Development Skills
CLI-JAW ships 10 development orchestration skills that are always injected (auto-active) into every session. They form a layered team of specialized roles — from general coding to security audits — so you never need to load them manually. Just describe what you need and the right skill activates.
/skill load. The orchestrator (dev) coordinates the others automatically.Skill Overview
| Skill | Role | Trigger |
|---|---|---|
dev | Orchestrator — routes work to specialist skills | Any coding request (always active) |
dev-backend | Server-side logic, APIs, databases, auth | Backend code, API routes, DB schemas |
dev-frontend | UI components, styling, client-side rendering | React/Vue/HTML/CSS, component code, role=frontend |
dev-data | Data pipelines, analysis, transformations | SQL, data wrangling, ETL, analytics |
dev-testing | Test writing, coverage, test strategy | "Write tests", "Add coverage", test files |
dev-debugging | Root-cause analysis, error tracing, fixes | Error messages, stack traces, "왜 안 돼?" |
dev-security | Vulnerability scanning, secure coding | Auth code, secrets, input validation, CVEs |
dev-scaffolding | Project setup, boilerplate, directory structure | "Create a new project", "Init repo", scaffolding |
dev-code-reviewer | Code review, PR feedback, best practices | "Review this", "PR 봐줘", diff analysis |
dev-pabcd | PABCD prompt engineering for dev tasks | Structured prompts, Persona/Audience/Behavior/Context/Deliverable |
dev — Orchestrator
The dev skill is the top-level orchestrator. It detects the stack (language, framework, project type) and routes requests to the appropriate specialist skill. When multiple skills are relevant — say, writing a backend API with tests — it coordinates them in sequence.
# The orchestrator automatically picks dev-backend + dev-testing
"이 Express API에 JWT 인증 추가하고 테스트도 작성해줘"
# Stack detection triggers dev-frontend rules
"React 컴포넌트 만들어줘 — 드래그 앤 드롭 칸반 보드"dev directly. It observes your request and injects the right specialist context. Think of it as the team lead who delegates.dev-backend
Handles server-side development: API endpoints, database queries, authentication flows, middleware, and server configuration. It understands Node.js, Python, Go, and other backend stacks.
# Triggers dev-backend
"REST API 만들어줘 — 유저 CRUD, PostgreSQL 연동"
"GraphQL resolver에 pagination 추가해줘"
"Redis 캐시 레이어 붙여줘"| Strength | Examples |
|---|---|
| API design | REST, GraphQL, gRPC endpoint scaffolding |
| Database | Schema design, migrations, query optimization |
| Auth | JWT, OAuth2, session management, RBAC |
| Infrastructure | Docker, env config, server middleware |
dev-frontend
Production-grade frontend with distinctive aesthetics. Detects the framework (React, Vue, Svelte, vanilla) and applies specialized rules from its modular reference system. Injected automatically when role=frontend is detected.
# Triggers dev-frontend
"다크 모드 토글 컴포넌트 만들어줘"
"이 페이지 반응형으로 만들어줘 — 모바일 우선"
"Tailwind으로 이 디자인 구현해줘"dev-frontend uses a SKILL.md orchestrator plus references/ directory for deep framework-specific guidance. It goes beyond basic components to enforce accessibility, performance, and visual polish.dev-data
Data pipelines, analysis, and transformations. Handles SQL queries, pandas/polars DataFrames, ETL workflows, and data visualization.
# Triggers dev-data
"이 CSV 데이터 정리해줘 — 중복 제거, 날짜 포맷 통일"
"매출 데이터 분석해줘 — 월별 트렌드 차트"
"D1 데이터베이스에서 집계 쿼리 작성해줘"dev-testing
Writes tests, improves coverage, and designs test strategies. Supports Jest, Vitest, Pytest, Go testing, and more. Understands unit, integration, and e2e testing patterns.
# Triggers dev-testing
"이 함수에 단위 테스트 작성해줘"
"테스트 커버리지 80% 이상으로 올려줘"
"E2E 테스트 시나리오 만들어줘 — 로그인 플로우"| Test Type | When Used |
|---|---|
| Unit tests | Individual functions, utilities, pure logic |
| Integration tests | API routes, database interactions, service layers |
| E2E tests | Full user flows, browser automation, critical paths |
| Snapshot tests | UI components, serialized output verification |
dev-debugging
Root-cause analysis and error tracing. When you paste an error message or stack trace, this skill activates to diagnose the problem, identify the root cause, and propose a fix.
# Triggers dev-debugging
"이 에러 왜 나와? TypeError: Cannot read properties of undefined"
"빌드가 깨졌어 — 로그 봐줘"
"메모리 누수 있는 것 같아 — 프로파일링 도와줘"dev-debugging reads the error context, examines related source files, traces the call chain, and narrows down the root cause before suggesting a targeted fix — not a shotgun approach.dev-security
Scans for vulnerabilities, enforces secure coding patterns, and reviews auth/crypto implementations. Activated when code touches authentication, secrets, user input, or known CVE patterns.
# Triggers dev-security
"이 인증 코드 보안 검토해줘"
"SQL injection 취약점 없는지 확인해줘"
"환경변수 관리 best practice 적용해줘"| Check | What It Catches |
|---|---|
| Injection | SQL injection, XSS, command injection, template injection |
| Auth | Broken auth flows, weak tokens, missing RBAC |
| Secrets | Hardcoded API keys, leaked credentials, insecure storage |
| Dependencies | Known CVEs in packages, outdated libraries |
dev-scaffolding
Project initialization and boilerplate generation. Sets up directory structures, config files, CI/CD pipelines, and starter templates for common stacks.
# Triggers dev-scaffolding
"Next.js 프로젝트 새로 만들어줘 — TypeScript, Tailwind, Prisma"
"모노레포 구조 잡아줘 — apps/, packages/"
"GitHub Actions CI 파이프라인 설정해줘"dev-code-reviewer
Code review with structured feedback. Examines diffs for correctness bugs, simplification opportunities, performance issues, and style consistency. Works on staged changes, PRs, or arbitrary code blocks.
# Triggers dev-code-reviewer
"이 코드 리뷰해줘"
"PR 봐줘 — 주요 이슈만 알려줘"
"이 리팩토링 괜찮은지 확인해줘"/code-review with effort levels — low/medium for high-confidence findings only, high for broader coverage, ultra for deep multi-agent cloud review. Add --comment to post inline PR comments or --fix to auto-apply fixes.dev-pabcd
Applies the PABCD framework (Persona, Audience, Behavior, Context, Deliverable) to development tasks. This skill structures prompts for maximum clarity and ensures outputs match the intended format.
# Triggers dev-pabcd
"PABCD로 이 태스크 구조화해줘"
"이 요구사항을 Persona/Audience/Behavior/Context/Deliverable로 분해해줘"| Component | Purpose |
|---|---|
| Persona | Who is performing the task (e.g., senior backend engineer) |
| Audience | Who will consume the output (e.g., junior devs, CI pipeline) |
| Behavior | What actions to take (e.g., write, review, refactor) |
| Context | Background constraints (e.g., TypeScript monorepo, Node 20) |
| Deliverable | Expected output format (e.g., PR-ready code with tests) |
How Orchestration Works
When you send a message, the dev orchestrator evaluates it against all 10 skills and injects the appropriate specialist context. Multiple skills can activate simultaneously.
| Your Request | Skills Activated |
|---|---|
| "API 만들어줘" | dev + dev-backend |
| "이 코드 리뷰하고 테스트 추가해줘" | dev + dev-code-reviewer + dev-testing |
| "이 에러 고쳐줘" | dev + dev-debugging |
| "새 프로젝트 만들어줘 — 보안 best practice 적용" | dev + dev-scaffolding + dev-security |
| "프론트엔드 컴포넌트 만들고 스냅샷 테스트 추가" | dev + dev-frontend + dev-testing |
| "PABCD로 데이터 파이프라인 설계해줘" | dev + dev-pabcd + dev-data |
Relationship to Other Skills
Development skills focus on writing and reviewing code. For related but distinct workflows:
- Automation skills — CI/CD pipelines, scheduled jobs, and workflow triggers
- Cloud & Deploy skills — Cloudflare Workers, deployment, infrastructure
- Security & Review skills — Dedicated deep security audits beyond
dev-security - Dev Workflow skills — Git operations, PR management, branch strategies