One-page reference. Size your browser narrow and dock it next to Claude Desktop.
Skip steps that don't apply. A typo fix skips /sharpen and supervisor. A two-page feature touches every step.
Scenario: you want to add a CPV sparkline to /agents/[id].
/sharpen "add a CPV sparkline to the account detail page"
prompt-auditor scores 3/10, returns 10 questions
/plan
Claude drafts a 6-step plan in plan mode
you approve, exit plan mode
"supervisor: implement this plan"
spawns test-writer, code-reviewer, accessibility-auditor in parallel
each specialist works in its own window
synthesizes: "3 of 3 specialists green, here are the changes"
/verify-plan
verification-auditor cites file:line for each of the 6 plan items
verdict GO
/review
code-reviewer flags one nit (variable shadowing)
you fix
/ship-it
make quality + tests + docs-check + secret scan + visual-validator
verdict GO
/pr
pr-describer writes the title + body
verification-auditor runs again pre-PR (belt and suspenders)
PR drafted at github.com/…
Decision count stays low — you approve once after /sharpen, once after /plan, once after supervisor, once at /pr. The rest is the kit running in the background while you review outputs.
| Morning | /onboard | Catch up on branch, open work, overnight PRs |
| Task switch | /checkpoint | Dump state to HANDOFF.md so tomorrow's /onboard starts warm |
| Ctx > 70% | /checkpoint → /clear | Context rot makes answers worse, not better |
| 3× wrong | /clear | Sycophancy or stale context. Restart beats another reroll |
| End of day | /checkpoint | Mid-feature — tomorrow-you needs what today-you learned |
| Sun 21:00 | sync-kit Routine | Researches Claude Code / OWASP / stacks / model releases. Opens PR |
| Fri 17:00 | eval-review Routine | LLM projects. Worst 50 traces → regression fixtures PR |
| Mon AM | Review both PRs | Accept, reject, comment per change |
| Any day | /deps-update | Dependency sweep with slopsquatting defense |
| 1st of mo. | Re-read CLAUDE.md, .claude/rules/, MODEL_NOTES.md. Add new Known Pitfalls that bit you. |
|
| 1st of mo. | Delete commands/agents you never ran. Kit cruft is worse than sparse kit. | |
| 1st of mo. | ~/claude-code-kit/setup.sh --force — if the kit repo moved ahead |
|
| /onboard | Reads HANDOFF.md + CLAUDE.md + recent commits. Summarizes. |
| /plan | Plan mode. Drafts steps. Waits for approval. Anything > 10 lines. |
| /review | Senior-engineer review of diff, read-only. Before every PR. |
| /security-review | OWASP Top 10 + LLM Top 10. After auth / data / LLM changes. |
| /ship-it | Pre-deploy: quality, tests, docs, secret scan. Before merging. |
| supervisor | Orchestrator. Up to 4 specialists in parallel, synthesizes. Multi-file work. |
| verification-auditor | Fresh context. Reads plan + diff. PASS w/ file:line or FAIL per item. |
| security-reviewer | OWASP + LLM Top 10 on the diff. Opus. Hard-fails on secrets, raw SQL, missing authz. |
| prompt-auditor | Scores a rough ask on 8 dimensions. < 8/10 → answer questions before /plan. |
| code-reviewer | Principal-engineer review. Naming, dead code, missing tests, scope creep. |
All fire 100% of the time. No bypass short of editing the scripts.
| block-secrets | Writes to .env*; inline sk-*, AKIA*, ghp_*, private keys |
| protect-bash | rm -rf /, forkbombs, dd if=, mkfs.*, chmod 777 /; push to main; --force; reset --hard; drizzle-kit push; supabase db reset; prisma db push; --accept-data-loss; npm publish; --no-verify; pnpm / yarn |
| forbid-dangerous-patterns | = ANY(...::uuid[]) on JSONB columns; 'use cache' + cookies() / headers() in the same file |
| format-on-save | Non-blocking. Runs prettier on every ts/tsx/json/md/css/yml write. |
| session-start-banner | Non-blocking. Injects house rules at session start. |
| context-warn | Non-blocking. Prompts /checkpoint when system signals context pressure. |
| think | ~4K tokens |
| think hard | ~10K |
| think harder | ~24K |
| ultrathink | ~32K |
Default Sonnet. Escalate with /model opus for planning on load-bearing changes or hard debugging.
<model> ⎇ <branch> ctx <%> · $<cost>
/checkpoint before the next big step./checkpoint now, then /clear.| Hook blocked you | Read stderr. Tells you what and why. If wrong, edit .claude/hooks/<name>.sh. |
| Claude went sideways | Esc interrupts without losing context. Esc Esc opens checkpoint menu. |
| Pushed to main | You shouldn't be able to. If you forced past: git revert, not git reset --hard. Tell the team. |
| Subagent hangs | Esc. Then /clear if context got polluted. |
.claude/commands/<name>.md with YAML frontmatter (description:, optional allowed-tools:, argument-hint:)..claude/agents/<name>.md with name:, description:, tools:, model: in frontmatter..claude/hooks/<name>.sh, chmod +x, wire in .claude/settings.json under the appropriate event..claude/rules/<name>.md, import from CLAUDE.md via @.claude/rules/<name>.md.Commit each addition separately with feat(kit): ...