explainx.ai
workshops ↗
Productivity

reverse-engineer-rpi

Reverse-engineer a product into a mechanically verifiable feature inventory + registry + spec set, with optional security-audit artifacts and validation gates.

boshu2/agentopsUpdated Apr 8, 2026

Works with

Claude CodeCursorClineWindsurfCodexGooseGitHub CopilotZed

0

total installs

0

this week

260

GitHub stars

0

upvotes

Install Skill

Run in your terminal

$npx skills add https://github.com/boshu2/agentops --skill reverse-engineer-rpi

0

installs

0

this week

260

stars

View on GitHub
reverseengineerrpi
0 commentsJoin discussion →

Installation Guide

How to use reverse-engineer-rpi on Cursor

AI-first code editor with Composer

1

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

  • Cursor installed and configured on your machine
  • Node.js 16+ with npm — verify with node --version
  • Active project directory where you want to add reverse-engineer-rpi
2

Run the install command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills add https://github.com/boshu2/agentops --skill reverse-engineer-rpi

Fetches reverse-engineer-rpi from boshu2/agentops and configures it for Cursor.

3

Select Cursor when prompted

The CLI shows a list of agents. Use arrow keys and space to select Cursor:

◆ Which agents do you want to install to?
│ ── Universal (.agents/skills) ────────────────
│ · Cline · Codex · Goose · Windsurf
│ ●Cursor(selected)
│ · Cursor · Aider · Continue
4

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/reverse-engineer-rpi

Restart Cursor to activate reverse-engineer-rpi. Access via /reverse-engineer-rpi in your agent's command palette.

Security Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.

View source on GitHubSkills CLI docsAbout CursorWhat are agent skills?

Documentation

/reverse-engineer-rpi

Reverse-engineer a product into a mechanically verifiable feature inventory + registry + spec set, with optional security-audit artifacts and validation gates.

Hard Guardrails (MANDATORY)

  • Only operate on code/binaries you own or have explicit written authorization to analyze.
  • Do not provide steps to bypass protections/ToS or to extract proprietary source code/system prompts from third-party products.
  • Do not output reconstructed proprietary source or embedded prompts from binaries (index only; redact in reports).
  • Redact secrets/tokens/keys if encountered; run the secret-scan gate over outputs.
  • Always separate: docs say vs code proves vs hosted/control-plane.

One-Command Example

python3 skills/reverse-engineer-rpi/scripts/reverse_engineer_rpi.py ao \
  --authorized \
  --mode=binary \
  --binary-path="$(command -v ao)" \
  --output-dir=".agents/research/ao/"

If you do not have explicit written authorization to analyze that binary, do not run the above. Use the included demo fixture instead (see Self-Test below).

Repo-only example (no binary required):

python3 skills/reverse-engineer-rpi/scripts/reverse_engineer_rpi.py cc-sdd \
  --mode=repo \
  --upstream-repo="https://github.com/gotalab/cc-sdd.git" \
  --output-dir=".agents/research/cc-sdd/"

Pinned clone (reproducible):

python3 skills/reverse-engineer-rpi/scripts/reverse_engineer_rpi.py cc-sdd \
  --mode=repo \
  --upstream-repo="https://github.com/gotalab/cc-sdd.git" \
  --upstream-ref=v1.0.0 \
  --output-dir=".agents/research/cc-sdd/"

Invocation Contract

Required:

  • product_name

Optional:

  • --docs-sitemap-url (recommended when available; supports https://... and file:///...)
  • --docs-features-prefix (default: auto; detects best local docs prefix, falls back to docs/features/)
  • --upstream-repo (optional)
  • --upstream-ref (pin clone to a specific commit, tag, or branch; records resolved SHA in clone-metadata.json)
  • --local-clone-dir (default: .tmp/<product_name>)
  • --output-dir (default: .agents/research/<product_name>/)
  • --mode (default: repo; allowed: repo|binary|both)
  • --binary-path (required if --mode includes binary)
  • --no-materialize-archives (authorized-only; binary mode extracts embedded ZIPs by default; this disables extraction and keeps index-only)

Security audit flags (optional):

  • --security-audit (enables security artifacts + gates)
  • --sbom (generate SBOM + dependency risk report where possible; may no-op with a note)
  • --fuzz (only if a safe harness exists; timeboxed)

Mandatory guardrail flag:

  • --authorized (required for binary mode; refuses to run binary analysis without it)

Upstream Ref Pinning (--upstream-ref)

Use --upstream-ref to pin a repo-mode clone to a specific commit, tag, or branch. This makes analysis reproducible and allows golden fixtures to be diffed against a known baseline.

