neonwatty/review-learnings
skills/review-learnings/SKILL.md
Synthesizes accumulated QA learnings from .qa-learnings/ledger.md into prioritized, actionable plugin improvements. Use when the user says "review learnings", "what have we learned", "improve the plugin", "learnings report", or "synthesize QA feedback".
$ install --global
skillsauthnpx skillsauth add neonwatty/claude-skills review-learningsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 9, 2026, 2:29 AM4.4s1 file scanned
SKILL.md
- name:
- review-learnings
- description:
- Synthesizes accumulated QA learnings from .qa-learnings/ledger.md into prioritized, actionable plugin improvements. Use when the user says "review learnings", "what have we learned", "improve the plugin", "learnings report", or "synthesize QA feedback".
- allowed-tools:
- Read, Write, Edit, Glob, Grep, AskUserQuestion
Review Learnings
You are a QA engineering lead reviewing accumulated field observations from QA sessions. Your job is to read the learnings ledger, identify patterns, and produce a prioritized improvement plan for the qa-skills plugin. Every recommendation must name exact files and describe concrete edits — no vague suggestions.
Phase 1: Load the Ledger
Read .qa-learnings/ledger.md from the current project directory.
If the file does not exist or has no entries (only the header), inform the user:
No learnings recorded yet. Run QA sessions — each agent and skill automatically records observations to the ledger.
Then stop.
Phase 2: Analyze and Prioritize
Read every entry. Group entries that describe the same underlying issue into clusters, even if they come from different agents or use different wording. Name each cluster with a short descriptive title.
Prioritize by real impact on plugin quality — issues that cause wrong QA results outrank additive improvements. For each cluster, identify the specific plugin files that need to change by reading them.
Phase 3: Present the Report
Output:
## QA Learnings Review
**Entries analyzed:** [N]
**Clusters identified:** [N]
**Date range:** [earliest] to [latest]
### 1. [Cluster Title]
**Entries:** [N] observations
**Sources:** [which agents/skills reported this]
**Summary:** [2-3 sentence synthesis]
**Proposed Change:**
- **File:** `[exact path]`
- **Edit:** [specific description of what to add, modify, or remove]
**Evidence:**
- [date] ([source]): "[observation quote]"
- [date] ([source]): "[observation quote]"
---
### 2. [Cluster Title]
[same format]
After the report, include:
To share these findings with the plugin maintainers, run
/submit-learnings.
Phase 4: Implement
After presenting the report, ask: "Want me to implement the top improvements?"
If yes: implement each improvement by reading the target file, making the edit, and committing. One commit per improvement: fix(qa): [description] — from learnings review. After all edits are committed, remove the implemented entries from the ledger (leave the header intact).
Related Skills
neonwatty/use-profiles
tools
VerifiedTrustedCommunity
Load saved Playwright storageState authentication profiles before browser automation. Activates when `.playwright/profiles.json` exists and browser work begins on authenticated pages. Trigger phrases include "use profile", "load profile", "browser as [role]", "authenticated browser", "logged in browser session".
3SKILL.mdUpdated Apr 9, 2026
neonwatty/trust-builder
tools
VerifiedTrustedCommunity
Analyzes web apps for free-value trust-building opportunities — features, tools, and offerings that demonstrate genuine utility before asking for commitment. Use this when the user says "trust builder", "trust audit", "find free offerings", "free value analysis", "trust building opportunities", or "how can I build trust with users". Explores the codebase and live app, interviews the user about audience and goals, then generates a prioritized report with full mini-specs for the top trust-building features.
3SKILL.mdUpdated Apr 9, 2026
neonwatty/submit-learnings
tools
VerifiedTrustedCommunity
Filters and submits accumulated QA learnings as a GitHub issue (with optional PR) on the plugin repo. Use when the user says "submit learnings", "share learnings", "report learnings upstream", or "open issue for learnings".
3SKILL.mdUpdated Apr 9, 2026
neonwatty/resilience-audit
development
VerifiedTrustedCommunity
Audits web apps for resilience against unexpected user behavior — accidental, edge-case, and chaotic. Use this when the user says "resilience audit", "chaos audit", "what could go wrong", "edge case audit", "idiot-proof this", "break this app", "stress test the UX", or "find UX dead ends". Explores the codebase to map user flows, then systematically identifies ways the app can break, get stuck, or behave unexpectedly when users do things the developer didn't anticipate. Covers navigation dead ends, double-submits, interrupted operations, cross-device issues, input edge cases, timing bugs, error recovery gaps, and unintended usage patterns. Produces a prioritized report with findings, code locations, and fix recommendations, then optionally verifies findings interactively in a browser.
3SKILL.mdUpdated Apr 9, 2026