Skill catalog

97 canonical skills. Every one documented.

Find the right governed module by outcome, license tier, bundle, or category. Each page shows access, workflow fit, and the evidence it produces.

Showing 97 of 97 modules

Governance Enforcement

Governance

Enforces Pre-Code Gate, model roles, preflight resolution, mid-session handoff, execution logging, and feedback capture. Reads .project-ai/ authority pack when available.

enterprise-control-plane

View module details →

Model Transition Handoff

Governance

Prepares a governed project for a frontier-model retirement: produces the binding engineering charter (durable), the successor's handoff prompt (transient launcher), and four-layer enforcement wiring, on the outgoing model's last working day. Distinct from model-autopilot (per-task model routing) and governance-enforcement (mid-session context handoff).

View module details →

Infrastructure Setup

Governance

Applies enterprise baseline — all skills, rules, MCP config, testing standards to any machine or project.

View module details →

Session Start

Lifecycle

Initializes a coding session — loads authority pack or authoritative files, checks project state, verifies git status. Verifies external tasks from last session with the user before proceeding, preventing stale assumptions about completed work.

beginner-starter

View module details →

Session End

Lifecycle

Saves session state — updates PROJECT_STATE.md, SESSION_CHECKPOINT.md, and DECISION_LOG.md. Classifies pending tasks as Agent Tasks vs External Tasks (user action required) to prevent stale assumptions across sessions.

beginner-starter

View module details →

Feedback / Bug Submission

Lifecycle

Submit product feedback or report a bug from the IDE without a GitHub account. Captures a structured report, logs it locally for skill-learner, and submits it to the vendor offline-first (queues when offline).

View module details →

Init Project Skills

Lifecycle

Master orchestrator. Classifies project, plans activation, generates .project-ai/ authority pack, renders IDE artifacts.

View module details →

Security Audit

Audit

Scans for auth gaps, hardcoded secrets, missing RLS, XSS, CSRF, unprotected routes, exposed env vars.

View module details →

Code Review

Audit

Enterprise code review on recent changes or GitHub PRs. Checks standards, anti-patterns, error handling, type safety.

beginner-starterengineer-acceleration

View module details →

API Contract Check

Audit

Verifies API routes for auth, error handling, response shape, HTTP status codes, input validation.

engineer-acceleration

View module details →

Dependency Audit

Audit

Audits dependencies for vulnerabilities, outdated packages, license issues, unused deps.

View module details →

Pre-Deploy Check

Audit

Pre-deployment verification — types, lint, tests, env vars, migrations, build, git state.

engineer-acceleration

View module details →

Full Stack Audit

Audit

Runs ALL enterprise audit skills in sequence — security, code review, API contracts, dependency audit, pre-deploy, testing verification, and i18n coverage.

View module details →

Release Confidence

Audit

Enterprise quality & reliability release gate. Composes the existing QA audits across ten domains into a single risk-scored go/no-go with a standardized 8-part report. Evidence-first; never approves on claims.

View module details →

Mobile QA

Audit

Enterprise mobile release QA for iOS and Android, aligned to OWASP MASVS — storage, tokens, TLS, deep links, offline sync, crash-free sessions, store-policy readiness, accessibility, and startup performance. Evidence-first.

View module details →

Observability QA

Audit

Verifies a change can be detected, debugged, and rolled back in production — structured logs, metrics, traces, alerts, correlation IDs, SLO/SLI, release markers, and runbook coverage. Non-negotiable domain of the release gate.

View module details →

Performance Audit

Audit

Scans for performance anti-patterns, slow queries, bundle size issues, memory leaks, unnecessary re-renders.

engineer-acceleration

View module details →

Load and Resilience

Audit

Load, stress, soak, spike, breakpoint, and resilience/abuse testing with Grafana k6. SLO-gated (p95/p99/error-rate) plus a resource-exhaustion / DDoS abuse suite and memory-saturation checks. Evidence, not opinions.

View module details →

Security Scan Suite

Audit

Deterministic SAST + SCA + secret + IaC + container scanners plus DAST (Semgrep, Trivy, Gitleaks, OSV, ZAP, Nuclei), aggregated to SARIF, CI-gated on confirmed severity, and triaged through the security-audit multi-vector discipline. The scanners detect; the model triages.

View module details →

Accessibility Audit

Audit

Scans for WCAG 2.1 AA compliance — alt text, ARIA roles, keyboard navigation, color contrast, focus management.

