kylejryan
10 verified skills10 total stars
code-quality-best-practices
Distinguished Engineer-level code quality standards for writing, reviewing, and refactoring code. Use this skill when writing new code, reviewing pull requests, refactoring existing code, designing module boundaries, choosing design patterns, fixing bugs, addressing code smells, or optimizing performance across any programming language.
development1
aws-infrastructure
Use this skill when designing, building, reviewing, or troubleshooting AWS infrastructure. Triggers when the user works with SST, CDK, Terraform, CloudFormation, or any AWS infrastructure-as-code tool and wants to make correct architectural decisions. Covers: VPC and networking design, compute selection (Lambda vs ECS vs EKS vs EC2), database selection (DynamoDB vs RDS vs Aurora vs ElastiCache), serverless architecture patterns, scaling strategies, cost optimization, security hardening, IAM, monitoring, CI/CD pipelines, multi-account strategy, and operational excellence. Also triggers when the user asks 'should I use X or Y on AWS,' 'how do I scale this,' 'how do I secure this,' 'is this the right architecture,' or 'how do I set this up in SST.' Do NOT use for application-level code logic unrelated to infrastructure.
tools1
data-structures
Use this skill when designing or implementing custom data structures optimized for a specific internal use case. Triggers when the user needs a data structure that outperforms stdlib defaults for their access pattern — things like 'I need a fast lookup for X,' 'this map is too slow,' 'I need to intersect/union/diff these sets efficiently,' 'what's the best structure for this query pattern,' 'this is O(n) and needs to be O(1),' 'I need a cache/index/queue/pool/ring buffer/trie/bloom filter,' or any discussion of internal data structure design for performance-sensitive code. Also triggers when profiling reveals a hot path bottleneck in data access. Primarily targets TypeScript and Go. Do NOT use for general coding tasks, API design, or database schema design unless a custom in-memory data structure is the solution.
development1
principal-review
Principal-engineer / architect review loop driven by desired state and invariants rather than feature lists. Use this skill when scoping a new initiative, kicking off a feature or refactor, reviewing a design doc or PR for over-scope, cutting work that isn't paying for itself, deciding what to defer, or reviewing whether a system actually reaches the state it claims. Triggers on phrases like "what should we cut," "is this the right scope," "what are the invariants here," "are we over-engineering," "design review," "principal review," "architect review," "what must be true when this is done," or whenever the team is choosing between building more vs. building right.
development1
cybersecurity-dashboard-ux
Use this skill when designing, building, or reviewing UI/UX for cybersecurity SaaS dashboards and security platforms. Triggers when the user asks to design a security dashboard, build an AppSec UI, create a vulnerability explorer, design a DevSecOps portal, build security posture views, create risk dashboards, design alert triage interfaces, or build any security-focused web application UI. Also use when improving existing security product interfaces for usability, designing role-based views for AppSec vs engineering personas, or building drill-down patterns for security data. Do NOT use for general website design, marketing pages, or non-security product UIs.
development1
agent-engineering
Use this skill when designing, building, optimizing, or debugging AI agents — autonomous systems that use LLMs with tools to accomplish tasks. Triggers when the user asks about agent architecture, prompt engineering for agents, tool use optimization, token efficiency, context window management, agent loops, multi-agent systems, agent reliability, reducing agent cost, making agents faster, agent evaluation, or any discussion of building systems where an LLM orchestrates tool calls to achieve goals. Also triggers when an agent is working but is slow, expensive, unreliable, or producing inconsistent results. Do NOT use for simple single-turn LLM API calls without tool use or autonomy.
tools1
root-cause-analysis
Use this skill when debugging software issues, performing root cause analysis, triaging errors from logs or alerts, or investigating why code isn't working as expected. Triggers when the user shares an error message, stack trace, log output, failing test, unexpected behavior, crash report, performance degradation, or says things like 'this isn't working,' 'I'm getting an error,' 'help me debug,' 'why is this failing,' 'something broke,' or 'I can't figure out what's wrong.' Also use when the user has been going back and forth trying fixes that aren't working — this is the signal to stop guessing and start systematically diagnosing. Do NOT use for writing new code from scratch, general code review, or feature development unless a bug is involved.
development1
targeted-vuln-analysis
Use this skill when performing the actual vulnerability analysis AFTER a threat model has been established (see threat-model skill). Triggers when the user asks to find vulnerabilities, audit code for security, hunt for bugs, or perform security review of source code AND a threat model already exists or the codebase context is clear. This skill enforces depth-first, exploitability-proven analysis — it actively prevents the breadth-first pattern-matching that produces lists of theoretical vulnerabilities. Do NOT use without a threat model; use threat-model skill first. Do NOT use for general code quality review.
development1
systems-design-patterns
Staff+ engineering patterns for maximum leverage per line of code. Use this skill when designing abstractions, building reusable primitives, creating shared libraries, reducing code through architecture, reviewing code for leverage and reuse potential, choosing between building vs configuring, or establishing conventions and patterns across a codebase.
development1
software-testing
Use this skill when designing test strategies, writing tests beyond basic unit tests, verifying software for production readiness, or improving test coverage and reliability. Triggers when the user asks about testing strategy, integration tests, end-to-end tests, contract tests, property-based tests, load tests, chaos testing, test architecture, flaky tests, test confidence, 'how do I test this,' 'how do I know this is safe to deploy,' 'my tests are flaky,' 'what should I test,' 'test coverage,' CI/CD test pipelines, or any question about software verification and validation. Also triggers when the user is shipping a change and wants confidence it won't break production. Primarily targets TypeScript and Go but principles apply universally. Do NOT use for writing basic unit tests for simple functions — this skill is for the harder testing questions.
development1