AI IDE Fundamentals: Agents, Commands, Skills, Rules, Context, and Workflows Explained
Modern AI-powered IDEs like Kilo Code, Cursor, Windsurf, and GitHub Copilot have introduced a new vocabulary: agents, skills, rules, contexts, and workflows. But what do these terms actually mean, and how do you use them effectively?
In this comprehensive guide, we’ll break down each concept with practical examples, showing you how to leverage these features to supercharge your development workflow.
The AI IDE Architecture
Before diving into individual concepts, let’s understand how they fit together:
┌─────────────────────────────────────────────────────────────────┐
│ AI IDE Architecture │
│ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ YOU (Developer) │ │
│ └─────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ WORKFLOWS │ │
│ │ (Structured development processes) │ │
│ └─────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ┌────────────┼────────────┐ │
│ │ │ │ │
│ ▼ ▼ ▼ │
│ ┌─────────────┐ ┌──────────┐ ┌─────────────┐ │
│ │ AGENTS │ │ COMMANDS │ │ SKILLS │ │
│ │ (Who does │ │ (What to │ │ (Specialized│ │
│ │ the work) │ │ do) │ │ expertise) │ │
│ └──────┬──────┘ └────┬─────┘ └──────┬──────┘ │
│ │ │ │ │
│ └─────────────┼───────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ RULES │ │
│ │ (How the AI should behave) │ │
│ └─────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ CONTEXT │ │
│ │ (What the AI knows about your code) │ │
│ └─────────────────────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────┘
Think of it like a development team:
- Agents = Your team members (who does the work)
- Commands = Tasks you assign (what to do)
- Skills = Specialized expertise (what they’re good at)
- Rules = Team guidelines (how to work)
- Context = Project knowledge (what they know)
- Workflows = Development processes (how work gets done)
Now let’s explore each concept in detail.
1. Agents: Your AI Team Members
What Are Agents?
Agents are autonomous AI personas that execute tasks on your behalf. Unlike simple chatbots that just respond to questions, agents can:
- Read and modify files
- Run terminal commands
- Execute tests
- Debug errors
- Make decisions autonomously
Agent Types
Different agents specialize in different tasks:
| Agent Type | Purpose | Best For |
|---|---|---|
| Code Agent | Write and modify code | Implementing features, refactoring |
| Debug Agent | Analyze and fix errors | Troubleshooting failures |
| Test Agent | Write and run tests | Creating test suites |
| Review Agent | Code review and quality | Security audits, best practices |
| Architect Agent | Design and planning | System design, API contracts |
| Docs Agent | Documentation | Writing README, API docs |
How Agents Work
┌─────────────────────────────────────────────────────────────────┐
│ Agent Execution Flow │
│ │
│ 1. YOU ASSIGN TASK │
│ "Build a user authentication API" │
│ │ │
│ ▼ │
│ 2. AGENT PLANS │
│ ┌─────────────────────────────────────────────────────┐ │
│ │ • Create User model │ │
│ │ • Add login endpoint │ │
│ │ • Implement JWT token generation │ │
│ │ • Write tests │ │
│ └─────────────────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ 3. AGENT EXECUTES (Autonomously) │
│ ┌─────────────────────────────────────────────────────┐ │
│ │ ✓ Read existing codebase │ │
│ │ ✓ Create src/models/User.ts │ │
│ │ ✓ Create src/routes/auth.ts │ │
│ │ ✓ Run tests │ │
│ │ ✓ Fix failing tests │ │
│ └─────────────────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ 4. AGENT REPORTS RESULTS │
│ "Authentication API complete. All tests passing." │
│ │
└─────────────────────────────────────────────────────────────────┘
Using Agents: Practical Examples
Example 1: Code Agent for Feature Implementation
/agent code
"Implement a password reset feature with email verification"
The agent will:
1. Create PasswordReset model
2. Add /forgot-password endpoint
3. Add /reset-password endpoint
4. Create email template
5. Write tests
Example 2: Debug Agent for Troubleshooting
/agent debug
"The login endpoint is returning 500 errors in production"
The agent will:
1. Read error logs
2. Analyze the login code
3. Identify the root cause
4. Propose and apply a fix
5. Verify the fix works
Example 3: Review Agent for Code Quality
/agent review
"Review this PR for security issues"
The agent will:
1. Analyze changed files
2. Check for common vulnerabilities
3. Verify authentication/authorization
4. Report findings with recommendations
Best Practices for Agents
✅ DO:
- Give clear, specific tasks
- Let agents work autonomously
- Review their work before committing
- Use specialized agents for specialized tasks
❌ DON’T:
- Micromanage every step
- Give vague instructions like “fix stuff”
- Accept changes without review
- Use a code agent for security reviews
2. Commands: Your AI Task Interface
What Are Commands?
