Lesson 8Claude Skills

Top Skills for Developers

Three production-ready skills every developer should install. Each is ready to use as-is — copy the SKILL.md or download it and drop it into ~/.claude/skills/.

/code-review/commit/pr-descriptionReady to download
1/code-review

Review any code or diff for bugs, security issues, and style.

2/commit

Stage, write a Conventional Commit message, and push to origin.

3/pr-description

Generate a complete PR title and description from the branch diff.

How to install

For each skill below, download or copy the SKILL.md content and place it in its folder:

# Create the skill folder and paste the content
mkdir -p ~/.claude/skills/code-review
mkdir -p ~/.claude/skills/commit
mkdir -p ~/.claude/skills/pr-description

# Then save each SKILL.md into the matching folder
ℹ️ Info: Skills in ~/.claude/skills/ are global — available in every project. To scope a skill to one project, put it in .claude/skills/ at your project root instead.
1
/code-reviewSecurity · Bugs · Style

Reviews any code file or git diff for bugs, security vulnerabilities (OWASP Top 10), and style issues. Outputs a severity-ranked table so you know what to fix first.

claude
# Review staged changes before committing
> /code-review
→ Running skill: code-review
Summary: Adds JWT token refresh logic to the auth module.
Issues found:
🔴 High src/auth/token.ts:42 Token secret read from process.env without fallback
🟡 Medium src/auth/token.ts:67 Refresh token not invalidated on logout
🟢 Low src/auth/token.ts:81 Magic number 3600 — extract as TOKEN_EXPIRY_SECONDS
Overall: Request changes — fix the High issue before merging.
~/.claude/skills/code-review/SKILL.md
---
name: code-review
description: >
  Reviews code, diffs, and files for bugs, security vulnerabilities, style
  issues, and improvement opportunities. Triggers when asked to review code,
  check a file, audit a function, or look for issues in the codebase.
allowed-tools: Read(*) Bash(git diff *)
---

You are an expert code reviewer. Analyse the provided code or diff and
produce a structured report.

## Output format

**Summary**: One sentence describing what the code does.

**Issues found**:
| Severity | File / Line | Issue | Suggestion |
|----------|-------------|-------|------------|

Severity levels: 🔴 High  🟡 Medium  🟢 Low

**Overall assessment**: Approve / Request changes — with one-line rationale.

Focus on: correctness, security (OWASP Top 10), performance, readability.
Skip nitpicks unless they cause real problems.
2
/commitConventional Commits · Auto-push

Stages all changes, inspects the diff, writes a properly-formatted Conventional Commit message, and pushes to origin. No more hand-writing commit messages.

claude
# After finishing a feature
> /commit
→ Running skill: commit
git add -A ... 3 files staged
feat(auth): add JWT token refresh with exponential backoff
Implements retry logic with jitter to avoid thundering herd.
Tokens now auto-refresh 60 s before expiry.
[main a3f2c91] feat(auth): add JWT token refresh with exponential backoff
Pushed to origin/main.
~/.claude/skills/commit/SKILL.md
---
name: commit
description: >
  Stages all changes and writes a descriptive commit message following
  Conventional Commits format. Use when asked to commit, save changes,
  or push work to the repository.
allowed-tools: Bash(git add *) Bash(git diff --staged) Bash(git commit *) Bash(git push *)
---

Stage all changes with `git add -A`, inspect the diff, then write a commit message.

Format: <type>(<scope>): <summary>

Types: feat · fix · chore · docs · refactor · test · style

- Summary: imperative mood, under 72 characters, no full stop
- Body (optional): explain *why*, not what — wrap at 72 chars

After committing, push to origin: git push origin HEAD

Print the final commit hash and summary line when done.
3
/pr-descriptionPR title · What · How · Testing

Reads your branch diff and commit history, then writes a complete pull request title and description — covering what changed, how it was implemented, and how to test it.

claude
# Ready to open a PR — generate the description
> /pr-description
→ Running skill: pr-description
Title: feat(auth): add JWT token refresh with exponential backoff
### What
Adds automatic token refresh before expiry, preventing session
drop-outs during long-running operations.
### How
- Refresh runs 60 s before expiry via a background timer
- Exponential backoff with jitter on retry (max 3 attempts)
### Testing
Unit tests added in src/auth/token.test.ts (12 new cases).
~/.claude/skills/pr-description/SKILL.md
---
name: pr-description
description: >
  Generates a clear pull request title and description from the current
  branch diff. Use when asked to write a PR, describe changes for review,
  or prepare a pull request description.
allowed-tools: Bash(git diff main...) Bash(git log main... --oneline) Bash(git branch --show-current)
---

Write a pull request description for this branch.

1. Run `git branch --show-current` to get the branch name.
2. Run `git log main... --oneline` to list commits.
3. Run `git diff main...` to see all changes.

## Output

**Title**: One line, imperative mood, under 72 characters.

**Description**:

### What
Short paragraph describing what changed and why.

### How
Bullet list of the key implementation decisions.

### Testing
How this was tested (unit tests, manual steps, etc.).

### Notes
Any caveats, follow-up tasks, or reviewer guidance.

Keep the tone professional and concise.

Using all three together

These three skills cover the full developer review loop in sequence:

/code-review
Find issues
/commit
Commit the fix
/pr-description
Write the PR
💡 Tip: You can also let Claude auto-detect the right skill — describe your intent in plain English and Claude will pick the matching skill from its description field automatically.

What's Next

Three developer skills ready to use. Next: the Skills Marketplace — where community-built skills are published, rated, and searchable.