← hamz.ai Updated July 2026
The lab / the skills library

The skills library

I use Claude Code every day, and these 17 skills are the habits I got tired of re-teaching it. The library covers building and operating AI systems in production: adversarial and tiered review, validation gates, cost and safety guardrails, deploy campaigns, debugging playbooks, and change control. In July 2026 I distilled 26 skills from two production codebases I run Claude Code against, and every one went through four review passes plus an adversarial pass by Codex at extra-high effort, run twice. Eight were then A/B tested against pre-registered must-hits and all eight passed, and the library was consolidated into the 17 portable skills on this page, an open instrument that ships with its own eval harness.

A skill here means a Claude Code skill, a written instruction file that changes how Claude behaves while it works, nothing to do with your own tools. Learn more →

The evidence behind them is measured, not asserted: the July 2026 study and the effort lattice both graded these skills against pre-registered criteria, and the whole library is open source at github.com/HamzaYM/reliable-ai-skills.

01The library

The 17 skills

Each skill is a self-contained folder with one SKILL.md: a description that tells an agent when to reach for it, the failure mode it prevents, and the pattern as decision gates and checklists rather than prose. The groups below are the library’s real category directories. Every card links its skill file and its folder in the repo, and every card’s From the skill section quotes or closely paraphrases lines that are actually in that skill’s file.

Three to start with

The three richest skill files in the library, each opened up to one real pattern from inside it.

adversarial review
multi-model-adversarial-review

Asking a model to critique its own work mostly gets you agreement, because its blind spots are its reviewer’s blind spots too. This skill runs a second model from a different vendor, then makes every finding survive a deliberate attempt to knock it down before it gets reported. A long list of nitpicks with no real issue is read as nothing substantive found, not as lots of problems.

read the full skill →
deploy and infra
environment-and-build-hazards

Some stacks have no real local setup: what feels like a scratch database on your own machine is shared infrastructure the whole team depends on, one destructive command away from damage. The skill’s rule is to confirm where you are by the real hostname or account ID, never by an environment label. Some shared environments deliberately label themselves production to pick up production’s safety defaults, so the label misleads by design.

read the full skill →
debugging playbooks
failure-archaeology

Every mature codebase has approaches that were tried, didn’t work, and were abandoned on purpose, and the reasoning usually lived in a conversation that is gone. This skill keeps a settled-battles record: what was tried, why it was dropped, and what the codebase does instead. Its most honest rule: when the reason for a revert is lost, the entry says so plainly, because an admitted unknown beats a plausible-sounding guess.

read the full skill →
skills/adversarial-review/
review and quality multi-model-adversarial-review

Runs a second, independently vendored model against your own review pass and reconciles the findings.

CatchesThe same model re-reading its own work and agreeing with itself.

From the skill
  • Rebuttals say withdraw only if the evidence refutes you. A model that folds because the other side disagrees is a known failure mode.
  • If a second opinion implies an error in your own work, don’t dismiss it on your own authority. Verify outside the model or escalate.
  • If the second model is unavailable, proceed single-model and say so in the report. Never silently downgrade without disclosing it.
view SKILL.md → folder →
skills/tiered-review/
review and quality tiered-consultancy-review

A five-tier escalation ladder (analysts, managers, specialists, partners, polish) for taking a deliverable from rough draft to genuinely finished.

CatchesDrafts that ship after one pass, with the requester babysitting every revision.

From the skill
  • Analysts read the draft blind to each other, so one loud opinion can’t anchor the rest.
  • Every tier can fix directly, confer with a peer, or kick work back down. A tier that can only pass things up adds latency, not review.
  • The adversarial tier catches what earlier tiers were too close to see, like a draft led by evidence that undercut its own core claim.
view SKILL.md → folder →
skills/validation-gates/
review and quality pre-merge-validation-gate

Defines what “done” actually means for a change and how to report test results without overstating what was checked.

CatchesA change declared done on test results that overstate what was actually checked.

From the skill
  • Build passing plus unit tests passing is necessary, never sufficient, for anything a user sees. Drive the changed screen live.
  • Before committing a recaptured snapshot, read the diff. Anything you can’t explain is a regression, not a fixture update.
  • “Environment wasn’t up” is a finding: go start it, don’t skip the step and stay silent about it.
view SKILL.md → folder →
skills/architecture-and-contracts/
systems and architecture architecture-contracts-as-law

Keeps a single, merge-blocking source of truth for system invariants (schema, API shape, module boundaries) in sync with the code.

CatchesInvariants drifting from the code that crosses them, and infrastructure built ahead of need.

