synaptiai/capability-discovery
plugins/flow/skills/capability-discovery/SKILL.md
Discover available agents, skills, quality commands (lint, test, typecheck), tech stack, verification capabilities, and LSP code intelligence features via parallel environment scanning. Use when starting implementation, creating PRs, reviewing PRs, or addressing feedback. This skill MUST be consulted because assuming tools exist causes runtime failures, and assuming they do not causes missing capabilities.
$ install --global
skillsauthnpx skillsauth add synaptiai/synapti-marketplace capability-discoveryInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 23, 2026, 4:35 AM23.7s1 file scanned
SKILL.md
- name:
- capability-discovery
- description:
- Discover available agents, skills, quality commands (lint, test, typecheck), tech stack, verification capabilities, and LSP code intelligence features via parallel environment scanning. Use when starting implementation, creating PRs, reviewing PRs, or addressing feedback. This skill MUST be consulted because assuming tools exist causes runtime failures, and assuming they do not causes missing capabilities.
- allowed-tools:
- Bash, Read, Glob, Grep, LSP
- agent:
- Explore
Capability Discovery
Discovers available capabilities in the user's environment for dynamic workflow adaptation.
Iron Law
DISCOVER BEFORE ASSUMING. Never hardcode tool availability. Always scan the environment first.
Assuming a tool exists leads to runtime failures. Assuming it doesn't leads to missing capabilities.
Discovery Process
Steps 1-5 are independent — execute ALL simultaneously with parallel tool calls.
Step 1: Scan Agents
Use Glob to find agent files, then Grep to extract descriptions:
Glob: ".claude/agents/*.md"— project agentsGlob: "plugins/*/agents/*.md"— plugin agents
Parse: source, name (filename without .md), description (from frontmatter).
Step 2: Scan Skills
Glob: ".claude/skills/*/SKILL.md"— project skillsGlob: "plugins/*/skills/*/SKILL.md"— plugin skills
Parse: source, name (parent directory), description (from frontmatter).
Step 3: Scan Commands
Glob: ".claude/commands/*.md"— project commandsGlob: "plugins/*/commands/*.md"— plugin commands
Parse: source, name (filename without .md), description (from frontmatter).
Step 4: Parse CLAUDE.md for Quality Commands
CLAUDE_MD=""
[ -f ".claude/CLAUDE.md" ] && CLAUDE_MD=".claude/CLAUDE.md"
[ -z "$CLAUDE_MD" ] && [ -f "CLAUDE.md" ] && CLAUDE_MD="CLAUDE.md"
[ -n "$CLAUDE_MD" ] && grep -E "(npm|pnpm|yarn|bun|ruff|pytest|go |cargo |make )" "$CLAUDE_MD" 2>/dev/null
Step 5: Detect Tech Stack
[ -f "package.json" ] && echo "node"
[ -f "tsconfig.json" ] && echo "typescript"
[ -f "pyproject.toml" ] && echo "python"
[ -f "Gemfile" ] && echo "ruby"
[ -f "go.mod" ] && echo "go"
[ -f "Cargo.toml" ] && echo "rust"
[ -f "Makefile" ] && echo "makefile"
Early Exit: Markdown-Only
If no tech stack files found and no quality commands in CLAUDE.md, report:
- Quality Commands: "No code-related quality commands applicable"
- Tech Stack: "Markdown-only project"
- Skip Step 6
Step 6: Discover Verification Capabilities
ls verify.sh scripts/verify* playwright.config.* cypress.config.* 2>/dev/null
Step 7: Discover LSP Capabilities
Pre-check: Read lsp.enabled from settings (default true). If false, skip this step and report all LSP features as "Disabled" in the output table.
Probe for available LSP code intelligence features. Find a representative source file in the project (use the first file matching the detected tech stack — e.g., .ts, .py, .go, .rs, .rb), then test each LSP operation against it.
LSP feature probes (run each, catch failures individually):
| Operation | Test | Capability |
|-----------|------|-----------|
| documentSymbol | List symbols in the file | Symbol navigation |
| hover | Hover on first symbol (line 1, char 1) | Type info / docs |
| goToDefinition | Definition lookup on an import or reference | Definition tracing |
| findReferences | Find references to a symbol | Impact analysis |
| goToImplementation | Find implementations | Interface resolution |
Diagnostics inference: LSP diagnostics are not a discrete operation to probe — they are reported by the language server when it processes a file. If documentSymbol succeeds, the LSP server is active and diagnostics are available. Record diagnostics as "Available" when documentSymbol succeeds, "Unavailable" otherwise.
Process:
-
Find a representative source file using Glob (consistent with Steps 1-3):
Glob: "**/*.ts"or"**/*.py"or"**/*.go"or"**/*.rs"or"**/*.rb"(match detected tech stack)- Use the first result as the probe target
-
For each operation, attempt an LSP call against the file. Record success or failure:
- Success → feature is available
- Error "no LSP server" → LSP not configured for this file type
- Error/timeout → feature not supported by this server
-
Read
lsp.timeoutfrom settings (default 5000ms). If an operation doesn't respond within this timeout, mark it as unavailable. -
Report results in the LSP Capabilities output table.
Graceful degradation: If no source files exist (markdown-only project) or no LSP server is configured, report "No LSP server available — using CLI-only analysis" and skip. This is not an error.
Output Format
### Agents Available
| Agent | Source | Description |
|-------|--------|-------------|
### Skills Available
| Skill | Source | Description |
|-------|--------|-------------|
### Quality Commands
| Command | Purpose | Source |
|---------|---------|--------|
### Tech Stack
- {language} ({indicator file})
### Verification Capabilities
| Capability | Command | Source |
|-----------|---------|--------|
### LSP Capabilities
| Feature | Status | Use Case |
|---------|--------|----------|
| documentSymbol | {Available/Unavailable} | Symbol navigation in files |
| hover | {Available/Unavailable} | Type info and documentation during CODE phase |
| goToDefinition | {Available/Unavailable} | Trace code paths during EXPLORE phase |
| findReferences | {Available/Unavailable} | Impact analysis during EXPLORE, caller verification during REVIEW |
| goToImplementation | {Available/Unavailable} | Interface resolution |
| diagnostics | {Available/Unavailable} | Quality signal during VERIFY phase (errors→P1, warnings→P2) |
Graceful Degradation
| Missing | Fallback | |---------|----------| | No agents | Use built-in review checklist | | No CLAUDE.md commands | Detect from tech stack | | No tech stack | Ask user for commands | | No LSP server | CLI-only analysis (grep/glob for references, CLI tools for diagnostics) |
Caching
This skill runs in a forked context. The calling command must store the output for use in later phases — do not re-invoke within the same command execution.
Related Skills
synaptiai/workflow-validation
tools
VerifiedTrustedCommunity
Validate a FlowWorkflow YAML at `plugins/flow/workflows/<id>.workflow.yaml` against `schemas/v1/workflow.schema.json` AND cross-reference the referenced skills/agents exist + every Tier 3 action is confirm-gated + no native /goal or /loop dependency is declared. Use when /flow:workflow validate is invoked, when CI runs the workflow schema gates, or when a new workflow is being authored. This skill MUST be consulted because schema validation alone catches shape errors; cross-reference validation catches the silent-correctness failures (typo'd skill name, Tier 3 escape, /goal dependency) that would otherwise ship to users.
5SKILL.mdUpdated May 23, 2026
synaptiai/visual-verification
tools
VerifiedTrustedCommunity
Verify UI-facing changes by running a screenshot-analyze-verify loop across configured viewports, with a browser-tool priority cascade (Playwright MCP → Chrome DevTools MCP → CLI fallback → external skill fallback) and bounded iteration. Use after build/runtime verification passes and the diff includes `.tsx`/`.jsx`/`.vue`/`.html`/`.css`/`.scss`/`.svelte` files OR the acceptance criteria mention UI/page/render/display/visual. This skill MUST be consulted because UI changes that pass build and unit tests can still ship blank pages, render-blocking console errors, or broken responsive layouts that no other verification phase catches.
5SKILL.mdUpdated May 7, 2026
synaptiai/team-coordination
data-ai
VerifiedTrustedCommunity
Coordinate agent teams for adversarial review (paired skeptic/verifier per facet, challenge round with disposition vocabulary, consolidated findings with confidence) or parallel implementation (task sizing 5-6 per teammate, non-overlapping files). Enforces independent analysis before shared conclusions. Reference only (`disable-model-invocation: true`); loaded only when `agentTeams: true` in settings.
5SKILL.mdUpdated Apr 15, 2026
synaptiai/code-review-methodology
development
VerifiedTrustedCommunity
Conduct two-stage code review: Stage 1 verifies spec compliance (criterion-to-code mapping), Stage 2 evaluates security, correctness, performance, and maintainability across 6 parallel facets with P1/P2/P3 synthesis and deduplication by file:line. Use when reviewing code changes or pull requests. This skill MUST be consulted because reviewing quality on broken logic is wasted effort, and unmet acceptance criteria must block merge.
5SKILL.mdUpdated Apr 15, 2026