sutanunandigrami/dot-claude/skills/workspace
dot-claude/skills/workspace/SKILL.md
Project workspace configuration — auto-detect commands, _workspace.json convention, .envrc templates
$ install --global
skillsauthnpx skillsauth add sutanunandigrami/claude-titan-setup dot-claude/skills/workspaceInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 15, 2026, 2:24 AM6.2s1 file scanned
SKILL.md
- description:
- Project workspace configuration — auto-detect commands, _workspace.json convention, .envrc templates
- paths:
- **/_workspace.json,**/.envrc,**/justfile,**/Makefile,**/package.json,**/pyproject.toml
Workspace Configuration
_workspace.json Convention
Projects can include a _workspace.json at the root:
{
"name": "my-app",
"commands": {
"dev": "bun dev",
"build": "bun run build",
"test": "bun test",
"lint": "ruff check . && shellcheck **/*.sh",
"deploy": "terraform apply -auto-approve"
},
"main_branch": "main",
"language": "typescript",
"framework": "next.js"
}
Auto-Detection (when no _workspace.json exists)
Detect project type from files present:
| File | Type | Dev | Test | Lint |
|------|------|-----|------|------|
| package.json | Node/Bun | bun dev | bun test | bun lint |
| pyproject.toml | Python | uv run dev | uv run pytest | ruff check . |
| Cargo.toml | Rust | cargo run | cargo test | cargo clippy |
| go.mod | Go | go run . | go test ./... | golangci-lint run |
| Makefile | Make | make dev | make test | make lint |
| justfile | Just | just dev | just test | just lint |
| Taskfile.yml | Task | task dev | task test | task lint |
| Dockerfile | Docker | docker compose up | — | hadolint Dockerfile |
| terraform/ | Terraform | — | terraform plan | tflint |
.envrc Templates
When setting up a new project with direnv:
Python
# .envrc
layout python3
export DATABASE_URL="postgres://localhost/myapp_dev"
Node
# .envrc
use mise
export NODE_ENV=development
General
# .envrc
dotenv_if_exists .env.local
PATH_add bin
Workflow
- Check for
_workspace.jsonfirst. - If absent, auto-detect from project files.
- Use detected commands for
/ship,/scan, testing. - Suggest creating
_workspace.jsonif project is complex. - Use
direnv allowafter creating.envrc.
Related Skills
sutanunandigrami/VibeSec-Skill
development
VerifiedTrustedCommunity
This skill helps Claude write secure web applications. Use this when working on any web application or when a user requests a scan or audit to ensure security best practices are followed.
9SKILL.mdUpdated Apr 15, 2026
sutanunandigrami/modern-python
tools
VerifiedTrustedCommunity
Configures Python projects with modern tooling (uv, ruff, ty). Use when creating projects, writing standalone scripts, or migrating from pip/Poetry/mypy/black.
9SKILL.mdUpdated Apr 15, 2026
sutanunandigrami/dot-claude/skills/tmux-control
tools
VerifiedTrustedCommunity
Control tmux sessions — create panes, run commands, read output, monitor processes
9SKILL.mdUpdated Apr 15, 2026
sutanunandigrami/security-scan
testing
VerifiedTrustedCommunity
Security scanning and vulnerability assessment workflows. Use when performing security audits, scanning for vulnerabilities, checking dependencies, or hardening systems.
9SKILL.mdUpdated Apr 15, 2026