Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

cenjie/complexity-optimizer

Name: complexity-optimizer
Author: cenjie

skills/complexity-optimizer/SKILL.md

npx skillsauth add cenjie/skills complexity-optimizer

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Complexity Optimizer

Core Rule

Optimize only when the current behavior is understood and can be preserved. Prefer a small, proven improvement with tests over a broad rewrite with unclear correctness.

Default Behavior

When the user asks to analyze, scan, audit, review, or "give me a report" for a codebase, produce the full complexity report automatically. Do not require the user to specify report fields.

Default report contents:

Scope analyzed and detected stack/test commands.
Top findings ranked by likely impact.
File and line for each finding.
Current pattern and why it may be costly.
Estimated current complexity.
Recommended change.
Estimated complexity after the change.
Risk level.
Tests, benchmarks, or manual checks needed.
Clear statement that no files were modified, unless the user explicitly requested implementation.

Only edit files when the user asks to implement, fix, optimize, apply, change, refactor, or otherwise clearly requests code modification. If the user only asks for analysis or a report, do not modify files.

Workflow

Establish the baseline:
- Identify the language, framework, test command, build command, and performance-sensitive paths.
- Inspect existing tests before touching code.
- Run scripts/analyze_complexity.py <repo> for a first-pass hotspot list when scanning a repository.
Rank opportunities:
- Prioritize code on hot paths, large input paths, rendering loops, database/API loops, and shared utilities.
- Separate algorithmic complexity from constant-factor cleanup.
- Do not patch every warning. Treat scanner output as leads, not proof.
- For report-only requests, inspect enough surrounding code to estimate current and proposed complexity; do not stop at raw scanner output.
Prove behavior:
- Locate or add focused tests for the function/component being changed.
- Capture edge cases: empty input, duplicates, ordering stability, null/missing values, errors, permissions, pagination, time zones, and mutation side effects.
- If tests are absent and behavior is ambiguous, make the smallest refactor or ask for expected behavior before changing semantics.
Optimize conservatively:
- Replace repeated linear lookup with maps/sets when key equality is stable.
- Replace nested scans with indexing, grouping, two-pointer scans, sweep-line logic, binary search, memoization, batching, or precomputation only when the data shape supports it.
- In UI code, reduce unnecessary renders with stable props, memoized derived data, virtualization, debounced work, and moving expensive work out of render paths.
- In data access code, remove N+1 behavior with bulk fetches, joins, preloading, caching, or batching while preserving authorization and filtering.
Verify:
- Run relevant tests and type/lint/build commands.
- Add a micro-benchmark or measurement when the complexity improvement is non-obvious or performance-critical.
- Report the original complexity, new complexity, changed files, tests run, and any residual risk.

First-Pass Scanner

Use the bundled scanner from the skill directory:

python3 scripts/analyze_complexity.py /path/to/repo --format markdown
python3 scripts/analyze_complexity.py /path/to/repo --format json

The scanner flags common patterns in Python, JavaScript, TypeScript, JSX/TSX, Java, Go, C, C++, C#, Ruby, PHP, and Swift files. It intentionally favors readable leads over perfect static analysis.

If the scanner reports nothing, still inspect known hot paths manually. Rendering churn, database query patterns, and framework lifecycle issues often require repository-specific context.

Optimization Safety Checklist

Before editing:

Confirm the data sizes are large enough for complexity to matter.
Confirm the optimization preserves output ordering where callers may rely on it.
Confirm object identity, mutability, and reference sharing are not part of the public behavior.
Confirm caches have a valid invalidation strategy.
Confirm deduplication does not collapse distinct records that share a display label.
Confirm database batching preserves tenant, permission, soft-delete, pagination, and sorting constraints.

After editing:

Run the narrow test first, then the broadest relevant test/build command.
Compare before/after benchmark numbers when a benchmark exists or was added.
Keep the patch localized. Avoid formatting churn in unrelated files.

References

Read references/optimization-playbook.md for common O(n^2) to O(n log n) / O(n) transformations and framework-specific patterns.
Read references/report-template.md when preparing the final analysis or audit output.

cenjie/complexity-optimizer

skills/complexity-optimizer/SKILL.md

Analyze a software codebase for algorithmic complexity and performance hotspots, then propose or implement safe optimizations without breaking behavior. Use when Codex is asked to scan many files, find inefficient loops, nested iteration, repeated scans, costly rendering/recomputation, N+1 queries, avoidable O(n^2) or O(n) operations, or reduce complexity such as O(n^2) to O(n log n) / O(n), while preserving tests, APIs, outputs, and maintainability.

development

Updated May 26, 2026

$ install --global

skillsauth

npx skillsauth add cenjie/skills complexity-optimizer

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 26, 2026, 4:28 AM39.8s5 files scanned

SKILL.md

name:: complexity-optimizer
description:: Analyze a software codebase for algorithmic complexity and performance hotspots, then propose or implement safe optimizations without breaking behavior. Use when Codex is asked to scan many files, find inefficient loops, nested iteration, repeated scans, costly rendering/recomputation, N+1 queries, avoidable O(n^2) or O(n) operations, or reduce complexity such as O(n^2) to O(n log n) / O(n), while preserving tests, APIs, outputs, and maintainability.

Complexity Optimizer

Core Rule

Optimize only when the current behavior is understood and can be preserved. Prefer a small, proven improvement with tests over a broad rewrite with unclear correctness.

