Builds working software by executing implementation plans phase by phase. Use when writing code, running tests, or executing a planned feature build. Implements all phases autonomously, validates each phase, and documents deviations.
Reference skill for security-focused phases (/security, /pentest, /redteam-ai, /harden). Provides OWASP Top 10 checklist, STRIDE threat model, common attack patterns, and exploit classification standards. Load this skill when performing any security audit or generating security-related code reviews.
Creates phased implementation plans with clear scope and acceptance criteria. Use when defining what to build, sequencing work into phases, or establishing validation gates. Produces actionable plans with per-phase validation checklists.
Investigates codebase to find minimum context needed for planning. Use when starting a new feature, analyzing unfamiliar code, or preparing for implementation. Identifies files to touch, patterns to follow, and risks to mitigate.
Fixes blocking issues identified during code review to achieve APPROVED status. Use when addressing review feedback or resolving blocking bugs. Applies minimal targeted fixes, re-validates, and iterates up to 3 times.
Reviews code for production readiness with focus on blocking issues. Use when performing quality assurance, verifying implementations, or checking security. Runs automated checks, validates plan compliance, and produces APPROVED or NEEDS_FIX verdict.
Generate beautiful, self-contained HTML pages that visually explain systems, code changes, plans, and data. Use when the user asks for a diagram, architecture overview, diff review, plan review, project recap, comparison table, or any visual explanation of technical concepts. Also use proactively when you are about to render a complex ASCII table (4+ rows or 3+ columns) — present it as a styled HTML page instead.