artifex1/design-challenger
skills/design-challenger/SKILL.md
Evaluate high-level protocol or system designs for overcomplication, then propose simpler, more structured alternatives with explicit trade-offs. Use when the user wants to challenge a system design, simplify an architecture, reduce protocol complexity, or compare design alternatives.
$ install --global
skillsauthnpx skillsauth add artifex1/auditor-addon design-challengerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 25, 2026, 9:42 PM1.8s1 file scanned
SKILL.md
- name:
- design-challenger
- description:
- Evaluate high-level protocol or system designs for overcomplication, then propose simpler, more structured alternatives with explicit trade-offs. Use when the user wants to challenge a system design, simplify an architecture, reduce protocol complexity, or compare design alternatives.
- argument-hint:
- <design description>
Design Challenger
<goals> ## Goals- Identify overcomplicated designs (too many moving parts, cross-file flow complexity, fragile invariants).
- Propose cleaner alternatives that reduce invariants, shorten flows, and consolidate responsibilities.
- Stay objective by grounding suggestions in project context, requirements, and assumptions.
- Allow bold redesigns (some recall is acceptable) while keeping trade-offs explicit.
- Avoid code-level refactors; focus on protocol/system-level design changes only. </goals>
<process> ## Process
TRIGGER: User provides a high-level protocol or system design for evaluation.
- Clarify the context briefly when needed: intended users, runtime constraints, compatibility needs, and failure modes.
- If domain context is missing, consult references before proposing alternatives.
- Map the current design at a high level: components, handoffs, invariants, and cross-file flow.
- Identify the overcomplication drivers: unnecessary indirections, redundant layers, excessive configurability, or fragile sequencing.
- Propose one or more simpler designs that meet the same requirements with fewer moving parts.
- If major simplification requires removing a feature, make the case and note impact; consider modular or optional variants when removal is too costly.
- Explicitly enumerate trade-offs for each alternative. </process>
<references> ## References
Load only the minimum needed for the task.
references/context-questions.md: use when the prompt lacks constraints.references/complexity-smells.md: use to spot overcomplication drivers.references/simplification-tactics.md: use to structure alternatives.references/decision-matrix.md: use when multiple options must be compared.references/tradeoff-catalog.md: use to enumerate trade-offs.references/domain-context.md: use only when domain context is missing. </references>
<output_format>
Output Format
Use the following format and keep it concrete and concise. Do not include code.
- What is overcomplicated
- ...
- Simpler alternative
- ...
- Trade-offs
- ... </output_format>
<guardrails> ## Guardrails
- Do not suggest code edits or function-level tweaks (e.g., no line-level or snippet changes).
- Avoid subjective preferences; justify improvements by reducing complexity, invariants, or moving parts.
- Do not propose changes that reduce security posture; simplifications should be neutral or positive for security.
- Feature removal is allowed only with clear justification (usage, risk, maintenance cost, compatibility impact).
- If requirements force complexity, say so and focus on the minimal simplifications that preserve constraints. </guardrails>
Related Skills
artifex1/threat-modeling
development
VerifiedTrustedCommunity
Analyzing codebases to systematically identify and categorize potential security threats, producing a threat model report before code-level auditing. Use when starting an engagement and wanting to map the attack surface, identify high-value assets, and enumerate threat agents before diving into code-level analysis.
4SKILL.mdUpdated Apr 4, 2026
artifex1/security-auditor
development
VerifiedTrustedCommunity
Conducting interactive security audits using the Map & Probe methodology. Use when the user wants to perform a security review of source code, find vulnerabilities, audit a codebase, or analyze code for security issues.
4SKILL.mdUpdated Apr 4, 2026
artifex1/scribe
testing
VerifiedTrustedCommunity
Technical writing for formal security audit reports. Use when the user wants to write up a security finding, create a formal issue report, or draft system overview and security model sections for an audit report.
4SKILL.mdUpdated Apr 4, 2026
artifex1/sast-pipeline
development
VerifiedTrustedCommunity
Running the SAiST (Static AI-assisted Security Testing) pipeline against a codebase. Use when the user wants to run static analysis rules, detect code smells, find vulnerability patterns, or scan code with the built-in rule engine. Covers the full init → resolve gaps → run rules flow.
4SKILL.mdUpdated Apr 4, 2026