From the skill
  • Drift between the contract document and the code is treated as a bug, not as a doc to update eventually.
  • An exception list honest about real deviations beats a diagram that’s aspirationally clean but wrong.
  • Deferred infrastructure gets a ledger entry with a concrete pickup trigger, not a TODO-maybe-someday comment.
view SKILL.md → folder →
skills/auth-and-tenancy/
systems and architecture multi-tenant-auth-reference

A ground-truth reference pattern for token kinds, role checks, and tenant isolation, so you stop guessing during auth bugs.

CatchesGuessing through unexpected 401s and 403s, cross-tenant data leaks, and row-level security that is silently doing nothing.

From the skill
  • Two wrong guesses about which token a path expects means the reference is missing or stale, not a sign to guess harder.
  • The worst failure is silent: a privileged database connection skips row-level isolation and the query just returns everything.
  • Widening a role guard to make a 403 go away likely re-opens a boundary drawn on purpose. Find out why it was narrow first.
view SKILL.md → folder →
skills/evals-and-scoring/
systems and architecture llm-eval-harness-and-scoring-pipeline

Locked aggregation math, partial-failure handling, prompt versioning, and shadow comparison for any pipeline that scores LLM output.

CatchesOne failed sub-call corrupting a composite score, and a candidate prompt flipped live without a shadow comparison.

From the skill
  • If nothing scoreable survived, emit nothing. A zero is a real, comparable data point; a missing score is not.
  • Partial results presented as complete have produced real mis-rankings that only surfaced when the scores looked off.
  • Never answer “would this change behave differently” by flipping it live. That’s an experiment on real users, not a test.
view SKILL.md → folder →
skills/cost-and-safety-guardrails/
cost and safety ai-cost-tracking-and-guardrails

Enforced call tracking, safe cross-provider fallover, and fail-closed rate limiting for LLM calls touching money or sensitive data.

CatchesUntracked, unpriced LLM calls in systems that handle regulated data or need hard cost control.

From the skill
  • A “blocked by cost cap” record written inside the failing transaction gets thrown away by the very rollback that triggered it.
  • Never fail over a rejected payload to a second vendor. Sensitive data could land somewhere it was never approved to go.
  • Log metadata by allowlist, not denylist. A list of known-bad keys reliably misses the next field an engineer adds.
view SKILL.md → folder →
cost and safety budget-aware-model-allocation

How to work deliberately when a token or rate-limit budget is running low across more than one model or provider.

CatchesBlowing through a rate limit on autopilot instead of deferring or shifting work to the provider with headroom.

From the skill
  • Trim before you cut scope: lower the effort setting, batch requests, and avoid re-reading context you already processed.
  • When budgets are healthy, work normally. Rationing against a hypothetical shortage just produces worse answers for no benefit.
  • Never hard-block on a low budget. Degrade gracefully: smaller scope, lower effort, or the provider with headroom.
view SKILL.md → folder →
cost and safety config-and-secrets-hygiene

Picking the right config layer, avoiding precedence traps, and a repeatable recipe for adding a new feature flag safely.

CatchesA config value or flag that “does nothing” because it landed in the wrong layer.

From the skill
  • A misspelled variable may be silently ignored, not rejected. Check the exact field name before assuming a deeper bug.
  • A flag can be stored, displayed, and editable while nothing reads it. A meaningful share of registered settings are inert.
  • An app that refuses to boot on a placeholder secret is working as intended. Fix the input; never widen the validator.
view SKILL.md → folder →
skills/deploy-and-infra/
deploy and infrastructure staging-to-prod-cutover-campaign

First-apply traps, the do-not-inherit config scrub, and how to separate go-live gates from infra bring-up.

CatchesStaging config inherited by production, and first applies that fail in ways a second apply never will.

From the skill
  • Developer-convenience flags are omitted from stricter config entirely, not set to false. Omit and false can fail differently.
  • Certificate validation timing out on the very first apply is expected before the nameservers move. Don’t debug the module.
  • Cloud-seeded placeholder secrets often slip past a weak-secret boot guard, whose denylist only knows your own dev placeholders.
view SKILL.md → folder →
deploy and infrastructure environment-and-build-hazards

The two-role database model, seed-data idempotency, and cloud-auth preflight for local development environments.

Catches“Local” development that actually points at a shared remote environment, one destructive command away from hitting it.

From the skill
  • A privileged database role skips row-level isolation silently: no error, no warning, every policy quietly does nothing.
  • If a seed script fakes an API call to avoid real costs, don’t “fix” it by calling the real service. That defeats its purpose.
  • A surprising share of “the stack won’t start” reports are really “something is already listening on that port.”
view SKILL.md → folder →
skills/debugging-playbooks/
debugging systematic-debugging-playbook

Establishes ground truth before hypothesizing, and the regression rule for multi-round fix loops after a review pass.

CatchesFixes proposed before ground truth is established, especially in files that are frequent sources of regressions.

