fix: address PR review — skill template (When to use, How it works, Examples), bun.lock, next build note, rust-reviewer CI note, doc-lookup privacy/uncertainty

Made-with: Cursor

.agents/skills/bun-runtime/SKILL.md

@@ -6,53 +6,51 @@ origin: ECC
 
 # Bun Runtime
 
-Bun is a fast all-in-one JavaScript runtime and toolkit: runtime, package manager, bundler, and test runner. Use this skill when working in or migrating to Bun.
+Bun is a fast all-in-one JavaScript runtime and toolkit: runtime, package manager, bundler, and test runner.
 
-## Core Concepts
-
-- **Runtime**: Drop-in Node-compatible runtime (built on JavaScriptCore, implemented in Zig).
-- **Package manager**: `bun install` is significantly faster than npm/yarn; lockfile is `bun.lockb`.
-- **Bundler**: Built-in bundler and transpiler for apps and libraries.
-- **Test runner**: Built-in `bun test` with Jest-like API.
-
-## When to Use Bun vs Node
+## When to Use
 
 - **Prefer Bun** for: new JS/TS projects, scripts where install/run speed matters, Vercel deployments with Bun runtime, and when you want a single toolchain (run + install + test + build).
 - **Prefer Node** for: maximum ecosystem compatibility, legacy tooling that assumes Node, or when a dependency has known Bun issues.
 
-## Quick Reference
+Use when: adopting Bun, migrating from Node, writing or debugging Bun scripts/tests, or configuring Bun on Vercel or other platforms.
+
+## How It Works
+
+- **Runtime**: Drop-in Node-compatible runtime (built on JavaScriptCore, implemented in Zig).
+- **Package manager**: `bun install` is significantly faster than npm/yarn. Lockfile is `bun.lock` (text) by default in current Bun; older versions used `bun.lockb` (binary).
+- **Bundler**: Built-in bundler and transpiler for apps and libraries.
+- **Test runner**: Built-in `bun test` with Jest-like API.
+
+**Migration from Node**: Replace `node script.js` with `bun run script.js` or `bun script.js`. Run `bun install` in place of `npm install`; most packages work. Use `bun run` for npm scripts; `bun x` for npx-style one-off runs. Node built-ins are supported; prefer Bun APIs where they exist for better performance.
+
+**Vercel**: Set runtime to Bun in project settings. Build: `bun run build` or `bun build ./src/index.ts --outdir=dist`. Install: `bun install --frozen-lockfile` for reproducible deploys.
+
+## Examples
 
 ### Run and install
 
 ```bash
-# Install dependencies (creates/updates bun.lockb)
+# Install dependencies (creates/updates bun.lock or bun.lockb)
 bun install
 
-# Run a script (package.json "scripts" or direct file)
+# Run a script or file
 bun run dev
 bun run src/index.ts
-
-# Run a file directly
 bun src/index.ts
 ```
 
 ### Scripts and env
 
 ```bash
-# Load .env and run
 bun run --env-file=.env dev
-
-# Inline env
 FOO=bar bun run script.ts
 ```
 
 ### Testing
 
 ```bash
-# Run tests (Jest-like API)
 bun test
-
-# Watch mode
 bun test --watch
 ```
 
@@ -65,14 +63,12 @@ test("add", () => {
 });
 ```
 
-### API (runtime)
+### Runtime API
 
 ```typescript
-// File I/O (Bun-native, fast)
 const file = Bun.file("package.json");
 const json = await file.json();
 
