Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

curiositech/prompt-template-manager

Name: prompt-template-manager
Author: curiositech

skills/prompt-template-manager/SKILL.md

npx skillsauth add curiositech/windags-skills prompt-template-manager

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Prompt Template Manager

Version-control, parameterize, and A/B test LLM prompt templates using Git-native workflows and structured registries.

Activation Triggers

Activate on: "prompt versioning", "prompt template", "A/B test prompts", "prompt registry", "manage prompt variants", "prompt as code", "parameterized prompts", "prompt lifecycle"

NOT for: Writing or optimizing individual prompts (prompt-engineer), fine-tuning dataset preparation (fine-tuning-dataset-curator), or LLM application architecture (ai-engineer)

Quick Start

Structure prompts as files — Store each prompt template in prompts/{domain}/{name}.yaml with metadata, variables, and versioned content.
Parameterize with variables — Use {{variable}} placeholders for dynamic content; separate static instruction from dynamic context.
Version with Git — Each prompt change is a commit. Tags mark production versions. Branches for experiments.
A/B test — Deploy multiple variants simultaneously, route traffic by percentage, collect metrics per variant.
Promote winners — Evaluate via automated harness or human review, promote winning variant to production tag.

Core Capabilities

| Domain | Technologies | Notes | |--------|-------------|-------| | Template Format | YAML + Jinja2, Handlebars, Mustache | YAML frontmatter for metadata, body for template | | Version Control | Git tags, branches, semantic versioning | v1.2.0 tags for production, branches for experiments | | A/B Testing | Feature flags (LaunchDarkly, Unleash, custom) | Percentage-based routing with metrics collection | | Registry | File-based, PostgreSQL, Redis | Central lookup for template resolution at runtime | | Evaluation | LLM-as-judge, human eval, RAGAS | Automated comparison of variant outputs | | Rendering | Jinja2 (Python), Handlebars (JS), custom | Variable interpolation with type validation |

Architecture Patterns

Pattern 1: File-Based Prompt Registry

prompts/
├── customer-support/
│   ├── ticket-classifier.yaml      # Active production template
│   ├── ticket-classifier.v2.yaml   # Experiment variant
│   └── response-generator.yaml
├── content/
│   ├── blog-outline.yaml
│   └── social-post.yaml
└── _shared/
    ├── system-safety.yaml          # Reusable system prompt fragments
    └── output-format-json.yaml

# prompts/customer-support/ticket-classifier.yaml
name: ticket-classifier
version: "1.3.0"
model: claude-sonnet-4-20250514
temperature: 0
description: Classify support tickets into categories
variables:
  - name: ticket_text
    type: string
    required: true
  - name: categories
    type: list
    default: [billing, technical, account, other]
includes:
  - _shared/output-format-json.yaml

template: |
  You are a support ticket classifier.

  Classify the following ticket into exactly one category.
  Categories: {{categories | join(", ")}}

  Ticket:
  {{ticket_text}}

  {{> output-format-json}}

tests:
  - input: { ticket_text: "I can't log in to my account" }
    expected_category: "account"
  - input: { ticket_text: "You charged me twice" }
    expected_category: "billing"

Pattern 2: A/B Testing Pipeline

Request ──→ [Router] ──→ Variant A (control, 80%) ──→ [LLM] ──→ Response + Log
                │                                                      │
                └──→ Variant B (experiment, 20%) ──→ [LLM] ──→ Response + Log
                                                                       │
                                                                       ▼
                                                              [Metrics Store]
                                                              - latency
                                                              - token count
                                                              - quality score
                                                              - user feedback
                                                                       │
                                                                       ▼
                                                              [Evaluation]
                                                              Winner → promote to 100%

# A/B routing with metrics
import random, time

class PromptRouter:
    def __init__(self, registry, metrics):
        self.registry = registry
        self.metrics = metrics

    def resolve(self, template_name: str, user_id: str) -> dict:
        variants = self.registry.get_variants(template_name)
        # Deterministic assignment by user_id for consistency
        bucket = hash(f"{user_id}:{template_name}") % 100
        for variant in variants:
            if bucket < variant["traffic_pct"]:
                self.metrics.log("variant_assigned", {
                    "template": template_name,
                    "variant": variant["version"],
                    "user_id": user_id
                })
                return variant
            bucket -= variant["traffic_pct"]
        return variants[0]  # Default to control

Pattern 3: Prompt Composition with Includes

System Prompt = [safety-preamble] + [role-definition] + [output-format]
User Prompt   = [context-injection] + [user-query] + [constraints]

Compose from reusable fragments:
  _shared/safety-preamble.yaml  ──→ "You must not generate harmful content..."
  _shared/json-output.yaml     ──→ "Respond with valid JSON matching this schema..."
  domain/role.yaml              ──→ "You are an expert in {{domain}}..."