Default Behavior

When the user asks to analyze, scan, audit, review, or "give me a report" for a codebase, produce the full complexity report automatically. Do not require the user to specify report fields.

Default report contents:

Scope analyzed and detected stack/test commands.
Top findings ranked by likely impact.
File and line for each finding.
Current pattern and why it may be costly.
Estimated current complexity.
Recommended change.
Estimated complexity after the change.
Risk level.
Tests, benchmarks, or manual checks needed.
Clear statement that no files were modified, unless the user explicitly requested implementation.

Workflow

Establish the baseline:
- Identify the language, framework, test command, build command, and performance-sensitive paths.
- Inspect existing tests before touching code.
- Run scripts/analyze_complexity.py <repo> for a first-pass hotspot list when scanning a repository.
Rank opportunities:
- Prioritize code on hot paths, large input paths, rendering loops, database/API loops, and shared utilities.
- Separate algorithmic complexity from constant-factor cleanup.
- Do not patch every warning. Treat scanner output as leads, not proof.
- For report-only requests, inspect enough surrounding code to estimate current and proposed complexity; do not stop at raw scanner output.
Prove behavior:
- Locate or add focused tests for the function/component being changed.
- Capture edge cases: empty input, duplicates, ordering stability, null/missing values, errors, permissions, pagination, time zones, and mutation side effects.
- If tests are absent and behavior is ambiguous, make the smallest refactor or ask for expected behavior before changing semantics.
Optimize conservatively:
- Replace repeated linear lookup with maps/sets when key equality is stable.
- Replace nested scans with indexing, grouping, two-pointer scans, sweep-line logic, binary search, memoization, batching, or precomputation only when the data shape supports it.
- In UI code, reduce unnecessary renders with stable props, memoized derived data, virtualization, debounced work, and moving expensive work out of render paths.
- In data access code, remove N+1 behavior with bulk fetches, joins, preloading, caching, or batching while preserving authorization and filtering.
Verify:
- Run relevant tests and type/lint/build commands.
- Add a micro-benchmark or measurement when the complexity improvement is non-obvious or performance-critical.
- Report the original complexity, new complexity, changed files, tests run, and any residual risk.

First-Pass Scanner

Use the bundled scanner from the skill directory:

python3 scripts/analyze_complexity.py /path/to/repo --format markdown
python3 scripts/analyze_complexity.py /path/to/repo --format json

The scanner flags common patterns in Python, JavaScript, TypeScript, JSX/TSX, Java, Go, C, C++, C#, Ruby, PHP, and Swift files. It intentionally favors readable leads over perfect static analysis.

If the scanner reports nothing, still inspect known hot paths manually. Rendering churn, database query patterns, and framework lifecycle issues often require repository-specific context.

Optimization Safety Checklist

Before editing:

Confirm the data sizes are large enough for complexity to matter.
Confirm the optimization preserves output ordering where callers may rely on it.
Confirm object identity, mutability, and reference sharing are not part of the public behavior.
Confirm caches have a valid invalidation strategy.
Confirm deduplication does not collapse distinct records that share a display label.
Confirm database batching preserves tenant, permission, soft-delete, pagination, and sorting constraints.

After editing:

Run the narrow test first, then the broadest relevant test/build command.
Compare before/after benchmark numbers when a benchmark exists or was added.
Keep the patch localized. Avoid formatting churn in unrelated files.

References

Read references/optimization-playbook.md for common O(n^2) to O(n log n) / O(n) transformations and framework-specific patterns.
Read references/report-template.md when preparing the final analysis or audit output.

Related Skills

cenjie/react-native-best-practices

development

VerifiedTrustedCommunity

Provides React Native performance optimization guidelines for FPS, TTI, bundle size, memory leaks, re-renders, and animations. Applies to tasks involving Hermes optimization, JS thread blocking, bridge overhead, FlashList, native modules, or debugging jank and frame drops.

SKILL.mdUpdated May 26, 2026

cenjie/react-native-best-practices

cenjie/make-interfaces-feel-better

development

VerifiedTrustedCommunity

Design engineering principles for making interfaces feel polished. Use when building UI components, reviewing frontend code, implementing animations, hover states, shadows, borders, typography, micro-interactions, enter/exit animations, or any visual detail work. Triggers on UI polish, design details, "make it feel better", "feels off", stagger animations, border radius, optical alignment, font smoothing, tabular numbers, image outlines, box shadows.

SKILL.mdUpdated May 26, 2026

cenjie/make-interfaces-feel-better

cenjie/llm-sast-scanner

development

VerifiedTrustedCommunity

General-purpose Static Application Security Testing (SAST) skill for code vulnerability analysis. Trigger when the user asks to: "analyze code for vulnerabilities", "review code security", "find security bugs", "do a SAST scan", "check for [vulnerability type] in code", "audit source code", or requests a security code review of any language or framework. Covers 34 vulnerability classes across web, API, auth, mobile, and logic layers.

SKILL.mdUpdated May 26, 2026

cenjie/llm-sast-scanner

cenjie/expo-cicd-workflows

tools

VerifiedTrustedCommunity

Helps understand and write EAS workflow YAML files for Expo projects. Use this skill when the user asks about CI/CD or workflows in an Expo or EAS context, mentions .eas/workflows/, or wants help with EAS build pipelines or deployment automation.

SKILL.mdUpdated May 26, 2026

cenjie/expo-cicd-workflows

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/cenjie/skills.git

# Copy into Claude Code skills folder (global)
cp -r skills/skills/complexity-optimizer ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

cenjie/skills

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT