auditor
Runs after every action to catch drift between what was planned and what was done — the repo's continuity department.
🌱 Agent Skills Garden
A constitution-driven skill library for AI agents.
87 skills
15 categories
4 reasoning modes
Apache-2.0
Satya
truth & determinism
Dharma
right action & safety
Ahimsa
non-destruction
Pragya
wisdom & direction
Browse skills
constitution
The laws of the agent's universe — Satya (truth), Dharma (safety), Ahimsa (non-destruction), Pragya (wisdom).
librarian
Finds the right skill even when you describe the problem instead of naming the tool — graduated fuzzy routing.
orchestrator
Mid-task skill injection — detects domain shifts and suggests relevant skills.
pragmatism
Aparigraha — non-accumulation. Check before create, conform within scope, stay surgical, and validate edge cases before trusting any reuse or improvement of existing code.
pragya
Direction-seeking protocol — seek corrections, present options, let humans steer.
scratchpad
Forces explicit reasoning before acting — declares task, complexity, risk, and plan so nothing starts half-thought.
token-efficiency
Resource-aware model tier, tool, and delegation selection per cognitive mode.
domain-modeling
When the team uses different words for the same thing — creates a domain glossary, entity map, and Protected Terms.
prd
When requirements exist but need structure — selects the right PRD format (lean, full, working-backwards, hypothesis) and produces a living document with versioning and lifecycle.
requirements-elicitation
When scope is fuzzy — interviews the user for goals, constraints, and success metrics before coding starts.
adr-management
When you need to record why a decision was made — creates and manages Architecture Decision Records.
api-contract-design
When frontend and backend need to agree before coding — designs REST/gRPC APIs with OpenAPI spec.
database-design
When data modeling decisions will outlast the code — schema design, normalization, migration planning, indexing.
pipeline-context
Pre-compute once, share via context object to all pipeline stages.
schema-driven-config
Single schema powers defaults, validation, storage, and UI generation.
scorer-pipeline
Composable evaluation — independent micro-scorers with shared context and explicit weights.
system-design
When you need to see the big picture before building — component diagrams, data flow, trade-off analysis.
dependency-analysis
When you're not sure what depends on what — builds dependency graphs, detects cycles, audits for staleness and CVEs.
estimation
When "how long will this take?" needs a real answer — PERT estimation, relative sizing, confidence intervals.
risk-assessment
Before you ship something that keeps you up at night — identifies risks, scores probability/impact, plans mitigations.
task-decomposition
When a task feels too big to start — breaks it into dependency-ordered subtasks with T-shirt sizing.
aparigraha-task
Master workflow walking the Aparigraha gates end-to-end — onboarding, dependency inventory, style detection, reuse-first authoring, surgical diff, audit. Orchestrates the 25-pragmatism category skills. No implementation logic.
brownfield-onboarding
First-touch protocol for a new project — read README/AGENTS.md/ADRs, find build/test/CI commands, hot zones, entry points, and test layout; emit an onboarding cheat-sheet other Aparigraha skills consume.
chesterton-fence
Before deleting or refactoring code that looks unused or weird, reconstruct why it exists from history, tests, comments, and call-graph; produce a memo plus an edge-case checklist that gates the change.
dependency-utility-scout
Mine the project's declared dependencies and produce a per-capability inventory of utilities the team already imports — advisory, never auto-rewrites.
minimal-diff
Smallest correct change that solves the problem. No drive-by formatting or opportunistic refactors; diff-size caps, reversibility checks, and commit splitting when concerns are tangled.
reuse-first
Before writing any new utility, scan the codebase and declared dependencies for an equivalent. Reuse only after fit and edge-case validation.
style-conformance
Detect the project's existing conventions (naming, formatting, errors, logging, tests) and produce a house-style profile downstream skills consult — awareness, not enforcement.
api-implementation
When the API contract is ready and needs code behind it — implements handlers/controllers with validation.
cleanup
When the codebase has accumulated cruft — removes noise, enforces formatting, safely renames identifiers.
code-generation
When you have a spec and need idiomatic code — generates from specs with language convention enforcement.
data-access
When your API is fast but your database calls aren't — repository pattern, query optimization, N+1 prevention.
error-handling
When every module handles errors differently — standardizes error types, logging, and response formats.
feature-shipping
Master workflow for shipping a feature end-to-end. Orchestrates prd -> task-decomposition -> tdd-workflow -> code-review -> release-pipeline -> auditor. Composes the release-pipeline master as the delivery sub-workflow.
refactoring
When code needs restructuring but tests must stay green — safe refactoring with test-first verification.
refactoring-suite
When you need to restructure code without breaking behavior — complex refactors with strict test verification.
refactoring-workflow
Master workflow for refactoring at four named depth levels (cosmetic, micro, meso, architectural) that compose as a ladder. Always runs chesterton-fence + style-conformance up front, closes with characterisation tests + minimal-diff + auditor. No skipped rungs.
resilience-patterns
Circuit breaker, retry with backoff, bulkhead isolation, fallback chains, timeouts.
tdd-workflow
When you want tests to drive the design — Red-Green-Refactor cycle with coverage targets.
code-review
When a PR needs more than a thumbs-up — review checklists, defect categories, severity classification.
integration-testing
When unit tests pass but the system doesn't work — tests across component boundaries with Docker containers.
mutation-testing
When you suspect tests pass but don't actually catch bugs — verifies test quality by injecting faults.
