renatocaliari/cali-tech-planning
skills/cali-product-workflow/skills-workflow/cali-tech-planning/SKILL.md
[Cali] Technical planning and scope sequencing skill. Generates typed scopes (feature/optimization/spike), sequences them, and creates progress tracking units. Can be used standalone or as part of cali-product-workflow.
$ install --global
skillsauthnpx skillsauth add renatocaliari/agent-sync-public-skills cali-tech-planningInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 19, 2026, 6:05 AM158.0s5 files scanned
SKILL.md
- name:
- cali-tech-planning
- description:
- >
Tech Planning Sequencing
This skill executes the Tech Planning phase. It can be used:
- Standalone — after Shape Up and Critique
- Via Workflow — part of the cali-product-workflow chain
Prerequisites
Approval check: Read the YAML frontmatter of spec-product.md:
- ✅
approved: true→ proceed - ❌ No
approved: true→ GO BACK to Review Gate. Do not proceed.
This check is deterministic — do not rely on memory, read the YAML frontmatter.
References Index
Read the references/ files to guide the process:
| File | Covers | When to read |
|---|---|---|
| references/TECH-CONTEXT.md | Tech planning context, prerequisites, workflow position | Before starting — sets planning context |
| references/SCOPES-AND-SEQUENCING.md | Scope types (feature/optimization/spike), executor routing, sequencing principles | During generation — defines scope structure |
| references/TECH-OUTPUT.md | Tech plan output format, frontmatter, receipts | After generation — formats output |
| references/generation-principles.md | Generation principles, constraints, quality standards | During generation — guides implementation |
7a. Scope Generation
Use the references above to generate technical scopes:
- Worker 1: Generate technical scopes from spec-product.md
- Worker 2: Review dependencies, suggest sequencing
- Consolidate into
.cali-product-workflow/{YYYY-MM-DD}/{_dir}/plans/spec-tech_{v}.md
Each scope must have:
- Type:
feature,optimization, orspike - Definition of Done (DoD)
- Acceptance criteria
- Dependencies
- Executor (resolved from SCOPES-AND-SEQUENCING.md)
7b. Tech Plan Gate (if standalone)
If Tech Planning is standalone (not preceded by Shape Up):
- Submit spec-tech.md for formal review
- After approval, stamp spec-tech.md:
- Create receipt at
.approvals/{_dir}/spec-tech_{v}.approved.md - Stamp
approved: truein spec-tech.md frontmatter
- Create receipt at
If post-Shape-Up: the gate already ran in Review Gate phase — skip this step.
7c. Progress Tracking Setup
After tech plan approval, convert each scope into a trackable unit with completion criteria:
- Each scope becomes a tracked item with its DoD
- Optimization scopes include metrics for measurement
- Adjust scopes during execution if needed
Output
Tech plan is saved to:
.cali-product-workflow/{YYYY-MM-DD}/{_dir}/plans/spec-tech_{v}.md
Related Skills
- cali-shape-up: Produces the shaped proposal
- cali-plan-critique: Reviews the proposal before tech planning
- cali-product-workflow (orchestrator): Coordinates this skill with execution
Environment Adaptation
If any capability is unavailable, adapt using whatever tools your environment provides.
Related Skills
renatocaliari/pocketbase
development
VerifiedTrustedCommunity
PocketBase v0.39+ development - API rules, auth, collections, SDK, realtime, files, Go/JS extending, deployment, production tuning.
1SKILL.mdUpdated Jun 7, 2026
renatocaliari/cali-lat-md-seed
tools
VerifiedTrustedCommunity
Auto-initialize structured documentation for any project using lat.md (knowledge graph of markdown files with [[wiki links]], // @lat: code refs, and semantic search). Detects cali-product-workflow artifacts (spec-product.md, spec-tech.md, critiques) and uses them as seed material. Falls back to extracting business rules, architecture, and design decisions directly from the codebase. Use when a project lacks structured documentation or when lat.md/ is missing. After seeding, lat.md extension hooks keep documentation alive automatically.
1SKILL.mdUpdated Jun 2, 2026
renatocaliari/cali-ops-server-security
testing
VerifiedTrustedCommunity
[Cali] Server security audit and hardening for private servers behind Tailscale. Use when: auditing server security, hardening SSH/firewall/Docker, checking for vulnerabilities, setting up fail2ban, reviewing port exposure, or responding to security alerts. Covers 6 layers: CloudFlare, UFW, Tailscale, SSH, Docker, Application. Triggers: "server security", "security audit", "harden server", "SSH hardening", "firewall rules", "UFW config", "fail2ban", "port security", "Docker security", "vulnerability check", "security review".
1SKILL.mdUpdated May 30, 2026
renatocaliari/cali-ops-package-audit
tools
VerifiedTrustedCommunity
Run supply chain security scans before installing packages or before releases. Triggers when: user installs a package (npm, pip, go get, brew), user asks to 'scan dependencies', 'check vulnerabilities', 'supply chain', 'security audit', 'run trivy', 'run socket', or before any release/deployment. Also triggers on mentions of: socket.dev, trivy, OSV-scanner, dotenvx, CVE, dependency audit. Covers all four tools with concrete commands.
1SKILL.mdUpdated May 30, 2026