refactor: extract skills from commands across 8 plugins

Refactored commands to extract reusable skills following the
Commands → Skills separation pattern. Each command is now <50 lines
and references skill files for detailed knowledge.

Plugins refactored:
- claude-config-maintainer: 5 commands → 7 skills
- code-sentinel: 3 commands → 2 skills
- contract-validator: 5 commands → 6 skills
- data-platform: 10 commands → 6 skills
- doc-guardian: 5 commands → 6 skills (replaced nested dir)
- git-flow: 8 commands → 7 skills

Skills contain: workflows, validation rules, conventions,
reference data, tool documentation

Commands now contain: YAML frontmatter, agent assignment,
skills list, brief workflow steps, parameters

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

plugins/code-sentinel/commands/refactor-dry.md

@@ -8,16 +8,12 @@ Analyze and preview refactoring opportunities without making changes.
 
 ## Visual Output
 
-When executing this command, display the plugin header:
-
 ```
-┌──────────────────────────────────────────────────────────────────┐
-│  🔒 CODE-SENTINEL · Refactor Preview                             │
-└──────────────────────────────────────────────────────────────────┘
++----------------------------------------------------------------------+
+|  CODE-SENTINEL - Refactor Preview                                    |
++----------------------------------------------------------------------+
 ```
 
-Then proceed with the analysis.
-
 ## Usage
 ```
 /refactor-dry <target> [--all]
@@ -26,44 +22,31 @@ Then proceed with the analysis.
 **Target:** File path, function name, or "." for current file
 **--all:** Show all opportunities, not just recommended
 
+## Skills to Load
+
+- skills/refactoring-patterns.md
+- skills/dry-run-workflow.md
+
 ## Process
 
-1. **Scan Target**
-   Analyze code for refactoring opportunities.
+1. **Scan Target** - Analyze code using patterns from skill
+2. **Score Opportunities** - Rate by Impact/Risk/Effort (see dry-run-workflow skill)
+3. **Output** - Group by recommended vs optional
 
-2. **Score Opportunities**
-   Each opportunity rated by:
-   - Impact (how much it improves code)
-   - Risk (likelihood of breaking something)
-   - Effort (complexity of the refactoring)
+## Output Format
 
-3. **Output**
 ```
-## Refactoring Opportunities: src/handlers.py
+## Refactoring Opportunities: <target>
 
 ### Recommended (High Impact, Low Risk)
+1. **pattern** at lines X-Y
+   - Impact: High | Risk: Low
+   - Run: `/refactor <target> --pattern=<pattern>`
 
-1. **extract-method** at lines 45-67
-   - Extract order validation logic
-   - Impact: High (reduces complexity from 12 to 4)
-   - Risk: Low (pure function, no side effects)
-   - Run: `/refactor src/handlers.py:45 --pattern=extract-method`
-
-2. **use-dataclass** for OrderInput class
-   - Convert to dataclass with validation
-   - Impact: Medium (reduces boilerplate)
-   - Risk: Low
-   - Run: `/refactor src/models.py:OrderInput --pattern=use-dataclass`
-
-### Optional (Consider Later)
-
-3. **use-fstring** at 12 locations
-   - Modernize string formatting
-   - Impact: Low (readability only)
-   - Risk: None
+### Optional
+- Lower priority items
 
 ### Summary
-- 2 recommended refactorings
-- 1 optional improvement
-- Estimated complexity reduction: 35%
+- X recommended, Y optional
+- Estimated complexity reduction: Z%
 ```

plugins/code-sentinel/commands/refactor.md

@@ -8,16 +8,12 @@ Apply refactoring transformations to specified code.
 
 ## Visual Output
 
-When executing this command, display the plugin header:
-
 ```
-┌──────────────────────────────────────────────────────────────────┐
-│  🔒 CODE-SENTINEL · Refactor                                     │
-└──────────────────────────────────────────────────────────────────┘
++----------------------------------------------------------------------+
+|  CODE-SENTINEL - Refactor                                            |
++----------------------------------------------------------------------+
 ```
 
-Then proceed with the refactoring workflow.
-
 ## Usage
 ```
 /refactor <target> [--pattern=<pattern>]
@@ -26,68 +22,31 @@ Then proceed with the refactoring workflow.
 **Target:** File path, function name, or "." for current context
 **Pattern:** Specific refactoring pattern (optional)
 
-## Available Patterns
+## Skills to Load
 
-### Structure
-| Pattern | Description |
-|---------|-------------|
-| `extract-method` | Extract code block into named function |
-| `extract-class` | Move related methods to new class |
-| `inline` | Inline trivial function/variable |
-| `rename` | Rename with all references updated |
-| `move` | Move function/class to different module |
-
-### Simplification
-| Pattern | Description |
-|---------|-------------|
-| `simplify-conditional` | Flatten nested if/else |
-| `remove-dead-code` | Delete unreachable code |
-| `consolidate-duplicate` | Merge duplicate code blocks |
-| `decompose-conditional` | Break complex conditions into named parts |
-
-### Modernization
-| Pattern | Description |
-|---------|-------------|
-| `use-comprehension` | Convert loops to list/dict comprehensions |
-| `use-pathlib` | Replace os.path with pathlib |
-| `use-fstring` | Convert .format() to f-strings |
-| `use-typing` | Add type hints |
-| `use-dataclass` | Convert class to dataclass |
+- skills/refactoring-patterns.md
 
 ## Process
 
-1. **Analyze Target**
-   - Parse code structure
-   - Identify refactoring opportunities
-   - Check for side effects and dependencies
+1. **Analyze Target** - Parse code, identify opportunities from skill, check dependencies
+2. **Propose Changes** - Show before/after diff, explain improvement, list affected files
+3. **Apply (with confirmation)** - Make changes, update references, run tests
 
-2. **Propose Changes**
-   - Show before/after diff
-   - Explain the improvement
-   - List affected files/references
+## Output Format
 
-3. **Apply (with confirmation)**
-   - Make changes
-   - Update all references
-   - Run existing tests if available
-
-4. **Output**
 ```
-## Refactoring: extract-method
+## Refactoring: <pattern>
 
 ### Target
-src/handlers.py:create_order (lines 45-89)
+<file>:<function> (lines X-Y)
 
 ### Changes
-- Extracted validation logic → validate_order_input()
-- Extracted pricing logic → calculate_order_total()
-- Original function now 15 lines (was 44)
+- Change description
 
 ### Files Modified
-- src/handlers.py
-- tests/test_handlers.py (updated calls)
+- file1.py
 
 ### Metrics
-- Cyclomatic complexity: 12 → 4
-- Function length: 44 → 15 lines
+- Cyclomatic complexity: X -> Y
+- Function length: X -> Y lines
 ```

plugins/code-sentinel/commands/security-scan.md

@@ -8,61 +8,34 @@ Comprehensive security audit of the project.
 
 ## Visual Output
 
-When executing this command, display the plugin header:
-
 ```
-┌──────────────────────────────────────────────────────────────────┐
-│  🔒 CODE-SENTINEL · Security Scan                                │
-└──────────────────────────────────────────────────────────────────┘
++----------------------------------------------------------------------+
+|  CODE-SENTINEL - Security Scan                                       |
++----------------------------------------------------------------------+
 ```
 
-Then proceed with the scan workflow.
+## Skills to Load
+
+- skills/security-patterns/SKILL.md
 
 ## Process
 
-1. **File Discovery**
-   Scan all code files: .py, .js, .ts, .jsx, .tsx, .go, .rs, .java, .rb, .php, .sh
+1. **File Discovery** - Scan: .py, .js, .ts, .jsx, .tsx, .go, .rs, .java, .rb, .php, .sh
+2. **Pattern Detection** - Apply patterns from skill (Critical/High/Medium severity)
+3. **Report** - Group by severity, include code snippets and fixes
 
-2. **Pattern Detection**
+## Output Format
 
-   ### Critical Vulnerabilities
-   | Pattern | Risk | Detection |
-   |---------|------|-----------|
-   | SQL Injection | High | String concat in SQL queries |
-   | Command Injection | High | shell=True, os.system with vars |
-   | XSS | High | innerHTML with user input |
-   | Code Injection | Critical | eval/exec with external input |
-   | Deserialization | Critical | pickle.loads, yaml.load unsafe |
-   | Path Traversal | High | File ops without sanitization |
-   | Hardcoded Secrets | High | API keys, passwords in code |
-   | SSRF | Medium | URL from user input in requests |
-
-   ### Code Quality Issues
-   | Pattern | Risk | Detection |
-   |---------|------|-----------|
-   | Broad Exceptions | Low | `except:` or `except Exception:` |
-   | Debug Statements | Low | print/console.log with data |
-   | TODO/FIXME Security | Medium | Comments mentioning security |
-   | Deprecated Functions | Medium | Known insecure functions |
-
-3. **Output Format**
 ```
 ## Security Scan Report
 
 ### Critical (Immediate Action Required)
-🔴 src/db.py:45 - SQL Injection
-   Code: `f"SELECT * FROM users WHERE id = {user_id}"`
-   Fix: Use parameterized query: `cursor.execute("SELECT * FROM users WHERE id = ?", (user_id,))`
+[red] file:line - Vulnerability Type
+   Code: `problematic code`
+   Fix: Recommended solution
 
-### High
-🟠 config.py:12 - Hardcoded Secret
-   Code: `API_KEY = "sk-1234..."`
-   Fix: Use environment variable: `API_KEY = os.environ.get("API_KEY")`
-
-### Medium
-🟡 utils.py:78 - Broad Exception
-   Code: `except:`
-   Fix: Catch specific exceptions
+### High / Medium / Low
+[Similar format]
 
 ### Summary
 - Critical: X (must fix before deploy)
@@ -70,7 +43,8 @@ Then proceed with the scan workflow.
 - Medium: X (improve when possible)
 ```
 
-4. **Exit Code Guidance**
-   - Critical findings: Recommend blocking merge/deploy
-   - High findings: Recommend fixing before release
-   - Medium/Low: Informational
+## Exit Guidance
+
+- Critical findings: Block merge/deploy
+- High findings: Fix before release
+- Medium/Low: Informational