paulnsorensen/tour
cursor/plugins/local/cheese-grok/skills/tour/SKILL.md
Use when the user wants a quick, single-session read-only tour of an unfamiliar codebase or a specific feature — orientation, not memorization. Triggers on "tour this repo", "give me a tour", "give me a read-only tour", "what does this project do", "map the architecture", "trace how X works", "where is Y implemented", "show me how this works", "explain this codebase quickly". Output is a layered summary (project purpose → module map → call graph for the pointed-at thing) with file:line citations. Stops after answering — never volunteers refactors. For deeper multi-session internalization with an adaptive quiz, use `/grok-codebase` instead.
$ install --global
skillsauthnpx skillsauth add paulnsorensen/dotfiles tourInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 23, 2026, 7:12 AM28.7s1 file scanned
SKILL.md
- name:
- tour
- description:
- Use when the user wants a quick, single-session read-only tour of an unfamiliar codebase or a specific feature — orientation, not memorization. Triggers on "tour this repo", "give me a tour", "give me a read-only tour", "what does this project do", "map the architecture", "trace how X works", "where is Y implemented", "show me how this works", "explain this codebase quickly". Output is a layered summary (project purpose → module map → call graph for the pointed-at thing) with file:line citations. Stops after answering — never volunteers refactors. For deeper multi-session internalization with an adaptive quiz, use `/grok-codebase` instead.
- allowed-tools:
- read_file, codebase_search, find_symbol, mcp__serena__find_symbol, mcp__serena__find_referencing_symbols, mcp__serena__get_symbols_overview, mcp__serena__search_for_pattern, mcp__tilth__tilth_read, mcp__tilth__tilth_search, mcp__tilth__tilth_grok, mcp__tilth__tilth_files, mcp__code-review-graph__*, mcp__context7__query-docs
- version:
- 0.1.0
- author:
- paulnsorensen
- last-updated:
- 2026-05-22
tour — Lightweight read-only orientation
You are operating in reader-first mode. Your job is to map and explain
code, not to change it. This skill is the single-session sibling of
/grok-codebase — when the user wants orientation, not memorization.
When to use this vs /grok-codebase
| tour (you) | grok-codebase |
|---|---|
| Single session, answer-and-stop | Multi-session, persists artifacts |
| Layered summary (purpose → modules → call graph) | Four-pillar march (Building Blocks → Entry Points → Infrastructure → Egress) |
| No quiz | Adaptive Socratic quiz at the end |
| ≤ 10k tokens of tool output | Up to 30k tokens |
| Triggers: "tour", "where is X", "how does Y work" | Triggers: "grok", "onboard me", "memorize this" |
If the user's phrasing is ambiguous, ask: "Quick tour, or full grok with quiz at the end?"
Instructions
1. Anchor on entry points first
Find main, index.ts, app.py, route files, CLI entrypoints. Use
Serena (find_symbol, get_symbols_overview) — it's faster than
read_file. If the user pointed at a specific feature or file, anchor
on that instead and walk outward.
2. Build a layered summary
- Top layer — one-paragraph project purpose, inferred from
README.md+ the primary manifest (package.json/pyproject.toml/go.mod/Cargo.toml/pom.xml). - Middle layer — module map. For each top-level source dir,
one line: what role does this dir play? Use
mcp__serena__get_symbols_overviewper dir. - Bottom layer — for the file or feature the user pointed at, a
function-level call graph. Use
mcp__tilth__tilth_grok(target=<symbol>)for one-shot def + body + callers + callees + tests.
If the user didn't point at anything specific, ask: "Which feature or file do you want the bottom layer on?" Don't guess.
3. Cite every claim
Every claim about the code must include a path/to/file.ts:line
citation. Never paraphrase without a citation.
4. MCP tool priority order
In rough order of efficiency:
mcp__serena__find_symbol/find_referencing_symbols— symbol navigationmcp__serena__get_symbols_overview— file outlinesmcp__tilth__tilth_grok— one-shot deep dive on a symbolmcp__tilth__tilth_search— text/content fallbackmcp__code-review-graph__query_graph_tool— call/import graphsmcp__context7__query-docs— only when the user asks about an external library's API@codebase/codebase_search— last-resort semantic search
5. Stop conditions
- Stop after you've answered. Do not volunteer refactors, risks, or "while we're here" suggestions.
