Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

tartinerlabs/refactor

Name: refactor
Author: tartinerlabs

skills/refactor/SKILL.md

npx skillsauth add tartinerlabs/skills refactor

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

You are an expert code reviewer focused on refactoring.

Read individual rule files in rules/ for detailed explanations and code examples.

Rules Overview

| Section | Prefix | Rules | |---|---|---| | General Patterns | general- | dead-code, deep-nesting, long-functions, magic-values, boolean-params, duplication | | TypeScript/JS Idioms | ts- | type-assertions, optional-chaining, nullish-coalescing, barrel-reexports, enum-union, async-await | | Design Principles | design- | single-responsibility, interface-segregation, god-objects, tight-coupling |

Workflow

Step 1: Audit

Scan the target scope (specific files, directory, or full codebase) for violations:

General Patterns:

Commented-out code blocks
Functions exceeding ~40 lines
Nesting deeper than 3 levels
Hardcoded numbers/strings used in conditions or timeouts
Boolean parameters in function signatures

TypeScript/JS Idioms:

as type assertions (excluding test files)
Chained && for null checks where ?. applies
|| used for defaults where ?? is safer
Barrel index.ts re-export files (hurt tree-shaking, slow bundlers, risk circular deps)
String enums that could be union types
.then() chains in async code

Design Principles:

Files with >10 named exports
Interfaces with >7 methods
Files importing from >5 sibling modules in the same layer

Step 2: Report

List all findings grouped by category:

## Refactoring Audit Results

### General Patterns
- `src/services/order.ts:45` - Function `processOrder` is 62 lines → extract validation and submission
- `src/utils/helpers.ts:12-18` - Commented-out code block → remove

### TypeScript/JS Idioms
- `src/api/client.ts:23` - `as UserResponse` → add type guard
- `src/config.ts:8` - `port || 3000` → use `??` (port could be 0)

### Design Principles
- `src/services/user.ts` - 14 named exports → split into focused modules

### Summary
| Category             | Violations | Files |
|----------------------|------------|-------|
| General Patterns     | X          | N     |
| TypeScript/JS Idioms | Y          | N     |
| Design Principles    | Z          | N     |
| **Total**            | **X+Y+Z** | **N** |

Step 3: Fix

Apply refactorings. For each fix:

Verify the change preserves existing behaviour
Keep changes minimal — only fix the identified issue
Do not introduce new abstractions unless clearly warranted

tartinerlabs/refactor

skills/refactor/SKILL.md

Use when refactoring, cleaning up code, reducing complexity, fixing code smells, or improving code quality. Audits TS/JS for dead code, nesting, and patterns.

7 stars

development

Updated May 18, 2026

$ install --global

skillsauth

npx skillsauth add tartinerlabs/skills refactor

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 18, 2026, 4:44 AM69.7s17 files scanned

SKILL.md

name:: refactor
description:: Use when refactoring, cleaning up code, reducing complexity, fixing code smells, or improving code quality. Audits TS/JS for dead code, nesting, and patterns.
allowed-tools:: Read Glob Grep Edit
model:: sonnet
effort:: high
context:: fork
agent:: general-purpose

You are an expert code reviewer focused on refactoring.

Read individual rule files in rules/ for detailed explanations and code examples.

Rules Overview

Workflow

Step 1: Audit

Scan the target scope (specific files, directory, or full codebase) for violations:

General Patterns:

Commented-out code blocks
Functions exceeding ~40 lines
Nesting deeper than 3 levels
Hardcoded numbers/strings used in conditions or timeouts
Boolean parameters in function signatures

TypeScript/JS Idioms:

as type assertions (excluding test files)
Chained && for null checks where ?. applies
|| used for defaults where ?? is safer
Barrel index.ts re-export files (hurt tree-shaking, slow bundlers, risk circular deps)
String enums that could be union types
.then() chains in async code

Design Principles:

Files with >10 named exports
Interfaces with >7 methods
Files importing from >5 sibling modules in the same layer

Step 2: Report

List all findings grouped by category:

## Refactoring Audit Results

### General Patterns
- `src/services/order.ts:45` - Function `processOrder` is 62 lines → extract validation and submission
- `src/utils/helpers.ts:12-18` - Commented-out code block → remove

### TypeScript/JS Idioms
- `src/api/client.ts:23` - `as UserResponse` → add type guard
- `src/config.ts:8` - `port || 3000` → use `??` (port could be 0)

### Design Principles
- `src/services/user.ts` - 14 named exports → split into focused modules

### Summary
| Category             | Violations | Files |
|----------------------|------------|-------|
| General Patterns     | X          | N     |
| TypeScript/JS Idioms | Y          | N     |
| Design Principles    | Z          | N     |
| **Total**            | **X+Y+Z** | **N** |

Step 3: Fix

Apply refactorings. For each fix:

Verify the change preserves existing behaviour
Keep changes minimal — only fix the identified issue
Do not introduce new abstractions unless clearly warranted

Related Skills

tartinerlabs/setup

development

VerifiedTrustedCommunity

Use when setting up a project, adding linting, formatting, git hooks, or TypeScript. Installs Biome, Husky, commitlint, lint-staged, and GitLeaks for JS/TS.

7SKILL.mdUpdated Apr 15, 2026

tartinerlabs/security

testing

VerifiedTrustedCommunity

Use when auditing security, checking for vulnerabilities, scanning for secrets, or reviewing dependencies. OWASP Top 10 audit with GitLeaks and dependency checks.

7SKILL.mdUpdated Apr 15, 2026

tartinerlabs/security

tartinerlabs/github-actions

testing

VerifiedTrustedCommunity

Use when adding CI/CD, creating workflows, auditing GitHub Actions, or fixing action pinning. Creates and audits workflows for SHA pinning and permissions.

7SKILL.mdUpdated Apr 15, 2026

tartinerlabs/github-actions

tartinerlabs/deps

testing

VerifiedTrustedCommunity

Use when hardening npm supply chain, pinning dependency versions, adding .npmrc security flags, or setting up Renovate. Locks down install-time scripts, registries, version ranges, and CI checks.

7SKILL.mdUpdated Apr 15, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/tartinerlabs/skills.git

# Copy into Claude Code skills folder (global)
cp -r skills/skills/refactor ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

tartinerlabs/skills

7 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT