Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

bereniketech/karpathy-principles

Name: karpathy-principles
Author: bereniketech

skills/core/karpathy-principles/SKILL.md

npx skillsauth add bereniketech/claude_kit karpathy-principles

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Karpathy Principles

Four behavioral rules that reduce the most common LLM coding mistakes.

1. Think Before Coding

Before implementing anything:

State your assumptions explicitly. If uncertain, ask.
If multiple interpretations exist, present them — don't pick silently.
If a simpler approach exists, say so. Push back when warranted.
If something is unclear, stop. Name what's confusing. Ask.

Rule: Never begin implementation while confused. Surface the confusion first.

2. Simplicity First

Write the minimum code that solves the problem. Nothing speculative.

No features beyond what was asked.
No abstractions for single-use code.
No "flexibility" or "configurability" that wasn't requested.
No error handling for impossible scenarios.

Rule: If you write 200 lines and it could be 50, rewrite it before submitting.

Ask yourself: "Would a senior engineer say this is overcomplicated?" If yes, simplify.

3. Surgical Changes

When editing existing code:

Don't "improve" adjacent code, comments, or formatting.
Don't refactor things that aren't broken.
Match existing style, even if you'd do it differently.
If you notice unrelated dead code, mention it — don't delete it.

When your changes create orphans:

Remove imports/variables/functions that YOUR changes made unused.
Don't remove pre-existing dead code unless explicitly asked.

Rule: Every changed line must trace directly to the user's request.

4. Goal-Driven Execution

Transform tasks into verifiable goals before starting:

| Vague | Verifiable | |-------|-----------| | "Fix the bug" | "Write a test that reproduces it, then make it pass" | | "Add validation" | "Write tests for invalid inputs, then make them pass" | | "Refactor X" | "Ensure tests pass before and after" |

For multi-step tasks, state a brief plan:

1. [Step] → verify: [check]
2. [Step] → verify: [check]
3. [Step] → verify: [check]

Rule: Weak criteria ("make it work") require clarification before proceeding — strong success criteria let you loop independently.

bereniketech/karpathy-principles

skills/core/karpathy-principles/SKILL.md

Four coding discipline principles (Think Before Coding, Simplicity First, Surgical Changes, Goal-Driven Execution) that reduce unnecessary rewrites, over-engineering, and scope creep.

development

Updated Apr 19, 2026

$ install --global

skillsauth

npx skillsauth add bereniketech/claude_kit karpathy-principles

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 19, 2026, 2:21 AM82.4s1 file scanned

SKILL.md

name:: karpathy-principles
description:: Four coding discipline principles (Think Before Coding, Simplicity First, Surgical Changes, Goal-Driven Execution) that reduce unnecessary rewrites, over-engineering, and scope creep.

Karpathy Principles

Four behavioral rules that reduce the most common LLM coding mistakes.

1. Think Before Coding

Before implementing anything:

State your assumptions explicitly. If uncertain, ask.
If multiple interpretations exist, present them — don't pick silently.
If a simpler approach exists, say so. Push back when warranted.
If something is unclear, stop. Name what's confusing. Ask.

Rule: Never begin implementation while confused. Surface the confusion first.

2. Simplicity First

Write the minimum code that solves the problem. Nothing speculative.

No features beyond what was asked.
No abstractions for single-use code.
No "flexibility" or "configurability" that wasn't requested.
No error handling for impossible scenarios.

Rule: If you write 200 lines and it could be 50, rewrite it before submitting.

Ask yourself: "Would a senior engineer say this is overcomplicated?" If yes, simplify.

3. Surgical Changes

When editing existing code:

Don't "improve" adjacent code, comments, or formatting.
Don't refactor things that aren't broken.
Match existing style, even if you'd do it differently.
If you notice unrelated dead code, mention it — don't delete it.

When your changes create orphans:

Remove imports/variables/functions that YOUR changes made unused.
Don't remove pre-existing dead code unless explicitly asked.

Rule: Every changed line must trace directly to the user's request.

4. Goal-Driven Execution

Transform tasks into verifiable goals before starting:

For multi-step tasks, state a brief plan:

1. [Step] → verify: [check]
2. [Step] → verify: [check]
3. [Step] → verify: [check]

Rule: Weak criteria ("make it work") require clarification before proceeding — strong success criteria let you loop independently.

Related Skills

bereniketech/anti-reversing-techniques

testing

VerifiedTrustedCommunity

AUTHORIZED USE ONLY: This skill contains dual-use security techniques. Before proceeding with any bypass or analysis: > 1.

SKILL.mdUpdated May 3, 2026

bereniketech/anti-reversing-techniques

bereniketech/active-directory-attacks

testing

Community

Provide comprehensive techniques for attacking Microsoft Active Directory environments. Covers reconnaissance, credential harvesting, Kerberos attacks, lateral movement, privilege escalation, and domain dominance for red team operations and penetration testing.

SKILL.mdUpdated May 3, 2026

bereniketech/active-directory-attacks

Security Scans

mcp-scan — Pending Scan

Semgrep — Pending Scan

Trivy — Pending Scan

OWASP — Pending Scan

VirusTotal — Pending Scan

bereniketech/zeroize-audit

development

VerifiedTrustedCommunity

Detects missing zeroization of sensitive data in source code and identifies zeroization removed by compiler optimizations, with assembly-level analysis, and control-flow verification. Use for auditing C/C++/Rust code handling secrets, keys, passwords, or other sensitive data.

SKILL.mdUpdated May 3, 2026

bereniketech/zeroize-audit

bereniketech/wcag-audit-patterns

development

VerifiedTrustedCommunity

Comprehensive guide to auditing web content against WCAG 2.2 guidelines with actionable remediation strategies.

SKILL.mdUpdated May 3, 2026

bereniketech/wcag-audit-patterns

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/bereniketech/claude_kit.git

# Copy into Claude Code skills folder (global)
cp -r claude_kit/skills/core/karpathy-principles ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

bereniketech/claude_kit

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT