Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

stonks-git/doc

Name: doc
Author: stonks-git

.claude/skills/doc/SKILL.md

npx skillsauth add stonks-git/ai-dev doc

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Document Session

When the user asks to document, follow these steps IN ORDER:

1. devlog.ndjson (MANDATORY)

Add 1+ JSON lines to state/devlog.ndjson. Format:

{"ts":"2026-01-07T12:00:00+02:00","event":"<type>","id":"<ID>","summary":"<short description>"}

Event types:

feature - new functionality
bugfix - bug fix
refactor - code restructuring
kb_update - KB documentation update
decision - new decision (with id: D-XXX)
blueprint - new blueprint version created
dj_entry - Decision Journal entry added (with id: DJ-XXX)
handoff - session summary
verification - smoke test passed
human_review - approved by user

2. handoff.md (MANDATORY)

Update session sections in state/handoff.md:

Previous Sessions: add current session summary
Tasks DOING: update status
Git Status: current branch, last commit, modified files

3. KB/*.md (CRITICAL — DO NOT SKIP!)

NO EXCEPTIONS: If code was modified, KB MUST be updated.

Steps:

List files: ls KB/*.md
Ask: "What module did I modify? Which KB describes it?"
Read the relevant KB and update it
If no KB exists for the modified module -> create one
Update KB/KB_index.md if a new KB page was created (assign tags from charter.json taxonomy)

After KB update: add entry in devlog with event: kb_update.

4. Blueprints (IF ARCHITECTURE CHANGED)

If scaffolding/architecture changed (new component, dropped component, pattern change):

Create new version file in KB/blueprints/ (complete plan snapshot, not a diff)
Add changelog section: what changed from previous version and WHY
Update KB/blueprints/BLUEPRINT_INDEX.md pointer to new version
Update KB/KB_index.md — new version row as always (latest only), old version as on-demand
Add devlog entry with event: blueprint

5. Decision Journal (IF DECISION SUPERSEDED)

If any decision was superseded or amended:

Add DJ-XXX entry to KB/KB_01_architecture.md with: Was / Now / Why / Lesson
Use a tag from charter.json tag_taxonomy in the header brackets
Update decision status to superseded in state/roadmap.json
Add devlog entry with event: dj_entry

6. Schema Log (IF DB MIGRATIONS CREATED)

If new database migrations were created during this task:

Update state/schema_log.md — add new migration to the table, update counts
Verify: check version control for new migration files

7. Git Status (MANDATORY)

Run git commands and update handoff.md:

git status --short
git log --oneline -3

8. roadmap.json (IF APPLICABLE)

Update state/roadmap.json only if:

A task changes status (doing -> done)
New task added
Dependencies changed
Decision status changed (including superseded)

9. VALIDATE (MANDATORY)

python3 taskmaster.py validate

Must exit 0. If it doesn't, fix the issues before finishing.

10. FINAL CHECKLIST

STOP! Don't commit until you verify ALL:

[ ] devlog.ndjson - entry added for each change
[ ] handoff.md - session sections updated
[ ] KB updated - MANDATORY if code was modified
[ ] kb_update entry in devlog (if KB was updated)
[ ] Blueprint updated - if architecture changed
[ ] Decision Journal entry - if decision was superseded
[ ] Schema Log updated - if DB migrations were created
[ ] Tags used exist in charter.json taxonomy
[ ] taskmaster validate - exit 0

Workflow Summary

1. Ask user WHAT was done (if you don't know)
2. Write entry in devlog.ndjson
3. Update handoff.md session sections
4. GATE: Update KB for modified modules
   -> What modules did I touch? -> Which KB describes them? -> Update
   -> Add kb_update entry in devlog
5. GATE: Update blueprint if architecture changed
   -> New version file + update index + devlog entry
6. GATE: Add Decision Journal entry if decision was superseded
   -> DJ-XXX entry + update roadmap status + devlog entry
7. GATE: Update schema_log.md if DB migrations created
8. Check git status, add to handoff
9. Update roadmap if task status changed
10. Run `python3 taskmaster.py validate` — exit 0
11. CHECKLIST COMPLETE? -> tell user documentation is done

Timestamp format

Use ISO 8601 with timezone: 2026-01-07T12:00:00+02:00

stonks-git/doc

.claude/skills/doc/SKILL.md

Document session changes in tracking files (devlog, handoff, KB, roadmap). Use when the user says "document", "/doc", or asks to note what was done.

development

Updated Apr 15, 2026

$ install --global

skillsauth

npx skillsauth add stonks-git/ai-dev doc

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 15, 2026, 4:00 AM5.0s1 file scanned

SKILL.md

name:: doc
description:: Document session changes in tracking files (devlog, handoff, KB, roadmap). Use when the user says "document", "/doc", or asks to note what was done.

Document Session

When the user asks to document, follow these steps IN ORDER:

1. devlog.ndjson (MANDATORY)

Add 1+ JSON lines to state/devlog.ndjson. Format:

{"ts":"2026-01-07T12:00:00+02:00","event":"<type>","id":"<ID>","summary":"<short description>"}

Event types:

feature - new functionality
bugfix - bug fix
refactor - code restructuring
kb_update - KB documentation update
decision - new decision (with id: D-XXX)
blueprint - new blueprint version created
dj_entry - Decision Journal entry added (with id: DJ-XXX)
handoff - session summary
verification - smoke test passed
human_review - approved by user

2. handoff.md (MANDATORY)

Update session sections in state/handoff.md:

Previous Sessions: add current session summary
Tasks DOING: update status
Git Status: current branch, last commit, modified files

3. KB/*.md (CRITICAL — DO NOT SKIP!)

NO EXCEPTIONS: If code was modified, KB MUST be updated.

Steps:

List files: ls KB/*.md
Ask: "What module did I modify? Which KB describes it?"
Read the relevant KB and update it
If no KB exists for the modified module -> create one
Update KB/KB_index.md if a new KB page was created (assign tags from charter.json taxonomy)

After KB update: add entry in devlog with event: kb_update.

4. Blueprints (IF ARCHITECTURE CHANGED)

If scaffolding/architecture changed (new component, dropped component, pattern change):

Create new version file in KB/blueprints/ (complete plan snapshot, not a diff)
Add changelog section: what changed from previous version and WHY
Update KB/blueprints/BLUEPRINT_INDEX.md pointer to new version
Update KB/KB_index.md — new version row as always (latest only), old version as on-demand
Add devlog entry with event: blueprint

5. Decision Journal (IF DECISION SUPERSEDED)

If any decision was superseded or amended:

Add DJ-XXX entry to KB/KB_01_architecture.md with: Was / Now / Why / Lesson
Use a tag from charter.json tag_taxonomy in the header brackets
Update decision status to superseded in state/roadmap.json
Add devlog entry with event: dj_entry

6. Schema Log (IF DB MIGRATIONS CREATED)

If new database migrations were created during this task:

Update state/schema_log.md — add new migration to the table, update counts
Verify: check version control for new migration files

7. Git Status (MANDATORY)

Run git commands and update handoff.md:

git status --short
git log --oneline -3

8. roadmap.json (IF APPLICABLE)

Update state/roadmap.json only if:

A task changes status (doing -> done)
New task added
Dependencies changed
Decision status changed (including superseded)

9. VALIDATE (MANDATORY)

python3 taskmaster.py validate

Must exit 0. If it doesn't, fix the issues before finishing.

10. FINAL CHECKLIST

STOP! Don't commit until you verify ALL:

[ ] devlog.ndjson - entry added for each change
[ ] handoff.md - session sections updated
[ ] KB updated - MANDATORY if code was modified
[ ] kb_update entry in devlog (if KB was updated)
[ ] Blueprint updated - if architecture changed
[ ] Decision Journal entry - if decision was superseded
[ ] Schema Log updated - if DB migrations were created
[ ] Tags used exist in charter.json taxonomy
[ ] taskmaster validate - exit 0

Workflow Summary

1. Ask user WHAT was done (if you don't know)
2. Write entry in devlog.ndjson
3. Update handoff.md session sections
4. GATE: Update KB for modified modules
   -> What modules did I touch? -> Which KB describes them? -> Update
   -> Add kb_update entry in devlog
5. GATE: Update blueprint if architecture changed
   -> New version file + update index + devlog entry
6. GATE: Add Decision Journal entry if decision was superseded
   -> DJ-XXX entry + update roadmap status + devlog entry
7. GATE: Update schema_log.md if DB migrations created
8. Check git status, add to handoff
9. Update roadmap if task status changed
10. Run `python3 taskmaster.py validate` — exit 0
11. CHECKLIST COMPLETE? -> tell user documentation is done

Timestamp format

Use ISO 8601 with timezone: 2026-01-07T12:00:00+02:00

Related Skills

openclaw/openclaw-secret-scanning-maintainer

development

VerifiedTrustedCommunity

Maintainer-only workflow for handling GitHub Secret Scanning alerts on OpenClaw. Use when Codex needs to triage, redact, clean up, and resolve secret leakage found in issue comments, issue bodies, PR comments, or other GitHub content.

357,764SKILL.mdUpdated Apr 15, 2026

openclaw/openclaw-secret-scanning-maintainer

openclaw/openclaw-release-maintainer

development

VerifiedTrustedCommunity

Maintainer workflow for OpenClaw releases, prereleases, changelog release notes, and publish validation. Use when Codex needs to prepare or verify stable or beta release steps, align version naming, assemble release notes, check release auth requirements, or validate publish-time commands and artifacts.

357,764SKILL.mdUpdated Apr 10, 2026

openclaw/openclaw-release-maintainer

openclaw/openclaw-qa-testing

development

VerifiedTrustedCommunity

Run, watch, debug, and extend OpenClaw QA testing with qa-lab and qa-channel. Use when Codex needs to execute the repo-backed QA suite, inspect live QA artifacts, debug failing scenarios, add new QA scenarios, or explain the OpenClaw QA workflow. Prefer the live OpenAI lane with regular openai/gpt-5.4 in fast mode; do not use gpt-5.4-pro or gpt-5.4-mini unless the user explicitly overrides that policy.

357,764SKILL.mdUpdated Apr 10, 2026

openclaw/openclaw-qa-testing

openclaw/openclaw-parallels-smoke

development

VerifiedTrustedCommunity

End-to-end Parallels smoke, upgrade, and rerun workflow for OpenClaw across macOS, Windows, and Linux guests. Use when Codex needs to run, rerun, debug, or interpret VM-based install, onboarding, gateway smoke tests, latest-release-to-main upgrade checks, fresh snapshot retests, or optional Discord roundtrip verification under Parallels.

357,764SKILL.mdUpdated Apr 10, 2026

openclaw/openclaw-parallels-smoke

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/stonks-git/ai-dev.git

# Copy into Claude Code skills folder (global)
cp -r ai-dev/.claude/skills/doc ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

stonks-git/ai-dev

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT