Inspired by obra/superpowers
A collection of composable skills for Qwen Code that enforce structured software development workflows.
Qwen Superpowers is a set of mandatory workflows that guide Qwen Code through disciplined software development practices. Instead of jumping straight into coding, the agent follows a structured process:
- Clarifies requirements through brainstorming and questions
- Presents design in small, reviewable sections
- Creates detailed implementation plans with specific tasks
- Executes via subagents with built-in code review
- Follows TDD (Red-Green-Refactor) for all implementations
- Verifies and cleans up before declaring completion
# Install from npm registry
npm install -g superpowers-qwen# Install directly from GitHub
npm install -g github:ni032mas/superpowers-qwen# Clone and install locally
git clone git@github.com:ni032mas/superpowers-qwen.git
cd superpowers-qwen
npm install -g .After installation, the skills are automatically copied to ~/.qwen/skills/.
To verify, ask Qwen Code:
/skills brainstorming
Or use explicit commands:
use brainstorming skill to help me plan a feature
/skills brainstorming - I want to add user authentication to my app
/skills writing-plans - Help me plan the database migration feature
/skills executing-plans - Let's implement the login form
/skills test-driven-development - Write tests for the user service
/skills requesting-code-review - Review my changes in src/auth.ts
/skills systematic-debugging - The app crashes when logging in
/skills finishing-a-development-branch - I'm done with the feature
Note: Due to npm limitations, uninstall requires two steps:
# Step 1: Remove skills from ~/.qwen/skills/
superpowers-qwen-cleanup
# Step 2: Remove the npm package
npm uninstall -g superpowers-qwenOr use the interactive uninstaller:
superpowers-qwen-uninstall
npm uninstall -g superpowers-qwenIf you already removed the package, cleanup skills manually:
superpowers-qwen-cleanupOr remove manually:
# Windows
rmdir /s /q %USERPROFILE%\.qwen\skills\brainstorming
rmdir /s /q %USERPROFILE%\.qwen\skills\executing-plans
# ... repeat for each skill
# macOS/Linux
rm -rf ~/.qwen/skills/brainstorming
rm -rf ~/.qwen/skills/executing-plans
# ... repeat for each skill| Skill | Description |
|---|---|
brainstorming |
Clarifies ideas through questions before coding |
writing-plans |
Breaks work into 2-5 minute tasks with exact paths |
executing-plans |
Executes planned tasks systematically |
subagent-driven-development |
Delegates tasks to subagents with 2-stage review |
test-driven-development |
RED-GREEN-REFACTOR cycle for all code |
systematic-debugging |
4-phase root cause analysis |
requesting-code-review |
Reviews work against the plan |
finishing-a-development-branch |
Verifies, commits, and cleans up |
When you ask Qwen Code to implement a feature without skills, here's what typically happens:
User: "Add user authentication to my app"
AI: *immediately starts writing code*
- Creates auth.service.ts with login/register methods
- Adds JWT token generation
- Writes password hashing
- Creates middleware for protected routes
*No tests written*
*No discussion about edge cases*
*No consideration for existing codebase patterns*
*No error handling strategy*
*No documentation*
Result:
- Code works for happy path only
- No tests to catch regressions
- Missing error handling for invalid tokens
- Password validation rules unclear
- No rate limiting for brute force protection
- Technical debt accumulates
Common issues:
- π« Code without tests β bugs slip through
- π« No requirements clarification β wrong features built
- π« Skipping design discussions β poor architecture
- π« No code review β inconsistent patterns
- π« No cleanup β technical debt
With Qwen Superpowers, the same request follows a disciplined process:
User: "/skills brainstorming - Add user authentication to my app"
AI (Brainstorming Skill):
"Before we start, let me clarify some requirements:
1. What authentication method do you prefer?
- JWT tokens
- Session-based
- OAuth (Google, GitHub, etc.)
2. What user fields do you need?
- Email/password only?
- Phone number?
- Social profiles?
3. Security requirements:
- Password complexity rules?
- Rate limiting?
- 2FA support?
4. Integration needs:
- Existing user database?
- Email verification?
- Password reset flow?"
*After clarification:*
AI (Writing Plans Skill):
"Here's the implementation plan:
Phase 1: Database Schema (5 min)
- Create users table migration
- Add indexes on email/username
Phase 2: Core Authentication (15 min)
- User entity with validation
- Password hashing service (bcrypt)
- JWT token service
Phase 3: API Endpoints (20 min)
- POST /auth/register
- POST /auth/login
- POST /auth/refresh
- POST /auth/logout
Phase 4: Security (10 min)
- Rate limiting middleware
- Password strength validator
- Token blacklist for logout
Phase 5: Testing (25 min)
- Unit tests for services
- Integration tests for endpoints
- Security tests (invalid tokens, etc.)"
*After plan approval:*
AI (TDD Skill):
"Starting with tests first:
1. Writing test for password hashing
2. Writing test for token generation
3. Writing test for login endpoint
4. Running tests (RED phase)
5. Implementing code to pass tests (GREEN phase)
6. Refactoring for clarity"
*After implementation:*
AI (Code Review Skill):
"Code review complete:
β
All tests passing (42/42)
β
Coverage: 95%
β
Follows project patterns
β οΈ Suggestion: Add timeout for token refresh
β
Error handling comprehensive"
AI (Finishing Branch Skill):
"Feature complete:
β
All tasks done
β
Tests passing
β
Code reviewed
β
Temporary files cleaned
β
Ready to commit"
Benefits:
- β Requirements clarified upfront β right features built
- β Tests written first β fewer bugs
- β Design reviewed β better architecture
- β Code reviewed β consistent quality
- β Cleanup included β no technical debt
Purpose: Prevent building the wrong thing by clarifying requirements first.
When to use: Starting any new feature, fixing complex bugs, architectural decisions.
Example:
/skills brainstorming - Add real-time notifications
AI will ask:
- What notification types? (push, email, in-app)
- What triggers notifications?
- User preferences/subscription management?
- Delivery guarantees (at-least-once, exactly-once)?
- Third-party services (Firebase, OneSignal)?
Purpose: Break complex work into manageable, reviewable tasks.
When to use: After brainstorming, before any implementation.
Example:
/skills writing-plans - Implement file upload with S3
Output:
β‘ Task 1: Add AWS SDK dependency (2 min)
β‘ Task 2: Create upload service with presigned URLs (10 min)
β‘ Task 3: Add file validation (size, type) (5 min)
β‘ Task 4: Create upload endpoint (8 min)
β‘ Task 5: Write integration tests (15 min)
β‘ Task 6: Add progress tracking (optional) (10 min)
Purpose: Systematic implementation without skipping steps.
When to use: After plan is approved by user.
Example:
/skills executing-plans - Implement the upload plan
AI will:
1. Work through tasks in order
2. Report progress after each task
3. Ask for clarification if blocked
4. Never skip tasks without approval
Purpose: Leverage multiple AI agents for complex tasks with built-in review.
When to use: Large features, refactoring, performance optimization.
Example:
/skills subagent-driven-development - Refactor auth module
Process:
1. Agent A: Implements new auth flow
2. Agent B: Reviews implementation
3. Agent A: Addresses review comments
4. Final review before completion
Purpose: Ensure code quality by writing tests BEFORE implementation.
When to use: All new features, bug fixes, refactoring.
Example:
/skills test-driven-development - Add password reset
RED Phase:
β Test: Should send reset email
β Test: Should validate token expiry
β Test: Should hash new password
GREEN Phase:
β
Implement sendResetEmail()
β
Implement validateToken()
β
Implement resetPassword()
REFACTOR Phase:
- Clean up duplicate code
- Improve error messages
- Add type hints
Purpose: Find root causes, not just symptoms.
When to use: Crashes, intermittent failures, performance issues.
Example:
/skills systematic-debugging - API returns 500 randomly
4-Phase Analysis:
1. Reproduce: Under what conditions does it fail?
2. Instrument: Add logging, metrics, tracing
3. Hypothesize: Database connections? Memory leaks?
4. Test: Confirm or reject each hypothesis
Result: Found connection pool exhaustion under load
Purpose: Ensure code meets standards before merging.
When to use: After implementation, before commit/merge.
Example:
/skills requesting-code-review - Review auth implementation
Review Checklist:
β‘ Follows project style guide
β‘ All tests passing
β‘ Error handling complete
β‘ Security considerations addressed
β‘ Documentation updated
β‘ No hardcoded values
β‘ Logging appropriate
Purpose: Clean completion with no loose ends.
When to use: Feature complete, ready to merge.
Example:
/skills finishing-a-development-branch
Verification:
β
All tests passing
β
Code reviewed and approved
β
No console.log() or debug code
β
No temporary files
β
Documentation updated
β
Commit message follows conventions
Ready to merge!
# If installed via npm
npm update -g superpowers-qwen
# If installed from GitHub
npm update -g github:ni032mas/superpowers-qwen
# If installed locally (Git)
cd superpowers-qwen
git pull
npm install -g .Then restart Qwen Code.
- Node.js >= 18.0.0
- Qwen Code CLI
- npm or yarn
- β TDD First β tests always before implementation
- β Systematic over ad-hoc approaches
- β Simplicity as the primary goal
- β Evidence over assertions
- β Review before completion
- Development Guide - How to develop and contribute skills
- Testing Guide - How to test the package
- Qwen Superpowers Context - Full project documentation
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes using Conventional Commits
- Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- obra/superpowers - The original inspiration for this workflow
Made with β€οΈ for the Qwen Code community