VS Code Agent Skill

Test Engineer

Generates comprehensive test suites with edge cases and mocks.

TestingTDDCoverage

CI/CDDockerInfrastructure

DevOps Engineer

Writes CI/CD pipelines, Dockerfiles, and infrastructure configurations.

OWASPVulnerabilitiesAudit

Security Auditor

Scans code for OWASP Top 10 vulnerabilities and security anti-patterns.

SecretsAPI KeysCredentialsLeaks

Secret Scanner

Detects hardcoded secrets, API keys, tokens, and credentials leaked in source code.

Incident ResponseTriagePost-MortemContainment

Incident Response Agent

Guides teams through security incident response, triage, containment, and post-mortem procedures.

GDPRSOC 2HIPAACompliancePrivacy

Compliance Checker

Reviews code and infrastructure for GDPR, SOC 2, and HIPAA compliance patterns.

DockerKubernetesContainersHardening

Container Security Scanner

Audits Dockerfiles, container images, and Kubernetes manifests for security misconfigurations and hardening gaps.

OWASP APIRESTGraphQLAuthorizationRate Limiting

API Security Tester

Tests APIs against the OWASP API Security Top 10, checking authentication, authorization, rate limiting, and data exposure.

SBOMProvenanceSigningSupply ChainBuild Integrity

Supply Chain Security

Secures the software supply chain: SBOM generation, dependency provenance, artifact signing, and build integrity.

AWSAzureGCPIAMCloud Security

Cloud Security Auditor

Audits AWS, Azure, and GCP configurations for security misconfigurations, overly permissive IAM policies, and public exposure.

ReactCSSAccessibilityComponents

Frontend Architect

Builds accessible, performant component architectures in React, Vue, or Svelte with design-system discipline.

System DesignAPIsMicroservicesScaling

Backend Architect

Designs scalable service architectures, data models, and API contracts with production-grade error handling.

Web VitalsBundle SizeRuntimeProfiling

Performance Optimizer

Diagnoses and fixes performance bottlenecks in web apps — Core Web Vitals, bundle size, runtime efficiency.

UpgradesMigrationCodemodsCompatibility

Migration Specialist

Plans and executes framework upgrades, language migrations, and deprecation removals with zero-downtime strategies.

KubernetesHelmYAMLContainers

Kubernetes Operator

Writes production-grade K8s manifests, Helm charts, and cluster management configurations.

MonitoringAlertingSLOsTracing

Observability Engineer

Designs monitoring dashboards, alerting rules, SLOs, and distributed tracing instrumentation.

ADRArchitectureDecisionsRFC

ADR Writer

Creates Architecture Decision Records that capture context, options, and consequences of technical decisions.

OnboardingDXGetting StartedRunbooks

Onboarding Guide Writer

Creates developer onboarding documentation that gets new team members productive in days, not weeks.

STRIDEThreat ModelRisk AssessmentAttack Trees

Threat Modeler

Conducts STRIDE-based threat modeling, creates attack trees, and produces actionable risk assessments.

ETLStreamingAirflowData Quality

Data Pipeline Engineer

Designs ETL/ELT pipelines, streaming architectures, and data quality frameworks.

WCAGA11yScreen ReadersKeyboard

Accessibility Auditor

Audits web interfaces for WCAG 2.2 compliance, keyboard navigation, and screen reader compatibility.

Design TokensComponentsStorybookPatterns

Design System Maintainer

Maintains component libraries, design tokens, and pattern documentation for consistent UIs.

PromptsFew-ShotEvaluationLLM

Prompt Engineer

Optimizes system prompts, crafts few-shot examples, and designs evaluation frameworks for LLM applications.

TrainingMLOpsEvaluationDeployment

ML Pipeline Builder

Designs end-to-end ML pipelines: data preparation, training, evaluation, and deployment with experiment tracking.

EmailCommunicationOutreach

Email Drafter

Composes context-aware professional emails — follow-ups, cold outreach, status updates, and escalations.

MeetingsNotesAction Items

Meeting Notes Agent

Transforms meeting transcripts and raw notes into structured summaries with decisions, action items, and owners.

Ticket Writer

Creates well-structured Jira, Linear, or GitHub issues from vague descriptions with acceptance criteria and sizing.

JiraLinearIssuesTickets

SlackTeamsCommunicationAnnouncements

Slack Message Composer

Crafts clear team messages — announcements, updates, requests, and incident comms for Slack and Teams.

ContentSocial MediaWritingRepurpose

Content Repurposer

Converts content between formats — blog posts to social threads, docs to tutorials, notes to presentations.

Supabase Developer

Teaches AI to build with Supabase — database schemas, Row Level Security, Auth, Edge Functions, and Realtime.

SupabasePostgresAuthBaaS

StripePaymentsSubscriptionsWebhooks

Stripe Integration

Teaches AI to implement Stripe payments — checkout sessions, webhooks, subscriptions, and billing portal.

VercelDeploymentServerlessEdge

Vercel Platform

Teaches AI to deploy and configure on Vercel — serverless functions, edge middleware, environment variables, and caching.

ClerkAuthUsersOrganizations

Clerk Auth

Teaches AI to implement authentication with Clerk — sign-in/up flows, middleware protection, organizations, and webhooks.

ResendEmailTransactionalReact Email

Resend Email

Teaches AI to send transactional emails with Resend — React Email templates, domains, and delivery tracking.

PrismaORMDatabaseMigrations

Prisma ORM

Teaches AI to model data with Prisma — schemas, migrations, typed queries, relations, and performance patterns.

NeonPostgresServerlessBranching

Neon Serverless Postgres

Teaches AI to use Neon — serverless Postgres with branching, autoscaling, connection pooling, and the serverless driver.

UpstashRedisRate LimitingQueue

Upstash Redis & Messaging

Teaches AI to use Upstash — serverless Redis for caching, rate limiting, and QStash for message queues and scheduled jobs.

Git Workflow Agent

Manages branching strategies, commit conventions, and merge workflows.

GitBranchingCommits

Secure CodingDefensiveInput ValidationAuth

Secure Code Reviewer

Reviews code with a security-first lens, enforcing secure defaults and defensive coding patterns.

Next.jsTypeScriptTailwind

Next.js Project

CLAUDE.md for a Next.js application with App Router, Tailwind CSS, and TypeScript conventions.

Python API Project

CLAUDE.md for a Python backend with FastAPI, SQLAlchemy, and pytest conventions.

PythonFastAPISQLAlchemy

MonorepoTurborepoPackages

Fullstack Monorepo

CLAUDE.md for a Turborepo monorepo with a Next.js frontend and shared packages.

Go Microservice

CLAUDE.md for a Go microservice with standard project layout, gRPC, and structured logging.

GoMicroservicegRPC

Rust CLI Tool

CLAUDE.md for a Rust command-line application with clap, structured errors, and release builds.

RustCLIclap

Next.jsTypeScriptTailwindApp Router

Next.js TypeScript

Cursor rules for Next.js projects with App Router, TypeScript strict mode, and Tailwind CSS.

PythonFastAPIPydanticBackend

Python FastAPI

Cursor rules for Python backends with FastAPI, Pydantic validation, and async patterns.

ReactComponentsStorybookAccessibility

React Component Library

Cursor rules for building accessible, composable React component libraries with Storybook.

GoMicroservicesgRPCClean Architecture

Go Backend Service

Cursor rules for Go microservices with clean architecture, structured logging, and gRPC/REST APIs.

SecurityOWASPAuthValidation

Security-Hardened Rules

Cursor rules enforcing secure coding practices — input validation, auth, encryption, and OWASP compliance.

Next.jsTypeScriptTailwindPrisma

Next.js Full Stack

Windsurf rules for a Next.js App Router project with TypeScript, Tailwind CSS, and Prisma.

PythonFastAPISQLAlchemyPydantic

Python FastAPI

Windsurf rules for a Python backend built with FastAPI, SQLAlchemy, and Pydantic.

React SPA

Windsurf rules for a React single-page application with TypeScript, Vite, and React Router.

ReactViteTypeScriptSPA

GoMicroservicePostgresAPI

Go Microservice

Windsurf rules for a Go microservice with standard library HTTP, structured logging, and PostgreSQL.