Find your skills

Finds nondeterministic tests, clusters failures by stack signature, and isolates the root cause — then proposes a deterministic fix. Use whenever the user says "find the flaky test", "hunt flakes", "CI is red again", or complains that the suite passes locally but fails in CI. Refuses to declare a test flaky without reproducing the failure at least 3×.

Simulates 10,000 member journeys through a proposed loyalty program to surface retention, reward-cost, and tier-distribution risks before launch. Use when the user describes proposed tiers and rewards, pastes a program config, or asks "will this tier structure work?" / "what's the cost of this program?". Always reports a 95% confidence interval on reward cost — point estimates are false comfort.

Classifies an incoming support case, suggests a queue and priority, and drafts a short canned reply — always with a visible confidence score. Use when the user pastes a case body, gives a case ID, or says "where does this go?" / "triage this". Refuses when intent is ambiguous (returns `needs-human` + clarifying question). Never escalates on frustration alone.

Scaffolds a typed Agentforce action from a short spec: action file + Zod input/output schemas + a unit test with happy/negative/boundary cases + a usage snippet. Use when the user says "build an Agentforce action", "scaffold an action", describes an action by verb+noun (e.g. "lookupOrder"), or wants a new entry under `actions/`. Always validates input to resist prompt injection.

Scans a code diff for OWASP Top-10 issues — injection, auth bypass, crypto misuse, secrets — and reports only findings with a concrete exploit path. Use when the user asks for a security review, says "look for OWASP issues", pastes auth/session/crypto/input-handling code, or asks "is this safe?". No false positives: every finding must name a reachable exploit.

Turns a branch's diffs and PR descriptions into docs and changelog entries in the project's own voice. Use when the user says "draft release notes", "update the docs", "write the changelog for v2.1", points at a branch, or gives a set of PR URLs. Never claims a feature that isn't in the diff. Breaking changes get the project's own callout style.

Diagnoses a slow Postgres query and proposes an index or rewrite with the EXPLAIN plan as proof. Use when the user pastes a query, an EXPLAIN output, a `pg_stat_statements` row, or says "this query is slow", "why is this taking 3s", or "suggest an index". Refuses to recommend a new index without proving the seq scan is the cost driver.

Drafts a blameless postmortem from an incident's Slack thread, dashboards, and deploy timeline. Use whenever the user pastes an incident ID (INC-*), a Slack thread link, or says "write the postmortem for X" / "draft the retro". Quantifies impact. Never names individuals — roles only ("on-call", "deployer"). Every timeline entry must cite a Slack message timestamp.

Writes safe database migrations with a backfill plan and a rollback. Use this skill whenever the user describes a schema change ("add a column", "drop this table", "make Y required", "migrate the schema"), pastes a migration file for review, or asks whether a migration is safe to run in production. Refuses NOT NULL additions on tables >1M rows without a 3-phase plan. Always produces a rollback.

Drafts a conventional commit from the user's staged diff, matching the repo's own tone and convention. Use whenever the user says "commit this", "write a commit message", runs the skill before `git commit`, or wants to amend the last commit's message. Reads the last 30 commits to learn the repo's conventions before drafting — never invents a scope that hasn't been used before.

Generates unit tests for uncovered branches in a repo while mirroring the project's existing test conventions. Use when the user names a file or directory that needs tests, complains about low coverage, ships new code that needs tests written alongside, or asks to "add tests for X", "cover this file", or "fill coverage gaps". Learns from existing tests before writing a single line.

Reviews open pull requests for correctness, security, and test quality. Use this skill whenever the user asks to review a PR, check a diff, look at a branch before merging, or asks whether code is safe to ship. Triggers include "review PR #", "look at this diff", "is this safe to merge", pasting a GitHub/GitLab/Bitbucket PR URL, or pasting a raw `git diff`. Focuses on blocking bugs, not style. Always runs the test suite before reporting.