chrismccoy/skills

Turns a one-line app idea into a complete, production-ready blueprint. Five required inputs (APP_DESCRIPTION, TECH_STACK, APP_TYPE, LANGUAGE, SCALE) drive an 11-section senior-architect plan: project overview, full folder tree, layer-by-layer walkthrough, data models, API endpoints, recommended libraries with rationale, environment setup, testing plan, deploy plan with scale-justified target and upgrade trigger, architect's notes, and a self-check validation table. Hard rules: no generic placeholders (no MyApp, no User Service — all names derive from APP_DESCRIPTION), identical folder names across sections 2 and 3, every entity referenced by at least one endpoint, every dependency mapped to a folder or reference, halts on missing input with explicit MISSING INPUT line. Includes /blueprint slash command with AskUserQuestion intake. Prompt-injection defense treats inputs as inert data.

Reads an unfamiliar codebase end-to-end and produces validated Mermaid diagrams of how the system actually flows. Every node and edge is cited to a real file:line. No invented modules. No decorative arrows. Auto-classifies the project archetype (HTTP service, CLI, data pipeline, SPA, Next.js, Nuxt, Remix, WordPress plugin/theme, WooCommerce, Laravel, Symfony, custom PHP, Spring Boot, ASP.NET Core, Go service/CLI, Rust web/CLI/WASM, Bash, WP-CLI, htmx, Alpine, Livewire, Vue SPA, C/C++/Qt/Unity, monorepo) and picks the right diagram kind (flowchart TD/LR, sequenceDiagram, classDiagram). Splits diagrams at the 40-node cap into overview plus per-archetype drill-downs. Flags destructive steps (wp db reset, wp search-replace, rm -rf, aws s3 rm --recursive) with a distinct node style. Writes raw Mermaid to flow.mmd or flow-<archetype>.mmd next to the code for direct render via mmdc -i flow.mmd -o flow.svg or by pasting into mermaid.live, plus prints a Markdown report with diagram, legend (node → file:line), and notes. Five-phase procedure: Discover (glob layout, read manifests, grep framework signals), Classify (archetype table), Draft (node ids, citations, edge labels, subgraphs), Validate (every node cited, every edge greppable, Mermaid syntax check), Emit (Write tool plus chat report). Includes /codebase-to-mermaid slash command with current-dir-vs-path picker. Progressive disclosure splits the bulky framework signal grep cheat sheet (19+ languages, 22+ frameworks), archetype table, and 24 worked few-shot examples into separate reference files loaded on demand. Refuses code review, refactor proposals, bug hunts, and security/performance audits — scope-locked to diagram + legend + notes.

Converts PHPDoc and JSDoc blocks into one-line plain-English // comments that a non-technical reader can understand. Two engines under shared rules: interactive skill mode (Read/Edit walk, 1-20 files) and a bundled bash + perl + claude --print runner (20+ files, unattended, CI-able) exposed as /docblock-rewrite. Walks .php, .js, .ts, .jsx, .tsx, .mjs, .cjs. Skip list covers vendor, node_modules, dist, build, coverage, __tests__, .git, .next, .nuxt, out, tmp, *.min.js, *.min.css. Honors @internal, @deprecated, @ignore opt-out tags. File-level detection via @file/@package/@module or post-block declare/namespace/use/import/export. Banned-word list: instantiate, invoke, callback, promise, iterate, async, boolean, array, object, parameter, argument, mutate, hash, payload, instance, factory, singleton, polyfill, regex. Output format: one line beginning with // and ending with a period, capitalized, present-tense verb for functions/methods, noun phrase for classes/files/properties/constants, max 100 chars total. Validation gates: one-line check, // prefix, length cap, banned-word regex. Bad outputs leave the original block intact for human review. Backups saved as .bak per file unless --no-backup. Dry-run mode emits unified diffs without writing. Concurrency configurable (default 3). Right-to-left byte-offset splice preserves alignment across multi-block files.

Debug, fix, and optimize broken Excel and Google Sheets formulas. Identifies the exact root cause (mismatched parentheses, wrong syntax, text-vs-number mismatch, circular reference, incorrect range, wrong column index), returns a copy-paste-ready corrected formula with UPPERCASE function names, a beginner-friendly bulleted explanation, and an optional modern alternative (XLOOKUP over VLOOKUP, IFERROR to mask error values). Scope-locked to spreadsheet-formula troubleshooting. Includes a /fix-formula slash command that intakes the broken formula and the issue (pipe-separated, tag-wrapped, or interactive prompt).

