Checklist

writing-plans helps turn a spec or requirements doc into a detailed implementation plan with file-level guidance, task sequencing, testing steps, and a review prompt before coding starts.

verification-before-completion is a final-check skill that blocks unsupported completion claims. Learn when to use it, how to install it from obra/superpowers, and how to match each status claim to fresh verification evidence.

sprint-planner is a lightweight skill for turning backlog ideas into a structured sprint plan with story points, capacity, sprint goals, risks, and a definition of done. Best for Scrum and Agile teams that want a repeatable planning format without extra tooling or integrations.

project-planner is an AI skill for turning project ideas into executable plans with deliverables, task breakdowns, dependencies, milestones, estimates, and risk-aware sequencing. It is self-contained in SKILL.md and best for scoping work, building WBS-style plans, mapping critical paths, and creating first-pass delivery plans from clear goals and constraints.

decision-helper is a lightweight Decision Support skill that helps compare options with structured frameworks like pros/cons, decision matrices, cost-benefit analysis, SWOT, and ICE. Install it when you want repeatable, defensible recommendations for product, hiring, tool, or prioritization decisions.

Review skill for pre-landing PR review. Use it to check diffs against the base branch for SQL safety, trust-boundary issues, shell injection, enum completeness, and other structural risks. Best for a review guide that helps agents flag real defects fast with less guesswork than a generic prompt.

security-requirement-extraction turns threat models and business context into testable security requirements, user stories, acceptance criteria, and backlog-ready outputs for Requirements Planning.

stride-analysis-patterns helps agents run a structured STRIDE threat-modeling pass for architectures, APIs, and data flows. Install from the wshobson/agents repo, read the SKILL.md file, and use it to turn system descriptions into categorized threats and control-focused review output.

python-anti-patterns is a Python code review checklist for spotting fragile patterns like scattered retries, timeout duplication, and hidden complexity before merge, during refactoring, or while debugging.

The evaluation-methodology skill explains PluginEval scoring for Model Evaluation, including layers, rubrics, composite scoring, badge thresholds, and practical guidance for interpreting results and improving weak dimensions.

Use the pci-compliance skill to guide PCI DSS architecture reviews, scope reduction, gap analysis, and payment data handling decisions. Best for teams designing payment flows, preparing for assessments, or reviewing controls before a compliance review.

code-review-excellence helps agents produce clearer, more constructive code reviews with better prioritization, reviewer tone, and actionable feedback for pull requests, mentoring, and team review standards.

api-design-principles helps you design and review REST and GraphQL APIs with checklists, reference files, and a FastAPI template. Use it to improve resource naming, HTTP semantics, pagination, errors, versioning, and schema structure before implementation.

postmortem-writing helps teams create blameless incident postmortems with timelines, root cause analysis, contributing factors, impact, and actionable follow-up items for report writing after outages or near-misses.

employment-contract-templates helps draft offer letters, employment contracts, NDAs, handbooks, and HR policies with structured legal framing. Best for fast first drafts that still need jurisdiction-specific legal review.

The gdpr-data-handling skill helps teams turn GDPR requirements into practical review guidance for consent, lawful basis, data subject rights, retention, and privacy-by-design decisions.

incident-runbook-templates helps teams create structured incident response runbooks with clear triage, mitigation, escalation, communication, and recovery steps for outages and operational Playbooks.

multi-reviewer-patterns helps agents run parallel code reviews across security, performance, architecture, testing, and accessibility, then deduplicate findings, calibrate severity, and deliver one consolidated report. Includes install context, key files, and practical usage guidance.

The planning-and-task-breakdown skill turns a spec, feature request, or messy goal into ordered, implementable tasks with clear dependencies and acceptance criteria. It helps with planning-and-task-breakdown for Project Management, parallel work, and scope estimation while reducing guesswork before implementation.

lead-magnets helps plan the right lead magnet for email capture and lead generation. Use it to choose formats, review benchmarks, read key files, and connect offers to product-focused conversion paths.

launch-strategy helps agents and teams turn vague release ideas into a practical launch plan. It uses the ORB framework, phased rollouts, Product Hunt guidance, and launch checklists for product launches, feature announcements, betas, waitlists, and public releases.

The onboard skill helps product teams improve onboarding flows, empty states, and first-run UX. It guides install and usage with a practical workflow, required /frontend-design dependency, and prompts for defining the aha moment, user level, and key activation steps.

ton-vulnerability-scanner is a focused audit skill for TON smart contracts written in FunC. It helps identify integer-as-boolean misuse, fake Jetton contract handling, and missing gas checks when forwarding TON. Use it for a fast first-pass Security Audit before deeper manual review.

guidelines-advisor is a smart contract development advisor based on Trail of Bits best practices. It analyzes a codebase to generate documentation, review architecture, check upgradeability patterns, assess implementation quality, identify pitfalls, review dependencies, and evaluate testing. Use the guidelines-advisor guide for clear, evidence-based recommendations.