security-toolkit

Claude Skills — PDLC Role Collection

Comprehensive, standards-grounded Claude Code skills for every role in the Product Development Lifecycle.

454 skills and 173 commands across 57 plugins for 8 roles.

Roles

Role	Skills	Commands	Plugins	Standards Alignment
architect	63	10	8	TOGAF, IASA BTABoK, ISO 42010, SWEBOK v4
engineer	65	26	8	SWEBOK v4, SFIA v9, DORA, SPACE, ISO 25010
product-manager	65	26	8	AIPMM PmBoK, ISPMA SPMBoK, PDMA NPDP
tech-lead	63	25	8	SFIA v9, DORA/Accelerate, Team Topologies
security	64	25	8	NIST CSF 2.0, OWASP SAMM, MITRE ATT&CK, ISO 27001
designer	63	27	8	WCAG 2.2, ISO 9241, Nielsen Heuristics
qa-engineer	63	26	8	ISTQB, ISO 25010, WCAG 2.2, IEEE 829
sdlc	8	8	1	ISO/IEC 12207, ISO/IEC 15288

What Makes This Different

Every skill is built on three principles:

1. Standards-grounded — Each role maps to recognized professional bodies of knowledge (SWEBOK, TOGAF, OWASP, AIPMM). See STANDARDS.md.
2. LLM error mitigation — Every skill has an Anti-Patterns section targeting documented LLM failure modes (hallucination, over-generalization, constraint blindness, happy-path bias).
3. Artifact-producing — Every skill produces a concrete deliverable (document, diagram, decision record, test plan, policy), not just advice.

Quick Start

Install a Single Role

claude install github:sethdford/claude-skills/engineer

Install a Single Plugin

claude install github:sethdford/claude-skills/engineer/testing

Install All Roles

claude install github:sethdford/claude-skills

Skills vs Commands

• Skills are domain knowledge units (nouns). They teach Claude about a topic — like writing an ADR, designing a threat model, or creating a product roadmap.
• Commands are workflows (verbs). They chain multiple skills together — like running a full architecture review or planning a product launch.

Role Breakdown

Architect — 8 Plugins

Plugin	Skills	Commands	Focus
system-design	10	4	Decomposition, DDD, microservices, event-driven, CQRS
quality-attributes	8	3	Scalability, reliability, performance, trade-off analysis
decision-making	8	3	ADRs, technology radar, build-vs-buy, migration strategy
data-architecture	8	3	Data modeling, storage selection, event sourcing, pipelines
infrastructure-design	8	3	Cloud architecture, deployment, DR, multi-region
architecture-governance	7	3	Principles, fitness functions, tech debt, compliance
communication	7	3	C4 diagrams, RFCs, stakeholder presentations, roadmaps
architect-toolkit	7	3	Katas, reviews, mentoring, anti-patterns catalog

Engineer — 8 Plugins

Plugin	Skills	Commands	Focus
code-quality	10	4	Clean code, refactoring, SOLID, code smells
testing	9	4	TDD, property-based testing, test architecture
debugging	8	3	Systematic debugging, root cause analysis, postmortems
implementation-patterns	8	3	Design patterns, data structures, concurrency
api-development	8	3	REST, GraphQL, gRPC, API design and testing
devops-practices	8	3	CI/CD, containers, deployment, monitoring
database-engineering	7	3	Schema design, query optimization, migrations
engineer-toolkit	7	3	Technical writing, git workflow, incident response

Product Manager — 8 Plugins