View module details →

Bug Hunter

Agentic

Takes a bug report, reproduces, diagnoses root cause, implements fix, adds test, verifies.

beginner-starter

View module details →

Feature Builder

Agentic

Takes a feature spec, plans architecture, scaffolds files, implements, adds tests, verifies.

beginner-starterengineer-acceleration

View module details →

Database Migration Agent

Agentic

Schema change requests — generates migration, updates types, updates affected routes and services, tests.

View module details →

Refactor Agent

Agentic

Takes a refactoring goal, analyzes impact, plans changes, executes safely, verifies no regressions. Includes post-refactor anti-hallucination verification for import paths, barrel exports, test references, and pattern consistency.

engineer-acceleration

View module details →

Changelog Generator

Agentic

Reads commits since last tag, categorizes by type, outputs formatted CHANGELOG.md.

View module details →

API Docs Generator

Generator

Scans API routes, extracts methods/params/auth/response shapes, generates OpenAPI spec or Markdown docs.

View module details →

Database Explorer

MCP

Interactive database exploration via Supabase MCP. Queries tables, inspects schemas, checks RLS, reviews migrations.

View module details →

Payment Dashboard

MCP

Interactive Stripe dashboard via MCP. Balance, customers, subscriptions, invoices, disputes, products.

View module details →

Issue Triage

MCP

GitHub issue triage via MCP. Scans open issues, categorizes, assigns labels, links related, generates reports.

View module details →

IP Opportunity Agent

Specialized

Scans codebase for IP opportunities, advises on patentability, researches prior art via USPTO/Google Patents, generates IP strategy reports.

business-and-ip

View module details →

UAT Workflow Crawler

Specialized

Crawls web app pages, simulates user flows, detects UI errors, produces UAT reports. Includes i18n locale coverage checks.

View module details →

Browser Agent

Specialized

Playwright-based browser automation for testing, crawling, and web interaction.

View module details →

RAG Audit

Audit

Audits RAG systems for compliance with retrieval governance. Checks retrieval order, prompt hardening, injection defense, context firewall, metadata provenance, hybrid retrieval, and code generation grounding.

View module details →

Agentic Audit

Audit

Audits agentic AI systems for compliance with agent governance. Checks capability declarations, scope boundaries, planning governance, delegation chains, stop conditions, and verification protocol.

View module details →

Alignment Audit

Audit

Audits model fine-tuning and alignment pipelines. Checks dataset governance, sanitization, evaluation metrics, drift prevention, version control, and audit trail.

View module details →

Test Orchestrator

Agentic

Unified test execution and coordination agent. Detects test infrastructure, runs suites across languages, interprets results, identifies coverage gaps, and coordinates with bootstrap-testing and uat-workflow-crawler.

engineer-acceleration

View module details →

Skill Learner

Agentic

Analyzes accumulated execution logs, user feedback, and skill metrics to detect improvement patterns and generate governed refinement proposals. All proposals require human approval before modifying canonical skills.

View module details →

Project Initiator

Lifecycle

Onboarding wizard for greenfield and mid-stream folders. Always scans the repo, summarizes what is built, suggests next steps, writes PROJECT_SCAN.yaml and PROJECT_BRIEF.yaml, generates .project-ai/ governance, then hands off to project-manager and init-project-skills.

View module details →

Project Manager

Agentic

Enterprise-grade PM and orchestration hub. Auto-selects methodology (Agile, SAFe, Lean, PRINCE2, Kanban, CRISP-DM) per project archetype. Reads from the shared context bus to synthesize cross-skill intelligence, process pending signals, recommend next workflows, and provide C-suite dashboards. Combines McKinsey MECE, RAID, OKR, DORA, BCG portfolio, Theory of Constraints, and value stream mapping.

enterprise-control-planegrowth-and-marketing

View module details →

Compliance Mapper

Audit

Maps codebase against regulatory compliance frameworks (SOC 2, HIPAA, GDPR). Generates compliance matrices and gap reports.

enterprise-control-plane

View module details →

Incident Response

Agentic

Manages production incidents end-to-end — triage, root cause analysis, remediation, and post-mortem generation.

enterprise-control-plane

View module details →

ADR Manager

Agentic

Creates and manages Architecture Decision Records. Tracks decisions, rationale, alternatives considered, and status.

