general-secure-coding-agent-skills
github.com/santosomar/general-secure-coding-agent-skills
Skill | Added | Review |
|---|---|---|
design-pattern-suggestor Recognizes structural situations that match known design patterns and recommends whether to apply them — or explains why the pattern doesn't fit. Use when the user has a structural problem and is considering a pattern, when reviewing a design that uses a pattern questionably, or when the user asks which pattern fits their situation. | 90 Impact Pending No eval scenarios have been run Securityby  Passed No known issues Reviewed: Version: 47d56bb | |
semantic-bug-detector Detects logical and semantic bugs by understanding program intent — catches issues that syntax-only tools miss. Use when static analysis has already run and found nothing, when the user reports incorrect behavior but no crash, or when reviewing algorithmic code for correctness. | 96 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
rollback-strategy-advisor Advises on rollback strategies by analyzing what a deploy changes — recommending revert, roll-forward, feature-flag kill, or data repair depending on reversibility. Use during an incident when a deploy went bad, when designing a deploy pipeline and the user asks how to make it reversible, or when a migration needs an undo plan. | 97 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
mutation-test-suite-optimizer Uses mutation testing to find weak assertions and missing tests — injects small bugs and checks if the suite catches them, then generates tests targeting the surviving mutants. Use when coverage is high but bugs still ship, when auditing test quality, or when deciding if the suite is good enough. | 97 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
test-driven-generation Generates code test-first — writes a failing test from a requirement, then generates the minimal code to pass it, then refactors, in strict red-green-refactor cycles. Use when building new features where the spec is clear, when the design is uncertain and you want tests to drive it, or when you need high confidence in coverage from the start. | 94 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
module-level-code-translator Translates an entire module or package between languages, handling imports, file layout, visibility, and cross-function dependencies that single-function translation misses. Use when porting a library, when a migration spans multiple files, or when the user hands you a directory and a target language. | 97 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
code-optimizer Optimizes code for performance by identifying the actual bottleneck, choosing the right optimization lever, and measuring the result. Use when a specific operation is too slow, when a profiler has pointed at a hot path, or when the user asks to make something faster. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
requirement-coverage-checker Checks whether an implementation covers a set of requirements by tracing each requirement to code, tests, or both — and flagging gaps where a requirement has no evidence of implementation. Use when auditing for compliance, when answering "is this spec implemented", or before claiming a standard is supported. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
nl-to-constraints Translates natural-language requirements into formal constraints — logical predicates, schemas, or property-based test generators — that a machine can check. Use when turning a spec into validation code, when writing property tests, or as the bridge between requirements and formal verification. | 90 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
ci-pipeline-synthesizer Generates CI pipeline configs by analyzing a repo's structure, language, and build needs — GitHub Actions, GitLab CI, or other platforms. Use when bootstrapping CI for a new repo, when porting from one CI to another, when the user asks for a pipeline that builds and tests their project, or when wiring in security gates. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
requirement-comparison-reporter Compares two versions of a requirements document and reports additions, removals, semantic changes, and scope drift — distinguishing clerical edits from meaning changes. Use when a spec was revised, when checking if a new version of a standard affects you, or when the user asks what changed between spec versions. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
python-to-lean4-translator Translates Python into Lean 4 for interactive theorem proving, handling dynamic types and duck typing by specializing to the concrete types actually used. Use when proving correctness of a Python algorithm beyond what testing can establish, or when building a verified reference for numerical or combinatorial Python code. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
dependency-resolver Diagnoses and resolves package dependency conflicts — version mismatches, diamond dependencies, cycles — across npm, pip, Maven, Cargo, and similar ecosystems. Use when install fails with a resolution error, when two packages require incompatible versions of a third, or when upgrading one dependency breaks another. | 100 Impact Pending No eval scenarios have been run Securityby Advisory Suggest reviewing before use Reviewed: Version: 47d56bb | |
requirement-enhancer Rewrites vague or incomplete requirements into precise, testable statements — filling in quantities, actors, conditions, and error behavior while preserving intent. Use after ambiguity-detector flags problems, when a requirement can't be turned into a test, or when engineers keep asking the same clarification questions. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
change-log-generator Generates a structured CHANGELOG.md from VCS history and PR/issue references, categorized by change type. Use when cutting a release, when the user asks to update CHANGELOG.md, or when backfilling a changelog from git history. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
test-guided-migration-assistant Uses an existing test suite as the behavioral oracle during a migration, tracking which tests pass at each step and localizing regressions to specific migration changes. Use when porting or refactoring code that has tests, when the user wants to migrate incrementally with a safety net, or when a migration broke something and you need to find which step did it. | 97 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
pseudocode-extractor Extracts language-agnostic pseudocode from real code, stripping syntax noise and language-specific machinery while preserving the algorithmic structure. Use when documenting an algorithm for a paper or spec, when porting and wanting a neutral intermediate, or when explaining code to someone who doesn't know the source language. | 94 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
test-case-documentation Writes documentation for test cases — names, docstrings, and comments that explain what behavior is being tested and why, so a failing test tells you what broke without reading the assertion. Use when test names are test_1 through test_47, when tests fail and nobody knows what they mean, or when onboarding needs a readable test suite. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
cd-pipeline-generator Generates deployment pipelines with environment promotion, approval gates, and rollback triggers based on target infrastructure. Use when wiring automated deployments from CI to staging/production, when the user asks for a release pipeline, or when adding promotion gates to an existing deploy workflow. | 97 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
model-guided-code-repair Uses a model checker's counterexample trace to localize the fault in the model, propose a fix, and propagate that fix back to the source code. Use when a model checker (TLC, NuSMV, Spin) finds a violation and you need to turn the trace into a code change, not just understand it. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
build-ci-migration-assistant Assists migrating a build or CI pipeline from one system to another — Jenkins to GitHub Actions, Travis to GitLab CI, Makefile to Bazel — preserving semantics and surfacing untranslatable constructs. Use when switching CI providers, when modernizing a legacy build, or when the user pastes a Jenkinsfile and asks for the GitHub Actions equivalent. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
bug-localization Pinpoints the exact file, function, or line in a codebase responsible for a reported bug using static and dynamic analysis signals. Use when a bug is reported but the fault location is unknown, when narrowing down a failure to a specific code region, when triaging an issue tracker ticket, or when the user asks to locate where a bug originates. | 100 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
counterexample-to-test-generator Converts a model checker counterexample trace into an executable test case in the source language, so the bug found in the model is reproducible (and regression-guarded) in the real code. Use when TLC/NuSMV/Spin finds a violation and you want a failing test before writing the fix. | 90 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
semantic-szz-analyzer Extends classic SZZ with semantic code understanding to reduce false positives and improve accuracy of bug-introducing commit identification. Use after classic SZZ has produced candidates, when SZZ precision is too low for the task, or when the user needs high-confidence bug-introduction data. | 85 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb | |
bug-to-patch-generator Automatically synthesizes code patches to fix identified bugs, leveraging the bug location and surrounding context. Use when a bug has been localized and the user wants an automated fix, when generating candidate patches for review, or when the user asks to fix a specific bug. | 93 Impact Pending No eval scenarios have been run Securityby Passed No known issues Reviewed: Version: 47d56bb |