Build your AI development kit.
Pick your technologies and skills. We recommend the right agents and guardrails, then generate a ready-to-drop config folder for Claude Code, GitHub Copilot, or Cursor — agents, skills, and rules, in your tool's exact format.
What kind of project?
Shapes the starter playbook in your kit and the questions we ask — new build, existing codebase, or legacy modernization.
Choose your tool
Pick the assistant you use. We emit that tool's exact file layout.
Pick your technologies
Your stack drives which agents, rules, and skills we recommend.
Languages
Frontend
Backend
Database
Testing
Cloud
DevOps
AI tooling
Add skills
Reusable skill packs. Recommended ones are pre-selected based on your stack.
Claude Code skill for creating, updating, and querying Azure DevOps work items via the Azure DevOps MCP server.
Apply official brand colors and typography to artifacts and UI — palette, Poppins/Lora font system, and on-brand styling for decks and documents.
Configure and enforce test coverage with Vitest's v8 provider — 80% thresholds, per-directory overrides, CI reporting, uncovered-code triage, and coverage-driven test prioritization.
Claude Code skill that performs comprehensive code review on PRs and diffs, prioritized by severity with concrete fixes.
Claude Code skill that generates adapters, shims, and proxies for incremental coexistence between legacy and new systems.
Claude Code skill that generates accessible React components matching the project's design system, tokens, and naming conventions.
Claude Code skill that compares old and new system outputs for parity — running validation queries on both DBs and reporting drift.
Claude Code skill that generates safe forward and reverse migrations with transaction-wrapping, idempotency, and zero-downtime patterns.
Claude Code skill that audits dependencies for vulnerabilities, outdated packages, and license issues — and explains what to actually fix.
Claude Code skill that generates README, API docs, JSDoc, ADRs, and other docs that match the project's existing voice and depth.
Build distinctive, production-grade frontend interfaces — bold aesthetics, refined typography, motion, and layout that avoid generic AI looks.
Skill for bulk-pushing elaborated stories and their test cases into Jira as Story + sub-task hierarchies. Always dry-runs first; never overwrites silently.
Claude Code skill for creating, updating, and querying Jira tickets via the Jira MCP server.
Claude Code skill that reads legacy .NET code (WebForms, VB.NET, classic ASP) and explains what it does — the foundation for any migration.
Flagship migration skill that walks Claude Code through audit → strategy → slicing → cutover for any legacy system migration.
Claude Code skill pack that reviews code and PRs against the OWASP Top 10 and ASVS, with severity-ranked findings and concrete fixes.
Claude Code skill that diagnoses performance issues — slow queries, slow renders, memory leaks — with measurement-first methodology.
Governance-hook skill that gates pull requests on security, compliance, and enterprise-standard checks before merge.
Vibe-coding guardrail skill that keeps citizen and pro developers inside secure-by-default patterns while AI generates code.
Tool-neutral skill that walks developers through PRD → stories → schema → API → tests for any new feature, producing real artifacts at each step. The methodology is identical on every supported tool.
Claude Code skill that picks the right test type (unit/integration/E2E) based on context and applies Evoke's testing patterns automatically.
Agents
Specialist subagents. Security & core agents are recommended for every kit.
Security & governance
Reviews code and diffs against the OWASP Top 10 and ASVS, returning severity-ranked, CWE-tagged findings with fixes.
Independent validator agent: checks another agent's output against correctness, security, tests, and conventions. Never edits the code it reviews.
Hard governance gate: runs a fixed pre-merge checklist and returns a blocking PASS/BLOCK verdict with an auditable report.
Core development
Bootstrap project discovery: invoked when project-context is missing, stale, or explicitly requested.
Read-only discovery & planning agent: explores the codebase, maps dependencies, and produces an implementation plan without editing code.
Drives a task to completion iteratively: writes a durable plan, executes one step at a time, delegates to specialists, validates, records intermediate outputs, and resumes where it left off.
Principal-engineer code review across correctness, security, performance, and maintainability, with prioritized, fix-oriented findings.
Writes focused, meaningful unit/integration tests for changed behavior — happy path, edge cases, and error paths — in the project's framework.
QA & test automation
Generates Playwright end-to-end tests from a user flow or page, using role-based locators and resilient assertions.
