command-patterns
Authors and structures Cursor slash-commands that automate recurring developer and AI-maintenance workflows. Use when creating new command files under .cursor/commands/, adding procedural steps, defining constraints, or optimizing command output tables. Do not use for skill authoring, agent definitions, hook scripts, or application code.
Best use case
command-patterns is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Authors and structures Cursor slash-commands that automate recurring developer and AI-maintenance workflows. Use when creating new command files under .cursor/commands/, adding procedural steps, defining constraints, or optimizing command output tables. Do not use for skill authoring, agent definitions, hook scripts, or application code.
Teams using command-patterns should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/command-patterns/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How command-patterns Compares
| Feature / Agent | command-patterns | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Authors and structures Cursor slash-commands that automate recurring developer and AI-maintenance workflows. Use when creating new command files under .cursor/commands/, adding procedural steps, defining constraints, or optimizing command output tables. Do not use for skill authoring, agent definitions, hook scripts, or application code.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
SKILL.md Source
# Command Authoring Procedure Follow these steps to generate a command that adheres to the project's structural conventions and produces deterministic, high-quality agent behavior. ## Step 1: Validate Metadata 1. Choose a **kebab-case** name (1-64 characters, lowercase, numbers, and single hyphens only). The name becomes the filename: `.cursor/commands/<folder>/<name>.md`. 2. Determine the **folder**: `sd/` for software developers, `ai/` for AI tooling. Create new folders only when neither fits. 3. Execute the validation script: `python3 scripts/validate-metadata.py --name "<name>" --folder "<folder>"` 4. If the script returns an error, self-correct and re-run until successful. ## Step 2: Draft the Command Use the template in `assets/COMMAND.template.md` as the starting point. Fill in each section following the conventions below. ### Section: Role - One sentence, third-person: "You are a senior developer [doing X]." - Describe the persona, not the task. ### Section: Context - Background the agent needs before acting. - Use tables for structured references (severity levels, artifact layers, style rules). - Include project-specific conventions (commit style, PR template path, tool names). - Keep under 30 lines; move large reference material to skill files or link to project docs. ### Section: Task - One sentence stating the goal. - Followed by a `### Steps` subsection with numbered phases. ### Section: Steps Each step follows this pattern: 1. **Bold phase name** — One-sentence description of the phase. - Bullet list of specific actions. - Shell commands in fenced code blocks. - Parallel operations explicitly noted: "Run these in parallel:" - Conditional logic with bold keywords: "If [condition], [action]. Otherwise, [fallback]." Apply these conventions: | Convention | Rule | |------------|------| | Gathering info | Always the first step; run independent commands in parallel | | User prompts | Use "Ask the user for:" or "Prompt the user with:" — list each option with defaults | | Shell commands | Use fenced `bash` blocks; prefer `gh` CLI for GitHub operations | | HEREDOC commits | Always use `cat <<'EOF'` pattern for multi-line messages | | Verification | Always include a final verification step (`git status`, `gh pr view`, etc.) | | Decision points | Present options to the user; never assume destructive choices | ### Section: Constraints - Bullet list of "Do **not**" rules. - Always include applicable safety rules from this canonical set: | Scope | Standard constraints | |-------|---------------------| | Git | Do not modify `git config`; do not force-push; do not skip hooks (`--no-verify`); do not run destructive operations without confirmation | | GitHub | Do not push to `main`/`master` directly; do not dismiss reviews programmatically | | Files | Do not modify files outside the command's scope; do not commit secrets | | General | Do not fabricate data; ask rather than assume when intent is unclear | - Add command-specific constraints after the standard ones. ### Section: Output - Always a summary table with `Field | Value` columns. - Fields should be concise identifiers (e.g., **PR**, **Branch**, **Commit**, **Status**). - Values use inline code for SHAs, numbers, and branch names. - Optional: a detail table below the summary for itemized results (comments addressed, files changed, findings). ## Step 3: Review Against Checklist 1. Review the `SKILL.md` for "hallucination gaps" (points where the agent is forced to guess). 2. Verify all file paths are **relative** and use forward slashes (`/`). 3. Cross-reference the final output against `references/checklist.md`. ## Error Handling - **Validation failure:** If `scripts/validate-metadata.py` fails, fix the flagged field and re-run. - **Scope ambiguity:** If the command straddles consumers, prefer the primary consumer. - **Overlapping commands:** Before creating a new command, check existing commands that already cover the workflow. Extend an existing command rather than creating a duplicate.
