-review-focus-area: Observability] Audit a service for logging, metrics, and tracing coverage. Flags missing RED/USE signals, alerts without runbooks, dashboards without owners.
[pr-review-focus-area: systemd Units] Audit systemd unit files (in Ansible templates / roles / repo) for Restart, resource limits, and sandboxing directives.
[pr-review-focus-area: Accessibility] Review changed UI files for the small set of accessibility patterns that account for most a11y review-cycle blockers.
[pr-review-focus-area: API Routes] Review API routes for auth, input validation, error handling consistency, HTTP conventions, and test coverage.
[pr-review-focus-area: Architecture] Review code for server/client boundary violations, import direction issues, and file placement conventions.
[pr-review-focus-area: Code Hygiene] Review code for functional style, component composition, hooks/context usage, and general code hygiene.
[pr-review-focus-area: Claude Config] Holistic audit of .claude/ configuration, skills inventory, CLAUDE.md quality, settings, hooks, and memory.
[pr-review-focus-area: Docs] Review documentation for accuracy, completeness, consistency, and LLM context quality.
[pr-review-focus-area: Security] Web application security review for XSS, CSRF, SQL injection, auth bypass, data exposure, CORS, and rate limiting.
[pr-review-focus-area: Tests] Assess test quality by detecting anti-patterns and verifying tests exercise real behavior.
[pr-review-focus-area: Theming & Tokens] Review design token usage, dark/light mode implementation, and styling consistency.
Remove worktrees and local branches whose pull request has been merged or closed.
Run project-defined preflight checks and commit work. Does not push or create PRs.