claude-initial-setup

Review API design for REST conventions and best practices

Incrementally fix build errors one at a time

Create a git commit checkpoint of current progress

Review database schema, queries, and migrations

Systematic debugging process to isolate and fix issues

Pre-deployment verification checklist

Auto-fix lint and formatting issues across the codebase

Profile and optimize application performance

Create a detailed implementation plan for a feature or project

Clean up dead code and refactor for maintainability

Run code review on recent changes

Run OWASP-based security audit on the codebase

Start test-driven development workflow for a feature or fix

Analyze test coverage and add missing tests to reach 80%

Find and update outdated documentation

REST and GraphQL API design and review specialist. Use PROACTIVELY when the user creates or modifies API endpoints, defines route handlers, or designs request/response schemas. Trigger on any API-related code changes, endpoint additions, or when reviewing API contracts.

System design and architecture specialist for scalability, patterns, and technical decision-making. Use PROACTIVELY when the user faces architectural decisions, needs to choose between patterns, or is designing a new system or major module. Trigger on questions about structure, scaling, or tradeoffs.

Build and type error resolution specialist that fixes compilation failures with minimal diffs. Use PROACTIVELY when the build fails, TypeScript reports type errors, or any compilation step produces errors. Trigger immediately on build failures, type check failures, or lint errors.

Code quality, security, and maintainability reviewer. Use PROACTIVELY immediately after writing or modifying any code, before commits on modified files, during pull request reviews, and when refactoring existing code. MUST BE USED after implementing a feature or fix, before creating a commit, when reviewing PR diffs, and after any refactoring session. Trigger on any code change to catch bugs, security issues, mutation violations, and quality regressions early.

Database schema design, query optimization, and migration review specialist. Use PROACTIVELY when the user creates or modifies database schemas, writes complex queries, creates migrations, or works with ORMs. Trigger on any database-related code changes or performance issues involving data access.

Systematic debugging specialist using hypothesis testing and binary search to isolate root causes. Use PROACTIVELY when the user encounters unexpected behavior, failing tests, runtime errors, or any bug report. Trigger when something is not working as expected and the cause is unclear.

Docker, CI/CD, infrastructure, and deployment specialist. Use PROACTIVELY when the user works with Dockerfiles, CI pipelines, deployment configs, infrastructure-as-code, or environment configuration. Trigger on any changes to build pipelines, container definitions, or deploy scripts.

Documentation and README update specialist. Use PROACTIVELY when code changes affect public APIs, configuration, installation steps, or usage patterns. Trigger when documentation is outdated, missing, or when the user explicitly requests documentation updates.

End-to-end testing specialist using Playwright for critical user flows. Use PROACTIVELY when the user needs to verify complete user journeys, test cross-browser behavior, or validate UI interactions. Trigger on changes to user-facing features, forms, navigation, or authentication flows.

Performance profiling and optimization specialist. Use PROACTIVELY when the user reports slow performance, when code has obvious inefficiencies (N+1 queries, unnecessary re-renders, unbounded loops), or when optimizing critical paths. Trigger on performance complaints or scalability concerns.

Implementation planning specialist for complex features and refactoring. Use PROACTIVELY when the user requests a multi-step feature, large refactor, or any task that spans multiple files or modules. Trigger immediately on ambiguous or complex requests before writing any code.

Dead code cleanup and consolidation specialist. Use PROACTIVELY when the codebase has unused exports, orphaned files, duplicated logic, or when the user requests cleanup, consolidation, or removal of deprecated code. Trigger on requests to clean up, simplify, or reduce code duplication.

Security analysis specialist for OWASP vulnerabilities, secrets detection, injection, XSS, and CSRF prevention. Use PROACTIVELY when writing authentication or authorization code, handling user input, creating or modifying API endpoints, working with payment or sensitive data flows, adding or changing environment variables and secrets, or introducing new dependencies. MUST BE USED before any commit touching security-sensitive code. Trigger immediately on changes to login, signup, password reset, session management, file uploads, or any code that processes external data.

