charly-vibes/create-handoff
.claude/skills/create-handoff/SKILL.md
Generate context documents for session continuity
documentation
Updated Apr 17, 2026
$ install --global
skillsauthnpx skillsauth add charly-vibes/wai create-handoffInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 2:20 PM6.5s1 file scanned
SKILL.md
- name:
- create-handoff
- description:
- Generate context documents for session continuity
- disable-model-invocation:
- true
Create Handoff Document
Create a concise handoff document to transfer context to another agent session. Compress and summarize the context without losing key details.
Process
Step 1: Gather Metadata
# Get current state
git branch --show-current
git rev-parse --short HEAD
date -Iseconds
pwd
Step 2: Determine Filepath
Create file at handoffs/YYYY-MM-DD_HH-MM-SS_description.md
Naming patterns:
- With issue tracking:
handoffs/2026-01-12_14-30-00_issue-123_add-oauth.md - Without issues:
handoffs/2026-01-12_14-30-00_refactor-auth-system.md
Step 3: Write Handoff Document
Template:
---
date: [ISO timestamp with timezone]
git_commit: [short hash]
branch: [branch name]
directory: [working directory]
issue: [issue-123 if applicable]
status: handoff
---
# Handoff: [brief description]
## Context
[1-2 paragraph overview of what we're working on and why]
## Current Status
### Completed
- [x] [Task 1 with file:line references]
- [x] [Task 2 with file:line references]
### In Progress
- [ ] [Task being worked on with current state]
### Planned
- [ ] [Next task]
- [ ] [Future task]
## Critical Files
> These are the MOST IMPORTANT files to understand for continuation
1. `path/to/critical/file.ext:123-156` - Core implementation of X
2. `path/to/config.ext:45` - Configuration for Y
3. `path/to/test.ext` - Existing tests that constrain changes
## Recent Changes
> Files modified in this session
- `src/auth/oauth.ts:34-89` - Added OAuth flow orchestration
- `src/auth/providers.ts:1-134` - Created provider abstraction (new file)
- `src/components/LoginForm.tsx:67-89` - Integrated OAuth UI
- `tests/oauth.test.ts:1-67` - Unit tests for OAuth (new file)
## Key Learnings
> Important discoveries that affect future work
1. **OAuth state must be stored in sessionStorage**
- LocalStorage persists across tabs causing state confusion
- See `src/auth/oauth.ts:45` for implementation
2. **Provider interface needs async initialization**
- Some providers require config fetching before use
- Current implementation in `src/auth/providers.ts:23`
3. **Existing auth system uses context pattern**
- Must integrate OAuth without breaking existing email/password
- See `src/contexts/AuthContext.tsx` for pattern
## Open Questions
> Unresolved decisions or uncertainties
- [ ] Should OAuth tokens be stored in httpOnly cookies or localStorage?
- [ ] Need to verify PKCE flow works with all providers
- [ ] How to handle provider-specific scopes?
## Next Steps
> Prioritized actions for next session
1. **Test OAuth flow end-to-end** [Priority: HIGH]
- Test with real provider credentials
- Verify token refresh works
- Check error handling
2. **Add provider configuration UI** [Priority: MEDIUM]
- Allow admin to enable/disable providers
- Configure client IDs per environment
3. **Document OAuth setup** [Priority: MEDIUM]
- Update README with provider setup instructions
- Add environment variable documentation
## Artifacts
> Complete list of files created/modified
**New files:**
- `src/auth/oauth.ts`
- `src/auth/providers.ts`
- `tests/oauth.test.ts`
**Modified files:**
- `src/components/LoginForm.tsx`
- `src/types/auth.ts`
**Not committed:** [if applicable]
- `config/development.env` (local credentials)
## Related Links
> Links to relevant docs, discussions, or research
- [OAuth 2.0 spec](https://oauth.net/2/)
- Slack discussion: #auth-redesign (2026-01-10)
- Design doc: `docs/oauth-integration.md`
## Additional Context
> Any other useful context
- Testing locally requires registered OAuth apps for each provider
- Google OAuth has strict redirect URI validation
- GitHub provider works but needs organization scope review
Step 4: Commit the Handoff
git add handoffs/YYYY-MM-DD_HH-MM-SS_description.md
git commit -m "docs(handoff): add handoff for [brief description]"
Step 5: Inform User
Handoff created at: handoffs/2026-01-12_14-30-00_oauth-integration.md
To resume in a new session:
1. Start fresh AI session
2. Provide the prompt: "Resume work from handoffs/2026-01-12_14-30-00_oauth-integration.md"
3. Or use: /resume_handoff handoffs/2026-01-12_14-30-00_oauth-integration.md
The handoff captures:
- Current task status
- Key learnings and decisions
- Files to read first
- Prioritized next steps
Guidelines
- Be specific, not vague - Include file:line references for everything
- Capture the "why" - Future sessions need to understand decisions
- Prioritize learnings - Mistakes and discoveries are most valuable
- Reference, don't duplicate - Link to files rather than copy code
- Update issue tracking - If using issues, link the handoff
Related Skills
charly-vibes/verify-prompt
testing
VerifiedTrustedCommunity
Compare original and distilled prompts to verify the distillation is faithful and lossless. Checks completeness, accuracy, and appropriate conciseness.
SKILL.mdUpdated Apr 17, 2026
charly-vibes/tdd
development
VerifiedTrustedCommunity
Implement features following Test-Driven Development methodology. Red-Green-Refactor cycle with phased approach and verification at each step.
SKILL.mdUpdated Apr 17, 2026
charly-vibes/rule-of-5
development
VerifiedTrustedCommunity
Orchestrate multi-agent code review with three waves - parallel analysis, cross-validation, and convergence check. Simulates specialist reviewers and synthesizes findings.
SKILL.mdUpdated Apr 17, 2026
charly-vibes/rule-of-5-universal
development
VerifiedTrustedCommunity
Apply Steve Yegge's Rule of 5 iterative review to any artifact - code, plans, research, issues, specs, or documents. Five stages from draft through excellence.
SKILL.mdUpdated Apr 17, 2026