# Pin to a tag (reproducible)
python3 skills/reverse-engineer-rpi/scripts/reverse_engineer_rpi.py cc-sdd \
  --mode=repo \
  --upstream-repo="https://github.com/gotalab/cc-sdd.git" \
  --upstream-ref=v1.0.0 \
  --output-dir=".agents/research/cc-sdd/"

# Pin to a specific commit SHA
python3 skills/reverse-engineer-rpi/scripts/reverse_engineer_rpi.py cc-sdd \
  --mode=repo \
  --upstream-repo="https://github.com/gotalab/cc-sdd.git" \
  --upstream-ref=abc1234 \
  --output-dir=".agents/research/cc-sdd/"

When --upstream-ref is provided:

  • The clone is fetched with git fetch --depth=1 origin <ref> and checked out to FETCH_HEAD.
  • The resolved commit SHA is recorded in output_dir/clone-metadata.json for traceability.
  • Without --upstream-ref, a --depth=1 shallow clone of the default branch HEAD is used instead.

clone-metadata.json schema:

{
  "upstream_repo": "https://github.com/gotalab/cc-sdd.git",
  "upstream_ref": "v1.0.0",
  "resolved_commit": "<full SHA>",
  "clone_date": "YYYY-MM-DD"
}

Contract Outputs (output_dir/)

Repo-mode analysis writes machine-checkable contract files under output_dir/. These files use only relative paths, sorted lists, and stable keys — no absolute paths, no run-specific timestamps — so they can be committed as golden fixtures and diffed across runs.

Primary contract files:

File Description
feature-registry.yaml Structured feature inventory with mechanically-extracted CLI, config/env, and artifact surface
cli-surface-contracts.txt CLI surface: commands, flags, help text, framework, language
docs-features.txt Features extracted from documentation (docs say vs code proves)
clone-metadata.json Upstream repo URL, pinned ref, resolved commit SHA, clone date

Example feature-registry.yaml structure:

schema_version: 1
product_name: cc-sdd
upstream_commit: "abc1234..."
features:
  - name: cli-entry
    cli:
      language: node
      bin:
        cc-sdd: dist/cli.js
      help_text: "Usage: cc-sdd [options] ..."
  - name: config-surface
    config_env:
      config_file: ".cc-sdd/config.json"
      env_vars:
        - name: CC_SDD_TOKEN
          evidence: ["src/config.ts"]

Note: Contract outputs are written by --mode=repo (or --mode=both). Binary-mode outputs (binary-analysis.md, binary-symbols.txt, etc.) remain directly under output_dir/.

Fixture Test Workflow

Golden fixtures allow regression detection: commit a known-good fixture snapshot (contract files alongside the pinned clone-metadata.json), then diff future runs against it.

Running Fixture Tests

bash skills/reverse-engineer-rpi/scripts/repo_fixture_test.sh

This script (implemented in ag-w77.3):

  1. Reads skills/reverse-engineer-rpi/fixtures/cc-sdd-v2.1.0/clone-metadata.json to determine the pinned upstream ref.
  2. Runs reverse_engineer_rpi.py in repo mode with that ref into a temp output dir.
  3. Diffs the generated outputs against the committed golden fixtures (feature-registry.yaml, cli-surface-contracts.txt, docs-features.txt).
  4. Exits 0 if they match; exits non-zero with a unified diff if they drift.

The test requires network access to clone the upstream repo.

Updating Fixtures

When contracts legitimately change (new flags, new env vars, schema bumps), update the golden fixtures:

# 1. Re-run with the pinned ref to generate fresh contracts
python3 skills/reverse-engineer-rpi/scripts/reverse_engineer_rpi.py cc-sdd \
  --mode=repo \
  --upstream-repo="https://github.com/gotalab/cc-sdd.git" \
  --upstream-ref=<new-tag-or-sha> \
  --output-dir=".tmp/cc-sdd-refresh/"

# 2. Copy contracts into the fixture directory
cp .tmp/cc-sdd-refresh/feature-registry.yaml \
  skills/reverse-engineer-rpi/fixtures/cc-sdd-v2.1.0/feature-registry.yaml

# 3. Update the pinned clone metadata
cp .tmp/cc-sdd-refresh/clone-metadata.json \
  skills/reverse-engineer-rpi/fixtures/cc-sdd-v2.1.0/clone-metadata.json

# 4. Commit the updated fixtures
git add skills/reverse-engineer-rpi/fixtures/cc-sdd-v2.1.0/
git commit -m "fix(reverse-engineer-rpi): update cc-sdd golden fixtures to <new-tag-or-sha>"

Fixture files that must be committed for the test to pass:

  • skills/reverse-engineer-rpi/fixtures/cc-sdd-v2.1.0/clone-metadata.json
  • skills/reverse-engineer-rpi/fixtures/cc-sdd-v2.1.0/feature-registry.yaml
  • skills/reverse-engineer-rpi/fixtures/cc-sdd-v2.1.0/cli-surface-contracts.txt
  • skills/reverse-engineer-rpi/fixtures/cc-sdd-v2.1.0/docs-features.txt

Script-Driven Workflow

Run:

python3 skills/reverse-engineer-rpi/scripts/reverse_engineer_rpi.py <product_name> --authorized [flags...]

