toolbelt

Use to attach numeric citation markers and a Sources section to a synthesized deep-research report (Phase 6). Reads the report and worker files, matches claims to sources, inserts [N] markers inline, appends a flat numbered Sources list, and flags unattributable claims as candidates for hallucination.

Use to produce a 300-500 token codebase brief for the deep-research skill (Phase 2). Surveys dependency manifests, usage sites, abstractions, tests, and runtime constraints relevant to a research query. Read-only. Output is recon.md consumed verbatim by downstream research workers.

Use to decompose a deep-research query into classification, sub-questions, and outline. Part of the toolbelt:deep-research skill workflow (Phase 1). Input is the user's research topic; output is a plan.md artifact with classification, 3-6 sub-questions, and an H2 outline skeleton.

Use to synthesize all research-worker findings into a single long-form narrative report for the deep-research skill (Phase 5). Single-agent, serial; NEVER parallel. Reads plan.md, recon.md, and all worker-N.md files, writes the final report with 3000-8000 words of flowing prose.

Use to execute one web research sub-question for the deep-research skill (Phase 4). Receives codebase context plus a scoped objective, runs an OODA loop with WebSearch and WebFetch, and writes findings to worker-N.md with Status COMPLETE sigil. Runs in parallel with sibling workers.

Use when the user asks to audit, review, analyse, assess, or do a "health check" / "posture assessment" / "risk register" on a repository or subtree; asks to "check the repo", "find issues", "find risks", "look for vulnerabilities", "do a security review", "audit dependencies", "review architecture", "check resilience", or "review infrastructure costs"; or refers to SecDevOps, NFRs, OWASP, ASVS, SBOM, or supply chain at repo scope. Produces a deep, READ-ONLY, severity-ranked Markdown audit REPORT (not a plan, not a spec) written to disk as audit-<slug>-<YYYYMMDD>.md, covering six dimensions in priority order: security, resilience, cost efficiency, architecture and coupling, documentation freshness, monitoring gaps. NOT for style tweaks, formatting, single-function reviews, quick one-file reads, refactor proposals, or design documents — use a normal review or planning flow for those.

Use when the user asks for research, an audit, a migration analysis, a library comparison, a CVE impact assessment, a technology evaluation, or any question that requires both local codebase context AND current web sources. Produces a long-form narrative report (3000-8000 words) written to disk. NOT for quick lookups — this spends tokens deliberately. Triggers on phrases like "research X", "audit Y", "how does recent X affect us", "compare A vs B", "investigate".

Use when the user asks to create one or more GitHub issues, file a ticket, open a bug report, write up a feature request, or break a plan/epic into trackable issues. Produces well-defined issues with clear requirements, the right level of detail, and (for implementation-ready issues) a TDD plan suitable for Superpowers pickup.

Address review issues raised by Claude Code Action (and compatible review bots) on a GitHub pull