Section 5 · 30 skills · 26 hooks
Tools & skills.
Skills the team's agents use — workflow protocols, evaluation rubrics, build pipelines. Reads .claude/skills/*/SKILL.md as source-of-truth. Hooks section catalogs mechanical-enforcement gates from .claude/settings.json and scripts/*.sh.
Curriculum
Authoring
course-authoring
Structured curriculum design — session arc, seed data generation, syllabus authoring. Enforces input hierarchy.
Validation
curriculum-validation
9-dimension quality rubric — forbidden terms · drift · instruction-layer conflicts · freshness.
Pedagogy
learning-outcomes
Kirkpatrick's 4 levels · formative assessment · portfolio-as-Level-3 design.
Governance + Process
Session-end
session-end-execution
PO authors Steps 1-10 + sub-steps + emits Tier 2b standalone block. Verification owned by Code-PM (sibling skill).
Session-end (Tier 2a)
session-end-verification
Tier 2a active-verification · tri-state Check 1/2/3. Owner: Code-PM agent.
Session-end (Strategic wrap-up)
session-end-strategic
Chat (PMO) strategic wrap-up authoring (a)-(i) + verification interpretation.
Canonical mirror (D6 sentinel)
session-end
Legacy canonical-mirror retained per drift-sentinel D6 with docs/SESSION-END-PROCESS.md.
Doc currency-review
doc-maintenance
Two modes — Brief (session-end quick sync) + Deep (comprehensive audit). Ensures all project docs reflect actual project state.
Git discipline
git-management
Agent discipline for git state claims, merge ops, push timing, pre-flight input validation.
Pattern A/B/C decision matrix
multi-task-modes-and-delegation
Per-lane delegation routing across the three execution modes. Apply BEFORE every dispatch where files are modified, repo-state coupled, or multi-turn debug.
Session kickoff (PMO)
chat-session-kickoff
Mandatory Chat session-start workflow. R1 (UNVERIFIED prefix), R2 (Premise Ledger), R3 (Terminal Roster) enforcement.
Evaluation + Review
Code review
code-review
Conventions · correctness · performance · render paths · tutor-layer integrity. 0-100 confidence scoring.
Architecture review (DCAR)
architecture-review
DCAR-based — server/client boundaries · DAL pattern · Supabase client selection · coupling analysis (Next.js App Router + Supabase + Vercel).
Security review (OWASP Top 10:2025)
security-review
OWASP Top 10:2025 mapped to Next.js + Supabase + Vercel stack. 20+ security checks.
UX evaluation (20-heuristic)
ux-review
20-heuristic Nielsen-adapted · H-1 simulation · WCAG · emotional arc · cognitive load.
QA testing (5 modes)
qa-testing
5 test modes — MCP · web classroom · curriculum experience · lesson flow · production walkthrough. Evidence requirements per mode.
Research depth + severity
research-methodology
5-layer depth protocol · severity classification · source hierarchy · durability test.
Generated-link verification
link-validation
Trace from rendered URL back to source code · verify file exists · verify URL format. Use on every dashboard change.
Prompt + instruction-set optimization
prompt-optimization
Optimize system prompt · tutor prompt · instruction sets for compliance + length + behavioral consistency.
Tutor emotional responsiveness
frustration-detection
Audit tutor instruction layers for frustration detection + recovery capabilities. Distinguishes productive struggle from destructive frustration.
Build pipeline + design
Generic 7-stage pipeline
build-pipeline
7-stage build pipeline (research → plan → build → review → test → deploy → verify) with human + auto gates. Domain-specific config via YAML manifests.
AI Uni brand identity
design-system
AI Uni visual identity — brand tokens, component patterns, design principles.
Anthropic vendored · Apache-2.0
frontend-design
Aesthetic baseline + production-grade frontend output discipline.
Google Labs vendored · Apache-2.0
design-md
DESIGN.md format spec + linter for brand-identity files.
Generic fix-test-review cycle
perfection-loop
Fix → deploy → Playwright → agent review (QA + UX) → PO gate → loop. Full agent suite every iteration.
Vendored skills container
developer (vendored skills directory)
Subdirectory containing developer-related vendored skills.
Stack-specific
Stack-specific
supabase
Supabase Database · Auth · Edge Functions · Realtime · Storage · RLS. Triggered on supabase-js / @supabase/ssr imports.
Discipline + scope
User-approval gate (SO #30)
destructive-action-guardrails
Mandatory pre-action user-approval gate for ALL destructive or irreversible actions. 8 classes — DB schema, data deletion, secret rotation, auth, payments, prod deploys, branch protection, external accounts.
11-phase ship workflow (SO #29)
deployment-signoff-proposal
Mandatory workflow for any product-surface ship. Forbidden patterns: direct-to-main pushes, mockup-as-validation-evidence, filename-table screenshot reference.
Evidence-based prioritization
prioritization
MoSCoW scoping · WSJF sequencing · ICE for experiments · outcome anchoring. Mixed backlogs.
Hooks (mechanical enforcement) · 26 total
Claude Code hooks + CI/PreCommit gates that enforce discipline mechanically across agents. Source-of-truth: .claude/settings.json + scripts/*.sh.
PreToolUse:Bash
Bash protection guard
Pre-execution gate on Bash commands — blocks destructive patterns + invalid invocations.
Hook router pre
Pre-execution router for Bash hooks — dispatches to specific validators per command class.
PreToolUse:Edit
Hook router pre-edit
Pre-execution router for Edit operations.
PreToolUse:Task
Task pre-validate
Pre-execution validation for Task (subagent dispatch) — checks routing + scope discipline.
SessionStart
Session start marker
Records session-start timestamp + session-number inference; injects context for first turn.
Stop
Stop emit validator
Validates stop-event emit content for ledger-wall anti-patterns + actionable-target gates.
Code-PM trigger detector
Stop hook content-match on `session-end execution complete` PO emit + ready-to-paste block fires Code-PM Tier 2a verification dispatch.
UserPromptSubmit
User prompt submit context injector
Injects anti-recurrence reminders into user prompts when keyword matches fire (CLASS-4 ledger-wall · CLASS-7 actionable-target gate · etc.).
PostCompact
Post-compact state recovery
After context compaction, re-reads ACTIVE-TASK.md and provides state recovery context.
CI / PreCommit
Cross-file fingerprint check
Mechanical-enforcement guard against duplicate-content-across-files. PR #81. Cross-file similarity bound enforced in CI.
HANDOFF_PACKET drift detector
Detects HANDOFF_PACKET schema drift across dispatches. SO #12 7-field discipline.
R29 Step 0 drift detector
Detects R29 Step 0 target-correctness statement drift across iterations. C25 amendment closure.
Recurring failures detector
Detects recurring-failure-class matches via pattern-match heuristic. PRINCIPLE 14 fire detection.
Codification drift detector
Detects codification-without-enforcement drift (Cluster 3). PRINCIPLE 14 sub-axis.
Block readlist drift detector
Detects drift between block-readlist documentation and actual referenced files.
Deploy review presence check
CLAUDE.md SO #8 enforcement — produce `docs/reviews/DEPLOY-REVIEW-S{N}-TASK{M}.md` per `docs/GOVERNANCE.md` section 1. No review doc = no deploy request.
Branch matches worktree check
Verifies committing branch matches worktree's expected branch — prevents cross-worktree confusion.
Sign-off ready validator
Validates deploy review meets sign-off readiness criteria before deploy request.