great_cto

HR-AI / AEDT bias audit. Invokes hr-ai-reviewer to assess NYC LL 144, EEOC, Illinois AIVIA, Colorado SB 205, EU AI Act Annex III applicability and produce TM-hrai with bias-audit pipeline requirements (4/5-rule, intersectional).

Gracefully retire an LLM agent from the workforce. Archives prompt, removes from sync list, keeps verdicts for audit. Like firing a human — but reversible.

Performance review for an LLM agent (or all agents). Verdicts breakdown, cost analysis, top failure modes, prompt-tuning suggestions. Like a human '1:1' but for AI workforce.

API platform contract review. Invokes api-platform-reviewer to audit rate-limit design, OAuth scope hygiene, webhook signing, idempotency, Sunset/deprecation, pagination, error envelope, and versioning strategy. Critical before v1 GA.

Audit an existing codebase. Detects stack, finds gaps, creates tasks, generates PROJECT.md.

> Used by `scripts/lib/compress/` (Phase 1) + `scripts/lib/ccr.mjs` (Phase 2) of the

> Used by `scripts/memory-filter.mjs` (Phase 2 of token economy initiative).

**Read this before writing prompts that spawn sub-agents to bootstrap a new

Every great_cto agent that completes a step MUST emit a verdict line so the

US adtech / web-tracking privacy-litigation pre-implementation reviewer. Specialises in the wave of US class-action exposure around tracking pixels and session replay — VPPA (Video Privacy Protection Act), CIPA (California Invasion of Privacy Act wiretap / pen-register theory), Washington My Health My Data Act (MHMDA consumer-health), state-privacy "sale/share" + Global Privacy Control, and FTC Act § 5 unfair-tracking. Outputs threat model TM-adtech-{slug}.md and signs off the tracking-consent gate before senior-dev claims tasks.

Catalogue of known SDLC anti-patterns that great_cto agents must actively reject when reviewing architecture, plans, code, or post-mortems. Used by architect (pre-impl), pm (planning), senior-dev (impl), l3-support (post-incident).

Analyze images, websites, and Figma files to extract their design and generate a `design.md` with token system, component inventory, and reconstruction notes. Use this skill whenever the user wants to understand, document, replicate, or audit the design of something visual: a screenshot, a URL, a Figma link, a Pinterest reference, a mockup, a competitor's site, a component, a dashboard, a landing page. Also when they ask 'extract the design system from X', 'document the style of Y', 'analyze this visually', 'convert this image into tokens', 'help me replicate this design', 'what palette does this site use', 'how is this built'. Also for single elements: 'copy this navbar', 'recreate this illustration', 'give me a prompt to regenerate this graphic' — element mode outputs a focused element.md, with token-grounded image-model prompts when the element is visual art. If the user brings any visual source and wants to understand it at a design level — this skill should activate.

Decomposition methodology for pm agent — turns an approved ARCH document into a Beads task list with explicit dependencies, time-boxes, and acceptance criteria. The pipeline can only orchestrate work it can see; this skill defines what "seeable work" looks like.

Shared review framework that every domain reviewer (pci, oracle, gov, edtech, healthcare, mlops, etc.) MUST follow. Defines the output artifact (TM-{slug}.md), mandatory sections, severity scale, verdict format, the workflow scaffold (when-invoked, Step-0 read-inputs, HANDOFF), and the "domain heuristic vs generic check" boundary. Eliminates duplication across the 60+ reviewer prompts.

Structured idea generation + multi-LLM debate for the product-owner stage. Diverge (generate genuinely different bets), debate (a 4-persona panel on 4 models argues over 2 rounds), converge (synthesize a recommendation). Used by product-owner before architect; available to architect for design-space exploration.

16 hooks across 8 events