cortex

Audit frontend for WCAG 2.1 AA compliance: check semantic HTML, ARIA labels, color contrast, keyboard navigation, screen reader support. Usage: /accessibility [page-or-component] [--fix] [--level=AA|AAA]

Scan an existing codebase to map architecture, identify tech stack, and generate project intelligence. Creates PROJECT_ANALYSIS.md + auto-generates CLAUDE.md. Usage: /analyze-project [path-to-project]

Auto-generate API documentation from codebase. Creates OpenAPI spec, endpoint docs, and Postman collection.

Generate security audit logging system with immutable event trail, compliance reporting (GDPR/SOC2), and suspicious activity alerting. Usage: /audit-setup [init | report | alerts | compliance]

Fully autonomous product builder. Takes a PRD/spec and builds the entire product without human intervention. Usage: /auto-build <path-to-prd.md> or /auto-build 'product description' --max-iterations 100

Configure automated backup schedules, test restore procedures, and generate disaster recovery runbooks. Usage: /backup-dr [setup | test-restore | runbook | status]

Auto-generate CHANGELOG.md from git history using Conventional Commits. Groups by version, categorizes changes, links PRs. Usage: /changelog [--since=v1.0.0] [--format=keepachangelog|conventional]

Run a comprehensive automated code review on staged changes or a specific branch/PR. Usage: /code-review [branch-name] or /code-review --staged

Generate and manage database migrations safely. Usage: /db-migrate <action> (generate|run|rollback|status)

AI-powered debugging: analyze errors, trace root causes, read logs, and auto-fix issues. Usage: /debug <error-description-or-log-file>

Auto-update dependencies safely: check outdated packages, review changelogs, test after each bump, rollback on failure. Usage: /dep-update [--security-only] [--major] [--dry-run]

Prepare and execute deployment with pre-flight checks, security scan, and post-deploy health verification. Usage: /deploy <environment> (staging|production)

Clean up unused Docker containers, images, volumes, and networks. Usage: /docker-clean [--all | --containers | --images | --volumes | --networks | --dangling]

Generate end-to-end tests using Playwright (web) and Detox (mobile). Covers user flows, visual regression, and cross-browser testing. Usage: /e2e-test [flow-name|--all] [--visual]

Validate environment variable parity across dev/staging/prod, detect config drift, and manage encrypted secrets. Usage: /env-sync [check | diff | encrypt | rotate | init]

Generate feature flag system with MySQL + Redis cache, per-user/percentage rollout, kill switch, and admin UI. Usage: /feature-flags [init | create | list | toggle | cleanup]

Guided feature development from spec to PR with sprint plan tracking. Usage: /feature <feature-description-or-sprint-task-id>

Compare existing app against Alpha AI engineering standards — ONLY checks what's relevant to YOUR project. Generates GAP_ANALYSIS.md with what's present, missing, and needs migration. Usage: /gap-analysis [path-to-project]

Generate complete brand identity with SVG logos, color system, typography, and design tokens. Claude writes SVG code directly — no API key needed. Usage: /gen-brand 'ProductName — description' or /gen-brand ./PRD.md

Generate CI/CD pipelines for GitHub Actions, GitLab CI, or Bitbucket Pipelines. Auto-detects stack from project. Usage: /gen-ci [github-actions|gitlab-ci|bitbucket] [--full]

Generate a detailed PRD from a brief idea, pre-configured for Alpha AI's tech stack. Supports Python/FastAPI, Node.js/NestJS, Java/Spring Boot backends. Usage: /gen-prd 'brief product idea' [--lang=python|nestjs|springboot]

Auto-generate comprehensive tests for a file or module. Usage: /gen-tests <file-path> or /gen-tests --all-untested

Run a comprehensive project health audit — dependencies, security, code quality, documentation, and CI/CD status.

Initialize a new or upgrade existing project with Alpha AI's standard architecture. Supports Python/FastAPI, Node.js/NestJS, Java/Spring Boot. Usage: /init-project <project-name> [--lang=python|nestjs|springboot] [--with-frontend] [--with-mobile] [--with-ai] [--existing]

Conduct deep market research before building a product. Analyzes competitors, market trends, user pain points, pricing models, and technical landscape. Usage: /market-research 'product idea or category'

Safely migrate technology components in an existing app to Alpha AI's standard stack. Handles data migration, code refactoring, and testing. Usage: /migrate-stack <migration-description>

Set up Prometheus + Grafana monitoring stack with pre-configured dashboards, alerts, and application metrics. Usage: /monitoring [setup | dashboard | alerts | status]

Onboard a new developer to the project. Generates personalized onboarding plan, sets up dev environment, creates first tasks, and provides codebase walkthrough.

Generate and run performance/load tests using k6 or Locust. Benchmark API endpoints, detect bottlenecks, generate reports. Usage: /perf-test [endpoint-or-all] [--users=100] [--duration=60s]

AI-powered code refactoring: extract functions, decompose modules, rename symbols, fix code smells, enforce patterns. Usage: /refactor <file-or-module> [--type=extract|decompose|rename|cleanup] [--yes]

> **This file is referenced by `/auto-build` command.** Do NOT invoke this file directly.

> **This file is referenced by `/auto-build` command.** Do NOT invoke this file directly.

> **This file is referenced by `/auto-build` and `/resume-build` commands.**

Automate releases: bump version, generate changelog, create git tag, and publish GitHub/GitLab release. Usage: /release [major|minor|patch] [--dry-run]

Resume an interrupted autonomous build from the last saved state. Supports Agent Teams upgrade. Usage: /resume-build

Add missing Alpha AI features to an existing app without breaking existing code. Supports all 36 features. Usage: /retrofit <feature-name> [--all] [--from-gap-analysis]

Generate operational runbooks and playbooks for incident response, routine maintenance, and disaster recovery. Usage: /runbook [--type=incident|maintenance|disaster-recovery|all]

Run comprehensive security audit: SAST, dependency vulnerabilities, secret detection, OWASP Top 10 checks, and Docker security. Usage: /security-scan [--full] [--fix]

Generate realistic seed data for development and testing. Reads models to create factories, fixtures, and database seeders. Usage: /seed-data [--count=100] [--model=User] [--format=sql|json|python]

Complete ship workflow: code-review → lint → test → commit → push → create PR → verify CI. Auto-updates sprint plan. Usage: /ship [commit-message] [--skip-review]

Break PRD or feature list into sprint-sized tasks with estimates, dependencies, and assignments. Generates SPRINT_PLAN.md. Usage: /sprint-plan <prd-file-or-feature-description> [--sprints=4] [--team-size=3]

Scan codebase for technical debt: code smells, TODO/FIXME, outdated patterns, test gaps, dependency issues. Generates TECH_DEBT.md with prioritized action plan. Usage: /tech-debt [--fix-quick-wins]

Specialized agent for architectural analysis, design decisions, and codebase structure recommendations.

Specialized agent for brand identity design — SVG logo generation, color systems, typography selection, design tokens, and brand consistency auditing. Spawnable during auto-build Phase -0.5 or from /gen-brand.

Specialized agent for database performance analysis — identifies slow queries, missing indexes, N+1 problems, and provides optimization recommendations.

DevOps and infrastructure specialist. Generates CI/CD pipelines, Docker configs, Kubernetes manifests, Terraform configs, and handles deployment automation.

Technical documentation specialist. Generates README files, architecture docs, API references, deployment guides, and user manuals from codebase analysis.

Interactive onboarding mentor that answers new developer questions about the codebase, explains patterns, and provides guided tours of specific modules.

Parallel build coordinator — orchestrates multiple named developer subagents working on different parts of the product simultaneously. Used internally by /auto-build for faster execution.

Performance analysis specialist. Profiles API endpoints, detects N+1 queries, analyzes database performance, identifies memory leaks, and recommends optimizations.

Specialized agent for security analysis — scans for vulnerabilities, secrets, and security misconfigurations.

Self-healing agent that diagnoses and fixes build/test/lint errors autonomously. Called when the auto-build encounters failures.

Specialized agent for test strategy, coverage analysis, and test quality improvement.

ALWAYS auto-invoked on ANY code writing task. Enforces Alpha AI's CORE standards (layered architecture, JWT+HTTP-Only Cookies, MySQL+ORM, linting, type checking, testing) across all backend languages: Python/FastAPI, Node.js/NestJS, Java/Spring Boot. CONDITIONAL standards (MongoDB, Redis, Razorpay, Meilisearch, Mobile, GenAI, etc.) are enforced ONLY when the project uses those technologies. Detects backend language + project context from code, dependencies, and PRD before applying rules.

Auto-invoked when Claude performs code review tasks. Provides structured 6-dimension review methodology (correctness, security, performance, readability, testing, architecture) with severity levels from critical to praise.

Auto-invoked when Claude handles deployment tasks, CI/CD configuration, or release management. Provides pre-deployment checklists, deployment strategy selection (rolling, blue-green, canary), environment promotion flow, rollback procedures, and post-deploy monitoring guidance.

Auto-invoked when creating Docker files, CI/CD pipelines, deployment configs, Kubernetes manifests, or infrastructure code. Enforces Alpha AI DevOps standards.

Auto-invoked when Claude detects developer onboarding tasks, environment setup questions, or codebase exploration from new team members. Provides structured onboarding checklists (Day 1 through Week 2), setup guides with copy-pasteable commands, troubleshooting FAQ templates, and architecture overview documentation.

Auto-invoked when writing database queries, API endpoints, caching logic, or any performance-sensitive code. Enforces performance best practices and prevents common bottlenecks.

Auto-invoked when Claude detects project initialization, scaffolding, or boilerplate setup tasks. Provides best practices for project structure, Docker multi-stage builds, CI/CD pipeline stages, environment management, and configuration file conventions.

Auto-invoked when writing auth code, handling user input, configuring CORS/CSP, managing secrets, or implementing any security-related feature. Enforces OWASP Top 10 protections and Alpha AI security standards.

Auto-invoked when Claude works on testing tasks — test generation, coverage analysis, or test strategy. Provides test pyramid guidance, AAA structure patterns, naming conventions, mocking guidelines, and coverage targets (>80% overall, >95% critical paths, 100% new code).

8 hooks across 7 events