View module details →

Onboarding Guide

Generator

Generates interactive onboarding guides for new team members. Walks through project structure, conventions, and workflows.

beginner-starter

View module details →

Create Rule

Meta

Creates Cursor rules for persistent AI guidance. Generates .cursor/rules/ files and coding standard configurations.

View module details →

Create Skill

Meta

Guides creation of new Agent Skills for Cursor. Provides structure, best practices, and SKILL.md format templates.

View module details →

Update Cursor Settings

Meta

Modifies Cursor/VSCode user settings in settings.json. Manages editor preferences, themes, formatting, and IDE configuration.

View module details →

Bootstrap Testing

Bootstrap

Bootstraps enterprise testing standards. Auto-detects language, copies config, mocks, test templates, CI workflows.

View module details →

Bootstrap AI Governance

Bootstrap

Applies Universal Enterprise AI Governance to any project. Creates model routing rules, change control, hallucination prevention.

View module details →

SDK Adapter Enforcement

Governance

Enforces centralized adapter-layer access for third-party SDKs, including singleton factories, typed helper contracts, and no-direct-import enforcement guard rails.

View module details →

Skill Coordination Protocol

Governance

Defines standardized I/O contracts for inter-skill communication. Establishes shared context bus (.project-ai/skill-outputs/), output format, input declarations, handoff protocol, and resilience rules for agentic pipelines (ASCII architecture diagram; Vector-2 disk state).

View module details →

Workflow Engine

Agentic

Defines and executes multi-skill pipelines with sequential, parallel, conditional, and gated steps; includes a capability scorecard, agentic robustness checklist, and built-in templates (release-readiness, health check, sprint-close, incident-triage, and more). Reads and writes through the Skill Coordination Protocol.

engineer-accelerationenterprise-control-plane

View module details →

Event Trigger Manager

Governance

Manages reactive skill chaining. Monitors skill outputs for signals and recommends or invokes follow-up skills. Includes built-in triggers for security escalation, quality chains, audit chains, and operations.

engineer-accelerationenterprise-control-plane

View module details →

Dependency Resolver

Governance

Resolves skill execution dependencies at runtime. Reads the canonical registry, builds dependency graphs, detects cycles, and produces ordered execution plans with prerequisite and recommendation chains.

engineer-acceleration

View module details →

Anti-Hallucination Agent

Audit

Deep anti-hallucination verification aligned with Anthropic and OpenAI best practices. Cross-reference validation, code grounding checks, capability claim verification, search tool blind spot detection, i18n translation integrity, RAG grounding, and refactor integrity analysis. Prevents false negatives from gitignore-filtered search tools via mandatory blind spot detection step.

engineer-acceleration

View module details →

Agent Post-Mortem

Audit

Self-improving agent loop. Runs automated root-cause analysis on verification agent failures (hallucinations, missed bugs, missed vulnerabilities, false positives). Classifies against a failure taxonomy, generates executable skill patches, and stages version-controlled changes for human approval. Closes the feedback loop between agent failure and agent improvement.

View module details →

i18n Agent — Internationalization & Translation

Agentic

i18n (short for "internationalization" — the 18 letters between the i and the n) is the process of making your app work in multiple languages. This agent handles the full lifecycle: detects your stack, scaffolds translation infrastructure, extracts English-only strings into translation files, generates translations for any language, and audits every page for mixed-language bugs. Covers pluralization rules, right-to-left languages, date/number formatting, and dynamic content from APIs and databases — not just static UI labels.

View module details →

Git Workflow Manager

Agentic

Manages git workflows — branch creation, PR preparation, merge conflict resolution, release tagging, and cherry-picks.

View module details →

Code Scaffolder

Agentic

Generates boilerplate files following project conventions — components, routes, services, models, middleware, and tests.

beginner-starter

View module details →

Blast Radius Predictor

Audit

Predicts the impact of a proposed code change using static dependency analysis, test coverage overlay, git history, and deployment topology.

engineer-acceleration

View module details →

Test Gap Analyzer

Audit

Analyzes test quality beyond coverage numbers — assertion strength, mock depth, branch path coverage, edge case gaps, and business-critical code protection.

engineer-acceleration

View module details →

Knowledge Decay Detector

Audit

Detects stale, wrong, or misleading documentation by cross-referencing docs against current code.

View module details →

Rollback Manager

Agentic

Plans and executes safe rollbacks for code, database migrations, infrastructure, and configuration changes.

View module details →

Codebase Archaeology

Audit

Reconstructs the history and rationale behind code decisions using git history, documentation cross-references, and staleness analysis.

