Chapter 11 · Hospital

21 doctors. 5 wings. One ward round.

Every doctor here either wraps an existing best-in-class tool (so we don't reinvent) or composes several into a single, stack-aware sweep. Pipe any of them through /ll-no-bluf and ship the fix as a verified PR.

Meta commands → Install in 30s Browse all skills

Frontend

React, Next, React Native, Svelte, SvelteKit, Vue, Solid, Astro.

/ll-doctor Dispatcher — detects framework, routes to the right doctor.
/ll-react-doctor Wraps npx react-doctor@latest (real package, by millionco).
/ll-svelte-doctor Wraps svelte-doctor-cli or svelte-doctor (both real packages).

Backend

Node, Java (Vert.x, Spring), Python (Django, FastAPI), Ruby (Rails), Go, Rust, PHP, .NET, Elixir.

/ll-backend-doctor Dispatcher — detects backend stack, routes.
/ll-node-doctor Wraps node-doctor + npm audit + eslint.
/ll-vertx-doctor Vert.x event-loop blocking + codec misuse heuristic.
/ll-spring-doctor Spring Boot n+1 + actuator + transactional gaps.
/ll-django-doctor Django manage.py check + bandit + heuristic.
/ll-fastapi-doctor FastAPI async blocking + DI + response leak checks.
/ll-rails-doctor Wraps rails-doctor + brakeman + bundler-audit.
/ll-go-doctor golangci-lint + gosec + govulncheck + goroutine-leak heuristic.
/ll-rust-doctor Wraps rust-doctor + clippy + cargo audit + cargo deny.
/ll-php-doctor PHP / Laravel / Symfony — psalm, phpstan, composer audit.
/ll-dotnet-doctor ASP.NET Core — dotnet format/outdated/Roslyn.
/ll-elixir-doctor Phoenix / Elixir — credo, sobelow, mix audit, dialyxir.

Infrastructure

Docker, Kubernetes, Terraform / OpenTofu.

/ll-docker-doctor hadolint + trivy + dockle + dive.
/ll-k8s-doctor kube-linter + kubeval + polaris + trivy k8s (incl. node kernel CVE flagging).
/ll-terraform-doctor tflint + tfsec + checkov + drift heuristic.

Data

Postgres, MongoDB.

/ll-postgres-doctor sqlfluff + pg_stat_statements + missing-index detector.
/ll-mongo-doctor Profile collection analysis + index audit + schema drift.

Preventive medicine

Defense-only. No exploit generation.

/ll-cve-doctor Host + lockfiles + k8s nodes cross-referenced against NVD / OSV / GitHub Advisories. Read-only remediation plan.

The meta-commands.

Don't know where to start? These four route you.

/ll-hospital Runs every applicable wing in parallel. The full ward round.
/ll-prescribe Reads your repo + recent activity, prints which doctors to run, in what order.
/ll-er Emergency room: critical-only triage under 5 minutes. No flags, no options.
/ll-icu Production-down recovery loop. sec + perf + heal + zen until green.

What gets wrapped vs heuristic.

Every doctor page is explicit about which upstream packages it wraps and which checks come from Luna's own heuristic layer. We never invent a wrapped tool that doesn't exist. Three real <stack>-doctor packages exist on npm today (node-doctor, rails-doctor, rust-doctor); the rest of our doctors compose existing best-in-class linters / scanners / analyzers.

Defense only.

/ll-cve-doctor inventories your host, dependencies, and (optionally) Kubernetes node kernels, then cross-references against published CVE feeds (NVD, OSV, GitHub Advisories) to produce a remediation plan. It does not generate, fetch, or store exploit code. For example, if your uname -r falls in the range affected by a current kernel CVE (e.g. CVE-2026-31431 "Copy Fail"), the doctor emits the upgrade target and the vendor advisory link — and nothing more.

Compose with /ll-no-bluf, /ll-readme-sync, and /ll-pr for a fully audited fix-PR flow.