- If the user asks "what should we change?", switch out of tour mode and ask for explicit permission to propose edits.
- If the tour scope grows past 10k tokens of tool output, summarize
and ask: "Want to keep going, or switch to
/grok-codebasefor the full multi-phase run?"
Examples
✅ Good
The auth flow starts at
src/api/auth/login.ts:42(handleLogin), callsverifyCredentialsinsrc/services/auth.ts:88, which uses bcrypt viasrc/lib/crypto.ts:12. The token is signed insrc/lib/jwt.ts:31and persisted to Redis viasrc/lib/session.ts:55.
❌ Bad
It looks like a standard auth flow. You should probably add rate limiting.
❌ Bad
The auth code is in
src/auth/. (paraphrase, no specific file:line, no causal chain)
Output template
## Top — what this project is
<one paragraph>
## Middle — module map
- `src/api/` — HTTP route definitions and request validators
- `src/services/` — business logic, framework-free
- `src/lib/` — shared utilities (crypto, jwt, redis client)
- ... (one line per top-level dir)
## Bottom — <feature or file the user asked about>
<function-level call graph, file:line cited on every node>
Conventions
- Read-only verbs only:
read_file,codebase_search,find_symbol,mcp__serena__*,mcp__tilth__*(excepttilth_edit),@codebase,@docs,@web. - Forbidden until explicitly invited:
edit_file,write_file,mcp__tilth__tilth_edit,run_terminal_cmd(except read-only commands likegit log,git status,git diff,ls,wc). - No persistence. Unlike
/grok-codebase,tourdoes NOT write artifacts to disk. If the user wants the tour saved, suggest/mental-modelto seeddocs/mental-model.mdthemselves.
Related Skills
paulnsorensen/work-recovery
tools
VerifiedTrustedCommunity
Reconstruct what a past coding-agent session was doing so you can resume it — goal, files touched, last verified state, and the next step — by querying the session logs. Use when the user says "what was I working on", "recover that session", "reconstruct where I left off", "resume my last session", "what did that session change", "rebuild context from logs", or invokes /work-recovery. Report-only — it never scores or judges. Do NOT use for usage scoring (that is /skill-improver, /tool-efficiency, /prompt-analytics) or one-off interactive log queries (that is /session-analytics).
2SKILL.mdUpdated Jun 3, 2026
paulnsorensen/wiki-curator
development
VerifiedTrustedCommunity
Curate this repo's hallouminate wiki (.hallouminate/wiki/, the repo:dotfiles:wiki corpus) — add or update architecture pages, per-harness docs, and gotchas. Use when the user says "update the wiki", "document this in the wiki", "refresh the harness docs", "add a wiki page", "curate the wiki", "the wiki is stale", or invokes /wiki-curator. Also use at session end to write back a non-obvious decision or gotcha worth preserving. Grounds the existing wiki first, follows one-topic-per-file conventions, verifies every external doc URL before writing, and reindexes. Do NOT use for general code search (that is cheez-search) or for editing AGENTS.md command reference.
2SKILL.mdUpdated Jun 3, 2026
paulnsorensen/tool-efficiency
tools
VerifiedTrustedCommunity
Audit how a tool, command, or MCP server is actually used across coding-agent sessions and produce calibrated recommendations — tool-vs-task fit, error forensics, fix recommendations, permission friction, MCP health, and token economics. Use when the user says "tool efficiency", "am I using X efficiently", "audit tool usage", "why does X keep failing", "how do I fix this error", "what should I change", "permission friction", "is this MCP worth it", "tool error rate", "fix recommendations", or invokes /tool-efficiency. Do NOT use for auditing a skill or agent definition (that is /skill-improver) or for one-off interactive log queries (that is /session-analytics).
2SKILL.mdUpdated Jun 3, 2026
paulnsorensen/prompt-analytics
tools
VerifiedTrustedCommunity
Analyze how prompts and skill routing behave across coding-agent sessions and produce calibrated recommendations — prompt-pattern analysis, routing accuracy, and knowledge gaps. Use when the user says "analyze my prompts", "prompt patterns", "is routing working", "which skill should have fired", "knowledge gaps", "what do I keep asking", or invokes /prompt-analytics. Do NOT use for auditing a single skill/agent definition (that is /skill-improver), tool/MCP efficiency (that is /tool-efficiency), or one-off interactive log queries (that is /session-analytics).
2SKILL.mdUpdated Jun 3, 2026