View module details →

Env Registry Generator

Generator

Builds a canonical environment variable registry from codebase scanning, generates .env.example, validation schemas, and environment-specific templates.

View module details →

Threat Modeling Agent

Audit

Enterprise threat modeling using STRIDE, DREAD, and attack trees. Identifies threats against architecture, data flows, trust boundaries, and entry points. Generates threat matrices and mitigation plans.

View module details →

Security Hardening Agent

Audit

Audits and remediates infrastructure, application, and network security. Covers OWASP Top 10, CIS Benchmarks, HTTP headers, TLS, CORS, CSP, container security, IAM, supply chain, and zero-trust assessment.

enterprise-control-plane

View module details →

SOX Compliance Agent

Audit

Sarbanes-Oxley compliance and financial security agent. Audits financial data handling, access controls, audit trails, change management, segregation of duties. Covers SOX Section 302/404, COSO framework, and ITGC.

enterprise-control-plane

View module details →

Compliance Builder

Generator

Generates compliance artifacts — policy documents, technical controls, evidence collection systems, and audit-ready documentation. Closes gaps identified by compliance-mapper and SOX compliance agent.

enterprise-control-plane

View module details →

UX Heuristic Evaluator

Audit

Expert UX evaluation using Nielsen's 10 Heuristics, cognitive walkthroughs, information architecture audits, and form UX analysis. Severity-rated findings with actionable recommendations.

View module details →

Design System Auditor

Audit

Verifies codebase adherence to design system specifications. Audits design tokens, component patterns, typography, color palette, spacing, and responsive behavior.

View module details →

Visual Regression Agent

Specialized

Automated visual regression testing with an opt-in Integrated Quality Suite mode. Captures baseline screenshots, compares across viewports and states, detects pixel-level diffs, classifies changes, and manages approval workflows. When the Integrated Quality Suite is enabled, the same capture pass also runs axe-core (WCAG 2.1 AA), a browser-evaluated UX / design-system heuristic library, and Core Web Vitals, producing a severity-weighted graded report with principle-backed why/fix guidance.

View module details →

Advanced UAT Agent

Specialized

Advanced UAT beyond smoke tests. Covers error recovery, network simulation, state persistence, concurrent sessions, destructive action safety, and complex multi-step workflow validation.

View module details →

Product Requirements Builder

Generator

Generates structured PRDs from user stories. MECE decomposition, acceptance criteria, wireframe descriptions, technical constraints, and dependency maps.

business-and-ip

View module details →

Business Model Analyzer

Specialized

Strategic business analysis using Business Model Canvas, SWOT, Porter's Five Forces, unit economics, and competitive positioning. Infers business model components from codebase.

business-and-ip

View module details →

IP Portfolio Manager

Specialized

Portfolio-level IP management — tracks patents, trade secrets, copyrights, trademarks. Monitors strength, licensing, risks, and competitive landscape. Extends ip-opportunity-agent with ongoing management.

business-and-ip

View module details →

Go-To-Market Builder

Generator

Generates GTM strategy and launch plans. Covers positioning, messaging, channel strategy, pricing, launch timeline, and success metrics.

business-and-ipgrowth-and-marketing

View module details →

Pitch Deck Builder

Generator

Generates investor-ready pitch deck content using Sequoia, YC, and Guy Kawasaki frameworks. Covers problem, solution, market, traction, team, competition, and financials.

business-and-ip

View module details →

Pricing and Packaging Optimizer

Specialized

Optimizes pricing, packaging, tier structure, feature gates, and upgrade paths. Analyzes value ladders, willingness-to-pay signals, usage patterns, and competitor packaging for productized AI systems.

business-and-ipgrowth-and-marketing

View module details →

Customer Research Synthesizer

Specialized

Synthesizes customer interviews, reviews, support tickets, and sales notes into jobs-to-be-done, objections, buyer segments, and message priorities.

business-and-ipgrowth-and-marketing

View module details →

Content Engine Builder

Generator

Builds an AI-assisted content engine across docs, SEO, blog, social, tutorials, comparison pages, and lifecycle email using source-of-truth messaging and reusable content loops.

growth-and-marketing

View module details →

Ad Creative Optimizer

Generator

Designs and optimizes paid social and search ad creative using audience segments, hooks, objections, value props, proof points, and landing-page alignment. Produces test matrices for headlines, copy, visuals, and CTAs.