Related Skills
test-patterns
Write, structure, and maintain RSpec specs for CMDx tasks, workflows, context, and configuration. Use when the user asks to add, update, fix, or refactor tests, write specs for new features, scaffold test files, or follow project testing conventions. Don't use for debugging production bugs, performance benchmarking, or non-test code changes.
cmdx
Build, debug, and document CMDx tasks and workflows in Ruby. Use when creating service/command objects with CMDx, composing tasks into workflows, handling halts and faults, or wiring inputs, outputs, callbacks, middleware, retries, and configuration. Don't use for generic Ruby refactors, Rails controller work, or non-CMDx service objects.
technical-docs
Write, update, and maintain YARD documentation and CHANGELOG entries for CMDx classes, modules, and methods. Use when the user asks to document, add YARD docs, update docs, write docstrings, add @param/@return tags, update CHANGELOG, or fix documentation inconsistencies. Don't use for README generation, non-agentic library docs, or code-only changes.
skill-creator
Authors and structures professional-grade agent skills following the agentskills.io spec. Use when creating new skill directories, drafting procedural instructions, or optimizing metadata for discoverability. Don't use for general documentation, non-agentic library code, or README files.
performance-optimizations
Profile, benchmark, and optimize CMDx task execution, context handling, and runtime hot paths. Use when the user mentions performance, benchmarking, profiling, memory allocation, optimization, slow execution, or YJIT. Don't use for general refactoring, feature additions, or test-only changes.
issue-debugging
Systematically diagnose and resolve bugs, errors, and unexpected behavior in CMDx tasks, workflows, context, and runtime execution. Use when the user mentions a bug, error, unexpected result, failing test, exception, stack trace, wrong state, wrong status, nil value, or debugging. Don't use for feature additions, performance tuning, or test-only changes.
explain-functionality
Explains selected code in depth — data flow, dependencies, side effects, and intent. Use when the user asks to explain, trace, walk through, or understand a function, method, class, module, or code block. Emphasizes how and why over what. Don't use for debugging, refactoring, performance tuning, or generating new code.
hunting-for-command-and-control-beaconing
Detect C2 beaconing patterns in network traffic using frequency analysis, jitter detection, and domain reputation to identify compromised endpoints communicating with adversary infrastructure.
detecting-modbus-command-injection-attacks
Detect command injection attacks against Modbus TCP/RTU protocol in ICS environments by monitoring for unauthorized write operations, anomalous function codes, malformed frames, and deviations from established communication baselines using ICS-aware IDS and protocol deep packet inspection.
detecting-mimikatz-execution-patterns
Detect Mimikatz execution through command-line patterns, LSASS access signatures, binary indicators, and in-memory detection of known modules.
detecting-command-and-control-over-dns
Detects command-and-control (C2) communications tunneled through DNS protocol including DNS tunneling tools (Iodine, dnscat2, dns2tcp, Cobalt Strike DNS beacon), domain generation algorithms (DGA), encoded payload delivery via TXT/CNAME records, and DNS beaconing patterns. Covers Shannon entropy analysis of query subdomains, statistical anomaly detection, ML-based DGA classification, passive DNS correlation, and Zeek/Suricata signature development. Activates for requests involving DNS-based C2 detection, DNS tunnel identification, suspicious DNS traffic investigation, or DGA domain classification.
detecting-beaconing-patterns-with-zeek
Performs statistical analysis of Zeek conn.log connection intervals to detect C2 beaconing patterns. Uses the ZAT library to load Zeek logs into Pandas DataFrames, calculates inter-arrival time standard deviation, and flags periodic connections with low jitter. Use when hunting for command-and-control callbacks in network data.