acedergren
60 verified skills467 total stars
skills/api-audit
--- name: api-audit description: "Use when auditing API routes for schema drift, missing auth, or validation gaps. Scans routes against shared TypeScript types to find mismatches, missing middleware, and undocumented endpoints. Read-only — produces a severity-grouped report. Keywords: audit routes, schema drift, auth gaps, missing validation, type mismatch, orphaned schemas. Triggers on "audit API routes" or "find schema drift"." --- # API Route & Type Audit Skill ## When to Use Load this skil
development14
write-natural-swedish
Use when drafting, translating, polishing, or reviewing Swedish text so it sounds natural, fluent, contemporary, and appropriate for its audience. Triggers include "write better Swedish", "make this sound natural in Swedish", "translate into Swedish", "polish this Swedish", "tech company Swedish", "contemporary Swedish words", "Swedish developer docs", and "avoid Anglicisms".
development13
oracle-idcs-better-auth-setup
Use when setting up Better Auth with Oracle IDCS/OCI IAM, configuring OIDC callback URLs, trusted origins, provider bootstrap order, or sharing an auth model between Fastify and Next.js. Entry point for the full auth foundation — routes to bridge or provisioning skills when narrowed. Keywords: Oracle IDCS, OCI IAM, Better Auth, OIDC, Fastify auth, Next.js auth, callback URL, trusted origins, provider bootstrap.
development13
fastify-better-auth-bridge
Use when integrating Better Auth session resolution into a Fastify 5 application via onRequest hooks, decorateRequest, and Web Request bridging. Covers cookie forwarding, org context patching for IDCS-provisioned users, and Symbol-backed decorator state. Keywords: Better Auth, Fastify 5, decorateRequest, onRequest, auth.api.getSession, session bridge, cookie forwarding, IDCS, org context.
development13
shadcn-svelte
Use when working with shadcn-svelte components, TanStack Table in Svelte 5, or Tailwind v4.1. Covers non-obvious reactivity bugs, library selection trade-offs, and migration pitfalls not in the official docs. Keywords: shadcn-svelte, TanStack Table, Tailwind v4.1, Svelte 5 runes, bits-ui, superforms, data table, svelte-check.
development13
oracle-idcs-org-provisioning
Use when mapping IDCS claims to org membership after OAuth login succeeds. Covers mapProfileToUser, session.create.before, session.create.after hooks, MERGE INTO upserts, tenant-org mapping, and first-admin bootstrap. Keywords: IDCS groups, org_members, provisioning, session hooks, tenant map, MERGE INTO.
data-ai13
tdd
Use when implementing features, fixing bugs, or adding deliberate test coverage. Enforces test-first (red-green-refactor) cycle, handles mock bootstrap for projects with mockReset:true, prevents code-before-tests violations. NOT for reviewing existing code or running test suites.
development8
best-practices
Use when architecting OCI solutions, migrating from AWS/Azure, designing multi-AD deployments, evaluating Always-Free tier, or avoiding OCI anti-patterns. Covers VCN CIDR immutability, AD-specific subnet deprecation, Security List vs NSG confusion, Cloud Guard auto-remediation danger, tenancy-specific AD name prefixes, compartment hierarchy, and Flex shape cost savings.
testing8
database-management
Use when creating Autonomous Databases, troubleshooting wallet connection failures, managing PDBs, optimizing ADB costs, or selecting clone types. Covers connection service cost impact, password complexity failures, stop/start cost trap, clone type consequences, Always-Free limits, and PDB lifecycle gotchas.
development8
sqlite-to-oracle-planner
Use when starting a SQLite-to-Oracle migration on a Node.js/TypeScript codebase. Scans for all SQLite touch points (imports, file extensions, connection strings, schema syntax, fallback branches) and produces a structured [SQLITE_REPLACE] migration manifest for implementation agents. KEYWORDS: SQLite, Oracle, migration, better-sqlite3, oracledb, drizzle-orm, typeorm, AUTOINCREMENT, connection string, manifest.
tools8
bugfix
Use when given a bug report, failing test, stack trace, or CI failure that needs diagnosis and repair. Autonomously diagnoses root cause, implements minimal fix, verifies correctness, and commits. Keywords: fix bug, failing test, stack trace, CI failure, debug error, broken test.
development8
cloudflare-zero-trust
Use when working with Cloudflare Tunnel or Access - tunnel setup, authentication configuration, 502 Bad Gateway errors, Docker/Kubernetes deployment, service token management, private network routing (SSH/RDP/databases), WebSocket/gRPC connection issues, replica scaling problems, WARP routing, Terraform/IaC automation, local development with quick tunnels, audit logging setup, compliance requirements (SOC2/HIPAA), or advanced network debugging. Keywords - cloudflared, 502 error, service tokens, terraform, metrics port 20241, trycloudflare, Logpush, SIEM. CRITICAL - Authentication mandatory not optional.
tools8
implement
Use when implementing a feature, adding an endpoint, or making a non-trivial code change that requires pre-flight validation, TDD cycle, scope enforcement, and a clean commit. Combines pre-flight + tdd + scope-check + quality-commit into one flow. Keywords: implement feature, add endpoint, TDD, new functionality, code change.
development8
migrate
Use when bulk-migrating import paths, renaming workspace packages, or reorganizing modules across many files in a monorepo. Uses scripted bulk operations with verification gates and atomic commits. Keywords: migrate imports, rename package, bulk import path change, module reorganization, monorepo refactor.
development8
prd
Use when creating, updating, validating, or phasing a PRD. Drives interactive discovery, technical architecture, phasing DAG, TDD protocol, and dependency analysis. Keywords: PRD, product requirements, feature planning, acceptance criteria, MoSCoW, phasing, requirements document.
documentation8
stitch-design-system
Use when extracting a design system from a Stitch project to create a DESIGN.md source-of-truth for consistent multi-screen generation. Covers semantic translation of technical design assets into descriptive language Stitch interprets for visual consistency. Keywords: stitch, DESIGN.md, design system, design tokens, color palette, typography, component styling, design governance, multi-screen consistency.
development8
stitch-prompt-engineer
Use when enhancing, polishing, or fixing Stitch UI generation prompts. Adds UI/UX keywords, injects design system tokens, structures page hierarchy, and enforces hex color formatting. Triggers on: Stitch prompt, improve prompt, better output, redesign, multi-screen consistency, design system, DESIGN.md.
development8
stitch-to-react
Use when converting Stitch designs into production React components. Enforces modular architecture: logic in hooks, data in mockData.ts, Readonly TypeScript interfaces, theme-mapped Tailwind classes. Triggers on: Stitch to React, design to code, stitch export, stitch MCP, stitch:get_screen.
tools8
tanstack-query
Use when debugging TanStack Query / React Query issues: v4→v5 migration errors (gcTime, isPending, throwOnError), infinite refetch loops, SSR hydration mismatches, choosing between React Query vs SWR, or optimistic update patterns not working. NOT for basic useQuery setup.
development8
turborepo
Use when making Turborepo monorepo architecture decisions: choosing between monorepo vs polyrepo, deciding when to split packages, debugging cache misses, setting package boundaries, or avoiding circular dependencies. NOT for basic CLI syntax. Triggers on: turborepo, turbo cache miss, package boundaries, monorepo architecture.
tools8
write-tests
Use when adding or improving test coverage for existing source code without changing production behavior. Selects mock strategy by module type (route handler, repository, plugin, utility, service), handles mockReset:true environments, and prevents common vitest/jest mock wiring failures. Triggers on: write tests, add tests, test coverage, regression coverage, untested module, *.test.ts.
tools8
finops-cost-optimization
Use when optimizing OCI costs, investigating unexpected bills, right-sizing resources, or planning Universal Credits commitments. Covers OCI-specific hidden cost traps (orphaned boot volumes, reserved IPs, stopped resources), Universal Credits non-transferability gotcha, shape migration savings, free tier maximization, and egress cost surprises. Keywords: cost, billing, budget, ECPU, boot volume, reserved IP, Universal Credits, free tier, egress, shape, FinOps.
