Find skills that will save your week.

Generates unit tests for uncovered branches in a repo while mirroring the project's existing test conventions. Use when the user names a file or directory that needs tests, complains about low coverage, ships new code that needs tests written alongside, or asks to "add tests for X", "cover this file", or "fill coverage gaps". Learns from existing tests before writing a single line.

Reviews open pull requests for correctness, security, and test quality. Use this skill whenever the user asks to review a PR, check a diff, look at a branch before merging, or asks whether code is safe to ship. Triggers include "review PR #", "look at this diff", "is this safe to merge", pasting a GitHub/GitLab/Bitbucket PR URL, or pasting a raw `git diff`. Focuses on blocking bugs, not style. Always runs the test suite before reporting.

Writes safe database migrations with a backfill plan and a rollback. Use this skill whenever the user describes a schema change ("add a column", "drop this table", "make Y required", "migrate the schema"), pastes a migration file for review, or asks whether a migration is safe to run in production. Refuses NOT NULL additions on tables >1M rows without a 3-phase plan. Always produces a rollback.

Drafts a conventional commit from the user's staged diff, matching the repo's own tone and convention. Use whenever the user says "commit this", "write a commit message", runs the skill before `git commit`, or wants to amend the last commit's message. Reads the last 30 commits to learn the repo's conventions before drafting — never invents a scope that hasn't been used before.

Scaffolds a typed Agentforce action from a short spec: action file + Zod input/output schemas + a unit test with happy/negative/boundary cases + a usage snippet. Use when the user says "build an Agentforce action", "scaffold an action", describes an action by verb+noun (e.g. "lookupOrder"), or wants a new entry under `actions/`. Always validates input to resist prompt injection.

Simulates 10,000 member journeys through a proposed loyalty program to surface retention, reward-cost, and tier-distribution risks before launch. Use when the user describes proposed tiers and rewards, pastes a program config, or asks "will this tier structure work?" / "what's the cost of this program?". Always reports a 95% confidence interval on reward cost — point estimates are false comfort.

Reviews open pull requests for correctness, security, and test quality. Use this skill whenever the user asks to review a PR, check a diff, look at a branch before merging, or asks whether code is safe to ship. Triggers include "review PR #", "look at this diff", "is this safe to merge", pasting a GitHub/GitLab/Bitbucket PR URL, or pasting a raw `git diff`. Focuses on blocking bugs, not style. Always runs the test suite before reporting.

Classifies an incoming support case, suggests a queue and priority, and drafts a short canned reply — always with a visible confidence score. Use when the user pastes a case body, gives a case ID, or says "where does this go?" / "triage this". Refuses when intent is ambiguous (returns `needs-human` + clarifying question). Never escalates on frustration alone.

Scans a code diff for OWASP Top-10 issues — injection, auth bypass, crypto misuse, secrets — and reports only findings with a concrete exploit path. Use when the user asks for a security review, says "look for OWASP issues", pastes auth/session/crypto/input-handling code, or asks "is this safe?". No false positives: every finding must name a reachable exploit.

Turns a branch's diffs and PR descriptions into docs and changelog entries in the project's own voice. Use when the user says "draft release notes", "update the docs", "write the changelog for v2.1", points at a branch, or gives a set of PR URLs. Never claims a feature that isn't in the diff. Breaking changes get the project's own callout style.