mthines-agent-skills

After `authorization-gate.md` grants, this rule covers the exact mechanics of posting a pending review. The non-negotiables are listed first because each one corresponds to a real prior incident.

Independent fresh-context verifier for bug-fix PRs produced by /fix-bug. Receives only the Evidence Record, the reproduction path/command, the bug-notes ledger (read-only), and the PR diff — explicitly NOT the planner's reasoning, the plan.md, or the executor's reasoning. Runs FAIL_TO_PASS (repro now passes), PASS_TO_PASS (existing tests still pass), diff sanity (no catch-all exception swallows, no debug statements left in, no test deletions or .skip / .only flags), and repro integrity (the repro itself was not weakened). Returns green / red with evidence. Used by /fix-bug Phase 7. Does NOT exist for /batch-linear-tickets directly — that orchestrator inherits Phase 7 transitively because it dispatches /fix-bug per ticket.

Line-level rubrics (`code-quality`, `ux`, `critical`, lenses) evaluate each hunk locally. They cannot catch two classes of failure that matter most:

Independent fresh-context verifier for feature PRs produced by /autonomous-workflow. Receives only the plan.md (Acceptance Criteria, Requirements, File Changes), walkthrough.md, the PR diff, and the project test command — explicitly NOT the planner's reasoning, the executor's reasoning, or any chat history. Runs ACCEPTANCE_CRITERIA_MATCH (every criterion is verifiable from the diff), PASS_TO_PASS (existing tests still pass), diff sanity (no catch-all exception swallows, no debug statements left in, no test deletions or .skip / .only flags), and walkthrough integrity (the walkthrough describes what the diff actually does, with no claims about features absent from the diff and no hunks missing from the walkthrough). Returns green / red with evidence. Used by /autonomous-workflow Phase 7 — feature-PR counterpart to bug-fix-verifier.

Extract evidence from a single Linear ticket — read the ticket, locate affected code, and return an Evidence Record matching the /fix-bug Phase 2 schema. Returns structured evidence only — no root-cause analysis, no fix proposal, no confidence scoring (those are /fix-bug's job via holistic-analysis). Used by /fix-bug's Linear input route and fan-out by /batch-linear-tickets.

Forces a full holistic re-analysis when a fix or refactor isn't working. Instead of continuing to patch in isolation, this skill triggers a structured step-back analysis that traces the entire execution path end-to-end — from entry point to exit — analyzing each block, every contract boundary, and the full data flow. Three modes: "fix" (default) for bugs and broken behavior, "refactor" for restructuring/improvement, and "review" for PR validation (returns structured intent-match + system-fit findings for the reviewer / pr-reviewer agents to consume — never run on its own for routine review work). Trigger ONLY when at least one isolated fix attempt has already failed, or the user explicitly requests a full execution-path analysis — phrases like "step back", "think holistically", "analyze the whole thing", "zoom out", "look at the bigger picture", or "rethink this" qualify only in that context. Never trigger for trivial one-line fixes or first-attempt debugging. Also triggers on "/holistic", "/step-back", "/rethink", "/zoom-out".

Analyzes Playwright E2E `trace.zip` archives (and bare trace JSONL when unpacked). Extracts the action timeline, network waterfall, console errors, and DOM-snapshot anchors, then identifies the highest-impact problems (flaky waits, slow selectors, network bottlenecks, hung actions, unhandled console errors, navigation churn) and proposes concrete test or app fixes ranked by measured impact. Auto-detects whether the input is a `trace.zip`, a directory of unpacked trace files, or a single `trace.trace` / `trace.network` JSONL stream. Iterates via the `/confidence` skill — if root-cause certainty is below 90%, it digs deeper before recommending a fix. Use when handed a Playwright trace, asked "why is this test flaky?", "why did the test time out?", or asked to optimise an E2E suite with evidence. Triggers on "analyze trace", "playwright trace", "e2e trace", "test flake", "why did playwright fail", "playwright timing", "/playwright-trace-analyzer".

Analyzes React DevTools Profiler exports, Chrome DevTools Performance traces, and Chrome heap snapshots / heap-timelines / heap-profiles. Identifies the highest-impact bottlenecks (long tasks, expensive renders, layout thrash, wasted memoisation, blocking scripts, retained memory, leaks) and proposes concrete code fixes ranked by measured impact. Auto-detects the input format (React `.json` profile, Chrome trace `.json` / `.cpuprofile`, or `.heapsnapshot` / `.heaptimeline` / `.heapprofile`). Iterates via the `/confidence` skill — if root-cause certainty is below 90%, it digs deeper before recommending a fix. Use when handed a profile file, asked "why is this slow?", "why is memory growing?", or asked to optimise a hot path with evidence. Triggers on "analyze profile", "react profiler", "chrome performance", "optimize from profile", "profile this", "why is this slow", "memory leak", "heap snapshot", "/profile-optimizer".

Guides product analytics and RUM (Real User Monitoring) event tracking in web (React/Next.js) and mobile (React Native/Expo) apps. Decides what user interactions are valuable to capture, what's noise, what's PII to avoid, and how to implement, audit, update, and remove tracking code cleanly. Covers event naming, property schemas, tracking plans, GDPR/CCPA/DPDPA compliance, OpenTelemetry semantic conventions for browser and mobile RUM, and platforms (PostHog, Segment, Mixpanel, Amplitude, Datadog RUM, Sentry, OTel, Dash0). Modes: guide (default), implement, audit, remove, plan. Triggers on "track this event", "add analytics", "what should I track", "is this PII", "tracking plan", "remove tracking", "audit analytics", "/rum-tracking".

Authors fast, cheap, maintainable GitHub Actions workflows applying 2026 best practices: caching with `hashFiles` + `restore-keys`, parallelization via matrix + artifacts, reusability (composite actions for steps, reusable workflows for jobs), security (SHA-pinned actions, least-privilege `GITHUB_TOKEN`, concurrency), and trackable errors (named steps, step summaries, annotations). Two modes: `scaffold` (default) generates workflow YAML; `review` audits an existing workflow against the same rules. Use when creating CI/CD pipelines, optimizing slow workflows, deduping copy-pasted YAML across repos, or auditing workflow security. Triggers on "github action", "github workflow", "ci pipeline", "create workflow", "speed up ci", "review my workflow", "/github-actions-author".