-// HTTP server
 Bun.serve({
   port: 3000,
   fetch(req) {
@@ -81,26 +77,8 @@ Bun.serve({
 });
 ```
 
-## Migration from Node
-
-- Replace `node script.js` with `bun run script.js` or `bun script.js`.
-- Run `bun install` in place of `npm install`; most packages work. If something fails, try `bun install --backend=hardlink` or report upstream.
-- Use `bun run` for npm scripts; `bun x` for npx-style one-off runs (e.g. `bun x prisma generate`).
-- Node built-ins (`fs`, `path`, `http`, etc.) are supported; prefer Bun APIs where they exist for better performance.
-
-## Vercel and deployment
-
-- Vercel supports the Bun runtime. Set runtime to Bun in project settings or use the Bun build preset where available.
-- Build command: often `bun run build` or `bun build ./src/index.ts --outdir=dist`.
-- Install command: `bun install --frozen-lockfile` for reproducible deploys.
-
 ## Best Practices
 
-- Use `bun.lockb` and commit it for reproducible installs.
-- Prefer `bun run` for scripts so env and lifecycle are consistent.
-- For TypeScript, Bun runs `.ts` natively; no separate `ts-node` needed.
+- Commit the lockfile (`bun.lock` or `bun.lockb`) for reproducible installs.
+- Prefer `bun run` for scripts. For TypeScript, Bun runs `.ts` natively.
 - Keep dependencies up to date; Bun and the ecosystem evolve quickly.
-
-## When to Use This Skill
-
-Use when: adopting Bun, migrating from Node, writing or debugging Bun scripts/tests, or configuring Bun on Vercel or other platforms.

.agents/skills/documentation-lookup/SKILL.md

@@ -14,7 +14,7 @@ When the user asks about libraries, frameworks, or APIs, fetch current documenta
 - **resolve-library-id**: Returns Context7-compatible library IDs (e.g. `/vercel/next.js`) from a library name and query.
 - **query-docs**: Fetches documentation and code snippets for a given library ID and question. Always call resolve-library-id first to get a valid library ID.
 
-## When to Use This Skill
+## When to use
 
 Activate when the user:
 
@@ -23,7 +23,9 @@ Activate when the user:
 - Needs API or reference information ("What are the Supabase auth methods?")
 - Mentions specific frameworks or libraries (React, Vue, Svelte, Express, Tailwind, Prisma, Supabase, etc.)
 
-## How to Fetch Documentation
+Use this skill whenever the request depends on accurate, up-to-date behavior of a library, framework, or API. Applies across harnesses that have the Context7 MCP configured (e.g. Claude Code, Cursor, Codex).
+
+## How it works
 
 ### Step 1: Resolve the Library ID
 
@@ -50,7 +52,7 @@ Call the **query-docs** MCP tool with:
 - **libraryId**: The selected Context7 library ID from Step 2 (e.g. `/vercel/next.js`).
 - **query**: The user's specific question or task. Be specific to get relevant snippets.
 
-Limit: do not call query-docs (or resolve-library-id) more than 3 times per question. If the answer is unclear after 3 calls, use the best information you have.
+Limit: do not call query-docs (or resolve-library-id) more than 3 times per question. If the answer is unclear after 3 calls, state the uncertainty and use the best information you have rather than guessing.
 
 ### Step 4: Use the Documentation
 
@@ -58,22 +60,31 @@ Limit: do not call query-docs (or resolve-library-id) more than 3 times per ques
 - Include relevant code examples from the docs when helpful.
 - Cite the library or version when it matters (e.g. "In Next.js 15...").
 
-## Code Examples
+## Examples
 
-Example flow for "How do I set up Next.js middleware?":
+### Example: Next.js middleware
 
 1. Call **resolve-library-id** with `libraryName: "Next.js"`, `query: "How do I set up Next.js middleware?"`.
 2. From results, pick the best match (e.g. `/vercel/next.js`) by name and benchmark score.
 3. Call **query-docs** with `libraryId: "/vercel/next.js"`, `query: "How do I set up Next.js middleware?"`.
 4. Use the returned snippets and text to answer; include a minimal `middleware.ts` example from the docs if relevant.
 
+### Example: Prisma query
+
+1. Call **resolve-library-id** with `libraryName: "Prisma"`, `query: "How do I query with relations?"`.
+2. Select the official Prisma library ID (e.g. `/prisma/prisma`).
+3. Call **query-docs** with that `libraryId` and the query.
+4. Return the Prisma Client pattern (e.g. `include` or `select`) with a short code snippet from the docs.
+
+### Example: Supabase auth methods
+
+1. Call **resolve-library-id** with `libraryName: "Supabase"`, `query: "What are the auth methods?"`.
+2. Pick the Supabase docs library ID.
+3. Call **query-docs**; summarize the auth methods and show minimal examples from the fetched docs.
+
 ## Best Practices
 
 - **Be specific**: Use the user's full question as the query where possible for better relevance.
 - **Version awareness**: When users mention versions, use version-specific library IDs from the resolve step when available.
 - **Prefer official sources**: When multiple matches exist, prefer official or primary packages over community forks.
-- **No sensitive data**: Do not include API keys, passwords, or other secrets in any query sent to Context7.
-
-## When to Use
-
-Use this skill whenever the user's request depends on accurate, up-to-date behavior of a library, framework, or API. It applies across harnesses that have the Context7 MCP configured (e.g. Claude Code, Cursor, Codex with Context7).
+- **No sensitive data**: Redact API keys, passwords, tokens, and other secrets from any query sent to Context7. Treat the user's question as potentially containing secrets before passing it to resolve-library-id or query-docs.

.agents/skills/nextjs-turbopack/SKILL.md

@@ -6,55 +6,39 @@ origin: ECC
 
 # Next.js and Turbopack
 
-Next.js 16+ uses Turbopack by default for local development: an incremental bundler written in Rust that significantly speeds up dev startup and hot updates. Use this skill when working with Next.js 16+ or tuning build performance.
+Next.js 16+ uses Turbopack by default for local development: an incremental bundler written in Rust that significantly speeds up dev startup and hot updates.
 
-## Core Concepts
+## When to Use
+
+- **Turbopack (default dev)**: Use for day-to-day development. Faster cold start and HMR, especially in large apps.
+- **Webpack (legacy dev)**: Use only if you hit a Turbopack bug or rely on a webpack-only plugin in dev. Disable with `--webpack` (or `--no-turbopack` depending on your Next.js version; check the docs for your release).
+- **Production**: Production build behavior (`next build`) may use Turbopack or webpack depending on Next.js version; check the official Next.js docs for your version.
+
+Use when: developing or debugging Next.js 16+ apps, diagnosing slow dev startup or HMR, or optimizing production bundles.
+
+## How It Works
 
 - **Turbopack**: Incremental bundler for Next.js dev. Uses file-system caching so restarts are much faster (e.g. 5–14x on large projects).
 - **Default in dev**: From Next.js 16, `next dev` runs with Turbopack unless disabled.
-- **Production**: Next.js production builds still use the existing production bundler (webpack-based); Turbopack is focused on dev today.
+- **File-system caching**: Restarts reuse previous work; cache is typically under `.next`; no extra config needed for basic use.
+- **Bundle Analyzer (Next.js 16.1+)**: Experimental Bundle Analyzer to inspect output and find heavy dependencies; enable via config or experimental flag (see Next.js docs for your version).
 
-## When to Use Turbopack vs Webpack
+## Examples
 
-- **Turbopack (default dev)**: Use for day-to-day development. Faster cold start and HMR, especially in large apps.
-- **Webpack (legacy dev)**: Use only if you hit a Turbopack bug or rely on a webpack-only plugin in dev. Disable with env or flag (e.g. `--no-turbopack` if your version supports it).
-- **Production**: No change; production build pipeline is unchanged.
-
-## Commands
+### Commands
 