Runs the E2E suite, triages failures (product bug vs. flaky vs. stale test), and reports a concise, actionable summary.
Rules
Coding guardrails written into your tool's instruction files.
Engineering baseline
Core working agreement for AI-assisted development: scope discipline, no dead code, match existing conventions.
Main-agent protocol: decompose the goal, delegate focused work to specialist subagents via the Task tool, and verify each result before proceeding.
Run multi-step work as a resumable loop backed by a durable plan file: plan once, execute one task at a time, record intermediate outputs, check it off, and continue until done.
Org standard for errors: no swallowed exceptions, wrap-with-context, typed error taxonomy, a single client-facing error envelope, never leak stack traces.
Org standard for logs: structured JSON, correct level semantics, correlation/trace IDs, and mandatory secret/PII redaction.
Apply SOLID as actionable do/don'ts while writing or refactoring: single responsibility, open/closed, Liskov, interface segregation, dependency inversion.
Governance & guardrails
Secure-by-default rules applied while generating code: parameterized queries, authz checks, no secrets, safe file/URL handling.
Accountability and provenance rules for AI-generated changes: human ownership, disclosure, no fabricated APIs.
Stack rules
Strict typing, no any, discriminated unions, explicit error handling.
Server Components by default, client only when interactive, data fetching in RSC.
Composable components, correct hooks usage, accessible markup.
Standalone components, typed reactive forms, RxJS hygiene, OnPush.
Type hints, explicit errors, no bare excepts, idiomatic standard library.
Nullable reference types, async/await, DI, EF Core safety.
Constructor injection, immutability, layered architecture, no field injection.
Spring Security secure defaults: explicit method authorization, CSRF, safe deserialization, parameterized JPA, secrets from config, no stack-trace leaks.
REST conventions: resource naming, versioning, pagination, idempotency, status-code map, and the standard error envelope.
Use brand design tokens, not hardcoded values; theme via the design system; dark-mode and accessibility by default.
Parameterized queries, indexed access paths, safe migrations.
Async error handling, input validation, no blocking the event loop.
Role-based locators, web-first assertions, no fixed sleeps, isolated tests.
JUnit 5 conventions: descriptive @DisplayName, AAA structure, Mockito at the boundary, parameterized tests, Spring slice tests, no Thread.sleep, behavior over implementation.
Commands
Reusable slash commands (e.g. /pr-generation, /commit-message). Recommended ones are pre-selected.
Generate a pull request title and description from the current branch's changes, with a summary, change list, test notes, and risk callouts.
Write a Conventional Commits message from the staged changes — a focused subject plus an explanatory body.
Resume the iterative execution loop: read the durable plan, pick up from the first unchecked task, and keep going until the plan is done.
MCP Servers
Connect external tools via Model Context Protocol. Auto-recommended based on your tech stack.
Pre-configured Azure DevOps MCP server for Claude Code — work items, repos, PRs, and pipelines from chat.
Pre-configured Atlassian Confluence MCP server for Claude Code — search, read, and write internal documentation pages from chat.
Pre-configured Figma MCP server for Claude Code — read design files and convert frames to component specs for design-to-code workflows.
Pre-configured filesystem MCP server for Claude Code — safe, scoped read/write access to project files.
Pre-configured GitHub MCP server for Claude Code — issues, PRs, code search, and Actions from chat.
Pre-configured Jira MCP server for Claude Code with Evoke's standard project setup.
Set up Microsoft's official Playwright MCP server so Claude Code can drive a real browser — navigate, click, fill forms, run the test cases you generated.
Pre-configured Postgres MCP server for Claude Code — schema inspection and read-only queries to make database work safer and faster.
Guardrail hooks
Hard blocks enforced before a tool runs — destructive deletes, dropping tables, force-push. On by default.
Refuses recursive force deletes (rm -rf / rm -fr) from the agent. The single most common way an agent wipes a working tree.
Refuses DROP TABLE/DATABASE/SCHEMA and TRUNCATE in shell commands (psql, mysql, sqlcmd, migration runners). Stops irreversible data loss.
Refuses 'git push --force' / '-f' (allows --force-with-lease). Prevents the agent from overwriting teammates' commits on a shared branch.