Final prompt = render(compose([safety, role, output]), variables)

Anti-Patterns

Prompts hardcoded in application code — Changing a prompt requires a code deploy. Store prompts externally with hot-reload capability.
No version tracking — "Which prompt was running when quality dropped last Tuesday?" Without versions tied to timestamps, this is unanswerable.
A/B testing without statistical significance — Declaring a winner after 50 requests is noise. Require minimum sample sizes (typically 200+ per variant) and p-value thresholds.
Monolithic mega-prompts — A 3,000-token prompt that handles every case is fragile. Compose from reusable fragments so changes are isolated.
No rollback plan — Every prompt version must be instantly rollbackable by re-tagging the previous version as production.

Quality Checklist

[ ] Prompts stored as files with YAML metadata (not hardcoded in application code)
[ ] Variables parameterized with types and validation (required, default, enum)
[ ] Each prompt has inline test cases for regression testing
[ ] Git tags mark production versions (semantic versioning: major.minor.patch)
[ ] A/B test routing is deterministic per user (no flickering between variants)
[ ] Minimum sample size enforced before declaring A/B test winners
[ ] Metrics collected per variant: latency, tokens, quality score, user feedback
[ ] Reusable fragments extracted to _shared/ for composition
[ ] Rollback possible in under 1 minute (re-tag or config flip)
[ ] Prompt rendering tested: all variables substituted, no raw {{placeholders}} in output

curiositech/prompt-template-manager

skills/prompt-template-manager/SKILL.md

Version-control, parameterize, and A/B test LLM prompt templates with Git-native workflows. Activate on: prompt versioning, prompt templates, A/B test prompts, manage prompts, prompt registry. NOT for: writing prompts from scratch (prompt-engineer), fine-tuning data (fine-tuning-dataset-curator).

testing

Updated Apr 4, 2026

$ install --global

skillsauth

npx skillsauth add curiositech/windags-skills prompt-template-manager

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 4, 2026, 2:21 PM111.0s1 file scanned

SKILL.md

license:: Apache-2.0
name:: prompt-template-manager
description:: Version-control, parameterize, and A/B test LLM prompt templates with Git-native workflows. Activate on: prompt versioning, prompt templates, A/B test prompts, manage prompts, prompt registry. NOT for: writing prompts from scratch (prompt-engineer), fine-tuning data (fine-tuning-dataset-curator).
allowed-tools:: Read,Write,Edit,Bash(python:*,pip:*,npm:*,npx:*)
category:: AI & Machine Learning
- skill:: llm-cost-optimizer
reason:: Template compression and model routing reduce per-prompt cost

Prompt Template Manager

Version-control, parameterize, and A/B test LLM prompt templates using Git-native workflows and structured registries.

Activation Triggers

Activate on: "prompt versioning", "prompt template", "A/B test prompts", "prompt registry", "manage prompt variants", "prompt as code", "parameterized prompts", "prompt lifecycle"

NOT for: Writing or optimizing individual prompts (prompt-engineer), fine-tuning dataset preparation (fine-tuning-dataset-curator), or LLM application architecture (ai-engineer)

Quick Start

Structure prompts as files — Store each prompt template in prompts/{domain}/{name}.yaml with metadata, variables, and versioned content.
Parameterize with variables — Use {{variable}} placeholders for dynamic content; separate static instruction from dynamic context.
Version with Git — Each prompt change is a commit. Tags mark production versions. Branches for experiments.
A/B test — Deploy multiple variants simultaneously, route traffic by percentage, collect metrics per variant.
Promote winners — Evaluate via automated harness or human review, promote winning variant to production tag.

Core Capabilities

Architecture Patterns

Pattern 1: File-Based Prompt Registry

prompts/
├── customer-support/
│   ├── ticket-classifier.yaml      # Active production template
│   ├── ticket-classifier.v2.yaml   # Experiment variant
│   └── response-generator.yaml
├── content/
│   ├── blog-outline.yaml
│   └── social-post.yaml
└── _shared/
    ├── system-safety.yaml          # Reusable system prompt fragments
    └── output-format-json.yaml

# prompts/customer-support/ticket-classifier.yaml
name: ticket-classifier
version: "1.3.0"
model: claude-sonnet-4-20250514
temperature: 0
description: Classify support tickets into categories
variables:
  - name: ticket_text
    type: string
    required: true
  - name: categories
    type: list
    default: [billing, technical, account, other]
includes:
  - _shared/output-format-json.yaml

template: |
  You are a support ticket classifier.

  Classify the following ticket into exactly one category.
  Categories: {{categories | join(", ")}}

  Ticket:
  {{ticket_text}}

  {{> output-format-json}}

tests:
  - input: { ticket_text: "I can't log in to my account" }
    expected_category: "account"
  - input: { ticket_text: "You charged me twice" }
    expected_category: "billing"

Pattern 2: A/B Testing Pipeline

Request ──→ [Router] ──→ Variant A (control, 80%) ──→ [LLM] ──→ Response + Log
                │                                                      │
                └──→ Variant B (experiment, 20%) ──→ [LLM] ──→ Response + Log
                                                                       │
                                                                       ▼
                                                              [Metrics Store]
                                                              - latency
                                                              - token count
                                                              - quality score
                                                              - user feedback
                                                                       │
                                                                       ▼
                                                              [Evaluation]
                                                              Winner → promote to 100%