 ```bash
-# Dev with Turbopack (Next.js 16+ default)
 next dev
-
-# Build (unchanged; not Turbopack)
 next build
-
-# Start production server
 next start
 ```
 
-## File-System Caching
+### Usage
 
-Turbopack caches work on disk so that:
-
-- Restarts reuse previous work; second run is much faster.
-- Large projects see 5–14x faster compile times on restart in practice.
-- Cache is typically under `.next` or a similar project-local directory; no extra config needed for basic use.
-
-## Bundle Analyzer (Next.js 16.1+)
-
-Next.js 16.1 introduced an experimental Bundle Analyzer to inspect output and find heavy dependencies:
-
-- Enable via config or experimental flag (see Next.js docs for your version).
-- Use to optimize code-splitting and trim large dependencies.
+Run `next dev` for local development with Turbopack. Use the Bundle Analyzer (see Next.js docs) to optimize code-splitting and trim large dependencies. Prefer App Router and server components where possible.
 
 ## Best Practices
 
 - Stay on a recent Next.js 16.x for stable Turbopack and caching behavior.
 - If dev is slow, ensure you're on Turbopack (default) and that the cache isn't being cleared unnecessarily.
-- For production bundle size issues, use the Bundle Analyzer and `next/bundle-analysis` or equivalent tooling.
-- Prefer App Router and server components where possible; they align with current Next.js and Turbopack optimizations.
-
-## When to Use This Skill
-
-Use when: developing or debugging Next.js 16+ apps, diagnosing slow dev startup or HMR, or optimizing production bundles with Next.js tooling.
+- For production bundle size issues, use the official Next.js bundle analysis tooling for your version.

.cursor/skills/bun-runtime/SKILL.md

@@ -6,53 +6,51 @@ origin: ECC
 
 # Bun Runtime
 
-Bun is a fast all-in-one JavaScript runtime and toolkit: runtime, package manager, bundler, and test runner. Use this skill when working in or migrating to Bun.
+Bun is a fast all-in-one JavaScript runtime and toolkit: runtime, package manager, bundler, and test runner.
 
-## Core Concepts
-
-- **Runtime**: Drop-in Node-compatible runtime (built on JavaScriptCore, implemented in Zig).
-- **Package manager**: `bun install` is significantly faster than npm/yarn; lockfile is `bun.lockb`.
-- **Bundler**: Built-in bundler and transpiler for apps and libraries.
-- **Test runner**: Built-in `bun test` with Jest-like API.
-
-## When to Use Bun vs Node
+## When to Use
 
 - **Prefer Bun** for: new JS/TS projects, scripts where install/run speed matters, Vercel deployments with Bun runtime, and when you want a single toolchain (run + install + test + build).
 - **Prefer Node** for: maximum ecosystem compatibility, legacy tooling that assumes Node, or when a dependency has known Bun issues.
 
-## Quick Reference
+Use when: adopting Bun, migrating from Node, writing or debugging Bun scripts/tests, or configuring Bun on Vercel or other platforms.
+
+## How It Works
+
+- **Runtime**: Drop-in Node-compatible runtime (built on JavaScriptCore, implemented in Zig).
+- **Package manager**: `bun install` is significantly faster than npm/yarn. Lockfile is `bun.lock` (text) by default in current Bun; older versions used `bun.lockb` (binary).
+- **Bundler**: Built-in bundler and transpiler for apps and libraries.
+- **Test runner**: Built-in `bun test` with Jest-like API.
+
+**Migration from Node**: Replace `node script.js` with `bun run script.js` or `bun script.js`. Run `bun install` in place of `npm install`; most packages work. Use `bun run` for npm scripts; `bun x` for npx-style one-off runs. Node built-ins are supported; prefer Bun APIs where they exist for better performance.
+
+**Vercel**: Set runtime to Bun in project settings. Build: `bun run build` or `bun build ./src/index.ts --outdir=dist`. Install: `bun install --frozen-lockfile` for reproducible deploys.
+
+## Examples
 
 ### Run and install
 
 ```bash
-# Install dependencies (creates/updates bun.lockb)
+# Install dependencies (creates/updates bun.lock or bun.lockb)
 bun install
 
-# Run a script (package.json "scripts" or direct file)
+# Run a script or file
 bun run dev
 bun run src/index.ts
-
-# Run a file directly
 bun src/index.ts
 ```
 
 ### Scripts and env
 
 ```bash
-# Load .env and run
 bun run --env-file=.env dev
-
-# Inline env
 FOO=bar bun run script.ts
 ```
 
 ### Testing
 
 ```bash
-# Run tests (Jest-like API)
 bun test
-
-# Watch mode
 bun test --watch
 ```
 
@@ -65,14 +63,12 @@ test("add", () => {
 });
 ```
 
-### API (runtime)
+### Runtime API
 
 ```typescript
-// File I/O (Bun-native, fast)
 const file = Bun.file("package.json");
 const json = await file.json();
 
-// HTTP server
 Bun.serve({
   port: 3000,
   fetch(req) {
@@ -81,26 +77,8 @@ Bun.serve({
 });
 ```
 
-## Migration from Node
-
-- Replace `node script.js` with `bun run script.js` or `bun script.js`.
-- Run `bun install` in place of `npm install`; most packages work. If something fails, try `bun install --backend=hardlink` or report upstream.
-- Use `bun run` for npm scripts; `bun x` for npx-style one-off runs (e.g. `bun x prisma generate`).
-- Node built-ins (`fs`, `path`, `http`, etc.) are supported; prefer Bun APIs where they exist for better performance.
-
-## Vercel and deployment
-
-- Vercel supports the Bun runtime. Set runtime to Bun in project settings or use the Bun build preset where available.
-- Build command: often `bun run build` or `bun build ./src/index.ts --outdir=dist`.
-- Install command: `bun install --frozen-lockfile` for reproducible deploys.
-
 ## Best Practices
 
-- Use `bun.lockb` and commit it for reproducible installs.
-- Prefer `bun run` for scripts so env and lifecycle are consistent.
-- For TypeScript, Bun runs `.ts` natively; no separate `ts-node` needed.
+- Commit the lockfile (`bun.lock` or `bun.lockb`) for reproducible installs.
+- Prefer `bun run` for scripts. For TypeScript, Bun runs `.ts` natively.
 - Keep dependencies up to date; Bun and the ecosystem evolve quickly.
-
-## When to Use This Skill
-
-Use when: adopting Bun, migrating from Node, writing or debugging Bun scripts/tests, or configuring Bun on Vercel or other platforms.

.cursor/skills/documentation-lookup/SKILL.md

@@ -14,7 +14,7 @@ When the user asks about libraries, frameworks, or APIs, fetch current documenta
 - **resolve-library-id**: Returns Context7-compatible library IDs (e.g. `/vercel/next.js`) from a library name and query.
 - **query-docs**: Fetches documentation and code snippets for a given library ID and question. Always call resolve-library-id first to get a valid library ID.
 
-## When to Use This Skill
+## When to use
 
 Activate when the user:
 
@@ -23,7 +23,9 @@ Activate when the user:
 - Needs API or reference information ("What are the Supabase auth methods?")
 - Mentions specific frameworks or libraries (React, Vue, Svelte, Express, Tailwind, Prisma, Supabase, etc.)
 
-## How to Fetch Documentation
+Use this skill whenever the request depends on accurate, up-to-date behavior of a library, framework, or API. Applies across harnesses that have the Context7 MCP configured (e.g. Claude Code, Cursor, Codex).
+
+## How it works
 
 ### Step 1: Resolve the Library ID
 
@@ -50,7 +52,7 @@ Call the **query-docs** MCP tool with:
 - **libraryId**: The selected Context7 library ID from Step 2 (e.g. `/vercel/next.js`).
 - **query**: The user's specific question or task. Be specific to get relevant snippets.
 
-Limit: do not call query-docs (or resolve-library-id) more than 3 times per question. If the answer is unclear after 3 calls, use the best information you have.
+Limit: do not call query-docs (or resolve-library-id) more than 3 times per question. If the answer is unclear after 3 calls, state the uncertainty and use the best information you have rather than guessing.
 
 ### Step 4: Use the Documentation
 
@@ -58,22 +60,31 @@ Limit: do not call query-docs (or resolve-library-id) more than 3 times per ques
 - Include relevant code examples from the docs when helpful.
 - Cite the library or version when it matters (e.g. "In Next.js 15...").
 
-## Code Examples
+## Examples
 
-Example flow for "How do I set up Next.js middleware?":
+### Example: Next.js middleware
 
 1. Call **resolve-library-id** with `libraryName: "Next.js"`, `query: "How do I set up Next.js middleware?"`.
 2. From results, pick the best match (e.g. `/vercel/next.js`) by name and benchmark score.
 3. Call **query-docs** with `libraryId: "/vercel/next.js"`, `query: "How do I set up Next.js middleware?"`.
 4. Use the returned snippets and text to answer; include a minimal `middleware.ts` example from the docs if relevant.
 
+### Example: Prisma query
+
+1. Call **resolve-library-id** with `libraryName: "Prisma"`, `query: "How do I query with relations?"`.
+2. Select the official Prisma library ID (e.g. `/prisma/prisma`).
+3. Call **query-docs** with that `libraryId` and the query.
+4. Return the Prisma Client pattern (e.g. `include` or `select`) with a short code snippet from the docs.
+
+### Example: Supabase auth methods
+
+1. Call **resolve-library-id** with `libraryName: "Supabase"`, `query: "What are the auth methods?"`.
+2. Pick the Supabase docs library ID.
+3. Call **query-docs**; summarize the auth methods and show minimal examples from the fetched docs.
+
 ## Best Practices
 
 - **Be specific**: Use the user's full question as the query where possible for better relevance.
 - **Version awareness**: When users mention versions, use version-specific library IDs from the resolve step when available.
 - **Prefer official sources**: When multiple matches exist, prefer official or primary packages over community forks.
-- **No sensitive data**: Do not include API keys, passwords, or other secrets in any query sent to Context7.
-
-## When to Use
-
-Use this skill whenever the user's request depends on accurate, up-to-date behavior of a library, framework, or API. It applies across harnesses that have the Context7 MCP configured (e.g. Claude Code, Cursor, Codex with Context7).
+- **No sensitive data**: Redact API keys, passwords, tokens, and other secrets from any query sent to Context7. Treat the user's question as potentially containing secrets before passing it to resolve-library-id or query-docs.

.cursor/skills/nextjs-turbopack/SKILL.md

@@ -6,55 +6,39 @@ origin: ECC
 
 # Next.js and Turbopack
 
-Next.js 16+ uses Turbopack by default for local development: an incremental bundler written in Rust that significantly speeds up dev startup and hot updates. Use this skill when working with Next.js 16+ or tuning build performance.
+Next.js 16+ uses Turbopack by default for local development: an incremental bundler written in Rust that significantly speeds up dev startup and hot updates.
 
-## Core Concepts
+## When to Use
+
+- **Turbopack (default dev)**: Use for day-to-day development. Faster cold start and HMR, especially in large apps.
+- **Webpack (legacy dev)**: Use only if you hit a Turbopack bug or rely on a webpack-only plugin in dev. Disable with `--webpack` (or `--no-turbopack` depending on your Next.js version; check the docs for your release).
+- **Production**: Production build behavior (`next build`) may use Turbopack or webpack depending on Next.js version; check the official Next.js docs for your version.
+
+Use when: developing or debugging Next.js 16+ apps, diagnosing slow dev startup or HMR, or optimizing production bundles.
+
+## How It Works
 
 - **Turbopack**: Incremental bundler for Next.js dev. Uses file-system caching so restarts are much faster (e.g. 5–14x on large projects).
 - **Default in dev**: From Next.js 16, `next dev` runs with Turbopack unless disabled.
-- **Production**: Next.js production builds still use the existing production bundler (webpack-based); Turbopack is focused on dev today.
+- **File-system caching**: Restarts reuse previous work; cache is typically under `.next`; no extra config needed for basic use.
+- **Bundle Analyzer (Next.js 16.1+)**: Experimental Bundle Analyzer to inspect output and find heavy dependencies; enable via config or experimental flag (see Next.js docs for your version).
 
-## When to Use Turbopack vs Webpack
+## Examples
 
-- **Turbopack (default dev)**: Use for day-to-day development. Faster cold start and HMR, especially in large apps.
-- **Webpack (legacy dev)**: Use only if you hit a Turbopack bug or rely on a webpack-only plugin in dev. Disable with env or flag (e.g. `--no-turbopack` if your version supports it).
-- **Production**: No change; production build pipeline is unchanged.
-
-## Commands
+### Commands
 
 ```bash
-# Dev with Turbopack (Next.js 16+ default)
 next dev
-
-# Build (unchanged; not Turbopack)
 next build
-
-# Start production server
 next start
 ```
 
-## File-System Caching
+### Usage
 
-Turbopack caches work on disk so that:
-
-- Restarts reuse previous work; second run is much faster.
-- Large projects see 5–14x faster compile times on restart in practice.
-- Cache is typically under `.next` or a similar project-local directory; no extra config needed for basic use.
-
-## Bundle Analyzer (Next.js 16.1+)
-
-Next.js 16.1 introduced an experimental Bundle Analyzer to inspect output and find heavy dependencies:
-
-- Enable via config or experimental flag (see Next.js docs for your version).
-- Use to optimize code-splitting and trim large dependencies.
+Run `next dev` for local development with Turbopack. Use the Bundle Analyzer (see Next.js docs) to optimize code-splitting and trim large dependencies. Prefer App Router and server components where possible.
 
