開發

Next.js performance optimizations including next/image, next/font, dynamic imports, caching strategies, and bundle optimization. Use when optimizing Next.js apps for speed or Core Web Vitals.

Surface relevant patterns from semantic memory during morning check-in to help apply proven approaches to today's work. Automatically triggered during morning check-in.

Use this skill whenever the user wants to design, set up, or refactor Cloudflare D1 database usage in a Hono + TypeScript app running on Cloudflare Workers/Pages, including schema management, bindings, query patterns, and data-access structure.

Enterprise AI security patterns - LLM vulnerabilities, prompt injection defense, guardrails, PII protection, and OWASP LLM Top 10 mitigations

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, artifacts, posters, or applications (examples include websites, landing pages, dashboards, React components, HTML/CSS layouts, or when styling/beautifying any web UI). Generates creative, polished code and UI design that avoids generic AI aesthetics.

Apply Command Query Responsibility Segregation (CQRS) and Event Sourcing (ES) for collaboration-heavy domains that require strong auditability and independent scaling of reads and writes.

Backend API authentication patterns with Clerk JWT middleware and route protection. Use when building REST APIs, GraphQL APIs, protecting backend routes, implementing JWT validation, setting up Express middleware, or when user mentions API authentication, backend security, JWT tokens, or protected endpoints.

Use this skill whenever the user wants to design, create, refactor, or standardize NestJS modules, services, and controllers in a TypeScript NestJS project, following clean architecture, DI best practices, and consistent API patterns.

Guide for implementing Better Auth - a framework-agnostic authentication and authorization framework for TypeScript. Use when adding authentication features like email/password, OAuth, 2FA, passkeys, or advanced auth functionality to applications.

Comprehensive code review checking quality, security, and best practices. Triggers: CR, review, 審查, 檢查, check, 看一下, PR, code review, 品質.

Swift programming patterns for iOS and macOS

DevOps Captain - Infrastructure-as-code, Kubernetes, CI/CD, and automation specialist

Tracks complex, multi-session work with dependency graphs using bd (beads) issue tracker. Triggers on 'multi-session', 'complex dependencies', 'resume after weeks', 'project memory', 'persistent context', 'side quest tracking', 'portfolio', 'all my beads', 'cross-project beads', or when TodoWrite is insufficient for scope. For simple single-session linear tasks, TodoWrite remains appropriate. (user)

Advise on choosing between Skills, Commands, Subagents, and Hooks for Claude Code. Analyze user requirements and recommend the appropriate artifact type with justification. Use when user asks "should I use a skill or command", "what artifact type", "skill vs command", or describes a workflow needing automation.

Generates design token documentation with visual swatches and code examples. Use when documenting token values, creating token reference guides, or building searchable design system documentation.

Activate when user mentions "clink codex" to provide guidance on delegating implementation tasks to clink codex as a junior developer. Use when assigning coding tasks, discussing task delegation, or working with clink codex for code implementation.

Google Calendar management via CLI. Use when user mentions calendar, events, scheduling, appointments, meetings, free/busy time, or checking availability. Supports listing calendars, viewing/creating/updating/deleting events, and checking free/busy status.

Manage Freshservice tickets, approvals, and get team performance reports across all workspaces

PC application security analyzer for Windows/macOS/Linux executables. Static analysis (SAST) for desktop applications including PE/ELF/Mach-O analysis, dependency scanning, SBOM generation. Integrates with cve-checker and cra-code-reviewer for CRA compliance. Triggers on: PC app analysis, Windows exe, macOS app, Linux binary, PE analysis, ELF analysis, desktop security, SBOM generation, dependency scan.

Automatically search indexed code when user asks questions about the codebase. Detects code-related queries and uses semantic memory to find relevant files. Activates for questions like "how does X work", "where is Y", "show me Z implementation".