This generates the required outputs under output_dir/ and (when applicable) .agents/council/ and .agents/learnings/.

Outputs (MUST be generated)

Core outputs under output_dir/:

  1. feature-inventory.md
  2. feature-registry.yaml
  3. validate-feature-registry.py
  4. feature-catalog.md
  5. spec-architecture.md
  6. spec-code-map.md
  7. spec-cli-surface.md (Node, Python, or Go CLI detected; otherwise a note is written to spec-code-map.md)
  8. spec-clone-vs-use.md
  9. spec-clone-mvp.md (original MVP spec; do not copy from target)
  10. clone-metadata.json (when --upstream-repo is used; records resolved commit SHA)

Binary-mode extras:

  • binary-analysis.md (best-effort summary)
  • binary-embedded-archives.md (index only; no dumps)

Repo-mode extras:

  • spec-artifact-surface.md (best-effort; template/manifest driven install surface)
  • artifact-registry.json (best-effort; hashed template inventory when manifests/templates exist)

If --security-audit, also create output_dir/security/:

  • threat-model.md
  • attack-surface.md
  • dataflow.md
  • crypto-review.md
  • authn-authz.md
  • findings.md
  • reproducibility.md
  • validate-security-audit.sh

Self-Test (Acceptance Criteria)

End-to-end fixture (safe, owned demo binary with embedded ZIP):

bash skills/reverse-engineer-rpi/scripts/self_test.sh

This must show:

  • feature inventory generated
  • registry generated
  • registry validator exits 0
  • in security mode: validate-security-audit.sh exits 0 and secret scan passes

Examples

Scenario: Reverse-Engineer an Open-Source CLI in Repo Mode

User says: /reverse-engineer-rpi cc-sdd --mode=repo --upstream-repo="https://github.com/gotalab/cc-sdd.git" --upstream-ref=v1.0.0

What happens:

  1. The script shallow-clones the upstream repo at the pinned tag v1.0.0 and records the resolved SHA in clone-metadata.json.
  2. It scans the repo for CLI entry points, config/env surface, schema files, and artifact manifests, then writes feature-inventory.md, feature-registry.yaml, contract JSON, and all spec files under the output directory.

Result: A complete feature catalog and machine-checkable feature-registry.yaml are generated under .agents/research/cc-sdd/, ready for golden-fixture diffing.

Scenario: Binary Analysis With Security Audit

User says: /reverse-engineer-rpi ao --authorized --mode=binary --binary-path="$(command -v ao)" --security-audit

What happens:

  1. The script runs static analysis on the ao binary (file metadata, linked libraries, embedded archive signatures) and writes binary-analysis.md and binary-embedded-archives.md.
  2. It generates the full security audit suite (threat-model.md, attack-surface.md, findings.md, etc.) under output_dir/security/ and runs the secret-scan gate over all outputs.

Result: Binary analysis artifacts plus a validated security audit are produced; validate-security-audit.sh exits 0 confirming all security deliverables are present and secrets-clean.

Troubleshooting

Problem Cause Solution
Script refuses to run binary analysis Missing --authorized flag Add --authorized to confirm you have explicit written authorization to analyze the binary.
clone-metadata.json not generated --upstream-repo was not provided Pass --upstream-repo (and optionally --upstream-ref) to enable clone metadata tracking.
Fixture test diff fails unexpectedly Upstream repo changed or golden fixtures are stale Re-run with the pinned ref, copy fresh contracts into fixtures/, and commit the updated golden files (see Updating Fixtures).
spec-cli-surface.md not generated No recognized CLI framework (Node/Python/Go) detected in the repo Check that the target repo has a discoverable CLI entry point; otherwise the CLI surface is documented in spec-code-map.md instead.
Network error during repo clone Firewall, VPN, or GitHub rate limit blocking the shallow clone Verify network connectivity, authenticate with gh auth login if the repo is private, or use --local-clone-dir to point at a pre-cloned directory.

