Skip to main content

Skills

Skills allow you to extend PostQode with reusable, on-demand instruction sets for specialized tasks. Think of them as "plugins" that teach PostQode how to perform complex workflows or follow specific protocols.

Why Skills?

  • At startup: PostQode sees only a brief description of each skill
  • When triggered: PostQode loads the full instructions for that specific skill
  • As needed: Skills can bundle additional files that PostQode reads only when referenced

Available Built-in Skills

PostQode comes with a comprehensive set of built-in skills for various specialized tasks. These skills are automatically available and can be activated by using specific keywords or slash commands.

Development & Code Quality Skills

autoplan

Auto-review pipeline — runs CEO, design, eng, DX reviews sequentially with auto-decisions.

  • Use when: "auto review", "run all reviews"
  • Purpose: Comprehensive automated code review process

careful

Built-in careful skill for cautious code modifications.

  • Use when: Working with critical production code, legacy systems, or any code that requires extra validation and safety checks
  • Purpose: Enhanced safety checks and validation

freeze

Restrict file edits to a specific directory.

  • Use when: Debugging issues in a specific module to prevent accidental edits to unrelated files elsewhere in the codebase
  • Purpose: Limit scope of changes to specific areas

guard

Full safety mode — destructive-command warnings + directory-scoped edits.

  • Use when: Maximum safety is needed for critical operations, production deployments, or working with sensitive code
  • Purpose: Combines /careful + /freeze for complete protection

unfreeze

Clear the freeze boundary set by /freeze.

  • Use when: Widening edit scope after using freeze, or when you need to work across multiple directories again
  • Purpose: Remove directory restrictions

health

Code-quality dashboard — type-checker, linter, tests, dead code, shell linter; weighted 0–10 score over time.

  • Use when: "health check", "code quality"
  • Purpose: Comprehensive code quality assessment

investigate

Built-in investigate skill for systematic problem analysis.

  • Use when: Debugging complex issues that require systematic investigation, root cause analysis, or when standard debugging approaches haven't worked
  • Purpose: Structured investigation workflow

Review & Planning Skills

plan-ceo-review

CEO/founder-mode plan review — rethink the problem, find the 10-star product, challenge premises.

  • Use when: "think bigger", "strategy review"
  • Purpose: High-level strategic planning review

plan-design-review

Designer's-eye review on a plan — score each dimension, fix the plan to a 10.

  • Use when: "review the design plan", "design critique"
  • Purpose: Design quality assessment

plan-eng-review

Eng manager-mode plan review — architecture, data flow, edge cases, test coverage, performance.

  • Use when: "review the architecture", "lock in the plan"
  • Purpose: Engineering review of technical plans

review

Pre-landing PR review against the base branch — diff, SQL safety, trust boundaries, side effects.

  • Use when: "review this PR", "code review"
  • Purpose: Comprehensive pull request review

Design & Frontend Skills

design-consultation

Built-in design-consultation skill for UI/UX guidance.

  • Use when: You need design advice, UI/UX consultation, or guidance on design decisions for your application or website
  • Purpose: Design decision support

design-html

Finalize a design into production-quality Pretext-native HTML/CSS.

  • Use when: You have a design mockup or wireframe and need to convert it into clean, production-ready HTML/CSS code
  • Purpose: Convert designs to production code

design-review

Designer's-eye QA on a live site — visual inconsistency, spacing, hierarchy.

  • Use when: You need a comprehensive visual audit of your live website to identify design inconsistencies, spacing issues, or hierarchy problems
  • Purpose: Visual quality assurance

design-shotgun

Generate multiple AI design variants and collect structured feedback.

  • Use when: You're exploring different design directions and want to see multiple AI-generated design options to choose from
  • Purpose: Design exploration and iteration

frontend-design

Create distinctive production-grade frontend interfaces with high design quality.

  • Use when: Building new UI components, pages, or complete applications that require high-quality, production-ready frontend code
  • Purpose: High-quality frontend development

Testing & QA Skills

qa

Systematically QA-test a web application and fix bugs found, with iterative re-verification.

  • Use when: "qa", "test the site", "find bugs"
  • Purpose: Comprehensive QA testing with bug fixes

qa-only

Report-only QA testing — finds and reports bugs without fixing them.

  • Use when: "qa report only", "just report bugs"
  • Purpose: Bug identification and reporting

playwright

Browser automation testing toolkit using Playwright.

  • Use when: You need to create automated browser tests, test user interactions, or perform end-to-end testing of web applications
  • Purpose: Automated browser testing

benchmark

Performance regression detection — page-load times, Core Web Vitals, resource sizes; PR before/after.

  • Use when: You need to measure and compare performance metrics, detect performance regressions, or analyze page load times and Core Web Vitals
  • Purpose: Performance testing and monitoring

Deployment & Monitoring Skills

ship

Built-in ship skill for deployment workflows.

  • Use when: You're ready to deploy your changes to production and need a streamlined deployment process
  • Purpose: Streamlined deployment process

land-and-deploy

Land + deploy workflow — merge PR, wait for CI + deploy, verify prod via canary.

  • Use when: You need to merge a pull request, wait for CI to pass, deploy to production, and verify the deployment with canary monitoring
  • Purpose: Complete merge and deployment workflow

canary

Post-deploy canary monitoring — console errors, perf regressions, page failures via screenshots vs baselines.

  • Use when: After deploying to production, you need to monitor for console errors, performance regressions, or visual changes compared to baseline
  • Purpose: Post-deployment monitoring

Documentation & Project Management Skills

document-release

Post-ship docs update — README, ARCHITECTURE, CONTRIBUTING, CHANGELOG, TODOs.

  • Use when: After shipping a release, you need to update project documentation including README, architecture docs, changelog, and other project files
  • Purpose: Keep documentation in sync with releases

retro

Weekly engineering retrospective from commit history.

  • Use when: You want to conduct a weekly or periodic retrospective to review what was shipped, analyze commit history, and reflect on team progress
  • Purpose: Team retrospectives and progress review

learn

Manage project learnings — review, search, prune what gstack has learned across sessions.

  • Use when: You want to review accumulated project knowledge, search through learnings, or clean up outdated information from previous sessions
  • Purpose: Knowledge management

State Management Skills

checkpoint

Save and resume working-state checkpoints — git state, decisions, remaining work.

  • Use when: You need to save your current work state (including git status, decisions made, and remaining tasks) to resume later or share with team members
  • Purpose: Save and restore work state

Security & Strategy Skills

cso

Chief Security Officer mode — secrets, dep supply chain, CI/CD security, OWASP, STRIDE.

  • Use when: You need a comprehensive security audit covering secrets management, dependency supply chain, CI/CD security, OWASP vulnerabilities, or STRIDE threat modeling
  • Purpose: Security review and threat modeling

office-hours

YC-style office hours — six forcing questions to expose demand, status quo, wedge, observation.

  • Use when: You're brainstorming a new product idea or feature and need structured questions to validate demand, understand the status quo, and identify your wedge strategy
  • Purpose: Product strategy and validation

Skill Development

skill-creator

Create new skills, modify existing ones, run skill evals.

  • Use when: You're creating new custom skills, modifying existing skill definitions, or running evaluations to test and improve skill performance
  • Purpose: Skill development and management

How to Use Skills

Automatic Activation

PostQode automatically activates skills based on your request:

You: "Run a security audit on this code"

PostQode: Matches request → Activates CSO skill

CSO Skill: Performs comprehensive security review

Manual Activation with Slash Commands

You can explicitly activate skills using slash commands:

/qa - Activate QA testing skill
/review - Activate code review skill
/ship - Activate deployment skill
/health - Activate code health check skill

Skill Chaining

Some skills work together in workflows:

/autoplan

Runs: plan-ceo-review → plan-design-review → plan-eng-review

Complete review pipeline

Creating a Skill

A skill is defined by a directory containing a SKILL.md file.

my-skill/
├── SKILL.md          # Required: main instructions
├── docs/             # Optional: additional documentation
│   └── advanced.md
└── scripts/          # Optional: utility scripts
    └── helper.sh

The SKILL.md File

The SKILL.md file must contain a YAML frontmatter block with a name and description, followed by the detailed instructions.

