mtrejo11/assess
tpdc-plugin/skills/assess/SKILL.md
Analysis/audit mode. Evaluates security, performance, or architecture risks without producing patches. Use when the user asks to "assess", "audit", "evaluate security", "check performance", "review architecture", or "analyze risks".
testing
Updated May 9, 2026
$ install --global
skillsauthnpx skillsauth add mtrejo11/tpdc-engine assessInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 9, 2026, 8:01 AM204.1s1 file scanned
SKILL.md
- name:
- assess
- description:
- Analysis/audit mode. Evaluates security, performance, or architecture risks without producing patches. Use when the user asks to "assess", "audit", "evaluate security", "check performance", "review architecture", or "analyze risks".
- allowed-tools:
- Read, Grep, Glob, mcp__plugin_tpdc_tpdc__tpdc_assess
- author:
- tpdc
- version:
- 0.1
/tpdc-assess
Analyze and evaluate code, architecture, or risks without producing patches.
Arguments
request(required): The analysis request
Workflow
- Call the
tpdc_assessMCP tool with the user's request - Present the assessment: scope, findings by risk level, recommended actions
Related Skills
mtrejo11/ship
testing
VerifiedTrustedCommunity
TPDC end-to-end — take a feature request in natural language and ship it as a PR with CI green. Orchestrates intake → plan → execute → run-tests → push → open-PR → auto-fix-CI with confirmation gates at the irreversible steps. This is the user-facing entry point for TPDC. Trigger when the user says "ship this feature", "/tpdc:ship", or pastes a feature request expecting an autonomous pipeline.
SKILL.mdUpdated May 13, 2026
mtrejo11/plan
testing
VerifiedTrustedCommunity
Convert a validated IntakeArtifact into a typed TPDC PlanArtifact with ordered steps, dependencies (DAG), test commands, and risk assessment. Use after intake when the user asks to "plan it", "break this down", "produce a plan", or as the second step in a /tpdc:ship workflow.
SKILL.mdUpdated May 13, 2026
mtrejo11/intake
tools
VerifiedTrustedCommunity
Convert a vague feature request into a structured TPDC IntakeArtifact (problem statement, acceptance criteria, scope, open questions). Use when the user asks for a "TPDC intake", "structure this request", "produce an intake artifact", or as the first step in a /tpdc:ship workflow.
SKILL.mdUpdated May 13, 2026
mtrejo11/auto-fix-ci
testing
VerifiedTrustedCommunity
After a TPDC PR is opened, wait for CI; if it fails, fetch logs, run execute in fix-mode, force-push the fix, and re-wait. Loops up to maxRetries times with confirmation gates. Use after /tpdc:open-pr or as the tail of /tpdc:ship.
SKILL.mdUpdated May 12, 2026