Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

go-go-golems/ttmp/_guidelines

Name: ttmp/_guidelines
Author: go-go-golems

ttmp/_guidelines/SKILL.md

npx skillsauth add go-go-golems/workspace-manager ttmp/_guidelines

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Guidelines: Skill Documents

Purpose

Skills are disciplined workflows written as documents (DocType: skill) that teach LLMs (and humans) how to work, not just what exists. A good skill turns “best practice” into a repeatable, enforceable process.

Skills are meant to be discoverable via:

docmgr skill list (filter by topics, file/dir, ticket)
docmgr skill show <query> (load and apply a skill)

Required Elements

Frontmatter contract
- DocType: skill
- Title: Use the convention Skill: <Name> (recommended)
- Topics: Choose topics that match how developers will search (e.g. tdd, debugging, docs)
- WhatFor: 2–5 sentences describing the outcome this workflow ensures
- WhenToUse: Clear trigger conditions (“Use when …”)
Body
- Overview: 2–5 sentences (why it matters; what it enforces)
- When to Use: Concrete triggers + examples
- Process: Step-by-step actions (copy/paste friendly commands where possible)
- Verification: Checklist to prevent “I think I’m done” drift

Best Practices

Be explicit: Use strong modal language (“MUST”, “NEVER”, “STOP”) where appropriate.
Optimize for discovery: Ensure Topics, WhatFor, and WhenToUse contain the words people will actually search for.
Prefer commands over prose: If there’s a canonical command sequence, include it as a bash block.
Make validation unskippable: Add a checklist and expected success criteria (tests/linters/scenario suites).

References

pkg/doc/how-to-write-skills.md — Full guidance on writing and enforcing skills
pkg/doc/using-skills.md — How to discover and load skills via CLI

go-go-golems/ttmp/_guidelines

ttmp/_guidelines/SKILL.md

# Guidelines: Skill Documents ## Purpose Skills are **disciplined workflows** written as documents (`DocType: skill`) that teach LLMs (and humans) *how to work*, not just what exists. A good skill turns “best practice” into a repeatable, enforceable process. Skills are meant to be discoverable via: - `docmgr skill list` (filter by topics, file/dir, ticket) - `docmgr skill show <query>` (load and apply a skill) ## Required Elements - **Frontmatter contract** - `DocType: skill` - `Title`: U

39 stars

development

Updated May 27, 2026

$ install --global

skillsauth

npx skillsauth add go-go-golems/workspace-manager ttmp/_guidelines

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 5, 2026, 1:58 PM10.1s11 files scanned

SKILL.md

Guidelines: Skill Documents

Purpose

Skills are meant to be discoverable via:

docmgr skill list (filter by topics, file/dir, ticket)
docmgr skill show <query> (load and apply a skill)

Required Elements

Frontmatter contract
- DocType: skill
- Title: Use the convention Skill: <Name> (recommended)
- Topics: Choose topics that match how developers will search (e.g. tdd, debugging, docs)
- WhatFor: 2–5 sentences describing the outcome this workflow ensures
- WhenToUse: Clear trigger conditions (“Use when …”)
Body
- Overview: 2–5 sentences (why it matters; what it enforces)
- When to Use: Concrete triggers + examples
- Process: Step-by-step actions (copy/paste friendly commands where possible)
- Verification: Checklist to prevent “I think I’m done” drift

Best Practices

Be explicit: Use strong modal language (“MUST”, “NEVER”, “STOP”) where appropriate.
Optimize for discovery: Ensure Topics, WhatFor, and WhenToUse contain the words people will actually search for.
Prefer commands over prose: If there’s a canonical command sequence, include it as a bash block.
Make validation unskippable: Add a checklist and expected success criteria (tests/linters/scenario suites).

References

pkg/doc/how-to-write-skills.md — Full guidance on writing and enforcing skills
pkg/doc/using-skills.md — How to discover and load skills via CLI

Related Skills

go-go-golems/ttmp/_templates

documentation

VerifiedTrustedCommunity

--- Title: {{TITLE}} Ticket: {{TICKET}} Status: draft Topics: {{TOPICS}} DocType: skill Intent: long-term Owners: {{OWNERS}} RelatedFiles: [] ExternalSources: [] Summary: > {{SUMMARY}} LastUpdated: {{DATE}} WhatFor: >  WhenToUse: >  --- # {{TITLE}} ## Overview  ## When to Use

39SKILL.mdUpdated May 27, 2026

go-go-golems/ttmp/_templates

openclaw/openclaw-secret-scanning-maintainer

development

VerifiedTrustedCommunity

Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.

357,764SKILL.mdUpdated Apr 15, 2026

openclaw/openclaw-secret-scanning-maintainer

openclaw/openclaw-release-maintainer

development

VerifiedTrustedCommunity

Maintainer workflow for OpenClaw releases, prereleases, changelog release notes, and publish validation. Use when Codex needs to prepare or verify stable or beta release steps, align version naming, assemble release notes, check release auth requirements, or validate publish-time commands and artifacts.

357,764SKILL.mdUpdated Apr 10, 2026

openclaw/openclaw-release-maintainer

openclaw/openclaw-qa-testing

development

VerifiedTrustedCommunity

Run, watch, debug, and extend OpenClaw QA testing with qa-lab and qa-channel. Use when Codex needs to execute the repo-backed QA suite, inspect live QA artifacts, debug failing scenarios, add new QA scenarios, or explain the OpenClaw QA workflow. Prefer the live OpenAI lane with regular openai/gpt-5.4 in fast mode; do not use gpt-5.4-pro or gpt-5.4-mini unless the user explicitly overrides that policy.

357,764SKILL.mdUpdated Apr 10, 2026

openclaw/openclaw-qa-testing

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/go-go-golems/workspace-manager.git

# Copy into Claude Code skills folder (global)
cp -r workspace-manager/ttmp/_guidelines ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

go-go-golems/workspace-manager

39 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT