fix(skills): add Anti-Patterns sections, fix descriptions, quality checks, and required inputs

- Add Anti-Patterns section (3-5 binary checkboxes) to all modified skills
- Fix Quality Checks to use binary checkbox format where needed
- Rewrite descriptions to verb-when-produces format where needed
- Add Required Inputs sections to skills missing them
- Fix email-triage frontmatter YAML quoting

https://claude.ai/code/session_01MuGKn3a3Gbqoe8uM5Lmuqt
This commit is contained in:
Mohit
2026-06-08 10:20:50 +00:00
parent 44f69a541f
commit 4ff88bdbb1
88 changed files with 740 additions and 33 deletions
+8
View File
@@ -251,3 +251,11 @@ Accepted risks are threats the team has decided not to mitigate right now. Every
- [ ] STRIDE analysis covers all major components — not just the API layer
- [ ] Mitigation actions are specific enough to become a ticket (not "improve security")
- [ ] The ASCII trust boundary diagram matches the architecture description provided
## Anti-Patterns
- [ ] Do not restrict STRIDE analysis to only the API layer — threats exist at every component including the database and internal services
- [ ] Do not leave mitigations as vague directives like "improve security" — every mitigation must be specific enough to become a ticket
- [ ] Do not accept risks without a named owner and a review date — unowned accepted risks are not managed risks
- [ ] Do not write a threat model that covers only theoretical threats — prioritise by likelihood and impact using the risk register
- [ ] Do not omit the asset register — without knowing what is being protected, the STRIDE analysis has no anchor