Commands are structured instructions that tell the AI what to do. They’re more specific than natural language requests and often trigger predefined workflows.
Command Categories
Action Commands
Tell the AI to perform specific actions:
/create Create a new file
/edit Modify existing code
/delete Remove files or code
/run Execute a command
/test Run tests
/deploy Deploy to environment
Query Commands
Ask the AI to find or explain something:
/find Search the codebase
/explain Explain how something works
/why Explain why something failed
/summary Summarize changes
Workflow Commands
Trigger multi-step processes:
/refactor Refactor code
/migrate Run migrations
/generate Generate code from templates
/document Create documentation
Using Commands: Practical Examples
Example 1: Creating Files
/create src/services/email-service.ts
"Create an email service with SendGrid integration"
Result:
✓ File created
✓ SendGrid client configured
✓ Methods: sendWelcome, sendPasswordReset, sendNotification
✓ Tests included
Example 2: Editing Code
/edit src/controllers/user-controller.ts
"Add rate limiting to the createUser function"
Result:
✓ rateLimit middleware imported
✓ Applied to createUser route
✓ Configuration: 100 requests per 15 minutes
Example 3: Running Tests
/test src/services/auth-service.test.ts
Result:
✓ Running 23 tests...
✓ 23 passed, 0 failed
✓ Coverage: 94%
Command Syntax
Most AI IDEs support flexible command syntax:
# Full command
/create file.ts "description"
# Shorthand
/c file.ts "description"
# Natural language with command trigger
"Create a file called file.ts that does X"
Best Practices for Commands
✅ DO:
- Use specific commands for specific tasks
- Include file paths when relevant
- Provide clear descriptions
- Chain commands for complex tasks
❌ DON’T:
- Use vague commands like “fix this”
- Forget to specify which files
- Mix multiple unrelated tasks in one command
- Skip verification after commands
3. Skills: Specialized AI Expertise
What Are Skills?
Skills are modular knowledge packages that provide specialized expertise to AI agents. Think of them as “expertise modules” your AI can load when needed.
Why Skills Matter
Without skills, the AI is a generalist—it knows a little about everything but isn’t an expert in anything. Skills add domain-specific knowledge:
┌─────────────────────────────────────────────────────────────────┐
│ AI Knowledge Levels │
│ │
│ General AI (No Skills) │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ • Knows programming basics │ │
│ │ • Understands common patterns │ │
│ │ • No project-specific knowledge │ │
│ │ • No domain expertise │ │
│ └─────────────────────────────────────────────────────────┘ │
│ │
│ AI + Skills │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ • All general knowledge │ │
│ │ • + Docker expertise (docker-expert skill) │ │
│ │ • + Security best practices (security-auditor skill) │ │
│ │ • + Your project conventions (project-rules skill) │ │
│ │ • + API design patterns (api-designer skill) │ │
│ └─────────────────────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────┘
Built-in Skills Examples
| Skill | Purpose | When to Use |
|---|---|---|
docker-expert |
Containerization | Building Dockerfiles, debugging containers |
kubernetes-guru |
K8s manifests | Deploying to Kubernetes |
security-auditor |
Security review | Pre-deployment security checks |
performance-optimizer |
Code optimization | Improving application performance |
api-designer |
REST/GraphQL API design | Creating new API endpoints |
test-engineer |
Test generation | Writing comprehensive test suites |
database-expert |
SQL/NoSQL optimization | Query optimization, schema design |
Creating Custom Skills
Skills are typically defined in Markdown files:
# Skill: React Performance Expert
## Expertise
- React rendering optimization
- Memoization strategies (useMemo, useCallback)
- Virtual scrolling for large lists
- Code splitting and lazy loading
## Rules
- Always check for unnecessary re-renders first
- Suggest React DevTools Profiler for analysis
- Prefer composition over complex memoization
## Tools
- React DevTools Profiler
- why-did-you-render library
- Lighthouse performance metrics
## Examples
### Before (Slow)
```tsx
function UserList({ users }) {
return (
<div>
{users.map(user => (
<UserCard key={user.id} user={user} />
))}
</div>
);
}
After (Optimized)
function UserList({ users }) {
const memoizedUsers = useMemo(() => users, [users]);
return (
<div>
{memoizedUsers.map(user => (
<UserCard key={user.id} user={user} />
))}
</div>
);
}
Using Skills
Explicit Skill Activation:
/with-skill docker-expert
"Help me optimize this Dockerfile"
The AI will apply Docker-specific expertise:
- Multi-stage builds
- Layer caching optimization
- Security best practices
- Image size reduction
Automatic Skill Loading:
Some IDEs automatically load relevant skills:
You: "Optimize this SQL query"
AI: [Automatically loads database-expert skill]
Best Practices for Skills
✅ DO:
- Create skills for your team’s conventions
- Use skills for specialized tasks
- Keep skills focused and specific
- Update skills as best practices evolve
❌ DON’T:
- Create overly broad skills
- Duplicate built-in skills
- Forget to test skill effectiveness
- Let skills become outdated
4. Rules: Persistent AI Instructions
What Are Rules?
Rules are persistent instructions that tell the AI how to behave. Instead of repeating “use TypeScript, not JavaScript” in every conversation, you define it once in a rules file.
Rules Hierarchy
Rules are typically organized hierarchically:
┌─────────────────────────────────────────────────────────────────┐
│ Rules Inheritance │
│ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ Global Rules (~/.ai-rules.md) │ │
│ │ • Apply to all projects │ │
│ │ • Personal preferences │ │
│ └─────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ Project Rules (.kilocode/rules.md) │ │
│ │ • Team conventions │ │
│ │ • Project-specific patterns │ │
│ └─────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ Language Rules (.kilocode/rules/typescript.md) │ │
│ │ • Language-specific conventions │ │
│ │ • Framework patterns │ │
│ └─────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ File Rules (inline comments) │ │
│ │ • File-specific instructions │ │
│ │ • One-off overrides │ │
│ └─────────────────────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────┘
Writing Effective Rules
Good Rules:
# Coding Standards
## TypeScript
- Always use strict mode
- Prefer interfaces over types for objects
- Use explicit return types for functions
- Avoid `any` - use `unknown` if necessary
## Testing
- Write tests for all new features
- Use Jest for unit tests
- Minimum 80% code coverage
- Mock external dependencies
## Security
- Never commit API keys or secrets
- Validate all user inputs
- Use parameterized queries for SQL
- Implement rate limiting on APIs
Bad Rules (Too Vague):
# Bad Rules
- Write good code
- Follow best practices
- Make it secure
- Keep it clean
Rules File Structure
Example: .kilocode/rules.md
# Project Rules
## Code Style
- 2-space indentation
- Single quotes for strings
- Semicolons required
- Max line length: 100 characters
## Architecture
- Follow Clean Architecture principles
- Services in `src/services/`
- Controllers in `src/controllers/`
- Models in `src/models/`
## Testing
- Co-locate tests with source files
- Use `.test.ts` suffix
- Mock external APIs
- Test edge cases
## Documentation
- JSDoc for all public functions
- README for all modules
- Update CHANGELOG.md
Using Rules
Rules are automatically applied—you don’t need to activate them:
You: "Create a user service"
AI (following rules):
✓ Creates src/services/user-service.ts
✓ Uses TypeScript with strict mode
✓ Adds JSDoc comments
✓ Includes tests
✓ Follows Clean Architecture
Best Practices for Rules
✅ DO:
- Start with 5-10 essential rules
- Be specific and actionable
- Make rules enforceable
- Review and update regularly
❌ DON’T:
- Write vague rules like “write good code”
- Create too many rules (overwhelming)
- Forget to enforce rules manually at first
- Let rules become outdated
5. Context: What the AI Knows
What Is Context?
Context is the information the AI has access to when generating responses. Better context = better responses.
Context Types
| Context Type | Description | How to Provide |
|---|---|---|
| File Context | Currently open file | Open the file |
| Selection Context | Highlighted code | Select before asking |
| Tab Context | All open tabs | Keep relevant files open |
| Codebase Context | Entire project | Via indexing/embeddings |
| Documentation Context | External docs | Reference with @docs |
| Conversation Context | Chat history | Maintained automatically |
| Terminal Context | Recent output | Integrated in some IDEs |
Context Mechanisms
1. File and Selection Context
The most basic context. Simply:
- Open relevant files
- Select code you’re asking about
You: [Selects a function]
"Refactor this to be more readable"
AI: [Can see the selected code]
2. Codebase Indexing
Advanced IDEs index your entire codebase for semantic search:
┌──────────────────┐
│ Your Codebase │
│ (500K+ lines) │
└────────┬─────────┘
│
▼
┌──────────────────┐
│ Code Indexer │
│ (Embeddings) │
└────────┬─────────┘
│
▼
┌──────────────────┐
│ Vector DB │
│ (Qdrant) │
└────────┬─────────┘
│
▼
┌──────────────────┐
│ Semantic Search │
│ (Relevant code) │
└────────┬─────────┘
│
▼
┌──────────────────┐
│ AI Agent │
│ (with context) │
└──────────────────┘
3. Explicit Context References
Reference specific files or documentation:
@src/auth/jwt.ts How do I add refresh tokens here?
