Skill228 estrellas del repoactualizado yesterday

analyzing-changes

Analyzes code changes, detects documentation drift, and evaluates change impact scope. Use when reviewing diffs, checking doc sync, or running pre-commit analysis. Automatically triggered after design-level changes or refactoring.

Ver fuente Repositorio: code-abyss

Instalar en Claude Code

Copiar

git clone --depth 1 https://github.com/telagod/code-abyss /tmp/analyzing-changes && cp -r /tmp/analyzing-changes/skills/analyzing-changes ~/.claude/skills/analyzing-changes

Después abre una sesión nueva de Claude Code; el skill carga automáticamente.

Definición

SKILL.md

# 变更校验关卡

> 看清「改了什么、影响哪里、文档是否跟上」——是变更的体检，不是审查替代品。

## 何时使用

| 场景 | 跑 | 判据 |
|------|------|------|
| 提交前（任何代码改动） | ✅ | 默认门禁 |
| 重构完成 | ✅ | 评估辐射面 |
| 设计级改动 | ✅ | DESIGN.md 是否同步 |
| PR review | ✅ | 替代手工 diff 计数 |
| 跨模块大改 | ✅ | 看依赖图是否成环 |
| 紧急 hotfix | ⚠ | 跑，但允许文档同步延后到稳定后 |

## 三种模式

| 模式 | 时机 | 用途 |
|------|------|------|
| `working` (默认) | 写代码过程中 | 自检，看「我现在的工作面有哪些待整理」 |
| `staged` | `git add` 后、`commit` 前 | 提交闸，看「这一 commit 的合理性」 |
| `committed` | commit 完成后 | review，看「上一段历史改了哪些范围」 |

## 警告判定

| 警告 | 触发 | 处置 |
|------|------|------|
| 代码 >50 行 而 DESIGN.md 未更新 | 设计层面变化未留痕 | 补 DESIGN.md「改了什么/为何」段 |
| 代码 >30 行 而无测试更新 | 测试覆盖滞后 | 补单测/集成测；或在 PR 注明「该路径已有 E2E 覆盖」 |
| 新增文件而 README.md 未更新 | 用户视角文档滞后 | 补模块入口说明 |
| 配置变更未记录 | 部署可能踩坑 | CHANGELOG / DESIGN 留迁移说明 |
| 删除文件 | 引用可能未清理 | 全仓 grep 文件名/导出符号 |

## 解读输出

工具产出三类信号：

1. **文件分类** — 自动分代码/文档/测试/配置；用于判断「是否纯文档变更」
2. **模块识别** — 把变更聚到模块边界；用于判断「跨模块改动」
3. **影响评估** — 行数 + 文件数；用于判断「改动是否需要拆 PR」

> **拆 PR 的判据**（基于 commit 角度）：
> - 跨 ≥3 模块且无统一主题 → 拆
> - 单 commit >500 行非生成代码 → 拆
> - 一次同时改架构 + 实现 + 文档 → 通常合理（同主题）

## 与其他 skill 联动

- 设计级变更 → 触发 [verifying-modules](../verifying-modules/SKILL.md) 看新模块文档完整性
- 安全相关变更 → 触发 [analyzing-security](../analyzing-security/SKILL.md)
- 重构 → 触发 [checking-code-quality](../checking-code-quality/SKILL.md) 防退化

## 使用

```bash
node scripts/change_analyzer.js                   # working（默认）
node scripts/change_analyzer.js --mode staged     # 暂存区
node scripts/change_analyzer.js --mode committed  # 已提交
node scripts/change_analyzer.js -v                # 详细
node scripts/change_analyzer.js --json            # CI 用
```

## 人工复核

工具给信号，人下结论。先读受影响模块 README/DESIGN，确认：
- 职责边界是否仍清晰
- 设计决策是否仍成立
- 测试是否覆盖新路径

设计级改动须于 DESIGN.md 留痕：**改了什么、为何改、影响何处**。三段缺一不可。

Del mismo repositorio

analyzing-securitySkill

Scans code for security vulnerabilities, detects dangerous patterns, and ensures security decisions are documented. Use when running security scans, auditing code, or checking for OWASP issues, injection risks, or sensitive data leaks. Automatically triggered on new modules, security-related changes, or post-refactor.

analyzing-spreadsheetsSkill

Processes Excel spreadsheet files (.xlsx, .xlsm, .csv). Creates workbooks, builds formulas, preserves formatting, analyzes tabular data, and validates financial models with zero-formula-error delivery. Use when working with spreadsheet files or tabular data analysis. Do NOT use for Word documents, PDFs, presentations, or database pipelines.

applying-ui-design-systemSkill

Frontend UI design system selector and implementation guide covering Glassmorphism, Liquid Glass (Apple-style), Neubrutalism, and Claymorphism. Use when building UI components, choosing a visual aesthetic, implementing design tokens, or auditing accessibility/contrast on themed surfaces. Provides per-style tokens, component patterns, dark mode, and a11y constraints.

architecting-securitySkill

安全架构与治理：威胁建模 (STRIDE/PASTA/LINDDUN)、零信任身份架构、IAM/SSO/MFA/PAM、合规框架 (SOC2/PCI/HIPAA/GDPR)、DLP、隐私工程、安全控制设计。Use when designing security architecture, threat modeling new systems, implementing zero-trust identity, designing IAM/SSO/PAM, building compliance evidence chains, or planning privacy-by-design.

automating-devopsSkill

DevOps knowledge reference covering Git workflows, testing strategies, DevSecOps, release pipeline orchestration (release.yml, multi-arch images, cosign integration), CI/CD pipelines, database management, observability, and performance optimization. Use when working with Git, CI/CD, release pipelines, ghcr image publishing, testing, monitoring, or infrastructure automation.

building-agent-systemsSkill

AI agent and LLM system engineering reference covering single-agent dev (ReAct, tool calling, plan-execute), multi-agent coordination (swarm, role decomposition, file locking), LLM security (prompt injection, jailbreak defense, output filtering), RAG architecture (chunking, hybrid retrieval, rerank), and prompt engineering / evaluation (RAGAS, LLM-as-Judge). Use when building AI agents, designing RAG pipelines, orchestrating multi-agent workflows, hardening LLM apps, or writing prompts.

checking-code-qualitySkill

Checks code quality metrics including complexity, duplication, naming conventions, and function length. Use when running quality gates, reviewing code smells, or checking lint rules. Automatically triggered on complex modules or post-refactor.

creating-presentationsSkill

Processes PowerPoint presentation files (.pptx). Creates slides, rewrites templates, converts HTML to presentations, validates thumbnails, swaps layouts, and performs deep OOXML editing. Use when working with presentation files or slide decks. Do NOT use for Word documents, spreadsheets, or PDF files.