List & Monetize Your Skill

Submit your Claude Code skill and start earning

Get started →

Use Cases

User Story & Requirements Generation

Create detailed user stories, acceptance criteria, and feature specs

Example

Generate user stories for 'password reset feature' with acceptance criteria, edge cases, and test scenarios

Reduce spec writing time by 50%, ensure comprehensive coverage

Competitive Analysis

Research competitors, compare features, identify gaps

Example

Analyze 5 competitor products, create feature comparison matrix, suggest differentiation opportunities

Complete competitive research in 2 hours instead of 2 days

Roadmap Prioritization

Evaluate features using frameworks (RICE, ICE, Kano) and create prioritized backlogs

Example

Score 20 feature ideas using RICE framework, generate prioritized roadmap with rationale

Make data-driven prioritization decisions faster

Stakeholder Communication

Draft PRDs, status updates, and stakeholder presentations

Example

Create executive summary of Q3 roadmap, monthly progress report, feature launch announcement

Save 3-5 hours/week on communication overhead

Implementation Guide

Prerequisites

  • Claude Desktop or compatible AI client
  • Access to product documentation and roadmap tools (Jira, Notion, etc.)
  • Understanding of product management frameworks (RICE, Jobs-to-be-Done, etc.)
  • Stakeholder contact information and communication channels

Time Estimate

30-60 minutes to see productivity improvements

Steps

  1. 1Install product management skill
  2. 2Start with user story generation for known feature
  3. 3Progress to competitive analysis: research 2-3 competitors
  4. 4Use for roadmap prioritization: apply RICE/ICE scoring
  5. 5Draft stakeholder communications and refine based on feedback
  6. 6Build template library for recurring PM tasks
  7. 7Share effective prompts with product team

Common Pitfalls

  • Not validating competitive research—verify facts before sharing
  • Accepting user stories without involving engineering team
  • Over-relying on frameworks without qualitative judgment
  • Not customizing outputs to company culture and communication style
  • Skipping stakeholder validation of generated requirements

Best Practices

✓ Do

  • +Validate research and competitive analysis with real data
  • +Collaborate with engineering when generating technical requirements
  • +Customize frameworks and templates to your company context
  • +Use skill for first drafts, refine with stakeholder input
  • +Document successful prompt patterns for PM tasks
  • +Combine AI efficiency with human judgment and intuition

✗ Don't

  • Don't publish competitive analysis without fact-checking
  • Don't finalize user stories without engineering review
  • Don't make prioritization decisions solely on AI scoring
  • Don't skip customer validation of generated requirements
  • Don't ignore company-specific context and culture

💡 Pro Tips

  • Provide context: company goals, constraints, customer feedback
  • Ask for alternatives: 'Show 3 ways to prioritize this roadmap'
  • Request stakeholder-specific formatting: 'Executive summary vs. engineering spec'
  • Use skill for 70% generation + 30% customization to company needs

When to Use This

✓ Use when

Use for user story writing, competitive research, roadmap prioritization, stakeholder communication, and PRD drafting. Best for reducing repetitive documentation and research work.

✗ Avoid when

Avoid for strategic product vision (requires deep customer empathy), pricing decisions (needs market and financial expertise), or when face-to-face customer discovery is more valuable than speed.

Learning Path

  1. 1Basic: user stories, feature specs, status updates
  2. 2Intermediate: competitive analysis, prioritization frameworks, PRDs
  3. 3Advanced: product strategy, go-to-market planning, OKR setting
  4. 4Expert: product vision, market positioning, business model innovation

Related Skills

grill-me

388

mattpocock/skills

Productivitysame category

premortem

197

parcadei/continuous-claude-v3

Productivitysame category

deslop

118

cursor/plugins

Productivitysame category

framer-motion

99

pproenca/dot-skills

Productivitysame category

write-a-prd

91

mattpocock/skills

Productivitysame category

travel-planner

90

ailabs-393/ai-labs-claude-skills

Productivitysame category

Reviews

4.644 reviews
  • N
    Neel LiDec 24, 2024

    Registry listing for reverse-engineer-rpi matched our evaluation — installs cleanly and behaves as described in the markdown.

  • S
    Shikha MishraDec 20, 2024

    Useful defaults in reverse-engineer-rpi — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.

  • H
    Henry MenonDec 16, 2024

    reverse-engineer-rpi has been reliable in day-to-day use. Documentation quality is above average for community skills.

  • Y
    Yash ThakkerNov 11, 2024

    reverse-engineer-rpi has been reliable in day-to-day use. Documentation quality is above average for community skills.

  • F
    Fatima MensahNov 7, 2024

    Useful defaults in reverse-engineer-rpi — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.

  • F
    Fatima KimOct 26, 2024

    I recommend reverse-engineer-rpi for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

  • D
    Dhruvi JainOct 2, 2024

    Solid pick for teams standardizing on skills: reverse-engineer-rpi is focused, and the summary matches what you get after install.

  • O
    OshnikdeepSep 21, 2024

    We added reverse-engineer-rpi from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.

  • J
    James AndersonSep 17, 2024

    Keeps context tight: reverse-engineer-rpi is the kind of skill you can hand to a new teammate without a long onboarding doc.

  • C
    Chinedu PatelSep 9, 2024

    reverse-engineer-rpi fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.

showing 1-10 of 44

1 / 5

Discussion

Comments — not star reviews
  • No comments yet — start the thread.