# ApexYard Skills

> 59 slash commands grouped by what you're trying to do — not by what's under the hood. Drop into your Claude Code session inside an apexyard fork.

## In plain English

These are the commands you type into Claude Code to get ApexYard to do something. They're grouped by what you're trying to do — keep quality high, move work forward, see everything at once, onboard new code, run things — not by what's under the hood. If you'd rather see a real day with these, read [how it works](https://yard.apexscript.com/how-it-works.md).

## What is it?

ApexYard ships 59 slash commands grouped under outcome headings — Keep quality high, Move work forward, See everything at once, Onboard new code, Run things.

## What can it do?

Each `/<name>` is a structured workflow with safety rails. The right framework checks fire at the right moments — `/approve-merge` writes a record that the merge gate verifies before the merge actually runs. Every skill ships in `.claude/skills/<name>/SKILL.md`.

## What's needed to start?

Browse below; invoke any skill from a Claude Code session inside an apexyard fork. New here? Start with `/setup` on a fresh fork, then `/feature` or `/idea` to capture work, then `/code-review` and `/approve-merge` when a PR is ready to ship.

---

## Keep quality high

The skills that catch mistakes before they reach customers — reviews, audits, security checks.

- `/code-review <pr>` — invoke the Code Reviewer agent (Rex) on a PR.
- `/security-review <pr>` — invoke the Security Reviewer agent (Hakim) on a PR.
- `/audit-deps` — audit dependencies for vulnerabilities, outdated packages, licences.
- `/launch-check` — production readiness audit — multi-dimension go/no-go sweep at milestone boundaries.
- `/threat-model` — threat modelling across 6 attack categories (spoofing, tampering, repudiation, disclosure, denial of service, elevation of privilege).
- `/accessibility-audit` — WCAG 2.1 AA audit.
- `/compliance-check` — GDPR + ePrivacy audit (consent, privacy policy, data handling, right to deletion, DPAs).
- `/analytics-audit` — SDK config, event naming, funnel completeness.
- `/seo-audit` — meta tags, sitemap, robots.txt, OG, structured data.
- `/geo-audit` — AI/LLM discoverability — `llms.txt`, `AGENTS.md`, AI-crawler robots, JSON-LD citation grounding.
- `/performance-audit` — bundle size, image opt, lazy load, code split, Core Web Vitals.
- `/monitoring-audit` — logging, error tracking, health endpoints, alerting, runbooks.
- `/docs-audit` — Diataxis docs audit (tutorials, how-to, reference, explanation).
- `/mutation-test` — mutation-testing sensor; milestone cadence, exit-3 graceful-degrade.

## Move work forward

Capture an idea, file a ticket, record a decision, approve a merge — everything that turns half-formed thoughts into shipped software.

- `/start-ticket <N> | <owner>/<repo>#<N>` — Declare an active ticket for this session so the ticket-first hook lets code edits through.
- `/approve-merge <pr>` — Record per-PR CEO approval and merge in one turn. Only on an explicit per-PR "approved" — never on umbrella "go".
- `/approve-design <pr>` — Record per-PR design-review approval for UI PRs.
- `/decide` — Make a technical decision and record it permanently — what you considered, what you picked, why. Required before architecture changes.
- `/idea` — Capture a new product idea / feature concept / internal tool proposal to the shared backlog.
- `/validate-idea` — Lightweight 5-question pre-spec gate between `/idea` and `/write-spec`.
- `/write-spec` — Generate a PRD or feature spec from a problem statement.
- `/plan-initiative` — Initiative → milestones → tasks with dependency-aware sequencing.
- `/feature` — Create a structured feature ticket (user story + acceptance criteria + design notes).
- `/bug` — Create a structured bug ticket (Given/When/Then + repro steps + severity).
- `/task` — Create a structured technical task ticket (driver, scope, ACs) for tech debt, infra, refactoring.
- `/spike` — Create a hypothesis-driven, time-boxed spike ticket. Exempt from decision-record + coverage gates.
- `/spike-close --promote | --discard` — Disposition gate for spikes — promote files a fresh `[Feature]`; discard writes a memo.
- `/migration` — Create a labelled migration ticket + matching decision record (rollback, downtime, consumers, observability). Required by the migration gate.
- `/investigation` — Create an investigation ticket + live-doc for sustained root-cause work.
- `/tickets-batch` — Bulk-file 5–20 structured tickets in one flow (shared-context Qs once, 3-Q micro-interview per ticket).