 ## Best Practices
 
 - Stay on a recent Next.js 16.x for stable Turbopack and caching behavior.
 - If dev is slow, ensure you're on Turbopack (default) and that the cache isn't being cleared unnecessarily.
-- For production bundle size issues, use the Bundle Analyzer and `next/bundle-analysis` or equivalent tooling.
-- Prefer App Router and server components where possible; they align with current Next.js and Turbopack optimizations.
-
-## When to Use This Skill
-
-Use when: developing or debugging Next.js 16+ apps, diagnosing slow dev startup or HMR, or optimizing production bundles with Next.js tooling.
+- For production bundle size issues, use the official Next.js bundle analysis tooling for your version.

agents/rust-reviewer.md

@@ -11,7 +11,8 @@ When invoked:
 1. Run `cargo check`, `cargo clippy -- -D warnings`, `cargo fmt --check`, and `cargo test` — if any fail, stop and report
 2. Run `git diff HEAD~1 -- '*.rs'` (or `git diff main...HEAD -- '*.rs'` for PR review) to see recent Rust file changes
 3. Focus on modified `.rs` files
-4. Begin review
+4. If the project has CI or merge requirements, note that review assumes a green CI and resolved merge conflicts where applicable; call out if the diff suggests otherwise.
+5. Begin review
 
 ## Review Priorities
 

skills/bun-runtime/SKILL.md

@@ -6,53 +6,51 @@ origin: ECC
 
 # Bun Runtime
 
-Bun is a fast all-in-one JavaScript runtime and toolkit: runtime, package manager, bundler, and test runner. Use this skill when working in or migrating to Bun.
+Bun is a fast all-in-one JavaScript runtime and toolkit: runtime, package manager, bundler, and test runner.
 
-## Core Concepts
-
-- **Runtime**: Drop-in Node-compatible runtime (built on JavaScriptCore, implemented in Zig).
-- **Package manager**: `bun install` is significantly faster than npm/yarn; lockfile is `bun.lockb`.
-- **Bundler**: Built-in bundler and transpiler for apps and libraries.
-- **Test runner**: Built-in `bun test` with Jest-like API.
-
-## When to Use Bun vs Node
+## When to Use
 
 - **Prefer Bun** for: new JS/TS projects, scripts where install/run speed matters, Vercel deployments with Bun runtime, and when you want a single toolchain (run + install + test + build).
 - **Prefer Node** for: maximum ecosystem compatibility, legacy tooling that assumes Node, or when a dependency has known Bun issues.
 
-## Quick Reference
+Use when: adopting Bun, migrating from Node, writing or debugging Bun scripts/tests, or configuring Bun on Vercel or other platforms.
+
+## How It Works
+
+- **Runtime**: Drop-in Node-compatible runtime (built on JavaScriptCore, implemented in Zig).
+- **Package manager**: `bun install` is significantly faster than npm/yarn. Lockfile is `bun.lock` (text) by default in current Bun; older versions used `bun.lockb` (binary).
+- **Bundler**: Built-in bundler and transpiler for apps and libraries.
+- **Test runner**: Built-in `bun test` with Jest-like API.
+
+**Migration from Node**: Replace `node script.js` with `bun run script.js` or `bun script.js`. Run `bun install` in place of `npm install`; most packages work. Use `bun run` for npm scripts; `bun x` for npx-style one-off runs. Node built-ins are supported; prefer Bun APIs where they exist for better performance.
+
+**Vercel**: Set runtime to Bun in project settings. Build: `bun run build` or `bun build ./src/index.ts --outdir=dist`. Install: `bun install --frozen-lockfile` for reproducible deploys.
+
+## Examples
 
 ### Run and install
 
 ```bash
-# Install dependencies (creates/updates bun.lockb)
+# Install dependencies (creates/updates bun.lock or bun.lockb)
 bun install
 
-# Run a script (package.json "scripts" or direct file)
+# Run a script or file
 bun run dev
 bun run src/index.ts
-
-# Run a file directly
 bun src/index.ts
 ```
 
 ### Scripts and env
 
 ```bash
-# Load .env and run
 bun run --env-file=.env dev
-
-# Inline env
 FOO=bar bun run script.ts
 ```
 
