Browse Skills

Expert guidance on Git merge strategies and their implications for team workflows. Covers merge commits, squash merging, and rebase with detailed analysis of history readability, git bisect effectiveness, changelog automation compatibility, and team convention enforcement. Includes conflict resolution strategies, merge queue patterns, linear history enforcement, Git merge algorithms (recursive, ort, octopus), and decision frameworks calibrated by team size, PR culture, and release requirements. Grounded in DORA research and GitHub/Atlassian documentation.

Expert guidance for monorepo management at scale. Covers Nx and Turborepo selection, CODEOWNERS configuration, path-based CI triggers, dependency graph analysis, build caching strategies, task orchestration, selective testing with affected computation, release versioning with Changesets, and merge queue patterns. Provides team-size-aware recommendations grounded in DORA research, from solo developers through 200+ engineer organizations.

Expert guidance for designing production-grade Zod schemas with TypeScript type inference, schema composition, error handling, and full-stack integration patterns.

Design, author, and maintain operational runbooks that enable on-call engineers to diagnose and resolve incidents faster with structured response procedures, escalation frameworks, and toil reduction strategies.

Identifies code smells and applies systematic refactoring patterns from Martin Fowler's catalog. Guides safe refactoring with test coverage, legacy code strategies, and incremental improvement plans that preserve behavior while improving design.

Builds WCAG 2.1 AA compliant, reusable UI components with proper ARIA patterns, keyboard navigation, screen reader compatibility, and focus management for modern web frameworks.

Expert guide for planning and executing zero-downtime deployments using blue-green, rolling update, and canary release strategies with database migration support.

Comprehensive Supabase guidance covering PostgreSQL database, authentication, Row Level Security, real-time subscriptions, storage, Edge Functions, and client SDK for building full-stack applications.

Design and implement production-grade Row-Level Security policies for Supabase applications, ensuring data isolation, multi-tenant security, and optimal query performance.

Build automated accessibility testing pipelines that catch WCAG violations in CI/CD, combining axe-core, Playwright, and Lighthouse for continuous compliance monitoring.

Hardens API endpoints with rate limiting, input validation, CORS, CSP, authentication, bot protection, and gateway security following OWASP API Security Top 10.

Conducts thorough, constructive code reviews focusing on readability, maintainability, security, performance, and SOLID principles. Delivers actionable feedback organized by severity.

Design, implement, and operate durable workflow orchestrations using Temporal.io for reliable distributed system coordination.

Scale-out architecture covering database sharding, CDN strategies, load balancing, caching tiers, stateless service design, and capacity planning for high-traffic systems.

Design, optimize, and scale GitLab CI/CD pipelines for any project size. Produces production-ready .gitlab-ci.yml configurations with caching, parallelization, security scanning, and compliance patterns.

Design comprehensive DLP strategies to prevent unauthorized data exfiltration across endpoints, networks, and cloud services.

Comprehensive Next.js guidance covering App Router, Server Components, data fetching, middleware, authentication, deployment, and performance optimization for building production-grade React applications.

Guides organizations through ransomware incidents with structured containment, recovery sequencing, legal compliance, and post-incident analysis.

Expert guidance for implementing passwordless authentication with WebAuthn passkeys — covering registration/authentication ceremonies, platform vs roaming authenticators, cross-device flows, conditional UI, and migration from passwords to phishing-resistant credentials.

Design and implement controlled failure injection tests for API dependencies to validate system resilience, graceful degradation, and recovery mechanisms before production incidents occur.

Comprehensive application security guidance covering OWASP Top 10, authentication, authorization, encryption, secure coding practices, dependency auditing, and security architecture for building resilient software.

Comprehensive API design guidance covering REST, GraphQL, gRPC, WebSocket APIs, versioning strategies, authentication patterns, rate limiting, documentation, and developer experience for building APIs that developers love.

Expert advisor for React state management — helps you choose between Zustand, Jotai, Redux Toolkit, Context API, and XState based on your application's specific requirements. Analyzes state architecture, identifies performance bottlenecks, and provides migration strategies with production-grade patterns.

Designs comprehensive database backup and disaster recovery strategies including RPO/RTO targets, backup rotation schemes, cross-region replication, point-in-time recovery, and automated restore testing.