alexei-led/searching-code
dist/pi/skills/searching-code/SKILL.md
Intelligent codebase search with AST-first local search and zoom-out mapping. Use when user asks "how does X work", "trace flow", "find all implementations", "understand codebase", "zoom out", "map this area", structural code-pattern search, or cross-file exploration in large repos. Try ast-grep before rg for code-shape queries; use WarpGrep for semantic flow.
$ install --global
skillsauthnpx skillsauth add alexei-led/claude-code-config searching-codeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 21, 2026, 3:36 AM216.0s1 file scanned
SKILL.md
- description:
- Intelligent codebase search with AST-first local search and zoom-out
- name:
- searching-code
<!-- Pi platform guidance -->
<!-- Use Pi tool names exactly: read, bash, edit, write, ask_user_question, structured_output, todo, Agent, get_subagent_result, steer_subagent, web_search, web_answer, web_research. -->
<!-- Use Agent, get_subagent_result, and steer_subagent for delegated work. -->
<!-- Use ctx7 or npx ctx7@latest through bash when Context7 documentation lookup is required. -->
Codebase Search in Pi
Map code with verified file references. Do not read the whole repo because the user sounds curious. Curiosity is not a query plan.
Search Tool Order
ast-grep/sgfor structural code patterns.rgfor exact text, strings, comments, docs, logs, and config keys.fdfor file and directory discovery.Agentwithreviewerfor compressed multi-file context when the search is broad.grep/findonly when modern tools are unavailable.
Workflow
- Clarify scope if the request is vague.
- Check for domain docs first when present:
CONTEXT.mdCONTEXT-MAP.md- nearest
*/CONTEXT.md docs/adr/*.md
- Classify the search:
- Structural code shape →
ast-grep runorast-grep scan. - Exact text or config keys →
rg. - File names or extensions →
fd.
- Structural code shape →
- Read only the files or line ranges needed to verify the map.
- For large searches, launch one bounded
Agentwithreviewerto gather compressed context. Keep the main loop in control. - Separate verified facts from guesses and unknowns.
Useful Commands
command -v ast-grep || command -v sg
ast-grep run --pattern 'console.log($$$)' --lang javascript .
ast-grep scan --inline-rules 'id: await-in-func
language: javascript
rule:
kind: function_declaration
has:
pattern: await $EXPR
stopBy: end
' .
rg -n 'login|authenticate|AuthService|Session|UserRepository'
fd 'auth|login|session|user'
Use sg in place of ast-grep if that is the installed binary.
Zoom-Out Mode
Use when the user says "zoom out", "map this area", "go up a layer", or sounds lost in local details.
Return:
- Flow with
file:linereferences. - Key modules and responsibilities.
- Callers, callees, shared types, and messages.
- Unknowns or unverified assumptions.
- Read-next list, top 3 files only.
For structural searches, include the ast-grep pattern or rule used.
Output Contract
## Code Map
### Scope
<what was mapped>
### Flow
1. `path:line` — fact
2. `path:line` — fact
### Modules
- `module/path` — responsibility and key files
### Search
- `<command or rule>` — why it was used
### Unknowns
- <gap and how to verify>
### Read Next
1. `path` — why
Related Skills
alexei-led/writing-shell
tools
VerifiedTrustedCommunity
Idiomatic shell development for POSIX sh, Bash, Zsh, Fish, hooks, CI shell steps, and scriptable CLI glue. Use when writing or changing `.sh`, `.bash`, `.zsh`, `.fish`, `.bats`, shell functions, shell pipelines, or command-runner recipes. Emphasizes portability, quoting, safe filesystem/process handling, non-TUI CLI tools, ShellCheck, shfmt, Bats, and ShellSpec. NOT for Python, TypeScript, Go, web code, or infrastructure operations.
33SKILL.mdUpdated Jun 5, 2026
alexei-led/spec-flow
tools
VerifiedTrustedCommunity
Use when planning, executing, checkpointing, finishing, or inspecting lightweight spec-driven work. Runs one task at a time using `.spec/` markdown files and the bundled `specctl` helper. NOT for broad product discovery beyond a short requirement interview.
33SKILL.mdUpdated Jun 5, 2026
alexei-led/operating-infra
testing
VerifiedTrustedCommunity
Author, inspect, troubleshoot, and review infrastructure across IaC, Kubernetes, cloud resources, containers, CI/CD, and Linux hosts. Use when changing Terraform/OpenTofu, Kubernetes, Helm, Kustomize, Dockerfiles, GitHub Actions, AWS, GCP, Cloud Run, BigQuery, IAM, logs, instances, or service health. NOT for deploy/apply/rollback workflows (see deploying-infra). NOT for shell scripts or generic command pipelines (see writing-shell).
33SKILL.mdUpdated Jun 5, 2026
alexei-led/configuring-git-hygiene
development
VerifiedTrustedCommunity
Configure safe git workflow hygiene: pre-commit/pre-push hooks, Gitleaks secret scanning, .gitignore rules, local git config, and guardrails. Use when setting up git hooks, gitleaks/git leaks, staged pre-commit checks, pre-push validation, core.hooksPath, .gitignore, or git config best practices. NOT for creating commits (use committing-code), cleaning branches/worktrees (use cleanup-git), or creating worktrees (use using-git-worktrees).
33SKILL.mdUpdated Jun 5, 2026