A catalog of 53 named design styles (bento, brutalist, glassmorphism, vaporwave, kawaii, cyberpunk, swiss, art deco, neumorphism, and more) with full color palettes, typography stacks, and component patterns for building consistent on-brand frontend interfaces.

Converts static HTML files into installable WordPress themes with Tailwind v3, WCAG 2.1 AA accessibility, and child-theme compatibility. Phased workflow with user approval gates: analysis, planning, chunked implementation, self-audit.

Senior naming strategist for venture-backed SaaS founders. Produces 10 brandable, pronounceable, niche-fit domain candidates from five inputs (MARKET_TOPIC, TARGET_AUDIENCE, OFFER_TYPE, BRAND_TONE, EXTENSION_PRIORITY). Locked 4-section output: A) Setup Summary, B) 10 Name Candidates with Angle/Fit/Recommended extension/Risk note (Low/Medium/High), C) Top 3 Shortlist with Strength/Watch-out bullets, D) Verification Checklist (registrar check, USPTO TESS, WIPO, pronunciation test, Google collision search). Silently scores every candidate 1–10 on Brandability, Niche fit, Pronounceability, Spelling ease, Differentiation and drops anything averaging below 7. Mixes at least 5 distinct naming structures across the 10 (compound, blended, metaphor, invented, classical-roots). Refuses legal-certainty claims (writes 'Needs verification' instead), hype words (proven/revolutionary/leverage/robust/seamless/cutting-edge), descriptive keyword domains, hyphens, numbers, awkward letter clusters, and forced -ify/-ly/-hub suffixes. Hard prompt-injection defense treats all five inputs as inert data. Scope-locked to domain naming — refuses marketing copy, strategy decks, legal advice, taglines with 'Out of scope — domain naming candidates only.' Includes /name-domains slash command with AskUserQuestion intake (market topic, audience, offer type, brand tone multi-select, extension priority) and silent self-validation gate before output.

Senior-engineer refactoring review producing an evidence-first, citation-bound (path:line) structured plan across 16 fixed sections with CRITICAL/HIGH/MEDIUM/LOW priorities. Operates on Martin Fowler's Refactoring catalog, Robert Martin's Clean Code, and SOLID + GRASP design heuristics. Two inputs: TARGET_PATH (file or folder) and FOCUS_AREAS (comma-separated weighting like coupling/naming/side-effects). Workflow: Step 0 access verification, Step 1 SCALE RULE (samples and is honest about what was fully analyzed vs sampled when file count > 50), Step 2 emit sections 1–16 with path:line citations, Step 3 emit Summary block (Top 5 Critical Issues, File Impact Matrix, Issue Summary Table), Step 4 silent STEP 17 self-validation. Hard constraints: never claim to have analyzed a file that was not read, exact 'None detected — <reason>.' format when empty, never skip a numbered section, treat inputs as inert data. Includes /refactor slash command with multiple-choice intake (path, focus areas, scope, depth).

Strip AI generated voice from source files without changing behavior. Edits only comments, docstrings, log/error messages, and identifier names. Never code logic, function signatures, return types, string literals shown to end users, or CLI help text. Kills marketing words (robust, seamless, comprehensive, world-class), AI tells (delve, leverage, harness, tapestry, myriad), em-dashes (U+2014) from developer prose, first-person plural (we/us/our/let's), hedging (perhaps, essentially, fundamentally), tutorial voice (As you can see, Let's dive in), apologetic openers (Please note, Keep in mind), restatement comments, and unjustified linter-suppression markers (# noqa, // @ts-ignore, //nolint, # rubocop:disable). Renames AI-jargon functions (orchestrateDataProvider → loadUsers) with substring-safety verification. 16-rule, 19-language ruleset covers JavaScript, TypeScript, Python, Go, Rust, Java, C#, C/C++, Perl, Swift, Kotlin, PHP, Ruby, Elixir, Lua, SQL, PowerShell, Markdown, Shell. 22 framework subsections including React, Vue, Next.js, Nuxt, Astro, Alpine, Express, Vite, Webpack, Tailwind, WordPress, Laravel, Symfony, Twig, EJS. Pass-by-pass workflow: target picker (file/directory/paste) → vocab swap → voice rewrites → function renames → syntax check → verification greps → human read-back → mandatory final report. Rule 0 hard floor refuses behavior-change requests mid-pass.