@docs/react-hooks What's the best pattern for custom hooks?
@tests Compare with existing test patterns
Context Window Management
Different IDEs have different context limits:
| IDE | Context Window | Optimization |
|---|---|---|
| Kilo Code | Up to 1M tokens | Semantic retrieval |
| Cursor | ~100K tokens | Smart chunking |
| Windsurf | ~100K tokens | Cascade context |
| VS Code + Copilot | ~10K tokens | File-based only |
Best Practices for Context
✅ DO:
- Keep relevant files open
- Use @ references for specific files
- Clean your workspace (close unrelated files)
- Index your codebase for semantic search
- Reference errors with full messages
❌ DON’T:
- Expect AI to know closed files
- Reference files without opening or @ mentioning
- Keep dozens of tabs open (confuses context)
- Assume AI knows external dependencies
6. Workflows: Structured AI Development
What Are Workflows?
Workflows are structured sequences of AI-assisted steps to complete complex tasks. They transform ad-hoc AI usage into repeatable processes.
Common Workflow Patterns
1. Spec-Driven Development
┌───────────────────────────────────────────────────┐
│ Spec-Driven Development Workflow │
│ │
│ 1. Define Requirements │
│ │ │
│ ▼ │
│ 2. AI Creates Specification │
│ │ │
│ ▼ │
│ 3. Review & Approve Spec │
│ │ │
│ ▼ │
│ 4. AI Implements Code │
│ │ │
│ ▼ │
│ 5. AI Writes Tests │
│ │ │
│ ▼ │
│ 6. Run Tests │
│ │ │
│ ├── Pass ──> Merge │
│ │ │
│ └── Fail ──> AI Debugs ──> Back to Step 4 │
│ │
└───────────────────────────────────────────────────┘
Example:
/spec "Build user authentication API with JWT"
AI: Creates specification document
You: Review and approve
/implement
AI: Implements code following spec
AI: Writes tests
Tests: Pass ✅
2. Test-Driven Development with AI
┌────────────────────────────────────────────┐
│ AI-Assisted TDD Workflow │
│ │
│ 1. Describe Feature │
│ │ │
│ ▼ │
│ 2. AI Writes Test │
│ │ │
│ ▼ │
│ 3. Run Test (Fails) │
│ │ │
│ ▼ │
│ 4. AI Implements Code │
│ │ │
│ ▼ │
│ 5. Run Test (Passes) │
│ │ │
│ ▼ │
│ 6. AI Refactors │
│ │ │
│ ▼ │
│ 7. Commit │
│ │
└────────────────────────────────────────────┘
Example:
You: "I need a function that validates email addresses"
AI: I'll write a test first:
```typescript
describe('validateEmail', () => {
it('should accept valid emails', () => {
expect(validateEmail('test@example.com')).toBe(true);
});
it('should reject invalid emails', () => {
expect(validateEmail('invalid')).toBe(false);
});
});
3. Refactoring Workflow
┌───────────────────────────────────────────────────┐
│ AI-Assisted Refactoring Workflow │
│ │
│ 1. Identify Code Smell │
│ │ │
│ ▼ │
│ 2. AI Analyzes │
│ │ │
│ ▼ │
│ 3. AI Proposes Refactoring Plan │
│ │ │
│ ▼ │
│ 4. Review Plan │
│ │ │
│ ├── Revise ──> Back to Step 3 │
│ │ │
│ └── Approve │
│ │ │
│ ▼ │
│ 5. AI Creates Branch │
│ │ │
│ ▼ │
│ 6. AI Applies Changes │
│ │ │
│ ▼ │
│ 7. Run Tests │
│ │ │
│ ├── Pass ──> Create PR │
│ │ │
│ └── Fail ──> AI Fixes ──> Back to Step 6 │
│ │
└───────────────────────────────────────────────────┘
4. Debugging Workflow
1. AI reads error message
2. AI analyzes stack trace
3. AI searches codebase for related code
4. AI identifies potential causes
5. AI proposes fixes
6. AI applies fix and re-runs
7. AI documents the issue
Example:
/debug "Getting TypeError: Cannot read property 'id' of undefined"
AI: Analyzing error...
Found the issue:
- In src/controllers/user-controller.ts:42
- user object is undefined when ID doesn't exist
- Missing null check before accessing user.id
Fix:
```typescript
// Before
return res.json({ id: user.id, name: user.name });
// After
if (!user) {
return res.status(404).json({ error: 'User not found' });
}
return res.json({ id: user.id, name: user.name });
```
Apply fix? [Yes/No]
Workflow Configuration
Some IDEs allow you to define custom workflows:
{
"workflows": {
"feature-development": {
"steps": [
"create-spec",
"review-spec",
"implement",
"test",
"review",
"merge"
]
},
"bug-fix": {
"steps": [
"reproduce",
"diagnose",
"fix",
"test",
"deploy"
]
}
}
}
Best Practices for Workflows
✅ DO:
- Use structured workflows for complex tasks
- Follow spec-driven development for new features
- Always test after AI changes
- Document your team’s preferred workflows
❌ DON’T:
- Skip steps in workflows
- Use workflows for trivial tasks
- Forget to review AI output
- Mix workflow patterns randomly
Putting It All Together: A Complete Example
Let’s see how all these concepts work together in a real scenario:
Scenario: Building a New Feature
Goal: Add password reset functionality to an existing application.
Step 1: Set Up Context
# Open relevant files
@src/models/User.ts
@src/services/email-service.ts
@src/routes/auth.ts
# Ensure codebase is indexed
/index status
Step 2: Activate Relevant Skills
/with-skill security-auditor
/with-skill api-designer
Step 3: Start a Workflow
/workflow spec-driven
"Add password reset functionality with email verification"
Step 4: AI Creates Specification
AI: Here's the specification:
## Password Reset Feature
### Endpoints
- POST /auth/forgot-password
- Body: { email: string }
- Response: { message: string }
- Rate limited: 3 requests per hour
- POST /auth/reset-password
- Body: { token: string, newPassword: string }
- Response: { success: boolean }
- Token expires: 1 hour
### Security Requirements
- Generate cryptographically secure tokens
- Hash tokens before storing
- Rate limit forgot-password endpoint
- Invalidate token after use
- Log all password reset attempts
### Files to Create
- src/models/PasswordReset.ts
- src/controllers/password-reset-controller.ts
- src/services/password-reset-service.ts
- src/routes/password-reset-routes.ts
- src/services/password-reset.test.ts
Review this specification? [Yes/Revise]
Step 5: Implement
/implement
AI: Implementing password reset feature...
✓ Created PasswordReset model
✓ Created password reset service
✓ Created controller with rate limiting
✓ Added routes to auth router
✓ Wrote 15 tests
✓ All tests passing
Files changed:
- src/models/PasswordReset.ts (new)
- src/services/password-reset-service.ts (new)
- src/controllers/password-reset-controller.ts (new)
- src/routes/password-reset-routes.ts (new)
- src/routes/auth.ts (modified)
- src/services/password-reset.test.ts (new)
Review changes? [Yes/No]
Step 6: Security Review
/agent review
"Review the password reset implementation for security issues"
AI (with security-auditor skill):
Security Review Results:
✅ Token generation uses crypto.randomBytes
✅ Tokens are hashed before storage
✅ Rate limiting implemented
✅ Tokens expire after 1 hour
✅ Tokens invalidated after use
⚠️ Recommendations:
1. Add IP-based rate limiting (not just email-based)
2. Log failed reset attempts for fraud detection
3. Consider adding CAPTCHA after 3 failed attempts
Would you like me to implement these recommendations? [Yes/No]
Step 7: Deploy
/deploy staging
"Deploy password reset feature to staging"
AI: Deploying to staging...
✓ Built application
✓ Ran migrations
✓ Deployed to staging environment
✓ Ran smoke tests
Deployment complete!
URL: https://staging.example.com
Summary: Quick Reference
| Concept | What It Is | When to Use |
|---|---|---|
| Agents | Autonomous AI workers | Complex, multi-step tasks |
| Commands | Structured instructions | Specific, well-defined actions |
| Skills | Specialized expertise | Domain-specific tasks |
| Rules | Persistent instructions | Team conventions, coding standards |
| Context | What AI knows | Every interaction |
| Workflows | Structured processes | Complex development tasks |
Conclusion
Understanding these six fundamental concepts—Agents, Commands, Skills, Rules, Context, and Workflows—is the key to unlocking the full potential of AI-powered IDEs.
Key takeaways:
- ✅ Agents are your AI team members—use them for autonomous work
- ✅ Commands are your task interface—be specific and clear
- ✅ Skills provide specialized expertise—load them when needed
- ✅ Rules define how AI behaves—set them once, benefit forever
- ✅ Context is what AI knows—provide relevant information
- ✅ Workflows structure complex tasks—follow proven patterns
Master these concepts, and you’ll transform from simply “using AI” to truly collaborating with AI as a development partner.