growth-and-marketing

View module details →

Growth Experiment Manager

Agentic

Manages growth hypotheses, experiment backlogs, A/B tests, success metrics, and decision rules across acquisition, activation, conversion, retention, and expansion.

growth-and-marketing

View module details →

Policy Gate Manager

Governance

Designs policy gates and approval workflows for AI-assisted development. Defines which skills, workflows, tools, or actions require approval, escalation, or blocking based on environment, risk, and role.

enterprise-control-plane

View module details →

Skill Access Manager

Governance

Defines role-based access to skills, workflows, tool categories, and privileged operations. Builds allowlists, denylists, environment scoping, and approval mappings for teams.

enterprise-control-plane

View module details →

Audit Evidence Dashboard Builder

Generator

Builds an audit evidence dashboard and evidence inventory for governance, compliance, security, change control, and workflow execution. Maps controls to evidence sources, freshness windows, owners, and auditor-ready exports.

enterprise-control-plane

View module details →

Procurement Security Questionnaire Builder

Generator

Generates structured responses to procurement, security, privacy, and vendor due-diligence questionnaires using governance, compliance, audit, and evidence artifacts.

enterprise-control-plane

View module details →

Starter Pack Orchestrator

Lifecycle

Curates a beginner-friendly starter pack of skills, workflows, and defaults based on experience level, project type, and goals to reduce cognitive overload.

beginner-starter

View module details →

Learning Path Builder

Generator

Creates a role-based learning path from beginner to advanced use of the skills framework. Sequences skills, workflows, and practice loops by maturity and outcomes.

beginner-starter

View module details →

Project Template Recommender

Generator

Recommends project templates, starter architectures, and skill bundles based on product goals, audience, stack preference, and maturity level.

beginner-starter

View module details →

Spending Awareness

Governance

Session-scoped cost estimation, budget tracking, and spend forecasting for AI agent usage. Estimates token consumption from observable work, projects burn rate against a budget, and reports at session end.

View module details →

Model Autopilot

Governance

IDE-aware step-by-step model switching with a mandatory STOP — SWITCH MODEL banner. Reads .project-ai/MODEL_AUTOPILOT.yaml. Resolves the active IDE (cursor, vscode, claude, windsurf, jetbrains, neovim, xcode, cli) and uses that IDE's actual picker labels (Opus 4.7, GPT-5 Codex, Cascade Base, Composer 2.5, claude-opus-4-7, …) from @enterprise-skills/core IDE_MODEL_MAPS. Forces a Model check verify before every step so the agent can't silently advance when the user is on the wrong picker.

View module details →

Project Cost Estimator

Governance

Estimates total project cost-to-completion across IDE plan tiers. Analyzes project scope, remaining work, and target timeline to recommend the optimal plan and predict upgrade/downgrade triggers.

View module details →

Offline-First Progress Sync

Agentic

Implements local-first progress or state persistence with server snapshot synchronization, deterministic merge rules, and reconnect-safe reconciliation behavior.

View module details →

Release Manager

Agentic

Universal release orchestration agent. Handles version bumping, changelog generation, git tagging, distribution, and rollback for any project type including the enterprise-skills repo itself.

View module details →

LaunchOps Agent

Agentic

Governed deployment operator across Vercel, Cloudflare, Supabase, Stripe, and GitHub. Reads a declarative tenant manifest, scans live vendor state, detects drift, and (in v1.1+) applies gated, audited, idempotent changes with evidence-backed verification. Pluggable adapter layer; AWS, GCP, Auth0, Sentry, Resend, etc. plug in without core changes. Uses runtime-agnostic adapters so v2 architect-os can wrap the same package as a BYO-dataplane control plane (no central token custody).

View module details →

Report Verifier

Governance

Mandatory output verification for agent-generated reports, audits, and statistical summaries. Extracts numerical claims, re-executes underlying queries, verifies aggregation integrity, checks methodology consistency, enforces attribution confidence levels, and corrects discrepancies before delivery.

View module details →

Stripe Production Grade

Specialized

Production-grade Stripe integration playbook. Environment separation (pk vs sk), webhook reliability and idempotency, SCA/3DS-capable PaymentIntents, PaymentMethod + SetupIntent modernization, subscription API alignment, Ruby and client SDK upgrades, Connect scope, wallets, disputes, billing portal, multi-currency, PCI/compliance checkpoints.

View module details →

Skill Catalog: All 97 AI Agent Skills | Enterprise Skills