Test-driven development enforcement specialist ensuring 80%+ code coverage. Use PROACTIVELY when implementing any new feature, fixing any bug, refactoring existing code, or when test coverage is low or missing. MUST BE USED on every feature request, bug report, and refactoring task to enforce the write-tests-first workflow. Trigger immediately when the user writes implementation code without tests, when coverage drops below 80%, or when adding logic to untested modules.

Patterns for running independent tasks in parallel using multiple tool calls and Agent invocations. Use when the user has multiple independent operations, asks about fan-out/fan-in, or wants to speed up multi-step workflows.

Patterns for when and how to use Claude Code subagents via the Agent tool. Use when the user needs to delegate research, run parallel investigations, protect the main context window, or asks about subagent types like Explore or Plan.

Patterns for using TaskCreate, TaskUpdate, TaskList, and TaskGet to coordinate multi-step work. Use when the user has a complex project with multiple steps, needs progress tracking, dependency management, or multi-agent task assignment.

Patterns for inter-agent communication including message passing, shared state, event-driven architectures, pub/sub, inbox/outbox, and structured vs freeform messages. Use when the user is building systems where multiple agents need to communicate, share information, coordinate work, or pass data between processing stages.

Strategies for managing AI agent context windows including optimization, summarization, retrieval-augmented generation, progressive disclosure, and pruning. Use when the user is hitting context limits, building long-running agents, implementing RAG, optimizing token usage, or designing systems that need to manage large amounts of information within limited context windows.

Patterns for multi-agent systems including orchestrator, pipeline, consensus, delegation, supervisor, and swarm patterns. Use when the user is building multi-agent workflows, coordinating multiple AI agents, implementing agent delegation or supervision, or designing systems where agents collaborate on complex tasks.

Guide for deployment strategies including blue-green, canary, rolling updates, feature flags, and rollback procedures. Use when the user asks about deployment patterns, zero-downtime deployments, release strategies, or rollback plans. Trigger whenever deployment, release management, or production rollout is discussed.

Guide for writing GitHub Actions workflows with triggers, reusable workflows, matrix strategies, caching, secrets, and composite actions. Use when the user creates or modifies GitHub Actions workflows, asks about CI/CD on GitHub, or needs help with workflow syntax. Trigger whenever GitHub Actions, .github/workflows, or CI pipelines on GitHub are mentioned.

Guide for designing CI/CD pipelines with artifact management, environment promotion, parallel jobs, quality gates, and notifications. Use when the user designs a CI/CD pipeline, asks about deployment workflows, needs to structure build-test-deploy stages, or wants to optimize pipeline performance. Trigger whenever CI/CD architecture or pipeline design is discussed.

Guide for Anthropic Python/TypeScript SDK usage including messages API, streaming, prompt caching, batches, token counting, and error handling. Use when the user is building with the Anthropic API, setting up Claude SDK, calling messages endpoints, implementing streaming, or troubleshooting API errors.

Prompt engineering patterns for Claude including system prompts, few-shot examples, chain-of-thought, structured output, templates, and prefilling. Use when the user is writing prompts, designing system instructions, extracting structured data, building prompt templates, or optimizing Claude responses for quality and consistency.

Patterns for Claude tool use including tool definition schemas, multi-tool orchestration, parallel tool calls, error handling, and result formatting. Use when the user is defining tools for Claude, building agentic workflows with tool calling, handling tool errors, or implementing multi-step tool pipelines.

Set up automated code quality tools: ESLint, Prettier, pre-commit hooks, and CI linting. Activate whenever the user sets up a new project, asks about code formatting, configures linters, sets up Git hooks, or mentions Husky, lint-staged, CODEOWNERS, or pre-commit hooks. Also activate when discussing consistent code style enforcement.

Enforce pull request best practices: size limits, description templates, testing requirements, and review workflows. Activate whenever the user creates a PR, asks about PR best practices, sets up PR templates, discusses code review turnaround, or mentions PR size, review requirements, or branch protection rules.