From the skill
  • Search history before hypothesizing. A surprising number of “new” bugs already have a full root-cause writeup sitting in git.
  • One “confirmed” finding was an artifact of the test itself: a guessed URL producing an expected 404, not a broken link.
  • In multi-round fix loops the proven failure mode is the fixer introducing the next bug. Re-run every earlier round’s tests.
view SKILL.md → folder →
debugging failure-archaeology

A “settled battles” reference so nobody re-attempts an approach that was already tried and deliberately abandoned.

CatchesRe-fighting a battle someone already lost on purpose: the migration, framework swap, or quick fix that was abandoned for a reason.

From the skill
  • Code that looks unnecessarily defensive is disproportionately likely to be the fix for a settled battle. Check before deleting it.
  • Some reverts happened because it wasn’t the engineer’s call. The lesson is the decision owner’s sign-off, not the change itself.
  • Unrelated-looking hacks can share one root cause fixed piecemeal. Document it once so nobody cleans up a fix whose purpose isn’t visible.
view SKILL.md → folder →
skills/change-control/
process and change management git-change-control-for-agents

State verification before any git work, the dead-base PR trap, migration collisions, and working-tree discipline.

CatchesActing on a repo whose state was assumed rather than verified, and PRs cut against a dead base.

From the skill
  • A stacked branch still existing on the remote proves nothing about whether it’s still the right base. Base every PR on the trunk.
  • Numbered migration files often don’t textually conflict at all, which is exactly what makes that collision easy to miss.
  • Untracked files you don’t recognize may be someone’s live work queue. Ask before stashing, discarding, or cleaning.
view SKILL.md → folder →
skills/campaign-execution/
process and change management multi-agent-batch-campaigns

Wave planning, file-contention mapping, and checkpoint-to-file discipline for executing a large backlog across parallel agents.

CatchesParallel agents colliding on the same files, and campaigns a previous session left mid-way with no way to resume.

From the skill
  • Status docs rot, git doesn’t. Re-read the actual code at each cited location before trusting a backlog’s description of it.
  • Long sessions die more often than anyone plans for. The only thing that reliably survives is what got written to a file.
  • Unpushed local-only branches are invisible to every remote check and one disk failure from gone.
view SKILL.md → folder →
skills/docs-and-compliance/
documentation and compliance docs-of-record-and-arbitration

An explicit arbitration order for when project docs disagree, plus a fact-check-first method for business deliverables.

CatchesBuilding from the wrong document when several overlapping ones all claim to be current.

From the skill
  • If a doc contradicts a settled decision, or code that correctly implements it, the doc is wrong. Fix the doc, cite the decision.
  • Even a formally versioned spec has been caught inventing behavior that never shipped.
  • Open every before/after pair: an “after” showing an unrelated screen is the most common way these documents ship wrong.
view SKILL.md → folder →
documentation and compliance consent-and-regulated-data-reference

Fail-closed defaults for consent, retention, and audit trails in systems handling regulated personal data.

CatchesDefaults that fail open when a change touches consent, retention, erasure, or a regulated opt-in.

From the skill
  • No consent record means no processing, no send, no session. A missing check never degrades to “allow and log a warning.”
  • Publishing a policy version is never a safe test. Staging often shares the same tables as production for exactly this record.
  • Raw data deletes with the user. A personal-data-free proof of consent survives, to show consent was once properly obtained.
view SKILL.md → folder →
02Evidence

Proven twice, then checked by another vendor

Two pre-registered studies grade this library, and a second vendor’s model then re-checked the judging behind the second one. Each study lives on its own page with full methodology, and the harness that ran them is open in the repo’s eval/ folder.

How the July 2026 study ran

Honest note: these judges were order-blinded, not content-blinded; a few answers mentioned their own skill in passing. The sequel's harness closed that gap by scrubbing those tells before judging.

The July 2026 study
Baseline 26 of 50. With the skills loaded, 46 of 50 (92%).

An order-blinded A/B across 50 pre-registered must-hits in 16 tasks. All 8 tested source skills passed the pre-registered rule.

the skills study →
The effort lattice
Effort raises the floor. The skills still add on top.

Three Claude models at five reasoning-effort levels, each run with the skill library installed and without it. More effort raised the no-skills baseline on all three models, and it did not shrink what the skills add on any of them.

the effort lattice →
The Codex cross-check
A second vendor agreed on 383 of 394 marks (97.2%).

After the lattice run, Codex, a model from a different vendor, re-scored a fixed sample of the committed judge inputs in one run and agreed with the panel’s judging 97.2% of the time. How the check ran is on the lattice page.

the lattice methodology →
03Install

Two commands

The library installs as a Claude Code plugin, all 17 skills at once. Manual and single-skill install paths are in the repo.

/plugin marketplace add HamzaYM/reliable-ai-skills
/plugin install reliable-ai-skills@reliable-ai-skills

MIT licensed. Browse the flat one-page index at INDEX.md, or start from the repo.