uinaf/docs
skills/docs/SKILL.md
Update repo documentation and durable agent-facing artifacts such as AGENTS.md, README.md, docs/, specs, plans, decisions, and runbooks. Use when code, skill, or infrastructure changes risk doc drift or when documentation needs cleanup or restructuring. Do not use for code review, runtime verification, or boot/readiness infrastructure setup.
$ install --global
skillsauthnpx skillsauth add uinaf/skills docsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 24, 2026, 2:08 AM336.3s12 files scanned
SKILL.md
- name:
- docs
- description:
- Update repo documentation and durable agent-facing artifacts such as AGENTS.md, README.md, docs/, specs, plans, decisions, and runbooks. Use when code, skill, or infrastructure changes risk doc drift or when documentation needs cleanup or restructuring. Do not use for code review, runtime verification, or boot/readiness infrastructure setup.
Docs
Keep the repo legible to humans and agents.
Principles
- Docs rot silently — every code change is a possible doc change
- Describe current state; keep history only in migration notes, changelogs, and decisions
- Keep routing docs short and point to deeper docs instead of duplicating them
- Use repo-relative links for in-repo docs
- Keep repo docs, agent guidance, and work artifacts linked but distinct
Handoffs
Not docs work: boot/readiness setup; baseline PR, issue, contributor, or security policy templates; independent code review; runtime verification.
Workflow
1. Audit the doc surface
Check the files humans and agents actually rely on:
AGENTS.mdCLAUDE.mdREADME.mdCONTRIBUTING.mdSECURITY.mddocs/- durable specs, active plans, runbooks, and decision docs
Flag stale commands, dead paths, duplicate guidance, routing failures, and repo-internal details leaking into reader-facing docs.
Before editing, classify the target as repo docs, agent guidance, or work artifacts such as plans, specs, decisions, and handoffs.
Use the source-boundary table in references/documentation.md before writing cross-repo, private workspace, or local-machine facts into checked-in docs.
2. Update routing docs
Keep top-level docs terse and navigational.
AGENTS.mdshould be a table of contents, not a wiki- If the repo uses
AGENTS.md, makeCLAUDE.mda symlink or@AGENTS.mdimport instead of maintaining a second authored file README.mdshould lead with value, quick use, and links to deeper docs- Refresh
CONTRIBUTING.mdandSECURITY.mdwhen they already exist or when moving existing policy out of an overloadedREADME.md; do not invent baseline policy from scratch - For workspace repos, keep one canonical setup doc and let
README.mdpoint to it - Use the concrete top-level split and section order in references/documentation.md
- Use reader-facing labels in routing lists; use raw filenames only when the filename matters
3. Update deep docs and specs
Refresh the detailed documents that carry the knowledge.
- architecture and API docs
- task guides and runbooks
- durable feature specs and decision records
- tactical plans and handoff prompts only when future agents need them
- readiness infrastructure docs after boot, smoke, observability, or isolation changes
Write each updated section as the reader's current source of truth.
When the user asks to save a durable rule, prompt, plan, or decision, choose the owning surface: docs/decisions/, docs/specs/, docs/plans/, or agent guidance for behavior future agents must repeat.
For new features, use the directory layout and templates in references/structuring.md — specs, plans, and decisions each have their own shape.
4. Clean up drift
- deduplicate repeated facts
- delete or archive stale docs
- fix cross-links and moved paths
- keep naming, labels, casing, commands, and section order consistent
- keep one canonical home for setup or install commands and replace copied command blocks with pointers
- prefer reader-facing link text over raw paths unless the path is the point
Example — fixing a stale path after a rename:
# AGENTS.md
-- Run the old bootstrap command to set up the dev environment.
+- Run the current setup command to set up the dev environment.
5. Validate reality
Verify prose against the repo.
Concrete checks:
rg -n "old/path|stale-command" AGENTS.md CLAUDE.md README.md docs/when paths or commands movedrg -n "<new command|new path|decision keyword>" AGENTS.md CLAUDE.md README.md docs/to find duplicate or conflicting homestest -e <path-from-docs>before keeping a file referencetest ! -e AGENTS.md || { test -L CLAUDE.md && test "$(readlink CLAUDE.md)" = "AGENTS.md"; }when normalizing agent entrypoints- for claims sourced from outside the repo, cite or verify the upstream source before making the claim durable
Output
After docs work, report a compact docs footer:
- files updated
- verified: command names or path checks, not output logs
- removed or rewritten: only if stale or duplicated docs changed
- gaps: remaining doc gaps, or
none - next: readiness setup, independent review, runtime verification, or
none
Keep the footer to 5 labeled lines or fewer. List changed files once.
References
- references/documentation.md — AGENTS.md shape, scoped rules, README patterns, doc hygiene
- references/specifications.md — feature specs, conformance tests, spec drift, SDD trade-offs
- references/structuring.md — directory layout, templates, and naming for specs, plans, and decisions
Related Skills
uinaf/react-ban-use-effect
development
VerifiedTrustedCommunity
Ban direct `useEffect` in React code. Use when writing, refactoring, reviewing, or migrating React components or hooks that import, call, add, or replace direct `useEffect`; when an agent reaches for effects for derived state, fetching, event reactions, resets, or external sync; or when adding lint/agent rules for a no-direct-useEffect policy. Do not use for ordinary React work with no effect smell, non-React code, or legitimate effect architecture outside React.
2SKILL.mdUpdated May 29, 2026
uinaf/review-gang
development
VerifiedTrustedCommunity
Independently audit existing code, diffs, branches, or pull requests by spawning mandatory concern-specific reviewer subagents, then synthesizing their evidence into a ship decision. Use when triaging PR risk, deciding whether someone else's change is safe to ship, or following up after runtime proof. Invocation is explicit authorization to use reviewer subagents. Produces a `ship it` / `needs review` / `blocked` verdict. Do not use to self-check a change you just authored.
2SKILL.mdUpdated May 24, 2026
uinaf/gh-setup
testing
VerifiedTrustedCommunity
Set up or align a repository's GitHub collaboration and delivery surface: repo settings, branch/ruleset policy, PR and security templates, Actions hardening, GitHub Environments, release workflows, and deploy workflows. Use when standardizing GitHub setup for repos, CI/CD, publishing versioned packages, or deploying running apps; route app deploy details to deploy references and package publish details to release references.
2SKILL.mdUpdated May 24, 2026
uinaf/autoreview
development
VerifiedTrustedCommunity
Run structured Codex/Claude autoreview closeout for local changes, pull requests, branch diffs, or commits: choose the target, validate findings, rerun focused tests, and repeat review until clean. Use when asked for autoreview, second-model review, pre-merge review, or readiness-to-ship review.
2SKILL.mdUpdated May 24, 2026