Browse skills

Generate comprehensive, well-structured pull request descriptions from git diffs and commit history. Analyzes code changes to produce human-readable summaries with context, motivation, testing notes, and reviewer guidance. Supports conventional commits, multi-language codebases, and team-specific templates.

Deep security audit of source code — detect vulnerabilities (OWASP Top 10, CWE-25), find secrets/credentials, flag injection vectors, identify insecure dependencies, analyze authentication/authorization flaws, and produce a prioritized remediation report with severity ratings (Critical/High/Medium/Low), CWE IDs, and fix suggestions. Supports Python, JavaScript/TypeScript, Go, Rust, Solidity, Java, C/C++, Ruby, PHP.

Inspect a SQL statement before it runs. Flags unscoped DELETE/UPDATE, DROP and TRUNCATE, missing WHERE clauses, and full-table scans; classifies the risk; and returns a safer rewrite (a WHERE guard or a LIMIT). Stops an agent from nuking a table by accident.

Review pull requests and local changes before pushing: read diffs, leave inline comments via the gh CLI or the GitHub REST API, and flag correctness and quality issues.