Systematic code review checklist with severity classification. Activate whenever the user asks for a code review, wants feedback on their code, submits a PR for review, or asks what to look for when reviewing code. Also activate when writing review comments or discussing code quality standards.

Guide file and directory organization for maintainable codebases. Use when the user creates new files, asks where to put code, plans project structure, or when a file exceeds 400 lines. Apply when scaffolding new projects or refactoring large files into smaller modules.

Enforce immutable data patterns across JavaScript, TypeScript, Python, and Go. Use when the user writes code that mutates objects, arrays, or state. Apply whenever modifying data structures, updating state, or reviewing code for mutation bugs. Always prefer immutable patterns over in-place mutation.

Enforce consistent naming conventions for variables, functions, files, and more. Use when the user names variables, functions, classes, files, database columns, or constants. Apply when reviewing code for naming consistency or when the user asks about naming best practices.

Guide git branching strategies, branch naming, and merge/rebase decisions. Use when the user creates branches, asks about Git Flow vs trunk-based development, discusses merge vs rebase, or is setting up a new repository's branching model.

Enforce conventional commits format with proper types, scopes, and breaking change notation. Use when the user is committing code, writing commit messages, asks about commit format, or when you are about to create a git commit. Always apply this skill before running git commit.

Guide pull request creation, review process, CI gates, and merge strategies. Use when the user creates a PR, asks about PR templates, review workflows, CODEOWNERS setup, or merge strategies. Apply when running gh pr create.

Guide for database schema migrations with zero-downtime patterns, rollback strategies, data migrations, and migration testing. Use when the user writes database migrations, asks about schema changes in production, needs zero-downtime migration patterns, or plans rollback strategies. Trigger whenever database migration, schema change, or ALTER TABLE in production is discussed.

Guide for optimizing SQL queries with EXPLAIN ANALYZE, index tuning, N+1 detection, covering indexes, and query plan analysis. Use when the user has slow database queries, asks about query performance, needs to interpret EXPLAIN output, or wants to eliminate N+1 queries. Trigger whenever query performance, slow queries, or database optimization is discussed.

Guide for relational database schema design with normalization, indexing strategy, constraints, naming conventions, and denormalization tradeoffs. Use when the user designs database tables, asks about normalization, needs indexing advice, or defines foreign key relationships. Trigger whenever database schema, table design, or data modeling is discussed.

Read stack traces, follow error chains, and trace errors to their root cause. Use when the user encounters an error message, stack trace, exception, or crash. Apply when debugging async errors, React error boundaries, source map issues, or when an error message is unclear.

Implement structured logging and analyze logs to diagnose issues. Use when the user sets up logging, asks about log levels, needs to trace requests through distributed systems, or is analyzing log output to debug a problem. Apply when adding logging to any application.

Apply structured debugging techniques to find and fix bugs efficiently. Use when the user reports a bug, encounters unexpected behavior, says something is "not working", or asks for help debugging. Apply hypothesis-driven debugging instead of random changes.

Customize Django admin: ModelAdmin, inline models, custom actions, list_display, list_filter, search, admin site customization, and custom views. Use when the user configures Django admin, asks about admin customization, registers models, or needs admin-side data management features. Trigger when you see bare admin.site.register() calls without ModelAdmin classes.

Master Django ORM patterns: QuerySets, select_related, prefetch_related, F/Q objects, annotations, aggregations, and raw SQL safety. Use when the user writes Django database queries, asks about ORM optimization, encounters N+1 queries, or works with complex filtering and aggregation. Trigger when you see inefficient Django queries.

Build REST APIs with Django REST Framework: serializers, ViewSets, permissions, pagination, filtering with django-filter, throttling, and versioning. Use when the user builds Django APIs, asks about DRF patterns, implements CRUD endpoints, or needs API authentication and permissions. Trigger when you see Django views returning JSON manually instead of using DRF.

Guide for writing Docker Compose files with services, networks, volumes, health checks, and environment management. Use when the user creates or modifies docker-compose.yml, asks about multi-container setups, local development environments, or service orchestration. Trigger whenever Docker Compose, multi-container, or local dev environment is mentioned.

