Forensic-grade change analysis. Use after any Claude Code session to build a complete, precise inventory of every file created, modified, or deleted — with intent-vs-reality comparison and unexpected change detection. Trigger phrases: "what exactly changed", "change forensics", "show me everything that was touched", "full change inventory", "what files were affected", "trace the changes", "what did the session modify", "forensic analysis", "change map", "what got changed and why", "list all changes", "show me the diff breakdown". Goes deeper than git diff — traces the complete blast path of changes including hidden side effects, auto-generated files, config mutations, and lock file churn. Use before post-changes-audit, diff-review, or any time you need a precise accounting of a session's work. Feeds its file list and UNEXPECTED items directly into impact-radar, scope-guard, and regression-guard.

Master orchestration skill for implementing code changes with full safety coverage. This skill should be used when the user says "implement this", "build this feature", "make these changes", "code this up", "write the code", "implement the plan", "full implementation", "code changes", "/code-changes", or when beginning any non-trivial code implementation, feature build, refactor, or infrastructure change. Sequences 20+ skills across 5 phases: research → plan → implement → verify → close. Ensures no skill or agent is missed during implementation work. NOT for read-only analysis (use /read-only-plans) or debugging (use /debug-fix) or post-completion audits (use /post-changes-audit).

ALWAYS use this skill when committing code changes — never commit directly without it. Creates commits following Sentry conventions with proper conventional commit format and issue references. Trigger on any commit, git commit, save changes, or commit message task.

Pre-flight context analyzer for plans and prompts being handed off to another AI. Reads a plan, prompt, task description, or implementation spec and identifies the project or system being referenced, then enumerates every file needed for full context. Produces a structured Context Manifest — a ranked, categorized list of files with justifications — so the receiving AI has everything it needs to execute correctly. Use when the user says "context-preflight", "what files does this need", "gather context for this prompt", "what context should I attach", "prep context for Claude", "what files go with this plan", "context check", "run preflight on this", or any variation where a plan or prompt exists and the user wants to know which files to include alongside it. NOT for writing plans (use plan-to-prompt), NOT for analyzing plan quality (use plan-analyzer), NOT for running the plan itself.

Create a git branch following Sentry naming conventions. Use when asked to "create a branch", "new branch", "start a branch", "make a branch", "switch to a new branch", or when starting new work on the default branch.

Alias for sentry-skills:pr-writer. Use when users explicitly ask for "create-pr" or reference the legacy skill name. Redirects to the canonical PR writing workflow.

Master orchestration skill for systematic debugging, root cause analysis, and fix implementation. This skill should be used when the user says "fix this bug", "debug this", "something is broken", "this error", "not working", "investigate this failure", "troubleshoot", "fix this issue", "what's wrong", "crash", "exception", "traceback", "stack trace", "error message", "failing test", "regression", "debug-fix", "/debug-fix", or when any error, bug, failure, or unexpected behavior needs to be diagnosed and resolved. Sequences 22+ skills across 5 phases: diagnose → plan fix → implement fix → verify fix → close. Combines dual-debugger methodology (debugger + debugging-wizard) with TDD-driven fixes and full post-fix verification. NOT for greenfield implementation (use /code-changes) or read-only analysis (use /read-only-plans) or post-completion audits (use /post-changes-audit).

Parses error messages, traces execution flow through stack traces, correlates log entries to identify failure points, and applies systematic hypothesis-driven methodology to isolate and resolve bugs. Use when investigating errors, analyzing stack traces, finding root causes of unexpected behavior, troubleshooting crashes, or performing log analysis, error investigation, or root cause analysis.

This skill should be used when the user asks to "deploy checklist", "pre-deploy review", "ready to ship", "release checklist", "deployment plan", "go/no-go", "pre-release review", "production readiness", "canary deploy plan", "rollback plan", or any request to verify readiness before deploying a change to production. Also trigger when preparing to deploy, release, or ship code.

