natsukium/ast-grep
modules/home/coding-agents/common/skills/ast-grep/SKILL.md
AST-based code search and transformation tool using tree-sitter. Use for structural pattern matching, refactoring deprecated APIs, detecting anti-patterns, migrating code between library versions, and enforcing coding standards.
$ install --global
skillsauthnpx skillsauth add natsukium/dotfiles ast-grepInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 8:40 AM4.3s1 file scanned
SKILL.md
- name:
- ast-grep
- description:
- AST-based code search and transformation tool using tree-sitter. Use for structural pattern matching, refactoring deprecated APIs, detecting anti-patterns, migrating code between library versions, and enforcing coding standards.
ast-grep - AST-based Code Search and Transformation
ast-grep is an AST-based tool for searching, linting, and refactoring code across multiple languages. It uses tree-sitter to parse code into Abstract Syntax Trees, enabling precise structural pattern matching.
Key Pattern Syntax
$META- Matches a single AST node (e.g.,$VAR,$FUNC,$ARG)$$$- Matches zero or more AST nodes (useful for function arguments, statements)$_- Non-capturing metavariable (matches but doesn't capture)- Patterns must be syntactically valid code in the target language
Triggers
AST pattern, structural search, code refactoring, find anti-patterns, migrate code, console.log, deprecated API, function definition, class search, method signature, unused variables, security vulnerabilities, code transformation, pattern matching
When to Use
- Finding specific code patterns across large codebases
- Refactoring code (replacing deprecated APIs, updating syntax)
- Detecting anti-patterns or potential bugs
- Migrating between library versions
- Enforcing coding standards
- Interactive code rewriting
Examples
<examples> <example> <user>I need to find all React components using useState</user> <agent>I'll find useState usage in React components: `ast-grep --pattern 'const [$STATE, $SETTER] = useState($$$)'`</agent> </example> <example> <user>Replace && chains with optional chaining for null checks</user> <agent>I'll modernize null checks to optional chaining: `ast-grep --pattern '$OBJ && $OBJ.$PROP' --rewrite '$OBJ?.$PROP' --interactive`</agent> </example> <example> <user>Find async functions that don't have error handling</user> <agent>I'll search for async functions without try-catch: `ast-grep --pattern 'async function $NAME($$$PARAMS) { $$$BODY }' | grep -v try`</agent> </example> <example> <user>Find all TypeScript interfaces</user> <agent>I'll search for TypeScript interfaces: `ast-grep --pattern 'interface $NAME { $$$BODY }' --lang ts`</agent> </example> <example> <user>I want to find potential null pointer exceptions</user> <agent>I'll search for property access without null checks: `ast-grep --pattern '$VAR.$PROP' --filter 'not match { $VAR?.$PROP }'`</agent> </example> </examples>Related Skills
natsukium/wayland-gui-debug
development
VerifiedTrustedCommunity
Verify a rendering or window-chrome change in a GUI app unattended on Linux/Wayland under the niri compositor — enumerate windows and read output scale via niri msg --json, capture a specific window to a file with niri msg action screenshot-window --id, and probe exact pixel RGBA with ImageMagick. Use for layout/glyph/color/HiDPI rendering bugs where a screenshot or pixel value is the ground truth. For macOS use macos-gui-debug instead.
101SKILL.mdUpdated Jun 10, 2026
natsukium/macos-gui-debug
development
VerifiedTrustedCommunity
Verify a rendering or window-chrome change in any macOS GUI app unattended — find its CGWindowID via JXA, capture that window alone (with per-pixel alpha) using screencapture -l, and read exact RGBA via NSBitmapImageRep. Use for blur/opacity/corner-radius/glyph/color rendering bugs where a screenshot or pixel value is the ground truth. No Python and no Accessibility permission needed; for Linux/Wayland use wayland-gui-debug instead.
101SKILL.mdUpdated Jun 10, 2026
natsukium/ghq
development
VerifiedTrustedCommunity
Clone and reuse GitHub/GitLab repositories under a single managed root (`ghq root`) instead of fetching files one-by-one via `gh api`/`WebFetch` or scratch-cloning into `/tmp`. Use this skill whenever investigating, reading, grepping, or referencing source code from any remote repository — even for a single file. Triggers include "look at X's source", "how does X implement Y", "check the X repo", "find Z in nixpkgs/react/linux/etc.", or any moment a remote repo URL appears and you need to read more than one file from it. Skip only for one-shot GitHub API operations that have no source code in them (PR comments, issue bodies, workflow runs — those belong to the `gh` skill).
100SKILL.mdUpdated Apr 17, 2026
natsukium/gh
tools
VerifiedTrustedCommunity
GitHub CLI for pull requests, issues, releases, workflows, and repository operations. Use for creating PRs, managing issues, viewing repository information, and accessing GitHub URLs.
99SKILL.mdUpdated Apr 17, 2026