aedelon/research-protocol
skills/research-protocol/SKILL.md
Conduct rigorous research with proper citations (DOI, arXiv, PMID) and source triangulation. MUST BE USED when user asks: "what is SOTA", "recent developments", "compare X vs Y", "is it true that", "research says", "latest papers on", "scientific evidence", "studies show", "state of the art", "literature review", "find papers", "academic research", "benchmark results", "who published", "when was X released", "current best", "what does the research say", "evidence for", "peer reviewed". Searches multiple sources, evaluates reliability, states confidence level. NOT for verifying API signatures (use anti-hallucination) or general web search (use WebSearch directly).
$ install --global
skillsauthnpx skillsauth add aedelon/claude-code-blueprint research-protocolInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 29, 2026, 12:18 PM38.4s1 file scanned
SKILL.md
- name:
- research-protocol
- description:
- |-
- MUST BE USED when user asks:
- what is SOTA", "recent developments", "compare X vs Y",
Research Protocol
Research Workflow
1. SCOPE → Define question precisely
2. SEARCH → Multiple sources, cross-reference
3. EVALUATE → Assess source reliability
4. SYNTHESIZE → Combine findings coherently
5. CITE → Provide proper attribution
6. ASSESS → State confidence level
Source Hierarchy
| Priority | Source Type | Reliability | Citation Format | |----------|-------------|-------------|-----------------| | 1 | Peer-reviewed papers | Highest | [Author et al., Year] arXiv:XXXX | | 2 | Official documentation | High | Docs [Library] vX.X | | 3 | Conference proceedings | High | [Conf Year] Paper Title | | 4 | Established tech blogs | Medium-High | [Org] Blog (Date) | | 5 | GitHub repos with citations | Medium | GitHub [repo] | | 6 | Stack Overflow (verified) | Medium | SO [answer-id] | | 7 | General web content | Low | Mention skepticism |
Search Strategy
For SOTA (State of the Art)
1. mcp__huggingface__get-daily-papers() → Recent papers
2. WebSearch("[topic] SOTA 2024")
3. WebSearch("[topic] benchmark comparison")
4. mcp__huggingface__search-models(tags: "[task]")
For Specific Papers
1. WebSearch("paper title arxiv")
2. mcp__huggingface__get-paper-info(arxiv_id: "XXXX.XXXXX")
For Library/API Questions
1. mcp__context7__resolve-library-id() first
2. Then research protocol for context
Citation Formats
Academic Papers
[Author et al., Year] "Title" - arXiv:XXXX.XXXXX
[Author et al., Year] "Title" - DOI:10.XXXX/XXXXX
[Author et al., Year] "Title" - PMID:XXXXXXXX
Documentation
According to [Library] v[X.X] documentation: ...
According to [Framework] docs (2024): ...
Web Sources
According to [Source Name] (Date): ...
Per [Organization] blog (Month Year): ...
Confidence Assessment
| Confidence | Criteria | Response Style | |------------|----------|----------------| | HIGH | 3+ concordant sources, peer-reviewed | State as established fact | | MEDIUM | 1-2 reliable sources | Add "according to [source]" caveat | | LOW | Conflicting sources | Present multiple views | | UNKNOWN | No reliable sources | "I don't know" |
Handling Conflicts
When sources disagree:
## Divergent Viewpoints
**Position A** (Source 1, Source 2):
[Description]
**Position B** (Source 3):
[Description]
**Assessment**: [Which seems more credible and why]
Output Format
## Summary
[Main findings - 3-5 lines max]
## Details
[Expanded information with inline citations]
## Sources
1. [Citation 1 with link/DOI]
2. [Citation 2 with link/DOI]
3. ...
## Confidence Level: [HIGH/MEDIUM/LOW]
[1-2 sentence justification]
## Limitations
- [What couldn't be verified]
- [Potential biases in sources]
- [Recency concerns if applicable]
Red Flags (Requires Extra Scrutiny)
- Single source only
- Source older than 2 years (for fast-moving fields)
- Preprint without peer review
- Corporate blog with potential bias
- No citations in the source itself
- Contradicts well-established knowledge
Research Triggers
Automatically engage this protocol when user asks about:
- "What is the current SOTA for..."
- "Recent developments in..."
- "Compare X vs Y"
- "Is it true that..."
- "What does the research say about..."
- "Latest papers on..."
- Scientific claims without citation
Related Skills
aedelon/uv-workflow
tools
VerifiedTrustedCommunity
Master uv package manager for Python: project setup, dependency management, virtual environments, lockfiles, CI/CD integration, Docker builds, and migration from pip/poetry. MUST BE USED when user mentions: "uv", "uv add", "uv run", "uv sync", "uv init", "uv lock", "uv venv", "uv pip", "pyproject.toml", "python project setup", "python dependencies", "virtual environment", "venv", "pip install", "poetry to uv", "migrate from pip", "lockfile python", "requirements.txt", "setup.py", "pip freeze", "uv tool", "install package", "add dependency", "python environment", "new python project", "package manager python", "create project", "uv export", "uv cache", "uv python". 10-100x faster than pip. Covers init, add, sync, lock, run, Docker, CI/CD. NOT for npm/pnpm/yarn (JS toolchain), Rust cargo, or deployment (use deployment-assistant).
53SKILL.mdUpdated Mar 27, 2026
aedelon/security-audit
development
VerifiedTrustedCommunity
Proactive security audit: OWASP top 10, dependency vulnerabilities, secrets detection, input validation, auth patterns, and secure defaults. MUST BE USED when user mentions: "security", "vulnerability", "audit", "OWASP", "CVE", "security review", "pentest", "injection", "XSS", "CSRF", "authentication", "authorization", "secrets", "hardcoded password", "secure", "npm audit", "pip-audit", "check security", "is this secure", "security risk", "data leak", "SQL injection", "command injection", "path traversal", "SSRF", "RCE", "privilege escalation", "supply chain", "dependency scan", "snyk", "trivy", "semgrep", "bandit". Scans code for vulnerabilities, checks dependencies, verifies auth patterns. NOT for explaining security concepts (use pedagogical-explain), or general code review (use code-review).
53SKILL.mdUpdated Mar 27, 2026
aedelon/core-protocols
development
VerifiedTrustedCommunity
Debug errors systematically by searching first, then analyzing, then proposing verified solutions. MUST BE USED when user reports: "error", "bug", "doesn't work", "fails", "crash", stack traces, exception messages, or any troubleshooting scenario. Triggers: "TypeError", "ImportError", "undefined is not a function", "segfault", "panic", "broken", "not working", "unexpected behavior", "regression", "failing", "exception", "traceback", "stack trace", "debug this", "why does this fail", "help me fix". Also enforces confidence levels and output templates. Prevents guessing solutions without research.
53SKILL.mdUpdated Mar 27, 2026
aedelon/commit-message
development
VerifiedTrustedCommunity
Ship workflow: review changes, generate conventional commit messages, push, and create PRs. MUST BE USED when user says: "commit", "git commit", "commit this", "save changes", "commit message", "ship", "ship it", "push", "create PR", "pull request", "ready to merge", "deploy this", "stage changes", "what changed", "review my changes", "conventional commit", or after completing a coding task. Reviews changes, generates commit, optionally pushes and creates PR. NOT for git branching/rebasing (use git-workflow), code review (use review command), or deployment configuration (use deployment-assistant).
53SKILL.mdUpdated Mar 27, 2026