sutanunandigrami/modern-python
dot-claude/skills/trailofbits-modern-python/SKILL.md
Configures Python projects with modern tooling (uv, ruff, ty). Use when creating projects, writing standalone scripts, or migrating from pip/Poetry/mypy/black.
$ install --global
skillsauthnpx skillsauth add sutanunandigrami/claude-titan-setup modern-pythonInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 15, 2026, 2:23 AM7.1s1 file scanned
SKILL.md
- name:
- modern-python
- description:
- Configures Python projects with modern tooling (uv, ruff, ty). Use when creating projects, writing standalone scripts, or migrating from pip/Poetry/mypy/black.
- paths:
- **/*.py,**/pyproject.toml,**/setup.py,**/setup.cfg,**/requirements*.txt,**/.python-version,**/uv.lock,**/Pipfile*
Modern Python
Based on trailofbits/cookiecutter-python.
Anti-Patterns
| Avoid | Use Instead |
|-------|-------------|
| pip install / Poetry | uv add + uv sync |
| Manual venv activation | uv run <cmd> |
| requirements.txt | PEP 723 (scripts) or pyproject.toml (projects) |
| flake8 / black / isort | ruff |
| mypy / pyright | ty |
| [project.optional-dependencies] for dev | [dependency-groups] (PEP 735) |
| hatchling build backend | uv_build |
| pre-commit | prek (faster, Rust-native) |
| [tool.ty] python-version | [tool.ty.environment] python-version |
| Editing pyproject.toml for deps | uv add/uv remove |
Decision Tree
- Single-file script with deps? → PEP 723 inline metadata
- Multi-file project (not distributed)? →
uv initminimal setup - Reusable package/library? →
uv init --packagefull setup - Migrating? →
uv init --bare && uv add <pkgs> && uv sync, delete old files
Tool Overview
| Tool | Purpose | Replaces | |------|---------|----------| | uv | Package/dependency mgmt | pip, virtualenv, pip-tools, pipx, pyenv | | ruff | Lint + format | flake8, black, isort | | ty | Type checking | mypy, pyright | | prek | Pre-commit hooks | pre-commit |
Quick Start
uv init myproject && cd myproject
uv add requests rich
uv add --group dev pytest ruff ty
uv run python src/myproject/main.py
uv run pytest && uv run ruff check .
Full Setup (cookiecutter)
uvx cookiecutter gh:trailofbits/cookiecutter-python
Or manually:
uv init --package myproject && cd myproject
pyproject.toml config
[project]
name = "myproject"
version = "0.1.0"
requires-python = ">=3.11"
[dependency-groups]
dev = [{include-group = "lint"}, {include-group = "test"}]
lint = ["ruff", "ty"]
test = ["pytest", "pytest-cov"]
[tool.ruff]
line-length = 100
target-version = "py311"
[tool.ruff.lint]
select = ["ALL"]
ignore = ["D", "COM812", "ISC001"]
[tool.pytest]
addopts = ["--cov=myproject", "--cov-fail-under=80"]
[tool.ty.environment]
python-version = "3.11"
Then: uv sync --all-groups
uv Commands
| Command | Description |
|---------|-------------|
| uv init | Create project |
| uv add <pkg> | Add dependency |
| uv add --group dev <pkg> | Add dev dependency |
| uv remove <pkg> | Remove dependency |
| uv sync --all-groups | Install all groups |
| uv run <cmd> | Run in venv |
| uv build | Build package |
Related Skills
sutanunandigrami/dot-claude/skills/workspace
tools
VerifiedTrustedCommunity
Project workspace configuration — auto-detect commands, _workspace.json convention, .envrc templates
9SKILL.mdUpdated Apr 15, 2026
sutanunandigrami/VibeSec-Skill
development
VerifiedTrustedCommunity
This skill helps Claude write secure web applications. Use this when working on any web application or when a user requests a scan or audit to ensure security best practices are followed.
9SKILL.mdUpdated Apr 15, 2026
sutanunandigrami/dot-claude/skills/tmux-control
tools
VerifiedTrustedCommunity
Control tmux sessions — create panes, run commands, read output, monitor processes
9SKILL.mdUpdated Apr 15, 2026
sutanunandigrami/security-scan
testing
VerifiedTrustedCommunity
Security scanning and vulnerability assessment workflows. Use when performing security audits, scanning for vulnerabilities, checking dependencies, or hardening systems.
9SKILL.mdUpdated Apr 15, 2026