kanopi/teamwork-exporter
skills/teamwork-exporter/SKILL.md
Automatically export audit findings, security issues, performance problems, or accessibility violations to Teamwork tasks when other agents complete their analysis. Converts technical findings into actionable project management tasks with appropriate priorities and templates. Invoke when audit agents finish reports, user says "export to Teamwork", or findings need project tracking.
$ install --global
skillsauthnpx skillsauth add kanopi/cms-cultivator teamwork-exporterInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 15, 2026, 7:44 AM331.1s12 files scanned
SKILL.md
- name:
- teamwork-exporter
- description:
- Automatically export audit findings, security issues, performance problems, or accessibility violations to Teamwork tasks when other agents complete their analysis. Converts technical findings into actionable project management tasks with appropriate priorities and templates. Invoke when audit agents finish reports, user says "export to Teamwork", or findings need project tracking.
Teamwork Exporter Skill
Philosophy
Bridge the gap between technical findings and project execution. Audit reports identify problems; this skill transforms them into tracked, prioritized work items that teams can action.
When to Use This Skill
This skill activates when:
- Audit agents complete their analysis (security, performance, accessibility, quality)
- User says "export to Teamwork", "create tasks from this report"
- Findings need to be tracked in project management
- Technical debt needs to be prioritized and scheduled
Do NOT activate for:
- Single task creation (use
teamwork-task-creatorinstead) - Quick status checks (use
teamwork-integratorinstead) - Manual task updates (the main session has Teamwork MCP — call
mcp__teamwork__twprojects-update_taskdirectly)
Core Responsibilities
1. Parse Audit Reports
Recognize and parse these audit report formats:
Markdown reports:
- Headers indicate finding categories
- Severity levels: Critical, High, Medium, Low
- Code blocks show affected code
- File paths and line numbers
JSON reports:
- Structured data from automated tools
- Severity scores (0-10 or Critical/High/Medium/Low)
- File paths and rules violated
- Remediation suggestions
Common audit types:
- Security audits (OWASP Top 10, CVE findings)
- Performance audits (Core Web Vitals, lighthouse scores)
- Accessibility audits (WCAG violations)
- Code quality audits (complexity, standards violations)
2. Convert Findings to Tasks
Transformation rules:
-
Group related findings
- Same file/component
- Same vulnerability type
- Same fix strategy
-
Create epic for multiple related issues
- If 3+ findings in same category
- Example: "Security Fixes - XSS Vulnerabilities"
-
Individual tasks for each finding
- Clear title: "[Type] in [File/Component]"
- Complete description with context
- Remediation steps
- Testing requirements
-
Set appropriate template
- Security/bugs → Bug Report template
- Performance improvements → Little Task template
- Major refactors → Big Task/Epic template
- Completed work needing validation → QA Handoff template
3. Priority Mapping
Map audit severity to Teamwork priority (Critical→P0, High→P1, Medium→P2, Low→P3, Info→P4).
For complete mapping tables, see Priority Mapping.
4. Template Selection Logic
Select appropriate task template based on finding type (security→bug report, performance→little task, etc.).
For complete selection algorithm, see Template Selection.
Audit Type Handlers
Complete transformation examples for each audit type are available in the audit-handlers directory:
- Security Export - Security scan results to Bug Report tasks
- Performance Export - Performance issues to Little Task templates
- Accessibility Export - WCAG violations to Bug Reports or Little Tasks
- Quality Export - Code quality issues to Little Tasks or Epics
Quick Reference
Security: OWASP/CVE findings → Bug Report tasks with CWE classification Performance: Lighthouse/Core Web Vitals → Little Task for optimizations Accessibility: WCAG violations → Bug Reports (Level A/AA) or Little Tasks Code Quality: Complexity/standards → Little Tasks or Epics for refactors
Batch Export Patterns
Three common patterns for organizing multiple findings: Epic with Sub-Tasks (3+ related findings), Priority Buckets (mixed severity), Component-Based (multiple issues in same component).
For complete patterns and structures, see Batch Patterns.
Dependency Management
Auto-detect blocking relationships (database changes block features, security fixes block deployment, etc.) and link tasks appropriately.
For dependency detection patterns, see Dependency Management.
Integration with Audit Agents
The skill receives findings from four audit specialists (security, performance, accessibility, quality) and converts them to appropriate task templates.
For integration details, see Agent Integration.
Teamwork MCP Tools
Uses Teamwork MCP tools loaded via ToolSearch for task creation, project listing, and milestone/epic creation.
For tool reference, see MCP Tools.
Workflow
1. Receive audit report from specialist agent
└─ Parse format (markdown, JSON, structured data)
2. Analyze findings
└─ Group related issues
└─ Determine priority mapping
└─ Select appropriate templates
3. Decide export strategy
└─ Single task vs. epic with sub-tasks
└─ Identify dependencies
4. Load Teamwork MCP tools via ToolSearch
└─ If epic: create parent first
└─ Create individual tasks
└─ Link dependencies
5. Confirm export
└─ List created tasks with links
└─ Provide summary statistics
└─ Suggest next actions
Output Format
After export, provide comprehensive summary:
## Export Summary
**Audit Type:** Security Scan
**Findings:** 12 issues
**Tasks Created:** 13 (1 epic + 12 sub-tasks)
### Created Tasks
#### Epic
- [SEC-2024: Security Fixes - XSS Vulnerabilities](https://example.teamwork.com/tasks/100)
- Priority: P1 (High)
- Sub-tasks: 12
#### Critical (P0)
- [SEC-101: SQL Injection in User Search](https://example.teamwork.com/tasks/101)
#### High (P1)
- [SEC-102: XSS in User Profile](https://example.teamwork.com/tasks/102)
- [SEC-103: XSS in Comment Form](https://example.teamwork.com/tasks/103)
- [SEC-104: CSRF Missing on Forms](https://example.teamwork.com/tasks/104)
#### Medium (P2)
- 8 additional tasks (see epic for full list)
### Dependencies Configured
- SEC-102, SEC-103, SEC-104 depend on SEC-101 (fix core sanitization first)
### Recommended Actions
1. Start with SEC-101 (critical SQL injection)
2. Then tackle P1 XSS issues in parallel
3. Schedule P2 fixes for next sprint
### Next Steps
- Assign tasks to team members
- Set sprint milestones
- Update team on security priorities
Best Practices
DO:
- ✅ Group related findings into epics
- ✅ Map severity to priority accurately
- ✅ Include complete context (files, lines, code)
- ✅ Provide remediation steps
- ✅ Link dependencies
- ✅ Add testing requirements
DON'T:
- ❌ Create 50+ individual tasks (use epics)
- ❌ Lose critical details in conversion
- ❌ Ignore severity levels
- ❌ Create tasks without remediation guidance
- ❌ Forget to link related tasks
Error Handling
Fallback strategies for MCP server unavailability (provide formatted markdown for manual entry) and ambiguous findings (request clarification).
For detailed error handling patterns, see Error Handling.
References
Complete reference materials available in the templates directory:
- Priority Mapping - Severity to priority conversion tables
- Template Selection - Logic for choosing task templates
- Batch Patterns - Epic creation and task grouping strategies
- Dependency Management - Auto-detecting task dependencies
- Agent Integration - How audit agents pass data to exporter
- MCP Tools - Teamwork MCP tools for export
- Error Handling - Fallback strategies when MCP unavailable
Audit Type Handlers
- Security Export - Security findings to bug reports
- Performance Export - Performance issues to tasks
- Accessibility Export - WCAG violations to bug reports
- Quality Export - Code quality issues to refactoring tasks
Use these references to understand transformation patterns and implementation details.
Related Skills
kanopi/strategist-site-audit
tools
VerifiedTrustedCommunity
Strategist-focused site audit for discovery and pre-discovery. Given a site URL and optional qualitative research data, navigates the site via CoWork, audits against all 21 UX Laws from lawsofux.com, reviews content hierarchy, synthesises qualitative data, runs Lighthouse, and produces two deliverables — a Project Knowledge Summary (Markdown for Claude Desktop Projects) and a polished, iterable HTML Artifact for client sharing. Use when a strategist, UX lead, or PM asks for a discovery audit, UX laws audit, content hierarchy review, pre-discovery site review, "audit this site for strategy", "strategist audit", "UX audit", or pastes a site URL with discovery context. Not for developer audits — use accessibility-audit, performance-audit, or live-site-audit for those.
11SKILL.mdUpdated May 15, 2026
kanopi/story-point-estimator
development
VerifiedTrustedCommunity
Provide story point estimation guidance with hour calculations for software development tasks. Uses Fibonacci sequence (1, 2, 3, 5, 8, 13, 21, 34+) and converts story points to hours. Includes platform-specific adjustments and velocity calculations.
11SKILL.mdUpdated May 15, 2026
kanopi/qa-review
tools
VerifiedTrustedCommunity
Perform a full QA review of a Teamwork task by reading the task and all its comments for context, extracting the multi-dev URL, generating dynamic validation steps tailored to the task type, and using CoWork browser automation to execute those steps on the multi-dev environment. Produces a structured validation report with pass/fail per step, screenshots, internal notes, and a client-facing summary — all shown in chat. Use this skill whenever the user asks to QA, test, validate, or review a Teamwork task or multi-dev environment — even if they just say "can you QA this?" or paste a Teamwork link. Also triggers for phrases like "run QA on", "check the multi-dev", "validate this task", "test the dev link", or "review the ticket". Works across Drupal/CMS updates, WordPress/plugin updates, bug fixes, new feature development, and general web development tasks.
11SKILL.mdUpdated May 15, 2026
kanopi/project-heartbeat
tools
VerifiedTrustedCommunity
Generate a client-facing project heartbeat / status update message for a Kanopi project, ready to be posted as a Teamwork message. Use this skill whenever the user asks to write, draft, generate, or send a project update, heartbeat, status update, or progress report to a client. Also triggers when the user says things like "time for a project update", "draft the heartbeat", "write up the update for [project]", or "it's been two weeks, let's send an update". Always use this skill — even if the user doesn't say "heartbeat" — whenever the intent is to summarise recent project activity for a client audience.
11SKILL.mdUpdated May 15, 2026