Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

aj-geddes/python

Name: python
Author: aj-geddes

skills/python/SKILL.md

npx skillsauth add aj-geddes/unicorn-team python

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Python Domain Skill

Modern Type Hints (3.10+)

# Union with | operator
def process(value: int | str | None) -> dict[str, int]: ...

# Type aliases
type UserID = int
type Config = dict[str, str | int | bool]

# See references/type-hints-advanced.md for:
# - Generics and TypeVars
# - Protocols (structural typing)
# - Function overloading

Testing with Pytest

# Fixtures
@pytest.fixture
def sample_user():
    return {"name": "Alice", "email": "[email protected]"}

# Parametrize
@pytest.mark.parametrize("input,expected", [
    (0, 0), (1, 1), (2, 4),
])
def test_square(input, expected):
    assert input ** 2 == expected

# Mock with pytest-mock
def test_api(mocker):
    mock_get = mocker.patch("requests.get")
    mock_get.return_value.json.return_value = {"status": "ok"}
    result = fetch_data()
    assert result["status"] == "ok"

Coverage target: 80%+

pytest --cov=myapp --cov-report=term-missing --cov-fail-under=80

See references/testing-pytest.md for advanced fixtures, mocking patterns, markers, plugins.

Tooling

Ruff (Linting + Formatting)

Replaces Black, isort, flake8, pyupgrade.

ruff check --fix . && ruff format .

# pyproject.toml
[tool.ruff]
line-length = 88
target-version = "py310"

[tool.ruff.lint]
select = ["E", "W", "F", "I", "N", "UP", "B", "C4", "SIM"]
ignore = ["E501"]

[tool.ruff.format]
quote-style = "double"

Mypy (Type Checking)

[tool.mypy]
python_version = "3.10"
strict = true
warn_return_any = true
disallow_untyped_defs = true

Poetry (Dependency Management)

poetry init
poetry add requests
poetry add --group dev pytest pytest-cov ruff mypy
poetry install
poetry run pytest

See references/tooling-config.md for complete ruff rule sets, mypy options, pre-commit hooks, CI/CD.

Async Programming

# Concurrent execution
async def fetch_all(urls: list[str]) -> list[dict]:
    return await asyncio.gather(*[fetch_data(url) for url in urls])

# Async context manager
class AsyncDatabase:
    async def __aenter__(self):
        self.connection = await connect()
        return self

    async def __aexit__(self, *args):
        await self.connection.close()

See references/async-patterns.md for task management, semaphores, queues, error handling, pitfalls.

Data Modeling

| Use case | Choose | Why | |----------|--------|-----| | Internal data, simple containers | @dataclass | Stdlib, fast, no deps | | Performance-critical, immutable | @dataclass(frozen=True, slots=True) | Minimal overhead | | External/untrusted data, APIs | pydantic.BaseModel | Auto-validation, serialization | | Config from environment | pydantic_settings.BaseSettings | Env var parsing, type coercion |

# Dataclass: internal data
@dataclass(frozen=True)
class Point:
    x: float
    y: float

# Pydantic: external data with validation
class UserCreate(BaseModel):
    name: str = Field(..., min_length=1, max_length=100)
    email: EmailStr
    age: int = Field(..., ge=0, le=150)

    @field_validator("email")
    @classmethod
    def normalize_email(cls, v: str) -> str:
        return v.lower().strip()

See references/dataclasses-pydantic.md for advanced features, nested models, settings, JSON schema.

Anti-patterns Quick Reference

| Anti-pattern | Fix | |-------------|-----| | Mutable default def f(x=[]) | def f(x=None) then x = x or [] | | Bare except: | except SpecificError as e: | | == None / == True | is None / is True | | Modify list while iterating | List comprehension filter | | f = open() without with | with open() as f: | | String concat in loop += | "".join(...) | | Manual index counter | enumerate() | | type(x) == list | isinstance(x, list) | | print() debugging | logging.getLogger(__name__) | | Star imports from x import * | Explicit imports |

Project Setup Checklist

# 1. Initialize
poetry init
poetry add <dependencies>
poetry add --group dev pytest pytest-cov ruff mypy pre-commit

# 2. Configure pyproject.toml
# [tool.ruff], [tool.mypy], [tool.pytest.ini_options]

# 3. Install hooks
pre-commit install

# 4. Full quality check
ruff check --fix . && ruff format . && mypy . && pytest --cov=myapp --cov-fail-under=80

Commands

ruff format . && ruff check --fix .                              # Format + lint
mypy .                                                           # Type check
pytest --cov=myapp --cov-report=term-missing --cov-fail-under=80 # Test + coverage

Reference Files

references/type-hints-advanced.md - Generics, Protocols, TypeVars, overloads, TypedDict
references/async-patterns.md - Task management, queues, synchronization, performance
references/testing-pytest.md - Fixtures, parametrize, mocking, markers, plugins
references/tooling-config.md - ruff, mypy, poetry, pre-commit, bandit configs
references/dataclasses-pydantic.md - Data modeling, validation, serialization, settings

aj-geddes/python

skills/python/SKILL.md

Guides Python development with modern idioms, tooling, and project structure. ALWAYS trigger on "python project", "pyproject.toml", "ruff", "mypy", "pytest", "poetry", "python setup", "type hints", "pydantic", "dataclass", "async python", "asyncio", "python anti-pattern", "python best practices", "python tooling", "python lint". Use when setting up Python projects, configuring tooling, choosing data modeling approaches, or writing tests. Different from testing skill which covers general test strategy; this covers Python-specific pytest patterns and tooling configs.

7 stars

tools

Updated Apr 25, 2026

$ install --global

skillsauth

npx skillsauth add aj-geddes/unicorn-team python

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 25, 2026, 4:45 PM51.7s6 files scanned

SKILL.md

name:: python
description:: >-

Python Domain Skill

Modern Type Hints (3.10+)

# Union with | operator
def process(value: int | str | None) -> dict[str, int]: ...

# Type aliases
type UserID = int
type Config = dict[str, str | int | bool]

# See references/type-hints-advanced.md for:
# - Generics and TypeVars
# - Protocols (structural typing)
# - Function overloading

Testing with Pytest

# Fixtures
@pytest.fixture
def sample_user():
    return {"name": "Alice", "email": "[email protected]"}

# Parametrize
@pytest.mark.parametrize("input,expected", [
    (0, 0), (1, 1), (2, 4),
])
def test_square(input, expected):
    assert input ** 2 == expected

# Mock with pytest-mock
def test_api(mocker):
    mock_get = mocker.patch("requests.get")
    mock_get.return_value.json.return_value = {"status": "ok"}
    result = fetch_data()
    assert result["status"] == "ok"

Coverage target: 80%+

pytest --cov=myapp --cov-report=term-missing --cov-fail-under=80

See references/testing-pytest.md for advanced fixtures, mocking patterns, markers, plugins.

Tooling

Ruff (Linting + Formatting)

Replaces Black, isort, flake8, pyupgrade.

ruff check --fix . && ruff format .

# pyproject.toml
[tool.ruff]
line-length = 88
target-version = "py310"

[tool.ruff.lint]
select = ["E", "W", "F", "I", "N", "UP", "B", "C4", "SIM"]
ignore = ["E501"]

[tool.ruff.format]
quote-style = "double"

Mypy (Type Checking)

[tool.mypy]
python_version = "3.10"
strict = true
warn_return_any = true
disallow_untyped_defs = true

Poetry (Dependency Management)

poetry init
poetry add requests
poetry add --group dev pytest pytest-cov ruff mypy
poetry install
poetry run pytest

See references/tooling-config.md for complete ruff rule sets, mypy options, pre-commit hooks, CI/CD.

Async Programming

# Concurrent execution
async def fetch_all(urls: list[str]) -> list[dict]:
    return await asyncio.gather(*[fetch_data(url) for url in urls])

# Async context manager
class AsyncDatabase:
    async def __aenter__(self):
        self.connection = await connect()
        return self

    async def __aexit__(self, *args):
        await self.connection.close()

See references/async-patterns.md for task management, semaphores, queues, error handling, pitfalls.

Data Modeling

# Dataclass: internal data
@dataclass(frozen=True)
class Point:
    x: float
    y: float

# Pydantic: external data with validation
class UserCreate(BaseModel):
    name: str = Field(..., min_length=1, max_length=100)
    email: EmailStr
    age: int = Field(..., ge=0, le=150)

    @field_validator("email")
    @classmethod
    def normalize_email(cls, v: str) -> str:
        return v.lower().strip()

See references/dataclasses-pydantic.md for advanced features, nested models, settings, JSON schema.

Anti-patterns Quick Reference

Project Setup Checklist

# 1. Initialize
poetry init
poetry add <dependencies>
poetry add --group dev pytest pytest-cov ruff mypy pre-commit

# 2. Configure pyproject.toml
# [tool.ruff], [tool.mypy], [tool.pytest.ini_options]

# 3. Install hooks
pre-commit install

# 4. Full quality check
ruff check --fix . && ruff format . && mypy . && pytest --cov=myapp --cov-fail-under=80

Commands

ruff format . && ruff check --fix .                              # Format + lint
mypy .                                                           # Type check
pytest --cov=myapp --cov-report=term-missing --cov-fail-under=80 # Test + coverage

Reference Files

references/type-hints-advanced.md - Generics, Protocols, TypeVars, overloads, TypedDict
references/async-patterns.md - Task management, queues, synchronization, performance
references/testing-pytest.md - Fixtures, parametrize, mocking, markers, plugins
references/tooling-config.md - ruff, mypy, poetry, pre-commit, bandit configs
references/dataclasses-pydantic.md - Data modeling, validation, serialization, settings

Related Skills

aj-geddes/testing

development

VerifiedTrustedCommunity

Guides the user through test-first development and test strategy decisions. ALWAYS trigger on "write tests", "TDD", "test coverage", "mock", "test fails", "flaky test", "how to test", "unit test", "integration test", "e2e test", "test structure", "what to test", "test organization", "coverage report", "testing strategy", "arrange act assert". Use when writing new tests, choosing test types, setting up mocking, debugging flaky tests, improving coverage, or designing testable code. Different from qa-security agent which focuses on code review and security audits rather than test authoring.

7SKILL.mdUpdated Apr 25, 2026

aj-geddes/technical-debt

development

VerifiedTrustedCommunity

Guides deliberate management of technical debt: recognition, tracking, prioritization, and paydown. ALWAYS trigger on "technical debt", "code shortcut", "pay down debt", "debt tracking", "just for now", "temporary hack", "hardcoded value", "copy-paste code", "missing tests", "TODO cleanup", "refactor plan", "debt priority", "interest cost", "boy scout rule", "code quality backlog". Use when taking a shortcut, discovering suboptimal code, planning debt paydown, or quantifying ongoing cost of compromises.

7SKILL.mdUpdated Apr 25, 2026

aj-geddes/technical-debt

aj-geddes/self-verification

development

VerifiedTrustedCommunity

Guides the user through systematic pre-commit quality verification. ALWAYS trigger on "review my code", "check my work", "before commit", "self-review", "quality check", "am I ready to commit", "pre-commit review", "code quality", "verify my changes", "sanity check", "review before merge", "is this ready". Use before any commit, merge, or code review submission.

7SKILL.mdUpdated Apr 25, 2026

aj-geddes/self-verification

aj-geddes/security

development

VerifiedTrustedCommunity

Guides secure development using defense-in-depth and attacker's mindset. ALWAYS trigger on "security review", "vulnerability", "authentication", "authorization", "input validation", "XSS", "SQL injection", "CSRF", "secrets management", "OWASP", "threat model", "security scan", "path traversal", "mass assignment", "privilege escalation", "security headers", "bandit", "dependency audit", "hardening". Use when implementing auth, handling user input, storing secrets, reviewing code for vulnerabilities, or preparing for production deployment. Different from devops skill which covers infrastructure; this covers application-level security patterns.

7SKILL.mdUpdated Apr 25, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/aj-geddes/unicorn-team.git

# Copy into Claude Code skills folder (global)
cp -r unicorn-team/skills/python ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

aj-geddes/unicorn-team

7 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT