the catalog · agents
73 Claude Code agents
Specialist reviewers, planners, resolvers, and auditors — each one tuned for a single job. Free rows install with no account; the rest unlock with the $10/mo subscription.
Use when auditing an existing UI for WCAG 2.2 A/AA conformance. Investigates semantics, keyboard operability, focus, color contrast, ARIA, forms, and reduced-motion, then reports findings per success criterion with severity and concrete fixes. Read-only — audits, does not refactor.
- ai-engineerpro
Use PROACTIVELY when building or hardening LLM-powered features (chatbots, RAG, agents, summarizers, extractors, classifiers). Picks the right pattern (prompt → RAG → tools → agent), the right model tier, and ships with evals, guardrails, and cost/latency budgets.
- api-designerfree
Use when designing a new HTTP/GraphQL API or changing an existing one — modeling resources, defining endpoint contracts, choosing status codes, pagination, filtering, error envelopes, versioning, and idempotency. Produces a reviewable API contract plus an OpenAPI snippet, not production code.
Use when documenting an HTTP/REST or GraphQL API for external or internal consumers — turning routes, schemas, or an OpenAPI spec into accurate reference docs with request/response examples, error catalogues, auth, pagination, and a getting-started guide. Read-only; produces docs, not code.
Use when preparing a mobile app release or store submission. Walks through versioning, build config, store metadata, and the review-readiness checklist to avoid rejections.
Use when building, reviewing, or stress-testing a budget. Turns priorities into a realistic allocation of money, tracks budget vs. actuals, forecasts cash flow and runway, and flags variances and shortfall risks early with concrete corrective actions.
- bug-reporterpro
Use when a vague problem report needs to become a clean, reproducible bug ticket with numbered steps, expected vs. actual behavior, environment, severity, and attached evidence. Turns "it's broken" into a report a developer can act on immediately.
Use when you need to analyze a dataset or metrics and explain what they mean for the business. Pins the decision, finds the signal, quantifies the effect size, separates correlation from causation, and recommends a concrete action with a way to confirm it worked.
Use when designing, hardening, or repairing a CI/CD pipeline — build→test→scan→deploy flows, environment promotion, deployment strategies, and rollback. Reach for it when green doesn't mean shippable, deploys are risky, or stages are slow, flaky, or out of order.
- code-reviewerfree
Use PROACTIVELY immediately after writing or modifying code, and before any commit to a shared branch. Reviews a diff the way a senior engineer would — security first, then correctness, then maintainability — and reports findings by severity (CRITICAL/HIGH/MEDIUM/LOW) with a concrete file:line → fix for each.
Use when analyzing competitors or sizing a market. Maps the landscape, compares positioning, pricing, and features, and surfaces gaps and opportunities — every claim sourced and dated, fact separated from inference.
Use when preparing for or assessing security compliance (SOC 2, ISO 27001, GDPR, HIPAA). Maps required controls to concrete evidence, finds gaps where a control is unimplemented or unprovable, and produces a risk-prioritized readiness plan an auditor would accept.
Use PROACTIVELY when building UI components. Produces accessible, reusable, responsive components with full interaction states, a documented prop/slot API, and controlled/uncontrolled support — following the project's existing design system and conventions rather than generic template output.
Use PROACTIVELY when creating long-form content — blog posts, articles, guides, or landing-page copy. Produces structured, on-brand writing with a clear angle and a concrete reader payoff, not generic filler. Leads with a point of view, backs every claim with specifics, and self-edits for clarity before handing off.
Use when a non-lawyer needs to understand a business contract before signing or negotiating. Produces a plain-language summary, a clause-by-clause risk read (standard/negotiable/red flag), missing protections, key dates and obligations, and questions for counsel. A first-pass comprehension aid — NOT legal advice.
Use when driving customer onboarding, adoption, retention, or renewals. Builds outcome-based success plans, computes account health, spots churn risk early, runs QBRs, and turns healthy accounts into expansions — always tying activity back to the customer's desired business outcome, not raw product usage.
- data-modelerpro
Use when designing a database schema or data model from scratch or reshaping an existing one — turning entities, relationships, and real access patterns into normalized (or deliberately denormalized) tables with the right keys, constraints, and indexes. Covers OLTP relational and OLAP dimensional models.
Use when building, reviewing, or fixing a data pipeline (ETL/ELT, batch or streaming). Produces idempotent, observable pipelines with explicit schema contracts, incremental loads with watermarks, backfill plans, and data-quality gates. Reach for this agent when a job double-counts, drifts, or silently drops rows.
Use when validating a dataset before analysis, reporting, or model training. Profiles the data across six quality dimensions, applies explicit rules and thresholds for nulls, duplicates, ranges, formats, and drift, and reports prioritized findings with quantified impact and a recommended fix per issue.
Use when operating, hardening, or troubleshooting a production database — backups and restore drills, replication and failover, slow-query and lock investigation, capacity and connection-pool planning, and safe schema migrations. Keeps data durable, available, and fast.
- debuggerfree
Hypothesis-driven debugging specialist. Use PROACTIVELY when a test fails, an exception or stack trace appears, a build breaks, or behavior is unexpected. Reproduces the failure, bisects to the root cause, fixes the smallest surface, and adds a regression test — never patches symptoms.
Dependency upgrade specialist. Use PROACTIVELY on a schedule or when audits flag vulnerable/outdated packages. Scans the dependency tree, classifies upgrades by risk, proposes small verifiable batches with changelog evidence, and never bumps blindly past breaking changes.
Use when you need to author or stabilize end-to-end tests for critical user journeys (login, signup, checkout). Selects which flows are worth the E2E cost, drives the app like a user with role/label locators, and produces deterministic specs with no hard sleeps and no flake.
Use when drafting or improving a professional email. Produces clear, appropriately-toned messages with a strong subject line and a single clear ask — cold outreach, follow-ups, apologies, announcements, and difficult-message rewrites — and reports the draft with a subject, a skimmable body, and one obvious next step.
Use when writing firmware or embedded software for microcontrollers/RTOS. Produces resource-efficient, reliable C/C++ that respects timing, memory, and power constraints — static allocation, short ISRs, correct volatile/atomic usage, and explicit RAM/flash budgets.
Vertical-slice feature specialist. Use PROACTIVELY when a feature request spans layers — data model, API, business logic, UI, and tests. Builds the complete slice end to end, matching existing project conventions at every layer, tests-first, behind a flag when risky.
Use when analyzing financials or building a model — forecasts, budgets, scenarios, and unit economics — to support a business decision. Reads statements, computes ratios, builds transparent driver-based models, and returns a recommendation with explicit assumptions and scenario ranges.
Use when building gameplay features or systems — game loops, entity/scene state, input handling, movement/physics, and mechanics. Implements simulation code that runs deterministically within a frame budget and reports feel/perf tradeoffs, then delivers the loop, the state design, and a frame-budget note.
Use when designing game systems and mechanics — core loops, progression, economy, difficulty, and player motivation — for engagement and long-term balance. Turns a fuzzy "make it fun and fair" goal into tuned numbers, sink/faucet tables, difficulty curves, and exploit checks a developer can implement directly.
Use when drafting HR documents and running people processes — onboarding, handbook/policy sections, performance reviews, leave/accommodation guidance, and sensitive employee comms. Produces fair, plain-language drafts and flags anything needing qualified HR/legal review.
- iac-authorpro
Use when provisioning or changing cloud infrastructure with Terraform/Pulumi/OpenTofu. Writes idempotent, modular IaC with least-privilege IAM, remote locked state, and a reviewed plan before every apply. Use when console-clicked infra needs to become reproducible, or drift must be reconciled.
Use when an active incident or outage is declared, a pager fires, or a production regression is under live triage. Drives a calm, structured response — detect, triage, mitigate, communicate, resolve, hand off — restoring service first and root-causing second, then a blameless postmortem.
Use when integrating a third-party API or service (payments, email, webhooks, data sync). Builds resilient integrations with retries, idempotency, dead-letter handling, error taxonomies, secure auth, and observability across systems you do not control.
Use when designing an IoT system end to end — device connectivity, telemetry, fleet management, and secure firmware updates from edge to cloud. Assumes flaky networks, huge fleets, and constrained devices that must update securely in the field.
Use when triaging and resolving IT support requests. Diagnoses user problems methodically, gives clear step-by-step fixes, and knows when to escalate — turning a frustrated "it's broken" into a precise root cause, a repro, and a ticket priority derived from impact and urgency.
Use when an LLM feature's quality must become a number you can defend. Designs eval criteria, builds datasets, picks scoring (deterministic vs LLM-as-judge vs pairwise), runs baseline-vs-change, and gates regressions. Use before shipping any prompt/model change.
Use when turning a meeting transcript or raw notes into a concise summary with decisions, action items, and owners. Captures what was decided, not every word said.
Use when reviewing an ML model, training pipeline, or model card before it ships or is promoted. Audits for data leakage, evaluation soundness, reproducibility, and production-readiness (train/serve skew, drift, rollback), then issues a ship / fix-first verdict.
Use PROACTIVELY when building or extending a mobile app feature (iOS, Android, or cross-platform like React Native/Flutter). Builds idiomatic, performant screens that respect platform conventions, handle the full lifecycle (loading/empty/error/offline), keep the main thread free, and ship within a bundle budget.
Use when a mobile app is slow to start, janky while scrolling, drains battery, or grows memory without bound. Profiles first to find the real bottleneck, fixes the biggest cost, and re-measures on a representative mid-range device — reporting before/after for fps, cold-start, memory, and battery.
Use when designing, segmenting, or troubleshooting network connectivity — VPCs, subnets, VLSM addressing, routing, switching, firewalls/security groups, DNS, and load balancing — to make traffic reach exactly what it should and nothing it shouldn't.
Use when diagnosing a connectivity problem — timeouts, connection refused, DNS failures, TLS/cert errors, intermittent packet loss, or an unreachable service. Works the OSI layers bottom-up from evidence, isolates the failing layer, and reports a root cause with the proof behind it.
Use when instrumenting a service for production, defining SLOs, designing alerts, or debugging a live incident. Designs the three pillars (logs, metrics, traces), sets symptom-based SLO alerts with runbooks, and builds dashboards so failures are caught and diagnosed fast.
Use when a page, endpoint, query, or job is slow or a bundle is too large. Profiles first to locate the dominant cost, then proposes prioritized, measurable fixes with before/after numbers. Covers Core Web Vitals, bundle bloat, render bottlenecks, slow queries, and hot code paths.
Use when a backend, service, or job is slow, resource-heavy, or missing a latency/throughput SLO. Measures first, finds the dominant bottleneck, fixes it, and proves the gain with before/after numbers. Watches p99/tail latency, not just averages.
Use when drafting a first version of an internal business policy or governance document (acceptable use, information security, PTO, code of conduct). Produces a clear, well-structured draft in plain language — a starting point to refine with an owner and, where binding, with counsel.
- pr-summarizerfree
Use PROACTIVELY after a pull request is opened (or updated) to produce a concise, reviewer-friendly summary of the change, its risk areas, and a focused test plan — read from the full base...HEAD diff, never from a single commit message.
Use when handling personal data or implementing privacy requirements (GDPR, CCPA). Maps data flows, applies privacy-by-design and data minimization, classifies PII, and builds testable data-subject-rights (access/deletion/portability) and retention flows.
Use when deciding what to build and why — turning user problems and business goals into a prioritized roadmap, a crisp PRD, and measurable success metrics. Best at the fuzzy front end: discovery, framing, ruthless prioritization, and defining how you'll know the bet paid off. Not a coder.
Use PROACTIVELY when turning a goal into an executable project plan — when you need a scoped work breakdown, estimates, a dependency-aware schedule with a critical path, milestones, and a ranked risk register. Best for new initiatives, releases, and replans.
Use when a prompt is unreliable, inconsistent, or being written from scratch. Designs clear, structured prompts (role, task, constraints, few-shot, output schema), then tests and iterates against real failure cases one variable at a time. Not a deep RAG or eval-harness build.
Use when writing a sales proposal, quote, or statement of work. Produces a clear, persuasive, buyer-centric document tied to the prospect's goals, scope, and value — not a generic feature-dump template.
Use when planning how to test a feature, sprint, or release — when you need a risk-based test strategy rather than just more tests. Designs coverage across unit, integration, and E2E layers, sets quality gates, and prioritizes the cases that catch real, expensive bugs.
- recruiterpro
Use when hiring for a role — clarifying the req with the hiring manager, writing inclusive job descriptions, sourcing and outreach, and running a structured, bias-resistant interview loop with scorecards that compare candidates fairly.
Use when code is hard to change, duplicated, deeply nested, or accumulating tech debt and you want it restructured for clarity WITHOUT changing behavior. Works in small, test-verified steps. Not for adding features, fixing bugs, or big-bang rewrites.
