great_cto

HR-AI / AEDT bias audit. Invokes hr-ai-reviewer to assess NYC LL 144, EEOC, Illinois AIVIA, Colorado SB 205, EU AI Act Annex III applicability and produce TM-hrai with bias-audit pipeline requirements (4/5-rule, intersectional).

Gracefully retire an LLM agent from the workforce. Archives prompt, removes from sync list, keeps verdicts for audit. Like firing a human — but reversible.

Performance review for an LLM agent (or all agents). Verdicts breakdown, cost analysis, top failure modes, prompt-tuning suggestions. Like a human '1:1' but for AI workforce.

KYC/AML / BSA compliance review. Invokes aml-bsa-reviewer to assess autonomous customer onboarding (IDV + KYB + beneficial-ownership), OFAC/sanctions + PEP/adverse-media screening, transaction monitoring + alert disposition, and SAR drafting for Bank Secrecy Act / USA PATRIOT Act / FinCEN CDD exposure — OFAC strict-liability hard block, no-tipping-off, state MTL — and force a BSA/AML Officer personal sign-off.

API platform contract review. Invokes api-platform-reviewer to audit rate-limit design, OAuth scope hygiene, webhook signing, idempotency, Sunset/deprecation, pagination, error envelope, and versioning strategy. Critical before v1 GA.

Every great_cto pipeline artifact has two files now:

> Used by `scripts/lib/compress/` (Phase 1) + `scripts/lib/ccr.mjs` (Phase 2) of the

> Used by `scripts/memory-filter.mjs` (Phase 2 of token economy initiative).

**Read this before writing prompts that spawn sub-agents to bootstrap a new

Every great_cto agent that completes a step MUST emit a verdict line so the

Catalogue of known SDLC anti-patterns that great_cto agents must actively reject when reviewing architecture, plans, code, or post-mortems. Used by architect (pre-impl), pm (planning), senior-dev (impl), l3-support (post-incident).

Analyze images, websites, and Figma files to extract their design and generate a `design.md` with token system, component inventory, and reconstruction notes. Use this skill whenever the user wants to understand, document, replicate, or audit the design of something visual: a screenshot, a URL, a Figma link, a Pinterest reference, a mockup, a competitor's site, a component, a dashboard, a landing page. Also when they ask 'extract the design system from X', 'document the style of Y', 'analyze this visually', 'convert this image into tokens', 'help me replicate this design', 'what palette does this site use', 'how is this built'. Also for single elements: 'copy this navbar', 'recreate this illustration', 'give me a prompt to regenerate this graphic' — element mode outputs a focused element.md, with token-grounded image-model prompts when the element is visual art. If the user brings any visual source and wants to understand it at a design level — this skill should activate.

Shared review framework that every domain reviewer (pci, oracle, gov, edtech, healthcare, mlops, etc.) MUST follow. Defines mandatory sections, severity scale, verdict format, and the "domain heuristic vs generic check" boundary. Eliminates duplication across 18 reviewer prompts.

Standardized cost-estimation framework for great_cto plans. Forces explicit LLM cost, infra cost, human-supervision time, and the (defensible) human-equivalent comparison. Output format is parsable by the board's /api/cost path — must follow exactly.

Distils repeating patterns from session logs and lessons.md into draft skill files. Run after ≥10 sessions to extract durable knowledge. Output: draft skills/ files + promotion report.

16 hooks across 8 events