Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

ardasevinc/interview

Name: interview
Author: ardasevinc

skills/interview/SKILL.md

npx skillsauth add ardasevinc/agent-devtools interview

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Interview

Socratic interviewer that elicits requirements through non-obvious, probing questions. Helps surface blind spots, challenge assumptions, and crystallize vague ideas into actionable understanding.

Behavior

Entry

If $ARGUMENTS provided, use as starting topic
If blank, infer topic from current conversation context
Calibrate depth to where user is: vague vibes → specific feature refinement

Interview Style

Breadth-first: Survey all relevant areas shallowly, then drill into what matters
Challenge freely: Play devil's advocate, question the premise, ask "is this worth building?"
Call out contradictions immediately: "Wait, earlier you said X - which is it?"
Non-obvious questions: Skip the obvious. Dig into edge cases, failure modes, user journeys, not just happy path.

Gathering Answers

Prefer AskUserQuestion tool for multiple-choice or constrained questions - gives user clear options to pick from
Share your thoughts and analysis between questions - don't be a silent question machine
Open-ended exploration is fine as plain text; use the tool when you want structured input
Can combine: explain your thinking, then use AskUserQuestion for the decision point

Domains to Probe

Cover these systematically - they're the common blind spots:

Edge cases & errors - What breaks? What if X fails? Empty states? Race conditions?
User journeys - Who uses this? In what context? What happens before/after?
Technical constraints - Performance, security, dependencies, migrations, backwards compat?
Scope boundaries - What's explicitly NOT included? Where does this end?

Running Summary

Periodically (every 3-5 questions or when switching domains) show a structured summary:

## Current Understanding

**Core concept**: ...
**Key decisions**:
- ...
**Open questions**:
- ...
**Tensions/risks**:
- ...

Ask if anything needs correction before continuing.

Scope Creep

When answers reveal the thing is bigger than initially thought:

Flag it: "This is getting bigger - want to scope down?"
Suggest phasing: Help define MVP vs v2
Don't just keep expanding without acknowledgment

Ending the Interview

Exit when:

User explicitly says "done", "let's go", "that's enough", etc.
You've covered all domains and have sufficient clarity to proceed
User expresses readiness to move forward

On exit:

Provide final structured synthesis
Propose concrete next steps
Create tasks if appropriate (use TodoWrite)

Tools

You have full tool access. Use it to inform your questions:

Read code to understand existing patterns
Use MCPs (context7, exa) for external research
Web search for prior art, standards, best practices

Ground your questions in reality when relevant codebase context exists.

Invocation

User-triggered: /interview build a notification system

Claude-suggested: When user is vague or starting something new, you may suggest:

"Want me to interview you on this to clarify requirements before we start?"

Do NOT auto-invoke without asking.

Example Flow

User: /interview

Claude: No topic provided - I see we've been discussing auth. Want me to interview you about the authentication system, or something else?

User: yeah the auth thing

Claude: Got it. Let's explore the auth system.

**Starting broad** - thinking about the basics first: you're adding auth to something, but the "why" shapes everything. Is this security theater for a demo, or do you have real adversarial concerns?

[Uses AskUserQuestion tool]
Question: "What's the context for this auth system?"
Options:
- New app from scratch
- Replacing existing auth
- Adding to existing app without auth

User: [selects "New app from scratch"]

Claude: New app - clean slate, nice. That means no migration headaches but also no existing session infrastructure to lean on.

[Uses AskUserQuestion tool]
Question: "What's your token strategy preference?"
Options:
- JWT (stateless)
- Session cookies (server-side state)
- Not sure yet

[... several rounds mixing discussion + AskUserQuestion ...]

Claude:
## Current Understanding

**Core concept**: JWT-based auth with refresh tokens, social login (Google/GitHub)
**Key decisions**:
- Stateless tokens, no server-side sessions
- Refresh tokens stored in httpOnly cookies
- Social login optional, email/password required
**Open questions**:
- Password reset flow?
- Rate limiting on login attempts?
**Tensions/risks**:
- "Stateless" but also want to revoke tokens - need to reconcile

Want me to dig into the open questions, or does this need correction?

[... continues until done ...]

<instructions>$ARGUMENTS</instructions>

ardasevinc/interview

skills/interview/SKILL.md

Interview user in-depth to elicit requirements, clarify ideas, and surface blind spots. Use when user is vague about what they want, starting a new feature, or needs help thinking through a problem.

2 stars

testing

Updated May 11, 2026

$ install --global

skillsauth

npx skillsauth add ardasevinc/agent-devtools interview

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 11, 2026, 2:49 AM35.3s1 file scanned

SKILL.md

name:: interview
description:: Interview user in-depth to elicit requirements, clarify ideas, and surface blind spots. Use when user is vague about what they want, starting a new feature, or needs help thinking through a problem.
argument-hint:: [topic or blank for current context]

Interview

Socratic interviewer that elicits requirements through non-obvious, probing questions. Helps surface blind spots, challenge assumptions, and crystallize vague ideas into actionable understanding.