---
name: my-skill
description: Brief description of what this skill does and when to use it.
---

# My Skill

Detailed instructions for PostQode to follow when this skill is activated.

## Steps

1. First, do this
2. Then do that
3. For advanced usage, see [advanced.md](docs/advanced.md)
  • name: Must exactly match the directory name
  • description: Tells PostQode when to use this skill (max 1024 characters)

Where Skills Live

The location of your skills directory depends on your operating system:

  • macOS/Linux: ~/.postqode/skills/
  • Windows: C:\Users\USERNAME\.postqode\skills\

You can also place skills in your project-specific configuration folders (depending on your setup):

  • .postqode/skills/ (recommended)
  • .postqoderules/skills/

Managing Skills

PostQode provides tools to manage your skills:

  • View all available skills (global and workspace)
  • Toggle individual skills on or off
  • Create new skills from a template
  • Delete skills you no longer need

How PostQode Uses Skills

When you ask PostQode to perform a task, it checks the descriptions of all available skills. If a skill seems relevant, PostQode will activate it and follow the instructions in its SKILL.md file.

For example, if you have an aws-deploy skill:

---
name: aws-deploy
description: Deploy applications to AWS using CDK. Use when deploying, updating infrastructure, or managing AWS resources.
---

When you say "Deploy the app to AWS", PostQode will see the aws-deploy skill description, load the full instructions, and guide you through the deployment process.

Example: Data Analysis Skill

Here is a complete example of a Data Analysis skill.

Directory Structure:

data-analysis/
└── SKILL.md

SKILL.md Content:

---
name: data-analysis
description: Analyze data files and generate insights. Use when working with CSV, Excel, or JSON data files that need exploration, cleaning, or visualization.
---

# Data Analysis

When analyzing data files, follow this workflow:

## 1. Understand the Data
- Read a sample of the file to understand its structure
- Identify column types and data quality issues
- Note any missing values or anomalies

## 2. Ask Clarifying Questions
Before diving in, ask the user:
- What specific insights are they looking for?
- Are there any known data quality issues?
- What format do they want for the output?

## 3. Perform Analysis
Use pandas for data manipulation:

\`\`\`python
import pandas as pd

# Load and explore
df = pd.read_csv("data.csv")
print(df.head())
print(df.describe())
print(df.info())
\`\`\`

For visualization, prefer matplotlib or seaborn depending on complexity.

## 4. Present Findings
- Start with a summary of key insights
- Support findings with specific numbers
- Include visualizations where they add clarity
- End with recommendations or next steps

Bundling Supporting Files

Skills can include supporting files like scripts, templates, or additional documentation.

complex-skill/
├── SKILL.md
├── docs/
│   ├── setup.md
│   └── troubleshooting.md
├── templates/
│   └── config.yaml
└── scripts/
    └── validate.py

In your SKILL.md, you can reference these files relative to the skill directory:

For initial setup, follow [setup.md](docs/setup.md).
Use the config template at `templates/config.yaml` as a starting point.

Run the validation script to check your configuration:
\`\`\`bash
python scripts/validate.py
\`\`\`

Ideas for Skills

  • Release management: Version bumping, changelog generation, git tagging, and publishing
  • Code review: Your team’s specific review checklist and quality standards
  • Database migrations: Safely evolving schemas with rollback procedures
  • API integration: Connecting to specific third-party services with proper error handling
  • Documentation: Your preferred structure, style guide, and tooling
  • Debugging workflows: Systematic approaches to diagnosing specific types of issues
  • Infrastructure: Terraform/CDK patterns for your cloud setup
Is this documentation incorrect or incomplete? Report an issue on GitHub