 ### Testing
 
 ```bash
-# Run tests (Jest-like API)
 bun test
-
-# Watch mode
 bun test --watch
 ```
 
@@ -65,14 +63,12 @@ test("add", () => {
 });
 ```
 
-### API (runtime)
+### Runtime API
 
 ```typescript
-// File I/O (Bun-native, fast)
 const file = Bun.file("package.json");
 const json = await file.json();
 
-// HTTP server
 Bun.serve({
   port: 3000,
   fetch(req) {
@@ -81,26 +77,8 @@ Bun.serve({
 });
 ```
 
-## Migration from Node
-
-- Replace `node script.js` with `bun run script.js` or `bun script.js`.
-- Run `bun install` in place of `npm install`; most packages work. If something fails, try `bun install --backend=hardlink` or report upstream.
-- Use `bun run` for npm scripts; `bun x` for npx-style one-off runs (e.g. `bun x prisma generate`).
-- Node built-ins (`fs`, `path`, `http`, etc.) are supported; prefer Bun APIs where they exist for better performance.
-
-## Vercel and deployment
-
-- Vercel supports the Bun runtime. Set runtime to Bun in project settings or use the Bun build preset where available.
-- Build command: often `bun run build` or `bun build ./src/index.ts --outdir=dist`.
-- Install command: `bun install --frozen-lockfile` for reproducible deploys.
-
 ## Best Practices
 
-- Use `bun.lockb` and commit it for reproducible installs.
-- Prefer `bun run` for scripts so env and lifecycle are consistent.
-- For TypeScript, Bun runs `.ts` natively; no separate `ts-node` needed.
+- Commit the lockfile (`bun.lock` or `bun.lockb`) for reproducible installs.
+- Prefer `bun run` for scripts. For TypeScript, Bun runs `.ts` natively.
 - Keep dependencies up to date; Bun and the ecosystem evolve quickly.
-
-## When to Use This Skill
-
-Use when: adopting Bun, migrating from Node, writing or debugging Bun scripts/tests, or configuring Bun on Vercel or other platforms.

skills/documentation-lookup/SKILL.md

@@ -14,7 +14,7 @@ When the user asks about libraries, frameworks, or APIs, fetch current documenta
 - **resolve-library-id**: Returns Context7-compatible library IDs (e.g. `/vercel/next.js`) from a library name and query.
 - **query-docs**: Fetches documentation and code snippets for a given library ID and question. Always call resolve-library-id first to get a valid library ID.
 
-## When to Use This Skill
+## When to use
 
 Activate when the user:
 
@@ -23,7 +23,9 @@ Activate when the user:
 - Needs API or reference information ("What are the Supabase auth methods?")
 - Mentions specific frameworks or libraries (React, Vue, Svelte, Express, Tailwind, Prisma, Supabase, etc.)
 
-## How to Fetch Documentation
+Use this skill whenever the request depends on accurate, up-to-date behavior of a library, framework, or API. Applies across harnesses that have the Context7 MCP configured (e.g. Claude Code, Cursor, Codex).
+
+## How it works
 
 ### Step 1: Resolve the Library ID
 
@@ -50,7 +52,7 @@ Call the **query-docs** MCP tool with:
 - **libraryId**: The selected Context7 library ID from Step 2 (e.g. `/vercel/next.js`).
 - **query**: The user's specific question or task. Be specific to get relevant snippets.
 
-Limit: do not call query-docs (or resolve-library-id) more than 3 times per question. If the answer is unclear after 3 calls, use the best information you have.
+Limit: do not call query-docs (or resolve-library-id) more than 3 times per question. If the answer is unclear after 3 calls, state the uncertainty and use the best information you have rather than guessing.
 
 ### Step 4: Use the Documentation
 
@@ -58,22 +60,31 @@ Limit: do not call query-docs (or resolve-library-id) more than 3 times per ques
 - Include relevant code examples from the docs when helpful.
 - Cite the library or version when it matters (e.g. "In Next.js 15...").
 
-## Code Examples
+## Examples
 
-Example flow for "How do I set up Next.js middleware?":
+### Example: Next.js middleware
 
 1. Call **resolve-library-id** with `libraryName: "Next.js"`, `query: "How do I set up Next.js middleware?"`.
 2. From results, pick the best match (e.g. `/vercel/next.js`) by name and benchmark score.
 3. Call **query-docs** with `libraryId: "/vercel/next.js"`, `query: "How do I set up Next.js middleware?"`.
 4. Use the returned snippets and text to answer; include a minimal `middleware.ts` example from the docs if relevant.
 
+### Example: Prisma query
+
+1. Call **resolve-library-id** with `libraryName: "Prisma"`, `query: "How do I query with relations?"`.
+2. Select the official Prisma library ID (e.g. `/prisma/prisma`).
+3. Call **query-docs** with that `libraryId` and the query.
+4. Return the Prisma Client pattern (e.g. `include` or `select`) with a short code snippet from the docs.
+
+### Example: Supabase auth methods
+
+1. Call **resolve-library-id** with `libraryName: "Supabase"`, `query: "What are the auth methods?"`.
+2. Pick the Supabase docs library ID.
+3. Call **query-docs**; summarize the auth methods and show minimal examples from the fetched docs.
+
 ## Best Practices
 
 - **Be specific**: Use the user's full question as the query where possible for better relevance.
 - **Version awareness**: When users mention versions, use version-specific library IDs from the resolve step when available.
 - **Prefer official sources**: When multiple matches exist, prefer official or primary packages over community forks.
-- **No sensitive data**: Do not include API keys, passwords, or other secrets in any query sent to Context7.
-
-## When to Use
-
-Use this skill whenever the user's request depends on accurate, up-to-date behavior of a library, framework, or API. It applies across harnesses that have the Context7 MCP configured (e.g. Claude Code, Cursor, Codex with Context7).
+- **No sensitive data**: Redact API keys, passwords, tokens, and other secrets from any query sent to Context7. Treat the user's question as potentially containing secrets before passing it to resolve-library-id or query-docs.

skills/nextjs-turbopack/SKILL.md

@@ -6,55 +6,39 @@ origin: ECC
 
 # Next.js and Turbopack
 
-Next.js 16+ uses Turbopack by default for local development: an incremental bundler written in Rust that significantly speeds up dev startup and hot updates. Use this skill when working with Next.js 16+ or tuning build performance.
+Next.js 16+ uses Turbopack by default for local development: an incremental bundler written in Rust that significantly speeds up dev startup and hot updates.
 
-## Core Concepts
+## When to Use
+
+- **Turbopack (default dev)**: Use for day-to-day development. Faster cold start and HMR, especially in large apps.
+- **Webpack (legacy dev)**: Use only if you hit a Turbopack bug or rely on a webpack-only plugin in dev. Disable with `--webpack` (or `--no-turbopack` depending on your Next.js version; check the docs for your release).
+- **Production**: Production build behavior (`next build`) may use Turbopack or webpack depending on Next.js version; check the official Next.js docs for your version.
+
+Use when: developing or debugging Next.js 16+ apps, diagnosing slow dev startup or HMR, or optimizing production bundles.
+
+## How It Works
 
 - **Turbopack**: Incremental bundler for Next.js dev. Uses file-system caching so restarts are much faster (e.g. 5–14x on large projects).
 - **Default in dev**: From Next.js 16, `next dev` runs with Turbopack unless disabled.
-- **Production**: Next.js production builds still use the existing production bundler (webpack-based); Turbopack is focused on dev today.
+- **File-system caching**: Restarts reuse previous work; cache is typically under `.next`; no extra config needed for basic use.
+- **Bundle Analyzer (Next.js 16.1+)**: Experimental Bundle Analyzer to inspect output and find heavy dependencies; enable via config or experimental flag (see Next.js docs for your version).
 
-## When to Use Turbopack vs Webpack
+## Examples
 
-- **Turbopack (default dev)**: Use for day-to-day development. Faster cold start and HMR, especially in large apps.
-- **Webpack (legacy dev)**: Use only if you hit a Turbopack bug or rely on a webpack-only plugin in dev. Disable with env or flag (e.g. `--no-turbopack` if your version supports it).
-- **Production**: No change; production build pipeline is unchanged.
-
-## Commands
+### Commands
 
