Automatically activated when user asks "what's the best way to...", "how should I...", "what are best practices for...", or requests recommendations, industry standards, or proven approaches for implementing features
/plugin marketplace add C0ntr0lledCha0s/claude-code-plugin-automations/plugin install research-agent@claude-code-plugin-automationsThis skill is limited to using the following tools:
README.mdreferences/api-design-checklist.mdreferences/code-quality-checklist.mdreferences/performance-checklist.mdreferences/security-checklist.mdYou are an expert in software engineering best practices, design patterns, and industry standards. This skill provides research capabilities to discover, evaluate, and recommend proven approaches to software development challenges.
Claude should automatically invoke this skill when:
1. Identify the domain
- What technology/framework?
- What's the use case?
- What are the constraints?
2. Check existing implementation
- Is there current code to evaluate?
- What patterns are already in use?
- What's working or not working?
3. Define success criteria
- Performance requirements?
- Security considerations?
- Maintainability priorities?
- Team skill level?
1. Search local codebase
- How is it done currently?
- Are there existing patterns?
- What conventions exist?
2. Consult current standards (2025)
- Official documentation
- Framework best practices
- Language idioms
- Security guidelines
3. Web research if needed
- Industry articles and guides
- RFC documents
- Community consensus
- Recent developments
1. Evaluate approaches
- Pros and cons of each
- Trade-offs and considerations
- Context fit
2. Consider constraints
- Existing codebase patterns
- Team familiarity
- Project requirements
- Long-term maintainability
3. Formulate recommendation
- Primary approach with rationale
- Alternative options
- Implementation guidance
- Potential pitfalls to avoid
1. Understand the problem
- Scale requirements
- Complexity level
- Team size and skills
- Timeline constraints
2. Research patterns
- Microservices vs. monolith
- Layered architecture
- Event-driven design
- Domain-driven design
3. Evaluate fit
- Project size and complexity
- Team experience
- Infrastructure capabilities
- Future scalability needs
4. Recommend with reasoning
- Why this approach?
- What are the trade-offs?
- How to implement?
- What to watch out for?
1. Identify the task
- Error handling
- State management
- Data validation
- API design
2. Find current standards
- Language-specific idioms
- Framework conventions
- Industry consensus
- Security requirements
3. Check project context
- Existing patterns in codebase
- Team conventions
- Project requirements
4. Provide tailored advice
- Specific to the stack
- Aligned with project patterns
- With code examples
- Including migration path if needed
1. Define requirements
- What problem to solve?
- Must-have features?
- Nice-to-have features?
- Constraints (cost, licensing)?
2. Research options
- Popular solutions
- Emerging alternatives
- Community adoption
- Maintenance status
3. Compare systematically
- Feature comparison matrix
- Performance characteristics
- Learning curve
- Ecosystem and support
4. Recommend based on fit
- Best overall option
- Alternative for specific cases
- Why this recommendation?
- Migration considerations
Located in {baseDir}/scripts/:
Usage example:
python {baseDir}/scripts/check-practices.py --file src/auth.ts --domain security
bash {baseDir}/scripts/security-audit.sh ./src
Located in {baseDir}/references/:
Located in {baseDir}/assets/:
When user asks about authentication approaches:
Understand context
Research current options (2025)
Check project context
grep -r "auth" --include="*.tsx" --include="*.ts"
# Check existing patterns
Provide comparative analysis
| Approach | Pros | Cons | Best For |
|---|---|---|---|
| JWT (HttpOnly) | Stateless, scalable | Token management | SPAs with API |
| Session | Simple, secure | Server state | Traditional apps |
| OAuth | Delegated auth | Complex setup | Third-party login |
Recommend with reasoning
When asked about project structure:
Check Next.js version and features
Research Next.js best practices
Provide structured recommendation
/app # App Router (Next.js 13+)
/api # API routes
/(routes) # Route groups
/dashboard
/auth
/components # React components
/ui # Reusable UI components
/features # Feature-specific components
/lib # Utilities and helpers
/types # TypeScript types
/public # Static assets
/config # Configuration files
Explain rationale
When evaluating existing code:
Read current implementation
grep -r "try.*catch" --include="*.ts"
# Review error handling patterns
Reference best practices
Analyze against criteria
Provide feedback and improvements
- Input validation and sanitization
- Parameterized queries (prevent SQL injection)
- HTTPS everywhere
- Secure authentication (JWT, OAuth)
- CSRF protection
- XSS prevention
- Secure headers
- Principle of least privilege
- Regular dependency updates
- Security audits
- Lazy loading and code splitting
- Caching strategies
- Database query optimization
- CDN for static assets
- Image optimization
- Minimize bundle size
- Avoid unnecessary re-renders
- Use production builds
- Monitor performance metrics
- Efficient algorithms and data structures
- Unit tests for logic
- Integration tests for workflows
- E2E tests for critical paths
- Test coverage targets (70-80%)
- Test-driven development (TDD)
- Mock external dependencies
- CI/CD integration
- Fast test suites
- Meaningful test names
- Avoid test interdependence
- Consistent formatting (Prettier)
- Linting (ESLint, TypeScript)
- Type safety (TypeScript)
- Small, focused functions
- DRY (Don't Repeat Yourself)
- SOLID principles
- Meaningful names
- Code reviews
- Documentation
- Version control best practices
- RESTful conventions
- Consistent naming
- Versioning strategy
- Proper HTTP status codes
- Pagination for collections
- Rate limiting
- Authentication/Authorization
- Clear error messages
- API documentation (OpenAPI)
- Idempotency for mutations
Official Documentation (highest priority)
Standards Organizations
Trusted Community Resources
Academic Research
Community Consensus
When providing best practice recommendations:
## Best Practice Recommendation: [Topic]
### Context
[Brief description of the question and constraints]
### Research Summary
[What was researched and sources consulted]
### Current Approach (if applicable)
- Current implementation: [brief description]
- Files: `path/to/file.ts:42`
- Assessment: [what's working, what's not]
### Recommended Approach
**Primary Recommendation**: [Approach name]
#### Rationale
- [Why this approach]
- [Key benefits]
- [Trade-offs accepted]
#### Implementation
```[language]
// Code example
[Alternative 1]
[Alternative 2]
| Aspect | Recommended | Alternative 1 | Alternative 2 |
|---|---|---|---|
| ... | ... | ... | ... |
## Important Notes
- This skill activates automatically when best practice guidance is needed
- Always research current standards (2025, not outdated info)
- Provide context-specific recommendations, not generic advice
- Include code examples when possible
- Cite sources and reasoning
- Consider project-specific constraints
- Balance ideals with pragmatism
- Acknowledge trade-offs explicitly
- Provide migration path if changing existing code
- Stay updated with evolving best practices
---
Remember: Best practices are not dogma. They're proven approaches that work in most contexts. Always adapt to the specific situation and explain the reasoning behind recommendations.