Use when a request is vague, a feature is just starting, or stakeholders disagree on scope. Turns fuzzy asks into clear, testable requirements — problem statement, user stories, and Given/When/Then acceptance criteria — surfacing edge cases, assumptions, and open questions before a line of code is written.
Use when you need to gather and synthesize information from multiple sources into a clear, cited, decision-ready brief. Triangulates across sources, surfaces where they disagree, separates established fact from speculation, and attaches a confidence level to every claim.
Use when preparing for a sales call, demo, or discovery meeting. Builds a complete call-prep brief — account research, a single call objective, discovery questions, anticipated objections with responses, and a concrete next-step ask — so the rep walks in ready to lead the conversation.
Use when writing cold outreach (email, LinkedIn) to prospects. Produces personalized, concise messages that lead with the prospect's problem, make a single low-friction ask, and earn a reply — plus multi-touch follow-up sequences that add value instead of nagging.
- security-auditorfree
Use PROACTIVELY before commits/merges and whenever code touches auth, user input, secrets, file paths, DB queries, deserialization, or outbound requests. Audits against the OWASP Top 10, traces untrusted data to dangerous sinks, and reports vulnerabilities by severity with concrete fixes and a merge verdict.
Use when optimizing content or a page for search. Improves on-page SEO — title, meta, headings, internal links, and intent match — plus technical basics and structured data, without keyword stuffing or harming readability. Reports prioritized fixes with before/after.
Use when reviewing a smart contract for security before deployment. Thinks adversarially about value and trust, hunts reentrancy, access-control flaws, overflow, oracle and economic exploits, and reports findings by severity with a concrete exploit path and fix for each.
Use when writing or modifying blockchain smart contracts (Solidity/EVM). Implements correct, gas-efficient contracts with security first — invariants, checks-effects-interactions ordering, audited libraries over hand-rolled standards, and adversarial tests for reentrancy and access control.
Use when planning or writing social posts across platforms. Adapts one message into platform-native posts (X, LinkedIn, Instagram, TikTok) with the right tone, length, hooks, hashtags, and a single clear CTA — never the same blurb copy-pasted everywhere.
Use when planning a new system or feature, evaluating architectural trade-offs between options, choosing technologies, or writing an ADR. Gathers functional + non-functional requirements, enumerates options, analyzes trade-offs explicitly, recommends with justification, and records the decision.
Use when drafting a reply to a customer support ticket. Writes clear, empathetic responses that acknowledge the person, deliver an accurate answer or fix, set honest expectations, name a concrete next step, and match the brand's tone — without robotic macros or defensiveness.
Use when administering or automating servers and systems. Writes safe, idempotent shell/automation scripts for provisioning, maintenance, backups, scheduling, and routine ops — with dry-run, rollback, and least-privilege built in.
Use when a feature or change needs a written design before coding — to align a team, surface alternatives, and de-risk rollout. Produces a concise technical spec: problem, goals/non-goals, proposed approach, alternatives considered, risks, and rollout. Read-only.
- technical-writerfree
Use PROACTIVELY when documentation is needed for a feature, tool, API, or system — READMEs, tutorials, how-to guides, references, or explanations. Produces clear, task-oriented docs structured by the reader's goal using the Diátaxis model, with verified, runnable examples.
- test-authorfree
Use PROACTIVELY when adding a feature or fixing a bug — writes tests FIRST (TDD red-green-refactor). Detects the repo's existing framework, captures the spec as failing AAA tests, drives implementation to green, and reports coverage against the 80% target with gaps called out.
- threat-modelerfree
Use when designing a new system or feature, or assessing the attack surface of an existing one. Produces a STRIDE threat model over a data-flow diagram — assets, trust boundaries, threats, risk ratings, and prioritized mitigations.
Use when you need to understand users — planning interviews, surveys, or usability tests, writing unbiased questions, recruiting representative participants, and synthesizing findings into prioritized product decisions without leading the witness or mistaking opinions for data.
- vuln-scannerfree
Use when scanning a project's dependencies, source, config, and container images for known vulnerabilities (CVEs), risky versions, and exposed secrets — then triaging findings and proposing safe, prioritized remediations. Invoke before releases, on dependency bumps, or for periodic supply-chain hygiene.