performance-review
When the app is slow but you don't know where — bottleneck identification, complexity analysis, caching review.
pr-review-flow
Master workflow for thorough PR review. Orchestrates code-review + security-review + performance-review in parallel, aggregates verdict, applies pr-management, audits. No implementation logic.
security-review
When security can't be an afterthought — OWASP Top 10 scan, vulnerability detection, secret scanning.
test-strategy
When you need a testing philosophy, not just tests — defines the pyramid, coverage targets, and conventions.
testing-strategy
When you're unsure what to test next — coverage analysis, test type selection, boundary condition identification.
two-pass-analysis
When you need metrics without false-failing the build — separates collection (Pass 1) from gating (Pass 2).
unit-testing
When a function needs proof it works — generates unit tests for Jest, JUnit, Go Test, PyTest.
api-documentation
When consumers need to know how to call your API — endpoint docs, OpenAPI specs, request/response examples.
changelog-generation
When users need to know what changed and why — conventional commits parsing, semantic versioning, release notes.
decision-records
When future-you needs to know why past-you chose this — ADR authoring with context, decision, consequences.
inline-documentation
When code needs to explain itself to future readers — JSDoc/docstrings, comment quality, self-documenting patterns.
caching-strategy
When the same expensive query runs hundreds of times — implements caching patterns with proper invalidation.
db-tuning
When queries are the bottleneck — index analysis, query plan optimization, connection pooling.
profiling-analysis
When something is slow and you need proof of where — analyzes logs/traces to find bottlenecks and hotspots.
progressive-execution
Fast approximate results (Phase 1) then slow enriched results (Phase 2).
resource-awareness
Monitor constraints (memory, CPU, time, rate limits), adapt behavior gracefully.
error-handling-debug
When errors cascade instead of being contained — exception hierarchies, retry strategies, graceful degradation.
log-analysis
When the answer is buried in 10,000 log lines — parsing, pattern recognition, event correlation, anomaly detection.
root-cause-analysis
When the bug is a symptom, not the cause — 5-whys, fault trees, git bisection, symptom-to-cause mapping.
auth-implementation
When you need auth that won't become a breach headline — implements JWT, OAuth2, or RBAC safely.
dependency-scanning
When your supply chain is only as strong as its weakest dep — checks for CVEs and license compliance.
secure-coding-review
When code needs a security audit before shipping — scans for OWASP Top 10 vulnerabilities and anti-patterns.
threat-modeling
Before attackers find the holes — identifies STRIDE threats, assesses risk, plans mitigations.
ci-pipeline
When you need CI that catches failures before they hit main — generates GitHub Actions/GitLab CI with artifact gating.
docker-containerization
When your Docker image is bloated and slow to build — generates optimized multi-stage Dockerfiles.
kubernetes-helm
When you need reproducible K8s deployments — generates Helm charts and Kubernetes manifests.
monitoring-setup
When you need to know something is broken before users tell you — SLIs/SLOs, alerting, distributed tracing.
release-pipeline
Master workflow for cutting a release. Orchestrates test-strategy -> changelog-generation -> ci-pipeline -> auditor as a single named sequence. No implementation logic.
terraform-iac
When infrastructure should be versioned like code — generates Terraform/OpenTofu IaC modules.
git-workflow
When the team needs git discipline without git fights — branching strategies, commit conventions, conflict resolution.
knowledge-sharing
When tribal knowledge walks out the door with departing teammates — wikis, runbooks, onboarding guides.
pair-programming
When two heads are better than one — driver/navigator roles, mob programming, knowledge transfer protocols.
pr-management
When PRs linger or get rubber-stamped — templates, review assignments, merge criteria that work.
openapi-specs
When your API docs are stale or missing — generates Swagger/OpenAPI YAML from code.
readme-generation
When a new contributor clones the repo and has no idea where to start — creates READMEs with usage and install guides.
release-notes
When release day shouldn't mean manually writing changelog — parses git logs for changelogs and version bumps.
dependency-updates
When dependencies drift and Dependabot floods you with PRs — automated updates with semver and lockfile discipline.
deprecation-management
When old APIs need to die without breaking consumers — sunset timelines, migration paths, impact analysis.
incident-response
When production is down and the clock is ticking — triage, mitigate, and resolve outages with postmortem.
incident-response-flow
Master workflow for production incidents. Orchestrates incident-response (triage and mitigation) -> root-cause-analysis -> log-analysis -> decision-records -> auditor. No implementation logic.
legacy-upgrade
When the framework is 3 versions behind and nobody wants to touch it — plans major upgrades safely.
migration-planning
When you need to move data without losing it — version upgrades, data migration, rollback strategies.
repo-maintenance
Adaptive cleanup framework — start simple, discover value, pivot toward greater good.
tech-debt-tracking
When tech debt is everywhere but you can only fix some — categorization, impact scoring, payoff prioritization.
No skills match these filters.
Categories
00-foundation
Foundation
8 skills
10-discovery
Discovery
3 skills
20-architecture
Architecture
7 skills
20-planning
Planning
4 skills
25-pragmatism
Pragmatism
7 skills
30-implementation
Implementation
11 skills
40-quality
Quality
10 skills
50-documentation
Documentation
4 skills
50-performance
Performance
5 skills
60-debugging
Debugging
3 skills
60-security
Security
4 skills
70-devops
DevOps
6 skills
80-collaboration
Collaboration
4 skills
80-docs
Docs
3 skills
90-maintenance
Maintenance
8 skills