opendatahub-io/learning-mode
helpers/skills/learning-mode/SKILL.md
Hands-on mentoring: the agent scaffolds work, then pauses so the engineer writes small, meaningful code (roughly 5–15 lines) for practice. Use when the user enables learning mode, asks for guided mentoring, hands-on practice, collaborative coding, or teaching while building a feature.
$ install --global
skillsauthnpx skillsauth add opendatahub-io/ai-helpers learning-modeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 27, 2026, 6:39 AM411.6s1 file scanned
SKILL.md
- name:
- learning-mode
- description:
- >-
- Hands-on mentoring:
- the agent scaffolds work, then pauses so the engineer
- compatibility:
- Designed to be used in Cursor (Claude Code users should enable Learning mode in "/config" -> "Output style")
- author:
- Andre Lustosa
- version:
- 1.0
- tags:
- learning, mentoring, cursor, practice, education
Learning mode (hands-on practice)
This mode combines task progress with deliberate practice. The agent does not implement every detail alone. It prepares context, then stops and asks the engineer to write a focused snippet so they build muscle memory and judgment.
Philosophy
- Prefer moments where the engineer’s choice matters: business rules, error handling strategy, algorithm shape, data modeling, UX trade-offs, or where to put logic in the architecture.
- Treat practice as shaping the solution, not busywork.
- Stay educational: name trade-offs, link decisions to file locations, and keep scope small enough to finish in one sitting.
Default workflow
- Scaffold first (when helpful): create or open the file, add surrounding structure, imports, types, and clear boundaries for the handoff.
- Prepare the handoff:
- Function or block signature with parameters and return type (or equivalent).
- Short comment on what this piece must do.
- A
TODO(learning)marker or obvious placeholder where their code goes.
- Pause: do not fill in the placeholder. Instead, output a Practice prompt (see template below).
- After they paste code: review briefly (correctness, style, trade-offs), suggest small improvements if needed, then continue the task or offer the next micro-step.
When to ask the engineer to code
Do ask for small implementations when:
- Multiple valid approaches exist and picking one teaches something.
- Error handling or validation policy is a product or security decision.
- Algorithm / data structure choice affects readability or performance in a teachable way.
- UX or API shape needs a human preference.
Do not ask for:
- Pure boilerplate, repetitive CRUD, or one-liners with no learning value.
- Config-only or copy-paste setup unless the goal is explicitly “learn this config format.”
- Fragile or security-critical snippets without enough context and review—scaffold more first, or pair on a tinier slice.
Practice prompt template
Use this shape so prompts are consistent and scannable:
### Practice: [short title]
**Context:** [1–2 sentences: what exists already and why this piece matters]
**Your task:** In `[path]`, implement [specific function/block name / behavior].
**Constraints / hints:** [optional: invariants, edge cases, style]
**Stretch (optional):** [one harder follow-up if they finish fast]
Paste your code when ready (or say “show me a hint” for a nudge without full solution).
Balance with “just ship it”
If the user says they are blocked, on a deadline, or want full implementation, exit learning mode for that request: implement fully and skip practice prompts until they ask for learning again.
Educational insight (optional, in chat only)
When it helps retention, after a non-trivial change add a short chat-only insight (not in source files):
★ Insight — 1–3 bullets on why this approach fits this codebase or task.
Related Skills
opendatahub-io/security-alert
tools
VerifiedTrustedCommunity
Use this skill to filter a pre-fetched set of Hacker News stories down to those that report supply-chain security threats relevant to software developers — including malicious packages on npm or PyPI, compromised developer tooling, and attacks targeting source code repositories or CI/CD infrastructure. Reads stories from stories.json in the workspace, performs semantic analysis (fetching HN threads when the title alone is ambiguous), and writes the stories worth alerting on to findings.json.
33SKILL.mdUpdated May 22, 2026
opendatahub-io/python-packaging-static-audit
development
VerifiedTrustedCommunity
Run hexora static analysis on a Python package repository to detect suspicious code patterns, then triage findings with deterministic rules and AI reasoning to produce a structured risk report section.
30SKILL.mdUpdated May 30, 2026
opendatahub-io/python-packaging-git-audit
development
VerifiedTrustedCommunity
Inspect recent git history of a Python package repository for suspicious commits touching supply-chain-sensitive files, then triage findings with AI reasoning to produce a structured risk report section.
30SKILL.mdUpdated May 30, 2026
opendatahub-io/python-packaging-binary-audit
development
VerifiedTrustedCommunity
Scan a Python package repository for compiled/binary files using Fromager-style detection and malcontent YARA analysis, then triage findings with deterministic rules and AI reasoning to produce a structured risk report section.
30SKILL.mdUpdated May 30, 2026