 ```bash
-# Dev with Turbopack (Next.js 16+ default)
 next dev
-
-# Build (unchanged; not Turbopack)
 next build
-
-# Start production server
 next start
 ```
 
-## File-System Caching
+### Usage
 
-Turbopack caches work on disk so that:
-
-- Restarts reuse previous work; second run is much faster.
-- Large projects see 5–14x faster compile times on restart in practice.
-- Cache is typically under `.next` or a similar project-local directory; no extra config needed for basic use.
-
-## Bundle Analyzer (Next.js 16.1+)
-
-Next.js 16.1 introduced an experimental Bundle Analyzer to inspect output and find heavy dependencies:
-
-- Enable via config or experimental flag (see Next.js docs for your version).
-- Use to optimize code-splitting and trim large dependencies.
+Run `next dev` for local development with Turbopack. Use the Bundle Analyzer (see Next.js docs) to optimize code-splitting and trim large dependencies. Prefer App Router and server components where possible.
 
 ## Best Practices
 
 - Stay on a recent Next.js 16.x for stable Turbopack and caching behavior.
 - If dev is slow, ensure you're on Turbopack (default) and that the cache isn't being cleared unnecessarily.
-- For production bundle size issues, use the Bundle Analyzer and `next/bundle-analysis` or equivalent tooling.
-- Prefer App Router and server components where possible; they align with current Next.js and Turbopack optimizations.
-
-## When to Use This Skill
-
-Use when: developing or debugging Next.js 16+ apps, diagnosing slow dev startup or HMR, or optimizing production bundles with Next.js tooling.
+- For production bundle size issues, use the official Next.js bundle analysis tooling for your version.