## See everything at once

When you have more than one product going at the same time, the question that costs you the most is "what's waiting on me right now?"

- `/projects` — List all managed projects with status, branch, open PRs, open issue counts.
- `/inbox` — Items needing your attention across the portfolio: PRs, assigned issues, comments, blockers.
- `/status [--briefing | -b]` — Per-project git + CI snapshot; `--briefing` for the 4-line compact form.
- `/tasks` — Aggregated, scored, sorted task list across the portfolio with direct URLs.
- `/roadmap [add | remove | reorder | show] [item]` — Update, create, or reprioritise the product roadmap. Renders a markdown table per milestone.
- `/stakeholder-update weekly | monthly | launch` — Generate a stakeholder update from real activity (recent PRs, closed issues, decisions, roadmap) — not from what you remember.
- `/agdr browse | search | show | stats` — Searchable library of every technical decision ever recorded across your portfolio. Answers "have we decided this before?".

## Onboard new code

Fresh fork, new project handed to you, codebase you want to understand. These skills get you oriented fast — generating diagrams, feature inventories, process flows from real code instead of from memory.

- `/setup [--reset]` — First-run framework bootstrap for a new ApexYard fork. Three exchanges and the fork is configured.
- `/handover <name> [path-or-url]` — Onboard an external repo into ApexYard management. Reads the target, synthesises a structured handover assessment, scores harnessability across 5 codebase dimensions.
- `/c4` — Generate architecture diagrams (Level 1 system context + Level 2 container detail) from a project's codebase.
- `/dfd` — Extract a data-flow diagram with trust boundaries + data classifications (Mermaid + optional Threat Dragon JSON). Source of truth for `/threat-model`.
- `/process` — Extract a business process from your code (state machines, queue chains, cron, API choreography) via 7-axis scan + gap-targeted interview, then emit a standard process-diagram file.
- `/extract-features` — Six-axis Feature Inventory (routes / models / jobs / tests / UI / docs) — a "what we must preserve" spec for greenfield rewrites.
- `/feature-diagram` — Per-feature flowchart of routes / models / jobs / screens involved.
- `/tech-vision` — Interactive author for the architecture vision template (target / gap / migration / anti-scope).
- `/journey` — Self-contained HTML user-journey map (boxes/arrows with per-page modals) — preview between PRD and tech-design.
- `/codify-rule` — Turn a human (or Copilot) review comment that caught a Rex-miss into a draft handbook entry.

## Run things

Sync the framework, parallelise independent work, cut a release, debug something hairy, share a PDF with a non-technical stakeholder.

- `/update [--dry-run] [--rebase]` — Sync the ApexYard fork with upstream. Previews pending commits, creates a sync branch, merges or rebases, walks per-file conflicts.
- `/split-portfolio [--verify] [--dry-run]` — Migrate from single-fork to split-portfolio mode (public framework + private portfolio).
- `/release [version]` — Cut a new apexyard release (framework-only). Diffs dev vs main, picks a semver bump, generates CHANGELOG, opens release PR.
- `/debug` — Hypothesis-driven debugging — architecture-first reading + evidence-before-fix. For bugs that resisted naïve fix attempts.
- `/pdf` — Convert markdown / HTML / process-diagram to PDF (pandoc / md-to-pdf / wkhtmltopdf / bpmn-to-image).
- `/fan-out <task1, task2, ...>` — Spawn N parallel Agent calls in a single assistant message, optionally with worktree isolation.

## Deprecated

- `/onboard` — Use `/setup` for framework configuration, `/handover` for adding a project to the portfolio. This skill redirects to the correct flow.

## Links

- Home: <https://yard.apexscript.com/index.md>
- How it works: <https://yard.apexscript.com/how-it-works.md>
- Architecture: <https://yard.apexscript.com/architecture.md>
- GitHub source for each skill: <https://github.com/me2resh/apexyard/tree/main/.claude/skills>