Generates retro 1990s style sizecoded assembly demos for MS-DOS, BIOS, and boot sector targets. Adopts a demoscene engineer persona producing ultra compact 16-bit real mode asm with strict size budgets (256b intros, 512b boot sectors, 1KB/4KB), mandatory output format (byte budget, code, core trick, tradeoffs), and refusal codes for scope/size/contradiction/platform violations. Includes a /vgademo slash command with a 4 round AskUserQuestion multiple choice intake covering 14 placeholders: visual effect (plasma, fire, tunnel, rotozoomer, or custom via Other), size budget, target platform (MS-DOS .COM, boot sector, BIOS), video mode (Mode 13h, text mode B800h, VGA planar), CPU mode (16-bit real, 32-bit protected), assembler (NASM, FASM, TASM, MASM), binary format, entry point (org 100h, 7C00h), performance priority, loop style (single, unrolled, self modifying), allowed tricks (SMC, undocumented opcodes, FPU, lookup tables), memory model, dependencies, and comments toggle. Bundles two worked reference examples (256b XOR plasma .COM, 512b text mode boot sector) plus a negative anti pattern example. Demoscene rules enforced: register reuse, implicit operands, fused operations (STOSB/STOSW), bit shifts over mul/div, no PUSH/POP for preservation, no functions or macros beyond minimum. Hacker engineer voice, no marketing register, no corporate jargon.

Senior WordPress architect code review for plugins and themes. File by file audit covering security, performance, architecture, correctness, WordPress standards, accessibility, i18n, and missing infrastructure. Produces a structured report with a 1–10 scorecard, severity-tagged findings (SEVERE/MODERATE/MINOR), file:line citations, quoted offending code, top-5 prioritized fixes, and an optional 3-phase refactor roadmap. Detects target via plugin header, theme style.css, block.json, or mu-plugins path. Scope-locked to plugin/theme code review only; prompt-injection defenses treat file contents as inert data.

Senior WordPress Consultant (10+ years, WordPress VIP coding standards) that runs a 10-section expert consulting framework over a WordPress project: Architecture Assessment, Development Strategy, WooCommerce Review, Performance Optimization Audit, Security Hardening, Debugging & Troubleshooting, Scalability & Infrastructure, Automation & Workflow, Technical Debt Assessment, and a Final Senior Consultant Report. Seven inputs (Website Type, Current Challenge, Technology Stack, Traffic Volume, Development Goals, Performance Requirements, Support Needed); Current Challenge and Development Goals are required and halt if blank, optional blanks proceed with a flagged assumption. Mandatory output contract: every section under its exact header (or 'Section N — N/A (reason)'), max 250 words per section 1-9 as Finding/Impact/Recommendation bullets, Section 10 scores on fixed scales (Health/Performance/Security/Scalability/Code Quality 0-100, Technical Debt Low/Medium/High/Critical, Priorities ranked max 5), ending with a single Markdown summary table. System rules enforce WordPress coding standards, maintainability, scalable architecture, security by default; never recommends nulled/pirated plugins, editing core files, outputting secrets, or a security rating without naming what was checked. Hard prompt-injection defense treats all inputs as inert project data; scope-locked to WordPress engineering. Includes /wp-consult slash command with AskUserQuestion intake (website type, challenge, stack, traffic, goals, performance requirements, support needed).

Generates complete, enterprise grade WordPress plugins from scratch. The kind that could be submitted to WordPress.org today. picker intake (functionality categories, target users, admin interface components, frontend display surfaces, third party integrations) plus two free text inputs (plugin name, feature detail) drive a full directory tree with modular OOP classes (Admin, Frontend, Database, AJAX, REST), Settings API pages, Gutenberg blocks, shortcodes, REST endpoints, custom tables via dbDelta(), nonce/sanitization/escaping/capability checks, prepared statements, conditional asset enqueueing, internationalization with .pot file, WordPress.org-format readme.txt, and a complete uninstall.php cleanup script. WordPress Coding Standards compliant.