# Two tiny Claude Code skills that fixed my two biggest agent problems > Source: > Published: 2026-06-14 03:57:16+00:00 Two open-source skills for Claude Code. Each is a single prompt file, Apache-2.0, no dependencies. Repos at the bottom. Working with a coding agent, I kept hitting the same two failure modes. Not "the model can't write code" — it writes code fine. The failures were upstream and downstream of the code: **the agent guessing on an ambiguous task**, and **me trusting a review that hadn't actually checked anything.** So I built one small skill for each. Here's what they do and why they're shaped the way they are. Hand a vague task to an agent and you watch the same thing happen. It guesses. It drifts. It quietly makes a call you'd have made differently — and you find out after the code is written, when changing your mind is expensive. The cost isn't the typing. It's the rework. ** spec** moves the decisions to the front. You run `/spec ` , it reads your repo and the conversation, then asks only what it Two things keep it honest: `done` only after it ran on a real case and the output was shown.The whole skill is one prompt file (`SKILL.md` ). No build, no dependencies. Ask an AI to "review this change" and you can get a confident, plausible **PASS** — that skipped half the checks, cited no evidence, and never ran the tests. A green light you can't trust is worse than no review. ** review-audit** is a read-only, single-pass audit over your change across six axes: correctness, wiring (built-but-never-called / dead code), security, test efficacy, spec compliance, and regression. The discipline is simple and strict: `file:line` + grep/run evidence. "I didn't check this" is a first-class output, not a silent gap.`file:line` . "Looks fine" isn't evidence.It runs in the calling agent's own context — no sub-agent fan-out — so it stays cheap enough to run on every change. When one pass genuinely isn't enough (a release gate, a high-risk change), it tells you, in its own output, to escalate. Both are one prompt file each. ``` # spec git clone https://github.com/dualform-labs/spec-skill.git cp -r spec-skill/skills/spec ~/.claude/skills/ # review-audit git clone https://github.com/dualform-labs/review-audit.git cp -r review-audit/skills/review-audit ~/.claude/skills/ ``` Then in Claude Code: `/spec a menu-bar app that warns me when my Mac is thermally throttled` , or `/review-audit` on a change before you call it done. Output language is `auto` / `ja` / `en` . No network calls (Claude Code only), no telemetry, no bypass-permissions. These are prompt-file skills, not magic. Single-pass detection in `review-audit` is model-dependent; if you need per-run proof of detection power or fresh-context adversarial verification, that's the heavier `review-audit-pro` tier (coming soon). And `spec` won't make a bad idea good — it just makes the decisions explicit before code is written, where they're cheap to change. If you try them, I'd genuinely like to hear where they break or annoy you. — a dualform project