This skill should be used when the user asks to "review my diff", "check before commit", "diff review", "pre-commit check", "what changed", "scan my changes", "review staged changes", or needs a quality gate before any git commit. Trigger automatically before committing when preparing changes for review. Catches debug leftovers, accidental changes, leaked secrets, and quality issues in the actual diff that linters and security-review miss.

Deep, evidence-first investigation of a codebase, file set, system, bug, architecture, config, infrastructure, tool choice, dependency, security posture, or technical plan — producing a structured report with a precise action plan. Use when the user says "analyze", "investigate", "audit", "review", "deep dive", "what's wrong with", "examine", "assess", "evaluate", "inspect", "expert analysis on", "look into", or any variation where they want serious investigation, current web research, a written report, and actionable next steps. Also trigger when the user provides a file, directory, config, error, or system and wants to understand what's going on, what's broken, what's risky, or what should change. NOT for implementing changes (investigation only unless explicitly asked) and NOT for quick questions that don't need structured analysis.

Universal post-completion audit orchestrator — run after ANY Claude Code process finishes. Triggers on: "audit this", "audit what was done", "post-changes-audit", "/post-changes-audit", "review what was done", "post-implementation review", "check everything", "full audit", "validate the changes", "is this ready for PR", "final review", "quality gate", "sign-off check", "verify the work", "run post-check", "run the audit", "audit the session", "post-audit", "what did claude do", "review the session", "check what changed". Use after: code implementations, debug sessions, plan executions, agent tasks, swarm completions, refactors, infrastructure changes, migrations, installs, or any multi-step workflow. Sequences 22 skills across 5 phases: forensic inventory → deep review → impact & regression → security & compliance → verdict & paper trail. Read-only by default — fixes only applied when explicitly requested. NOT for implementing changes or planning.

Run immediately after a bug or issue has been confirmed fixed. Extracts all information about the issue — symptoms, root cause, the fix, files changed, and patterns to avoid — then writes structured entries to the project's persistent memory (MEMORY.md and/or topic files) and optionally promotes generalizable rules to CLAUDE.md. Ensures the same mistake is never made again in future sessions. Trigger on: "save this fix", "remember this bug", "log this issue", "post-fix memory", "commit this to memory", "don't let this happen again", "/post-fix-memory", "remember what went wrong", or any variation after a successful fix where the user wants it retained. NOT for planning fixes or debugging active issues — use systematic-debugging for that.

Master orchestration skill for research, planning, and analysis — without modifying code. This skill should be used when the user says "plan this", "analyze this", "review this approach", "what should we do", "design this", "think through this", "scope this out", "write a plan", "read-only analysis", "investigate before implementing", "research and plan", "/read-only-plans", or when the task requires deep thinking, structured analysis, or planning before any code is touched. Sequences 15+ skills across 4 phases: research → analyze → plan → challenge. Produces a decision-complete plan or analysis report without modifying any project files. NOT for implementing changes (use /code-changes) or debugging (use /debug-fix) or post-completion audits (use /post-changes-audit).

Regression detection and protection. Run after any code change to verify that existing functionality that worked before the change still works after. Trigger phrases: "check for regressions", "regression guard", "did anything break", "regression check", "verify nothing broke", "test what was working before", "regression test", "did I break anything", "make sure existing tests pass", "check backwards compatibility", "verify existing behavior", "test regression", "catch regressions", "regression scan". Goes beyond running the test suite — identifies which existing behaviors are most at risk from the specific changes made, targets those first, and produces a clear pass/fail verdict per regression class. Use after implementation, refactors, or any change to shared code. In the post-changes-audit chain, run after impact-radar identifies the blast radius and provides regression targets.

Research specialist for gathering current information. Use PROACTIVELY before implementing any task that involves unfamiliar libraries, frameworks, APIs, or technologies. Trigger when the task mentions a specific tool or library, requires knowledge of current best practices, or involves architectural decisions. Finds current best practices, library versions, security advisories, and up-to-date documentation.