# A/B routing with metrics
import random, time

class PromptRouter:
    def __init__(self, registry, metrics):
        self.registry = registry
        self.metrics = metrics

    def resolve(self, template_name: str, user_id: str) -> dict:
        variants = self.registry.get_variants(template_name)
        # Deterministic assignment by user_id for consistency
        bucket = hash(f"{user_id}:{template_name}") % 100
        for variant in variants:
            if bucket < variant["traffic_pct"]:
                self.metrics.log("variant_assigned", {
                    "template": template_name,
                    "variant": variant["version"],
                    "user_id": user_id
                })
                return variant
            bucket -= variant["traffic_pct"]
        return variants[0]  # Default to control

Pattern 3: Prompt Composition with Includes

System Prompt = [safety-preamble] + [role-definition] + [output-format]
User Prompt   = [context-injection] + [user-query] + [constraints]

Compose from reusable fragments:
  _shared/safety-preamble.yaml  ──→ "You must not generate harmful content..."
  _shared/json-output.yaml     ──→ "Respond with valid JSON matching this schema..."
  domain/role.yaml              ──→ "You are an expert in {{domain}}..."

Final prompt = render(compose([safety, role, output]), variables)

Anti-Patterns

Prompts hardcoded in application code — Changing a prompt requires a code deploy. Store prompts externally with hot-reload capability.
No version tracking — "Which prompt was running when quality dropped last Tuesday?" Without versions tied to timestamps, this is unanswerable.
A/B testing without statistical significance — Declaring a winner after 50 requests is noise. Require minimum sample sizes (typically 200+ per variant) and p-value thresholds.
Monolithic mega-prompts — A 3,000-token prompt that handles every case is fragile. Compose from reusable fragments so changes are isolated.
No rollback plan — Every prompt version must be instantly rollbackable by re-tagging the previous version as production.

Quality Checklist

[ ] Prompts stored as files with YAML metadata (not hardcoded in application code)
[ ] Variables parameterized with types and validation (required, default, enum)
[ ] Each prompt has inline test cases for regression testing
[ ] Git tags mark production versions (semantic versioning: major.minor.patch)
[ ] A/B test routing is deterministic per user (no flickering between variants)
[ ] Minimum sample size enforced before declaring A/B test winners
[ ] Metrics collected per variant: latency, tokens, quality score, user feedback
[ ] Reusable fragments extracted to _shared/ for composition
[ ] Rollback possible in under 1 minute (re-tag or config flip)
[ ] Prompt rendering tested: all variables substituted, no raw {{placeholders}} in output

Related Skills

curiositech/circuit-breakers-and-retries

tools

VerifiedTrustedCommunity

Building resilient distributed systems with circuit breakers, retries with full-jitter exponential backoff, retry budgets (per-request 3-attempt + per-client 10% ratio per Google SRE), deadline propagation, and the cascading-failure math (4 layers × 3 retries = 64x amplification). Grounded in Resilience4j, Microsoft Cloud Patterns, AWS Architecture Blog (Marc Brooker), and Google SRE Book.

4SKILL.mdUpdated May 6, 2026

curiositech/circuit-breakers-and-retries

curiositech/cdn-cache-control-headers

testing

VerifiedTrustedCommunity

Designing HTTP cache headers that work correctly across browsers, CDNs, and shared proxies — `Cache-Control` directives per RFC 9111, `stale-while-revalidate` and `stale-if-error` per RFC 5861, the Vary header for varying responses, and surrogate keys for tag-based purging. Grounded in IETF RFCs and Cloudflare/Fastly docs.

4SKILL.mdUpdated May 5, 2026

curiositech/cdn-cache-control-headers

curiositech/content-security-policy-headers

development

VerifiedTrustedCommunity

Use when designing or fixing a Content Security Policy on a real site, choosing between nonce-based and hash-based CSP, adding strict-dynamic, debugging "Refused to execute inline script" errors, deploying CSP in report-only mode first, configuring report-to / report-uri, or auditing an existing policy for unsafe-inline / unsafe-eval / wildcards. Triggers: "CSP blocks legitimate inline script", strict-dynamic, nonce-{RANDOM}, sha256-{HASH}, object-src none, base-uri none, frame-ancestors, Trusted Types, X-Content-Security-Policy obsolete, report-only vs enforced. NOT for general HTTP security headers (HSTS, COOP/COEP), Trusted Types deep dive, CORS configuration, or building a WAF.

3SKILL.mdUpdated May 4, 2026

curiositech/content-security-policy-headers

curiositech/api-versioning-strategy

tools

VerifiedTrustedCommunity

Choosing and operating an HTTP API versioning strategy that doesn't break clients — Stripe's date-based pinned versions, the Deprecation/Sunset header pair (RFC 9745 + RFC 8594), URI vs header vs media-type approaches, and the version-transformer pattern. Grounded in Stripe's published architecture and IETF RFCs.

3SKILL.mdUpdated May 4, 2026

curiositech/api-versioning-strategy

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/curiositech/windags-skills.git

# Copy into Claude Code skills folder (global)
cp -r windags-skills/skills/prompt-template-manager ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

curiositech/windags-skills

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT