Review and triage semgrep security scan results to identify true positive vulnerabilities. Use when analyzing semgrep output, triaging security findings, reviewing static analysis results, or when the user has semgrep-results directories to review. Performs deep code analysis to distinguish real vulnerabilities from false positives with high confidence.
Use when checking for data leaks, PII handling, and license risks in Python research code.
Use when debugging frontend issues in the browser. Covers DevTools usage, network debugging, performance profiling, and console patterns.
Performance optimization playbook (measure → diagnose → fix → verify) for this repo (React + R3F + Three.js + Vite). Use when asked to improve FPS, reduce jank, lower draw calls, optimize loading/bundle size, or investigate CPU/GPU/memory bottlenecks.
分析后端性能问题,检测 N+1 查询、无分页查询、全表扫描、AI 服务超时等。使用此 Skill 来评估系统性能瓶颈、检测数据库查询问题、或优化 API 响应时间。
Counts exact execution frequencies (not time) at function/statement level. Shows interpreted vs compiled execution split. Use to verify functions compile (>95% compiled), understand control flow patterns, and validate algorithmic complexity. Complements profiling-with-cpu-sampler by showing frequency rather than duration.
This skill should be used when the user asks to "test Electron app", "automate Electron desktop app", "debug Electron renderer", "test VS Code extension", "E2E test Electron", or needs Chrome DevTools Protocol automation for Electron applications. Use for renderer process debugging, main process control, native menu automation, and file dialog testing.
Four-phase debugging methodology with root cause analysis. Use when investigating bugs, fixing test failures, or troubleshooting unexpected behavior. Emphasizes NO FIXES WITHOUT ROOT CAUSE FIRST.
Strategies for debugging Emacs Lisp code, especially missing parentheses and Common Lisp compatibility issues. Use when encountering mysterious elisp errors or when working with literate elisp in org-mode files.
Analyze reproduction evidence to identify the root cause of bugs. Use after reproduction to trace execution and find the exact location and reason for the failure.
Analyze and optimize project dependencies. Use when auditing npm packages, checking for vulnerabilities, finding outdated dependencies, analyzing bundle size, or detecting circular imports.
This skill should be used when the user asks about "gocyclo", "funlen", "cyclop", "nestif", "cognitive complexity", "refactor long function", "reduce nesting", "complexity reduction", or needs guidance on simplifying complex Go code. Provides patterns and techniques for reducing Go code complexity while preserving behavior.
WHEN: Pandas/NumPy code review, data processing, vectorization, memory optimization WHAT: Vectorization patterns + Memory efficiency + Data validation + Performance optimization + Best practices WHEN NOT: Web framework → fastapi/django/flask-reviewer, General Python → python-reviewer
Teaches how to write custom type guards with type predicates and use built-in type narrowing in TypeScript. Use when working with unknown types, union types, validating external data, or implementing type-safe runtime checks.
Review BitZero game server code for bugs, security issues, and testability. Use when reviewing handlers, extensions, sessions, or game logic.
Analyze Cloudflare architecture and predict monthly costs with optimization recommendations. Use this skill when the user asks about costs, billing, pricing, or wants to understand their Cloudflare spend. Works with wrangler configs, observability data, and AI Gateway logs.
Systematic root cause analysis for reproducible bugs. Use when you have a bug that can be reproduced.
Expert Polyglot Frontend Engineer (20+ years exp). Strict adherence to documentation/references. Obsessed with performance, implementation details, and evidence-based coding.