This skill should be used when the user asks to "check if this exists", "reuse check", "don't reinvent the wheel", "find existing solution", "is there already a", or before implementing any new function, utility, class, component, or wrapper. Systematically scans the codebase and installed packages for existing solutions that could be reused, extended, or wrapped instead of built from scratch.

This skill should be used when the user asks for a "scope check", "am I on track", "staying focused", "check for scope creep", "what was I asked to do", or when performing any multi-step implementation task. Trigger automatically during planning, implementation, and before marking work complete. Prevents scope creep by comparing current work against the original user request.

This skill should be used when the user asks to 'security review', 'check for vulnerabilities', 'secure this code', 'OWASP check', or when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns. Distinct from security-reviewer (which runs proactively after edits) and security-scan (which scans .claude/ config).

Scan your Claude Code configuration (.claude/ directory) for security vulnerabilities, misconfigurations, and injection risks using AgentShield. Checks CLAUDE.md, settings.json, MCP servers, hooks, and agent definitions.

Create new Claude Code Skills with proper YAML frontmatter, progressive disclosure structure, and complete directory organization. Use when you need to build custom skills for specific workflows, generate skill templates, or understand the Claude Skills specification.

This skill should be used when the user asks to "write my standup", "generate standup update", "standup summary", "what did I do yesterday", "daily update", "scrum update", "status update", "summarize recent work", or wants to summarize recent commits, PRs, or work into a concise team update. Also trigger when the user pastes git logs or commit messages and wants them formatted as a standup.

Use when implementing any feature or bugfix, before writing implementation code

Run a deep, professional, read-only audit of a repo, service, system, config set, bot, workflow, or prompt system and return a structured findings report directly in chat. Use when the user explicitly asks for a full audit, assessment, review, or health/security/reliability analysis.

build

This skill should be used when the user asks to "check my assumptions", "what am I assuming", "assumptions audit", "verify assumptions", "assumption check", "what are the risks", or needs implicit assumptions surfaced. Also trigger proactively during planning phases, before executing approved plans, and when making architectural or design decisions.

This skill should be used when the user asks to "review my diff", "check before commit", "diff review", "pre-commit check", "what changed", "scan my changes", "review staged changes", or needs a quality gate before any git commit. Trigger automatically before committing when preparing changes for review. Catches debug leftovers, accidental changes, leaked secrets, and quality issues in the actual diff that linters and security-review miss.

This skill should be used when the user asks to "check if this exists", "reuse check", "don't reinvent the wheel", "find existing solution", "is there already a", or before implementing any new function, utility, class, component, or wrapper. Systematically scans the codebase and installed packages for existing solutions that could be reused, extended, or wrapped instead of built from scratch.

This skill should be used when the user asks for a "scope check", "am I on track", "staying focused", "check for scope creep", "what was I asked to do", or when performing any multi-step implementation task. Trigger automatically during planning, implementation, and before marking work complete. Prevents scope creep by comparing current work against the original user request.

Deep post-completion review. Use PROACTIVELY immediately after code changes, fixes, refactors, installs, config edits, migrations, or automation work. Trigger before claiming any task is complete. Finds missed issues, patches them, and validates the final state.

This skill should be used when the user asks to "check my assumptions", "what am I assuming", "assumptions audit", "verify assumptions", "assumption check", "what are the risks", or needs implicit assumptions surfaced. Also trigger proactively during planning phases, before executing approved plans, and when making architectural or design decisions.

Generates a structured, human-readable audit report of everything Claude Code did in a session. Use at the end of any session to create a complete paper trail suitable for commit messages, PR descriptions, code review, standup notes, and documentation. Trigger phrases: "audit trail", "session report", "what did we do", "summarize the session", "generate a report", "write up what happened", "pr description", "commit summary", "session summary", "document the changes", "write the audit report", "what was accomplished", "session changelog", "generate commit message", "write the PR", "document this session", "create a report of the work done". Synthesizes all available session context — git diff, changed files, task history, issues found and fixed, verification results — into four structured outputs: executive summary, technical audit log, commit message, and PR description draft. Run as the final step of post-changes-audit after all fixes are applied.

Stage all changes, create a conventional commit, and push to the remote branch. Use when explicitly asks to push changes ("push this", "commit and push"), mentions saving work to remote ("save to github", "push to remote"), or completes a feature and wants to share it.

Downstream impact and blast radius analysis. Use after code changes to determine what other files, modules, tests, services, and systems are affected by what was just modified. Trigger phrases: "what else is affected", "impact analysis", "blast radius", "what depends on this", "downstream impact", "what could break from these changes", "impact radar", "dependency trace", "ripple analysis", "what imports this", "who uses this", "what calls this", "trace dependencies", "reverse dependency check". Traces import graphs, reverse dependencies, test coverage overlaps, config references, and API contract consumers to surface the complete set of things the changes could affect — not just the files that changed. Essential before merging, deploying, or claiming a change is isolated. Use after change-forensics provides the file list, or pass files directly as arguments. Feeds its Recommended Regression Targets into regression-guard.

Auto-lint and format specialist. Use PROACTIVELY after any Python, Bash, or JS file edit to enforce code quality. Trigger when files are written or edited. Runs ruff (Python), shellcheck (Bash), and prettier (JS/HTML/CSS) on edited files. Reports what was auto-fixed.

AI-assisted pair programming with multiple modes (driver/navigator/switch), real-time verification, quality monitoring, and comprehensive testing. Supports TDD, debugging, refactoring, and learning sessions. Features automatic role switching, continuous code review, security scanning, and performance optimization with truth-score verification.

Research-first implementation planner. Use PROACTIVELY before any non-trivial multi-step task, new feature, architecture change, or refactor. Trigger when the task requires planning, scoping, design, implementation strategy, phased rollout, or risk analysis. Produces a durable ExecPlan-style spec. Do not use for direct execution from an already approved plan.

Execute an already approved plan, report, analysis, or set of next steps from a prior planning process. Use after /plan-builder, /audit, /expert-analysis, /analyze, or any conversation that produced a plan, report with recommendations, next steps, or action items that the user wants carried out. Do not use to invent the plan from a vague goal.

Generates test files, creates mocking strategies, analyzes code coverage, designs test architectures, and produces test plans and defect reports across functional, performance, and security testing disciplines. Use when writing unit tests, integration tests, or E2E tests; creating test strategies or automation frameworks; analyzing coverage gaps; performance testing with k6 or Artillery; security testing with OWASP methods; debugging flaky tests; or working on QA, regression, test automation, quality gates, shift-left testing, or test maintenance.

Test execution specialist. Use PROACTIVELY after any code changes to run tests and validate behavior. Trigger when new functions are written, existing code is refactored, bug fixes are applied, or the user mentions testing. Always run before marking any implementation task as complete. Runs pytest, unittest, or bash test scripts and reports pass/fail summary.

This skill should be used when the user asks about "testing strategy", "what should I test", "test plan", "testing approach", "test coverage plan", "how to test this", "unit vs integration tests", "E2E testing", "test pyramid", "test architecture", "test data management", "CI test pipeline", or when building a new feature and needs guidance on which tests to write. For writing actual tests, prefer test-master or tdd-workflow skills instead.

Use when challenging ideas, plans, decisions, or proposals using structured critical reasoning. Invoke to play devil's advocate, run a pre-mortem, red team, or audit evidence and assumptions.

This skill should be used when the user asks to 'verify my work', 'check everything', 'verification pass', 'final check', 'validate session', 'pre-completion check', or needs a comprehensive pre-completion verification of all changes made during the session. Also trigger when about to claim work is done or before creating a commit/PR.

Comprehensive truth scoring, code quality verification, and automatic rollback system with 0.95 accuracy threshold for ensuring high-quality agent outputs and codebase reliability.