Guide for writing production-ready Dockerfiles with multi-stage builds, layer caching, security hardening, and optimized image sizes. Use when the user creates a Dockerfile, asks about Docker image optimization, mentions container security, or needs help with build performance. Trigger whenever Docker or container packaging is discussed.

Guide for Docker multi-stage builds with builder patterns, distroless and alpine base images, cache mounts, and build args. Use when the user needs to optimize Docker image size, separate build from runtime dependencies, or improve build performance. Trigger when the user mentions multi-stage, distroless, slim images, or Docker build optimization.

Express.js error handling patterns including async error catching, custom error classes, centralized error middleware, and the distinction between operational and programmer errors. Use when the user is handling errors in Express, writing async route handlers, creating custom error types, or debugging unhandled rejections. Trigger on mentions of Express error handling, async errors, error middleware, AppError, or unhandled exceptions in Node.js.

Express middleware chain patterns including auth middleware, error middleware, rate limiting, CORS configuration, and request validation. Use when the user is building Express.js APIs, configuring middleware, implementing authentication guards, adding rate limiting, or setting up CORS. Trigger on any mention of Express middleware, request pipeline, auth guards, rate limiting, or Express CORS.

RESTful API design conventions for Node.js including resource naming, pagination, filtering, sorting, HATEOAS links, versioning, and content negotiation. Use when the user is designing REST APIs, asking about pagination or filtering patterns, implementing API versioning, or building CRUD endpoints. Trigger on mentions of REST API design, API pagination, query parameters, HATEOAS, API versioning, or RESTful conventions.

Build async FastAPI applications with async/await endpoints, background tasks, middleware, lifespan events, WebSockets, and streaming responses. Use when the user builds a FastAPI app, asks about async patterns, implements real-time features, or needs non-blocking I/O. Trigger when you see synchronous code in FastAPI that should be async.

Implement FastAPI dependency injection with Depends(), security dependencies, database session management, request-scoped deps, and testing with overrides. Use when the user builds FastAPI endpoints, manages database connections, implements auth, or asks about dependency injection. Trigger when you see repeated setup logic in endpoint functions that should be extracted to dependencies.

Validate data with Pydantic v2: BaseModel, Field validators, model validators, computed fields, discriminated unions, and custom types. Use when the user defines API schemas, validates input data, works with Pydantic models, or asks about data validation in Python. Trigger when you see dict-based data handling that should use Pydantic models.

Apply safe, idiomatic Go concurrency patterns with goroutines and channels. Use when the user works with goroutines, channels, sync primitives, context cancellation, worker pools, fan-in/fan-out, select statements, or asks about concurrent Go programming and avoiding race conditions.

Implement robust Go error handling with wrapping, sentinel errors, and custom types. Use when the user handles errors in Go, creates custom error types, wraps errors with fmt.Errorf and %w, uses errors.Is/As, or asks about Go error best practices and error propagation strategies.

Write clean, idiomatic Go following community conventions and effective patterns. Use when the user writes Go code, designs packages, defines interfaces, uses struct embedding, writes receiver methods, organizes Go projects, or asks about Go best practices and conventions.

Patterns for auto-format on save, auto-lint, auto-test on file change, and CI triggers within Claude Code. Use when the user wants automated reactions to file changes, wants to set up continuous feedback loops, or asks about triggering actions automatically.

Ready-to-use hook recipes for common Claude Code automation: prettier on edit, tsc check, console.log warning, git push review, doc blocker. Use when the user wants a specific hook example, asks "how do I auto-format" or "block markdown creation", or needs a hook for a common development workflow.

Guide for configuring PreToolUse, PostToolUse, and Stop hooks in Claude Code. Use when the user asks about hooks, wants to run commands before/after tool calls, needs auto-formatting, auto-linting, validation gates, or mentions settings.json hook config.

JUnit 5 testing patterns including annotations, Mockito mocking, Spring Boot test slices, MockMvc, Testcontainers integration, and parameterized tests. Use when the user is writing Java tests, setting up test infrastructure, mocking dependencies, testing Spring controllers, or running integration tests with real databases. Trigger on any mention of JUnit, Mockito, @SpringBootTest, MockMvc, Testcontainers, or Java testing.

Maven and Gradle build tool patterns including pom.xml structure, build.gradle.kts configuration, multi-module projects, dependency management, plugins, and BOMs. Use when the user is setting up Java/Kotlin build configurations, managing dependencies, creating multi-module projects, or troubleshooting build issues. Trigger on any mention of Maven, Gradle, pom.xml, build.gradle, dependency management, or Java build tools.

Spring Boot patterns including stereotype annotations, dependency injection, profiles, configuration properties, and actuator endpoints. Use when the user is building Spring Boot applications, configuring dependency injection, setting up profiles for different environments, using @ConfigurationProperties, or enabling actuator health checks. Trigger on any mention of Spring Boot, @Component, @Service, @Repository, Spring DI, Spring profiles, or actuator.

Patterns for MCP resources including URIs, templates, subscriptions, dynamic resources, context provision, and MIME types. Use when the user is exposing data as MCP resources, designing resource URIs, implementing resource templates with parameters, setting up resource subscriptions, or providing context to Claude through resources.

Guide for creating MCP (Model Context Protocol) servers in TypeScript and Python, including scaffolding, transports, lifecycle hooks, and testing. Use when the user wants to build an MCP server, add tools/resources/prompts to an MCP server, configure stdio or SSE transport, or test MCP server functionality.

Best practices for designing MCP tools including naming conventions, input schemas, error responses, pagination, idempotency, and descriptions. Use when the user is designing tools for an MCP server, writing tool schemas, handling tool errors, or needs guidance on tool naming and input validation patterns.

Strategies for managing Claude Code's context window efficiently: token budgeting, progressive disclosure, reference files, and using subagents to protect context. Use when conversations are getting long, the user mentions context limits, or tasks involve reading many files.

Patterns for learning from corrections, capturing instincts, extracting stable patterns, and building cross-session knowledge. Use when the user corrects you, when you discover a recurring pattern, or when insights should persist beyond the current session.

Patterns for structuring MEMORY.md and topic-based memory files for Claude Code persistent memory. Use when the user asks about remembering things across sessions, wants to organize project knowledge, or needs guidance on what to save vs not save.

Implement effective caching at every layer: in-memory, Redis, CDN, and browser. Activate whenever the user asks about caching, performance optimization for repeated data access, Redis patterns, CDN configuration, cache invalidation, HTTP cache headers, memoization, or stale-while-revalidate strategies.

Implement lazy loading and code splitting to reduce initial bundle size and improve load times. Activate whenever the user works on bundle optimization, asks about code splitting, implements dynamic imports, uses React.lazy or Suspense, sets up route-based splitting, or optimizes image loading with intersection observer.

Profile and diagnose performance bottlenecks in web and backend applications. Activate whenever the user reports slow performance, asks about profiling tools, investigates memory leaks, needs to generate flame graphs, or is optimizing CPU or memory usage. Also activate when mentioning Chrome DevTools, cProfile, py-spy, pprof, or heap snapshots.

Structure Python projects with pyproject.toml, src layout, modern package managers (uv, rye, poetry), virtual environments, __init__.py, and namespace packages. Use when the user creates a new Python project, asks about project layout, configures packaging, sets up dependencies, or encounters import issues. Trigger when you see a Python project without proper structure.

Apply idiomatic Python patterns: list comprehensions, generators, context managers, decorators, dataclasses, walrus operator, and unpacking. Use when the user writes Python code, asks for Pythonic idioms, refactors Python, or mentions any of these patterns. Trigger proactively when you see non-idiomatic Python.

Guide Python type annotations using the typing module: Protocol, TypeVar, ParamSpec, Generic, Literal, TypeAlias, overload, and dataclass field typing. Use when the user writes Python type hints, asks about typing, creates generic classes, defines protocols, or works with mypy/pyright. Trigger when you see untyped Python code that should be typed.

React component composition patterns including compound components, render props, HOCs, and controlled vs uncontrolled components. Use when the user is building React components, asking about component architecture, refactoring components, or designing reusable UI APIs. Trigger on mentions of compound components, render props, higher-order components, forwardRef, composition, or component design patterns.

Advanced React hooks patterns including custom hooks, memoization, refs, reducers, and external store synchronization. Use when the user is writing custom hooks, optimizing React performance with useCallback/useMemo, managing complex state with useReducer, or integrating external state stores. Trigger on any mention of React hooks, custom hooks, memoization, re-render optimization, or rules of hooks violations.

Next.js App Router patterns including server components, route handlers, middleware, parallel routes, intercepting routes, streaming, and caching strategies. Use when the user is building with Next.js 13+/14+/15+, asking about the App Router, server components vs client components, route handlers, Next.js middleware, or Next.js caching and revalidation. Trigger on any mention of Next.js, App Router, server components, or Next.js API routes.

Manage Rust projects effectively with Cargo workspaces, features, and tooling. Use when the user sets up Cargo workspaces, configures feature flags, writes build.rs scripts, prepares crates for publishing, or uses cargo clippy, cargo fmt, and other Cargo development tools.

Implement idiomatic Rust error handling with Result, Option, and the ? operator. Use when the user handles errors in Rust, creates custom error types, uses thiserror or anyhow, implements the From trait for error conversion, or asks about Result/Option patterns and error composition strategies.

Master Rust's ownership, borrowing, and lifetime system for memory-safe code. Use when the user encounters borrow checker errors, lifetime annotations, needs smart pointers (Box/Rc/Arc), works with move semantics, or asks about Clone vs Copy, ownership transfer, and reference management in Rust.

Validate and sanitize all user input using schema validation libraries. Activate whenever the user writes form handlers, API endpoints, request parsers, data processing functions, or any code that accepts external input. Also activate when the user asks about validation libraries like Zod, Joi, or Pydantic, or discusses input sanitization.

Prevent OWASP Top 10 vulnerabilities in web applications. Activate whenever the user writes API endpoints, form handlers, database queries, authentication logic, file uploads, HTML rendering, or any code that handles user input or external data. Also activate when the user asks about security, hardening, or vulnerability prevention.

Manage secrets, API keys, and sensitive configuration securely. Activate whenever the user handles API keys, passwords, tokens, database credentials, .env files, CI/CD pipelines, or any configuration that contains sensitive values. Also activate when the user asks about secret rotation, vault integration, or gitignore setup.

Mocks vs stubs vs spies, dependency injection for testing, jest.mock/unittest.mock/gomock, and when NOT to mock. Use when the user needs to isolate dependencies in tests, asks about mocking external services, or has tests tightly coupled to implementation details.

Red-green-refactor TDD cycle, test-first methodology, coverage targets (80%+), and test pyramid. Use when the user is implementing a new feature, fixing a bug, asks about TDD, or mentions writing tests before code. Always push for test-first.

Test organization, fixtures, factories (factory_boy/faker), test isolation, database cleanup, and test configuration. Use when the user is setting up a test suite, organizing test files, creating test fixtures, or dealing with test isolation issues.

Master TypeScript generics for reusable, type-safe abstractions. Use when the user works with generic constraints, conditional types, mapped types, the infer keyword, utility types, recursive types, or needs help building type-safe libraries, APIs, or data structures.

Enforce strict TypeScript compiler settings and type narrowing patterns. Use when the user creates a new TypeScript project, configures tsconfig.json, encounters null/undefined errors, deals with indexed access issues, or asks about strict mode, type safety, or narrowing techniques.

Advanced TypeScript type patterns for modeling complex domains safely. Use when the user needs discriminated unions, branded types, template literal types, type guards, exhaustive checking, const assertions, or is designing type-safe APIs and domain models.

5 hooks across 2 events