I Got Tired of Asking "What Am I Missing?" — So I Made My AI Ask First

I Got Tired of Asking "What Am I Missing?" — So I Made My AI Ask First



Tópico: I Got Tired of Asking "What Am I Missing?" — So I Made My AI Ask First
Categoria: Tutoriais | Programação & Tecnologia
Idioma Principal: Português (Conteúdo de Tecnologia)

Descrição do Conteúdo / Informações:
-------------------------------------------------------------------------
In my first article, I built SKILLmama: an AI skill that finds, scores, and ranks the best library for your exact stack.

In my second article, I added a security gate — because a high score means nothing if the tool is dangerous.

Both of those workflows had the same assumption baked in: you already know what you're looking for.

You type /skillmama find me a job queue for Node.js and it searches, scores, and returns ranked picks. That's great when you have a specific gap in mind.

But most of the time, you don't. You're deep in building something and you haven't stopped to ask: do I have auth? do I have observability? do I have a queue? You find out the hard way — when a feature ships without rate limiting, or when something breaks and there's no error tracking.

So I flipped the workflow. In v1.3, /skillmama with no arguments scans your project first and asks what to find.



The Old Flow vs. The New Flow


Before (Flow A — still exists):

/skillmama find me an auth library for Next.js
↓
scan project for stack context
↓
search → score → recommend

Now (Flow B — triggered when no capability is given):

/skillmama
↓
deep scan: reads package files, config, source structure
↓
gap analysis: what's missing for this type of project?
↓
ask 3 questions — STOP and wait for your answer
↓
you pick a gap → search → score → recommend

Both flows converge at the same search and scoring pipeline. Flow B just adds the scan and Q&A in front.



What the Scan Actually Does


When you run /skillmama with no arguments, it reads:

• Package files (package.json, pyproject.toml, go.mod, etc.)

• Config and infra (Dockerfile, docker-compose.yml, .env.example, vercel.json, fly.toml)

•
README.md and CLAUDE.md

• Source file structure (file listing, not full reads)

• 2–4 representative source files — the entry point, a route handler, a model

From that, it builds a Stack Profile:

Language:      TypeScript
Framework:     Next.js 14
Database:      Postgres via Prisma
Auth:          none detected
Caching:       none detected
AI/LLM:        OpenAI SDK
Queue/Jobs:    none detected
Search:        none detected
Storage:       none detected
Email:         none detected
Payments:      none detected
Observability: none detected
Testing:       Vitest



Gap Analysis: Not Everything Missing Is a Problem


Once the Stack Profile is built, SKILLmama doesn't just flag every empty row as a gap. It looks at what the project is actually doing and assigns severity:

•
High — typical for this type of app, likely needed soon

•
Medium — useful but not urgent

•
Low — speculative / nice-to-have

For a Next.js app with OpenAI already wired up, the output might look like this:

## SKILLmama — Project Scan

Stack detected: TypeScript / Next.js 14 / Postgres / OpenAI / no auth

Capability gaps found:

| # | Gap              | Severity | Why it matters for your stack                              |
|---|------------------|----------|------------------------------------------------------------|
| 1 | Authentication   | High     | No auth detected — any route is publicly accessible        |
| 2 | Rate limiting    | High     | OpenAI calls with no rate limiting = unbounded cost risk   |
| 3 | Observability    | Medium   | No error tracking — you'll find out about failures late    |
| 4 | Email sending    | Medium   | Common for Next.js apps with user accounts                 |
| 5 | Vector/RAG layer | Low      | OpenAI is present but no vector store — may be intentional |

A few quick questions before I search:
1. Which gap(s) would you like me to find options for?
2. Any constraints? (self-hosted, open-source, must have MCP support, etc.)
3. Anything I missed about your project or plans?

Then it stops. It does not proceed until you reply.



Why the Hard Stop Matters


The first version of this flow I sketched out just picked the highest-severity gap automatically and ran with it. That was wrong for two reasons:

1. Severity is relative to intent. A High gap for a consumer SaaS is a Low gap for an internal tool. The scanner doesn't know which one you're building — you do.

2. You might want to address multiple gaps in order. If you reply "1 and 2", SKILLmama runs the full search and scoring pipeline once per gap and presents each as its own results block. You get ranked picks for auth and rate limiting in one session, not just the first one.

The hard stop is what makes Flow B collaborative rather than presumptuous.



After You Answer


Once you reply — say "1 and 3, open-source preferred" — SKILLmama sets:

•
capability = Authentication, Observability

•
constraints = open-source preferred

And jumps straight to Phase 2 (deriving search terms). It skips Phase 0 and Phase 1 entirely — the stack is already known from the scan, so there's nothing left to parse.

From there, the same pipeline runs as always:

Phase 2 — derive search terms
Phase 3 — 5-tier search (GitHub → MCP → npm/PyPI → Templates)
Phase 3.5 — security gate (libraries)
Phase 3.6 — companion skills search
Phase 3.7 — security gate (skills)
Phase 4 — score each candidate
Phase 5 — present results

For the auth gap on a Next.js + Postgres stack, that produces something like:

Scoring all candidates against TypeScript / Next.js 14 / Postgres:

| Candidate   | Compat | Pop | Maint | Simple | Score    |
|-------------|--------|-----|-------|--------|----------|
| NextAuth.js | 10     | 9   | 9     | 9      | **9.55** |
| Lucia        | 9      | 7   | 10    | 8      | **8.75** |
| Clerk        | 8      | 8   | 10    | 10     | **8.90** |

#1 — NextAuth.js · Score: 9.55/10
The de facto auth layer for Next.js — first-party adapter, zero config for most providers.
- Compatibility: 10/10 — built for Next.js, Prisma adapter available
- Popularity:     9/10 — 22k stars, 800k npm downloads/week
- Maintenance:    9/10 — committed 1 week ago
- Simplicity:    9/10  — provider config only, Prisma adapter is one import
- Security:      PASS
- Install: npm install next-auth



What Changed in the Adapters


Flow B is live across all four adapters:

Adapter
How to trigger Flow B

Claude Code

/skillmama (no args)

Claude.ai

/skillmama (no args)

OpenAI Codex
"scan my project and tell me what I need"

Antigravity
"scan my project and tell me what I need"



Install


Any agent (via skills CLI):

npx skills add Magithar/SKILLmama

Claude Code:

cp .claude/commands/skillmama.md /your-project/.claude/commands/skillmama.md

Then /skillmama in any Claude Code session — no arguments needed.

Claude.ai: Upload the pre-built skillmama.zip from the repo under Customize → Skills.

OpenAI Codex: Place codex/AGENTS.md in your repo root.

Antigravity: Load antigravity/PROMPT.md as system prompt.



The Repo


github.com/Magithar/SKILLmama

Apache 2.0. If you used v1.0, v1.1, or v1.2 — pull the latest. The only new behavior is what happens when you run /skillmama with nothing after it.

Found a gap category that should be in the scanner? Open an issue — the list is meant to grow with real project types.