skills for everythingskill-safety-audit
Scan new or updated skills for unsafe or malicious instructions (unknown tools, external installers, credential harvesting) before accepting them into the repository.
SKILL.md
| Name | skill-safety-audit |
| Description | Scan new or updated skills for unsafe or malicious instructions (unknown tools, external installers, credential harvesting) before accepting them into the repository. |
Skills Repository
This repository is a curated catalog of reusable AI skills: compact execution guides that help agents and humans do higher-quality work with less repeated setup. The skills cover software engineering, AI systems, SaaS operations, security, product work, UX, mobile development, documentation workflows, and canonical finance doctrine.
The catalog is designed to be routed by name. A small active surface keeps skill selection reliable, while deeper references stay available without making every topic an active entrypoint.
Why These Skills Matter
| Benefit | What it gives you |
|---|---|
| Faster execution | Reusable workflows reduce repeated prompting and rediscovery. |
| Better routing | Clear frontmatter, aliases, and parent skills help agents pick the right guidance. |
| Higher quality | Skills encode checklists, quality gates, anti-patterns, and evidence expectations. |
| Safer specialization | Finance, security, AI, and platform work keep domain constraints close to implementation guidance. |
| Portable knowledge | Markdown, YAML, templates, and scripts work across Windows, Ubuntu, and Debian consumers. |
| Lower catalog noise | Legacy and narrow topics route through aliases instead of competing as duplicate active skills. |
Active Catalog
Active skills are SKILL.md files under these roots:
| Root | Purpose |
|---|---|
skills/ | Main active catalog for engineering, AI, SaaS, mobile, security, UX, product, and operations. |
doctrine/skills/ | Canonical finance and accounting doctrine for IFRS, controls, close, audit, payroll, inventory, reporting, and finance UX. |
00-meta-initialization/ | SDLC documentation initialization and new-project entrypoints. |
Current guardrail baseline:
| Metric | Value |
|---|---|
Active SKILL.md files | 169 |
| Target active catalog size | 150-170 |
| Guardrail hard cap | 200 |
| Duplicate frontmatter names | 0 |
Inactive aliases retained as ALIAS.md | 47 |
Run the guardrail report with:
python -X utf8 scripts\skill_catalog_guardrails.py --report-only
Skill Domains
| Domain | Examples |
|---|---|
| AI and agent systems | AI architecture, RAG, evaluations, model gateways, agent runtime, HITL, governance, observability, cost controls, and AI UX. |
| Software engineering | Architecture, APIs, TypeScript, JavaScript, PHP, Python, Node.js, testing, validation, release engineering, and reliability. |
| SaaS and product | Multi-tenancy, entitlements, pricing, billing, onboarding, metrics, sales operations, product discovery, and product-led growth. |
| Security and compliance | Web app audits, code safety, network security, Linux hardening, DPIA work, and AI security controls. |
| Frontend and UX | React, Next.js, Tailwind, app GUI design, forms, interaction patterns, accessibility, premium UI, and motion. |
| Mobile | Android, iOS, Kotlin Multiplatform, mobile persistence, mobile UX, platform capabilities, app quality, and release workflows. |
| Finance doctrine | Accounting engines, finance audits, bank and mobile money reconciliation, close, controls, reporting, IFRS, payroll, inventory, and finance UI patterns. |
| Documentation and operations | SDLC documentation, project requirements, professional document output, catalog maintenance, skill writing, and update records. |
How To Use The Catalog
- Start with the active roots above or the overview in
docs/overview/README.md. - If an old skill name is mentioned, check
docs/skill-routing-index.mdordocs/skill-aliases.yml. - Read the selected skill's
SKILL.md. - Load only the specific
references/,templates/, orscripts/files the skill tells you to use. - When changing routing, frontmatter, or active skill behavior, update the routing docs and rerun the guardrail report.
Routing And Aliases
The catalog intentionally keeps aliases outside the active skill count. Legacy
entrypoints that should no longer compete for routing are retained as
ALIAS.md files in their original directories. Their targets are recorded in:
docs/skill-routing-index.mdfor human-readable policy.docs/skill-aliases.ymlfor machine-readable routing.
Finance aliases route to doctrine/skills/ first. Root-level finance skills
remain active only when they add implementation or orchestration behavior beyond
canonical doctrine.
Repository Map
| Path | Role |
|---|---|
docs/ | Overview docs, architecture, routing policy, plans, analysis, and update records. |
scripts/ | Maintenance checks, including active catalog guardrails. |
claude-guides/ | Claude-specific skill creation and invocation guidance. |
book-extractions/ | Curated source notes and long-form reference material. |
blog-posts/ | Draft educational and marketing content. |
Maintenance Rules
- Do not delete or move skill directories casually.
- Deactivate legacy entrypoints by renaming
SKILL.mdtoALIAS.mdand adding a route indocs/skill-aliases.yml. - Keep finance and accounting doctrine canonical under
doctrine/skills/. - Keep Markdown files below 500 lines where practical.
- Use ASCII unless an existing file requires another character set.
- Preserve user edits and inspect the worktree before modifying files.
- Record substantive documentation repairs under
docs/updates/.
Key Docs
| Document | Purpose |
|---|---|
AGENTS.md | Short working rules for coding agents. |
docs/overview/PROJECT_BRIEF.md | One-page project brief. |
docs/overview/ARCHITECTURE.md | Repository structure and ownership boundaries. |
docs/overview/TECH_STACK.md | Tooling, runtime assumptions, and platform notes. |
docs/plans/INDEX.md | Planning document index. |
docs/plans/NEXT_FEATURES.md | Current priorities and next work. |