Two open-source skills for Claude Code. Each is a single prompt file, Apache-2.0, no dependencies. Repos at the bottom.
Working with a coding agent, I kept hitting the same two failure modes. Not "the model can't write code" — it writes code fine. The failures were upstream and downstream of the code: the agent guessing on an ambiguous task, and me trusting a review that hadn't actually checked anything.
So I built one small skill for each. Here's what they do and why they're shaped the way they are.
Hand a vague task to an agent and you watch the same thing happen. It guesses. It drifts. It quietly makes a call you'd have made differently — and you find out after the code is written, when changing your mind is expensive. The cost isn't the typing. It's the rework.
** spec** moves the decisions to the front. You run
/spec <one-line idea>
, it reads your repo and the conversation, then asks only what it Two things keep it honest:
done
only after it ran on a real case and the output was shown.The whole skill is one prompt file (SKILL.md
). No build, no dependencies.
Ask an AI to "review this change" and you can get a confident, plausible PASS — that skipped half the checks, cited no evidence, and never ran the tests. A green light you can't trust is worse than no review.
** review-audit** is a read-only, single-pass audit over your change across six axes: correctness, wiring (built-but-never-called / dead code), security, test efficacy, spec compliance, and regression. The discipline is simple and strict:
file:line
- grep/run evidence. "I didn't check this" is a first-class output, not a silent gap.
file:line
. "Looks fine" isn't evidence.It runs in the calling agent's own context — no sub-agent fan-out — so it stays cheap enough to run on every change. When one pass genuinely isn't enough (a release gate, a high-risk change), it tells you, in its own output, to escalate.
Both are one prompt file each.
git clone https://github.com/dualform-labs/spec-skill.git
cp -r spec-skill/skills/spec ~/.claude/skills/
git clone https://github.com/dualform-labs/review-audit.git
cp -r review-audit/skills/review-audit ~/.claude/skills/
Then in Claude Code: /spec a menu-bar app that warns me when my Mac is thermally throttled
, or /review-audit
on a change before you call it done. Output language is auto
/ ja
/ en
.
No network calls (Claude Code only), no telemetry, no bypass-permissions.
These are prompt-file skills, not magic. Single-pass detection in review-audit
is model-dependent; if you need per-run proof of detection power or fresh-context adversarial verification, that's the heavier review-audit-pro
tier (coming soon). And spec
won't make a bad idea good — it just makes the decisions explicit before code is written, where they're cheap to change.
If you try them, I'd genuinely like to hear where they break or annoy you.
— a dualform project