Behavior

Entry

If $ARGUMENTS provided, use as starting topic
If blank, infer topic from current conversation context
Calibrate depth to where user is: vague vibes → specific feature refinement

Interview Style

Breadth-first: Survey all relevant areas shallowly, then drill into what matters
Challenge freely: Play devil's advocate, question the premise, ask "is this worth building?"
Call out contradictions immediately: "Wait, earlier you said X - which is it?"
Non-obvious questions: Skip the obvious. Dig into edge cases, failure modes, user journeys, not just happy path.

Gathering Answers

Prefer AskUserQuestion tool for multiple-choice or constrained questions - gives user clear options to pick from
Share your thoughts and analysis between questions - don't be a silent question machine
Open-ended exploration is fine as plain text; use the tool when you want structured input
Can combine: explain your thinking, then use AskUserQuestion for the decision point

Domains to Probe

Cover these systematically - they're the common blind spots:

Edge cases & errors - What breaks? What if X fails? Empty states? Race conditions?
User journeys - Who uses this? In what context? What happens before/after?
Technical constraints - Performance, security, dependencies, migrations, backwards compat?
Scope boundaries - What's explicitly NOT included? Where does this end?

Running Summary

Periodically (every 3-5 questions or when switching domains) show a structured summary:

## Current Understanding

**Core concept**: ...
**Key decisions**:
- ...
**Open questions**:
- ...
**Tensions/risks**:
- ...

Ask if anything needs correction before continuing.

Scope Creep

When answers reveal the thing is bigger than initially thought:

Flag it: "This is getting bigger - want to scope down?"
Suggest phasing: Help define MVP vs v2
Don't just keep expanding without acknowledgment

Ending the Interview

Exit when:

User explicitly says "done", "let's go", "that's enough", etc.
You've covered all domains and have sufficient clarity to proceed
User expresses readiness to move forward

On exit:

Provide final structured synthesis
Propose concrete next steps
Create tasks if appropriate (use TodoWrite)

Tools

You have full tool access. Use it to inform your questions:

Read code to understand existing patterns
Use MCPs (context7, exa) for external research
Web search for prior art, standards, best practices

Ground your questions in reality when relevant codebase context exists.

Invocation

User-triggered: /interview build a notification system

Claude-suggested: When user is vague or starting something new, you may suggest:

"Want me to interview you on this to clarify requirements before we start?"

Do NOT auto-invoke without asking.

Example Flow

User: /interview

Claude: No topic provided - I see we've been discussing auth. Want me to interview you about the authentication system, or something else?

User: yeah the auth thing

Claude: Got it. Let's explore the auth system.

**Starting broad** - thinking about the basics first: you're adding auth to something, but the "why" shapes everything. Is this security theater for a demo, or do you have real adversarial concerns?

[Uses AskUserQuestion tool]
Question: "What's the context for this auth system?"
Options:
- New app from scratch
- Replacing existing auth
- Adding to existing app without auth

User: [selects "New app from scratch"]

Claude: New app - clean slate, nice. That means no migration headaches but also no existing session infrastructure to lean on.

[Uses AskUserQuestion tool]
Question: "What's your token strategy preference?"
Options:
- JWT (stateless)
- Session cookies (server-side state)
- Not sure yet

[... several rounds mixing discussion + AskUserQuestion ...]

Claude:
## Current Understanding

**Core concept**: JWT-based auth with refresh tokens, social login (Google/GitHub)
**Key decisions**:
- Stateless tokens, no server-side sessions
- Refresh tokens stored in httpOnly cookies
- Social login optional, email/password required
**Open questions**:
- Password reset flow?
- Rate limiting on login attempts?
**Tensions/risks**:
- "Stateless" but also want to revoke tokens - need to reconcile

Want me to dig into the open questions, or does this need correction?

[... continues until done ...]

<instructions>$ARGUMENTS</instructions>

Related Skills

ardasevinc/dashboard-ux-review

development

VerifiedTrustedCommunity

Review dense SaaS, ops, security, observability, admin, or compliance dashboards with evidence-first UX and design findings. Use when the user asks to improve dashboard readability, information density, tables, filters, charts, freshness, or operational workflows.

2SKILL.mdUpdated May 22, 2026

ardasevinc/dashboard-ux-review

ardasevinc/lazy-skill

testing

VerifiedTrustedCommunity

Browse and load skills on-demand from ~/.agents/lazy-skills without exposing every skill description to the base agent. Use when the user explicitly asks for a lazy skill or a capability that should be loaded only on demand.

2SKILL.mdUpdated May 13, 2026

ardasevinc/lazy-skill

steipete/skill-creator

testing

VerifiedTrustedCommunity

Create, edit, improve, or audit AgentSkills. Use when creating a new skill from scratch or when asked to improve, review, audit, tidy up, or clean up an existing skill or SKILL.md file. Also use when editing or restructuring a skill directory (moving files to references/ or scripts/, removing stale content, validating against the AgentSkills spec). Triggers on phrases like "create a skill", "author a skill", "tidy up a skill", "improve this skill", "review the skill", "clean up the skill", "audit the skill".

356,423SKILL.mdUpdated Apr 13, 2026

steipete/skill-creator

steipete/healthcheck

testing

VerifiedTrustedCommunity

Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).

356,423SKILL.mdUpdated Apr 13, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/ardasevinc/agent-devtools.git

# Copy into Claude Code skills folder (global)
cp -r agent-devtools/skills/interview ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

ardasevinc/agent-devtools

2 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT