arielsand
4 verified skills
security-audit-expert
MUST use whenever the user asks for a security audit, vulnerability assessment, penetration test review, security scan, compliance check (GDPR, SOC2, PCI-DSS), or hardening review of any codebase, API, frontend, or infrastructure. Triggers on phrases like: "audit security", "security review", "check for vulns", "scan for secrets", "assess compliance", "pentest review", "hardening audit", "OWASP check", "CWE audit", "SAST/DAST", "security posture", or any request that involves finding vulnerabilities, misconfigurations, credential leaks, injection flaws, auth weaknesses, or data-exposure risks in code. Use this skill even if the user only mentions a subset (e.g., "check JWT auth") — the skill will scope appropriately.
development
coding-standards
Generate or update CODING_STANDARDS.md - a comprehensive coding standards document for a project. Use this skill when asked to "document coding standards", "create style guide", "establish conventions", "generate CODING_STANDARDS.md", or any time you need to define or enforce coding practices for a team. Trigger when starting work on a new project that lacks documented standards.
documentation
architecture-map
Generate or update PROJECT_ARCHITECTURE.md - a comprehensive architectural map for AI context. Use this skill when asked to "map the architecture", "document the project structure", "onboard a new AI", "analyze the codebase", "create context for AI", or any time you need to understand a codebase's architecture. This skill is essential for new project onboarding and should trigger automatically when starting work on unfamiliar projects.
development
time-tracker
Track work sessions and maintain a WORKLOG.md file. Use this skill at the end of any significant work session, when the user asks to log work, update the worklog, or track time spent. Also use when the user says things like "log this", "update worklog", "track time", "record what we did", or "add to worklog". This skill should be used proactively at natural stopping points like finishing a feature, fixing a bug, or ending a coding session.
data-ai