development8
oci-pptx
Use when creating or editing Oracle-branded PowerPoint presentations, pitch decks, or technical slides. Applies Oracle design standards with cognitive science rules for audience retention. Triggers on: 'deck,' 'slides,' 'presentation,' .pptx filenames, 'Oracle presentation,' 'CloudWorld deck,' 'pitch deck.' Keywords: pptx, PowerPoint, Oracle brand, CloudWorld, slides, deck.
testing8
semgrep-coderabbit
Use when reviewing code changes before commit or PR merge. Covers tool sequencing, finding severity priorities, fix ordering strategy, and conflict resolution between tools. Keywords: code review, semgrep, coderabbit, security scan, pre-commit review, PR review, hardcoded secrets, SQL injection, XSS.
tools8
doc-sync
Use when auditing or fixing drift between project documentation and the actual codebase. Detects stale architecture diagrams, wrong file paths, outdated test counts, and undocumented structural changes. Pass 'fix' to apply repairs; default is report-only. Keywords: doc drift, stale docs, sync docs, documentation audit, update docs, architecture docs outdated.
development8
prod-readiness
Use when assessing release readiness or running a pre-launch review. Spawns 5 specialist agents in parallel (security, testing, performance, observability, code quality) and synthesizes a prioritized report with ship/don't-ship recommendation. Keywords: production readiness, release review, pre-launch, security audit, test coverage, ship checklist.
development8
phase-kickoff
Use when starting a new development phase or sprint that needs branch creation, TDD test shell, and roadmap entry done together. Enforces phase scaffolding before implementation begins. Keywords: new phase, sprint start, feature branch, roadmap, test shell, scaffold.
development8
iam-identity-management
Use when writing IAM policies, troubleshooting 403/404 permission errors, setting up dynamic groups, or debugging IDCS federation. Covers OCI-specific policy syntax gotchas, principal type confusion, compartment hierarchy rules, verb hierarchy, and common authorization failures. KEYWORDS: IAM, policy, permission denied, dynamic group, compartment, IDCS, federation, 403, 404.
development8
refactor-module
Use when deciding whether to extract Terraform code into a reusable module, determining module boundaries, or migrating state after modularization. Covers the refactoring decision (modularize vs inline), anti-patterns causing module sprawl, and state migration risk. Keywords: terraform module, refactor terraform, module boundaries, terraform abstraction, module sprawl, state migration, terraform state mv.
development8
find-skills
Use when user asks to find, install, or search for agent skills. Also use when user asks 'can you do X' or 'is there a skill for X' where X is a specialized capability. Keywords: install skill, find skill, npx skills, skills.sh, extend agent, add capability.
testing8
firecrawl
Use when scraping web pages, extracting content from JS-rendered sites or SPAs, running search-plus-scrape workflows, or mapping entire site URL trees. Produces clean LLM-friendly Markdown. Prefer over WebFetch when JavaScript execution is required. Keywords: web scraping, fetch URL, scrape website, search web, extract content, SPA, JS-rendered, site map, crawl, Firecrawl.
development8
genai-services
Use when implementing OCI GenAI inference APIs, debugging rate limit (429) or token limit (400) errors, selecting between command-r vs command-r-plus, handling PHI/PII in prompts, or optimizing GenAI costs. Covers model cost trade-offs, token management, rate limit backoff, PHI redaction patterns, and response validation for healthcare.
development8
health-check
Use when running codebase quality gates (typecheck, lint, tests, security, dead code, circular deps, audits). Reports pass/fail across all checks without making edits or suggesting fixes. Keywords: health check, pre-PR validation, quality gates, repo diagnostics, CI gates.
development8
humanizer
Use when making text sound human, removing AI tells, or fixing writing that sounds like ChatGPT. Detects and rewrites AI patterns: overused phrases (testament to, pivotal, landscape, delve), structural tells (rule of three, em dash overuse, negative parallelisms, copula avoidance), promotional language, and vague attributions. Keywords: AI-generated, humanize, writing style, natural writing, human voice, remove AI patterns, conversational tone.
testing8
infrastructure-as-code
Use when writing Terraform for OCI, troubleshooting provider errors, managing state files, or implementing Resource Manager stacks. Covers terraform-provider-oci gotchas, resource lifecycle anti-patterns, state drift/corruption recovery, authentication precedence, and OCI Landing Zones. KEYWORDS: Terraform, OCI provider, state, Resource Manager, lifecycle, drift, import, 409, availability domain, boot volume, flex shape.
development8
landing-zones
Use when designing multi-tenant OCI environments, standing up landing zone Terraform stacks, enforcing Security Zones, or planning hub-spoke network topology. Covers OCI-specific compartment hierarchies, multi-tenant IAM decision trees, Security Zone automation, CIS Foundations compliance, and DRG routing. Keywords: landing zone, compartments, Security Zone, hub-spoke, DRG, CIS, multi-tenant, tenancy, IAM policy.
tools8
monitoring-operations
Use when setting up OCI metrics, alarms, or log collection, or troubleshooting missing data and silent alarms. Covers metric namespace naming, MQL dimension requirements, alarm missing-data handling, Service Connector IAM gaps, and Cloud Guard integration. KEYWORDS: monitoring, alarm, metric, MQL, namespace, log, Service Connector, Log Analytics, Cloud Guard, missing data, oci_computeagent.
testing8
networking-management
Use when designing OCI VCN topology, troubleshooting connectivity failures, configuring Service Gateway to eliminate egress costs, choosing between Security Lists and NSGs, debugging transitive routing failures, or sizing Load Balancer subnets. Covers Service Gateway free egress, VCN CIDR immutability, peering non-transitivity, Security List hard limits, and stateful rule behavior.
development8
skills/oci-events
--- name: oci-events description: Use when implementing event-driven automation, setting up CloudEvents rules, troubleshooting event delivery failures, or integrating OCI services via Functions/Streaming/Notifications. Covers event rule patterns, filter syntax, action types, dead letter queue configuration, and event-driven architecture anti-patterns. Keywords: events, CloudEvents, event rules, event filters, ONS, FAAS, OSS actions, DLQ, event-driven, reactive, serverless triggers. --- # OCI Ev
tools8
orchestrate
Use when executing a multi-task implementation plan with parallel agents. Coordinates task assignment, wave sequencing, heartbeat monitoring, git safety, and quality gates. Supports interactive (TeamCreate/Task) and headless (claude -p) modes. Keywords: parallel agents, wave execution, orchestrate, headless, phase execution, task plan.
testing8
oracle-dba
Use when managing Oracle Autonomous Database on OCI, troubleshooting performance, optimizing costs, or implementing HA/DR. ADB-specific gotchas, cost traps, SQL_ID debugging workflows, auto-scaling behavior, and version differences (19c/21c/23ai/26ai). Keywords: ADB, Autonomous Database, ECPU, auto-scaling, SQL_ID, wait events, ORA- errors, wallet, BYOL.
development8
publish-skill
Use when creating a new skill and publishing it to a GitHub repo for installation via npx skills add. Covers scaffold, spec compliance, skill-judge evaluation, commit, push, and install verification. Keywords: publish skill, add skill to repo, npx skills init, share skill, agentic-tools, skills.sh.
tools8
quality-commit
Use when committing code changes. Runs lint, typecheck, Semgrep security scan, optional CodeRabbit review, and related tests before creating a quality-gated commit. Flags: --review, --push, --dry-run, --message. Keywords: commit, quality gates, lint, typecheck, semgrep, coderabbit, stage, push.
development8
review-all
Use when preparing a PR or completing a phase of work and needing a full-spectrum code review. Runs security, API audit, and scope reviewers in parallel and synthesizes findings into a single go/no-go report. Read-only — no file modifications. Keywords: pre-PR review, security audit, API audit, scope review, code review, merge check.
development8
secrets-management
Use when storing secrets in OCI Vault, debugging 401/403 secret retrieval errors, implementing secret rotation, configuring instance principal auth, or caching Vault API calls. Covers IAM dual-permission gotcha, vault hierarchy confusion, temp file security window, BASE64 encoding requirement, and cost optimization.
development8
compute-management
Use when launching OCI compute instances, troubleshooting out-of-capacity or boot failures, optimizing compute costs, or handling instance lifecycle. Covers shape selection, capacity planning, service limits, instance principal auth, and production gotchas. KEYWORDS: compute, instance, shape, capacity, OCPU, boot volume, launch, flex.
development8
oci-events
Use when implementing event-driven automation, setting up CloudEvents rules, troubleshooting event delivery failures, or integrating with Functions/Streaming/Notifications. Covers event rule patterns, filter syntax, action types, dead letter queue configuration, and event-driven architecture anti-patterns.
tools5
finops-cost-optimization
Use when optimizing OCI costs, investigating unexpected bills, planning budgets, or identifying waste. Covers hidden cost traps (boot volumes, reserved IPs, egress), Universal Credits gotchas, shape migration savings, free tier maximization, and cost allocation challenges.
development5
best-practices
Use when architecting OCI solutions, migrating from AWS/Azure, designing multi-AD deployments, or avoiding common OCI anti-patterns. Covers VCN sizing mistakes, Cloud Guard gotchas, free tier specifics, OCI terminology confusion, and multi-AD patterns.
development5
database-management
Use when creating Autonomous Databases, troubleshooting connection failures, managing PDBs, or optimizing database costs. Covers connection string confusion, password validation errors, stop/start cost traps, clone type selection, and backup retention gotchas.
development5
infrastructure-as-code
Use when writing Terraform for OCI, troubleshooting provider errors, managing state files, or implementing Resource Manager stacks. Covers terraform-provider-oci gotchas, resource lifecycle anti-patterns, state management mistakes, authentication issues, and OCI Landing Zones.
development5
genai-services
Use when implementing OCI GenAI inference APIs, troubleshooting rate limits or token errors, optimizing GenAI costs, or handling sensitive data (PHI/PII) in prompts. Covers model selection, cost calculations, token management, response validation, and healthcare/compliance considerations.
development5
oracle-dba
Use when managing Oracle Autonomous Database on OCI, troubleshooting performance issues, optimizing costs, or implementing HA/DR. Covers ADB-specific gotchas, cost traps, SQL_ID debugging workflows, auto-scaling behavior, and version differences (19c/21c/23ai/26ai).
development5
compute-management
Use when launching OCI compute instances, troubleshooting out-of-capacity or boot failures, optimizing compute costs, or handling instance lifecycle. Covers shape selection, capacity planning, service limits, and production incident resolution.
testing5
landing-zones
Use when designing multi-tenant OCI environments, setting up production landing zones, implementing compartment hierarchies, or establishing governance foundations. Covers Landing Zone reference architectures, compartment strategy, network topology patterns (hub-spoke vs multi-VCN), IAM structure, tagging standards, and cost segregation.
development5
secrets-management
Use when storing credentials in OCI Vault, troubleshooting secret retrieval failures, implementing secret rotation, or setting up application authentication to Vault. Covers vault hierarchy confusion, IAM permission gotchas, cost optimization, temp file security, and audit logging.
development5
monitoring-operations
Use when setting up metrics, alarms, or troubleshooting missing data in OCI Monitoring. Covers metric namespace confusion, alarm threshold gotchas, log collection setup, and common monitoring gaps.
development5
networking-management
Use when designing OCI networks, troubleshooting connectivity, optimizing egress costs, or configuring VCN security. Covers Service Gateway cost savings, VCN CIDR immutability, Security List vs NSG tradeoffs, VCN peering limitations, and Load Balancer subnet requirements.
testing5
iam-identity-management
Use when writing IAM policies, troubleshooting permission denied errors, setting up dynamic groups, or implementing IDCS integration. Covers policy syntax gotchas, principal types confusion, compartment inheritance, and common authorization failures.
development5
oracle-dba
Oracle DBA and DevOps expertise for Autonomous Database (ADB) on OCI. This skill should be used when managing Oracle Autonomous Databases, writing optimized SQL/PLSQL, configuring security (TDE, Database Vault, Data Safe), implementing HA/DR (Data Guard, PITR), using OCI CLI for database operations, or integrating with Oracle MCP servers for AI-assisted database management. Covers Oracle Database versions 19c, 21c, 23ai, and 26ai.
tools3