turborepo
|
tsdown
Bundle TypeScript and JavaScript libraries with blazing-fast speed powered by Rolldown. Use when building libraries, generating type declarations, bundling for multiple formats, or migrating from tsup.
slidev
Create and present web-based slides for developers using Markdown, Vue components, code highlighting, animations, and interactive features. Use when building technical presentations, conference talks, or teaching materials.
pnpm
Node.js package manager with strict dependency resolution. Use when running pnpm specific commands, configuring workspaces, or managing dependencies with catalogs, patches, or overrides.
pinia
Pinia official Vue state management library, type-safe and extensible. Use when defining stores, working with state/getters/actions, or implementing store patterns in Vue apps.
oq
oQ's opinionated tooling and conventions for JavaScript/TypeScript projects. Based on Anthony Fu's style with personal customizations for UnoCSS, ESLint, pnpm catalog, and automated releases. Use when setting up new projects with these preferences.
specalign
Align spec files with implementation. Detects drift between spec and code, surfaces discrepancies, user decides whether to update spec or code. Use when both a spec file and its implementation are in context.
conventionalcommits
Conventional Commits specification for semantic versioning and changelog generation. Use when writing commit messages, configuring commit linting, or automating releases.
wechat-publisher
一键发布 Markdown 到微信公众号草稿箱。基于 wenyan-cli,支持多主题、代码高亮、图片自动上传。
jira-transitions
Move Jira issues through workflow states. Use when transitioning issues (To Do, In Progress, Done) or setting resolutions.
jira-spaces
Manage Confluence spaces for project documentation. Create, list, and delete spaces with templates. Use when setting up project documentation structure or managing Confluence content areas.
jira-search
Search Jira issues using JQL queries. Use when filtering issues by project, status, assignee, date, or building reports.
jira-safe
Implement SAFe methodology in Jira. Use when creating Epics, Features, Stories with proper hierarchy, acceptance criteria, and parent-child linking.
jira-projects
Manage Jira projects. Use when listing projects, getting project configuration, retrieving issue types, or managing components and versions.
jira-project-management
Administer Jira projects. Use when creating/archiving projects, managing components, versions, roles, permissions, or project configuration.
jira-issues
Create, read, update, and delete Jira issues. Use when managing Stories, Tasks, Bugs, or Epics - includes field updates and metadata.
jira-auth
Authenticate with Jira Cloud REST API using API tokens. Use when setting up Jira connections, validating credentials, or handling rate limiting.
jira-agile
Manage Jira Agile boards and sprints. Use when listing boards, creating sprints, or moving issues to/from sprints.
knowledge-base-gap-finder
Identify what documentation is missing by comparing support issues, product behavior, and existing docs. Use when the knowledge base is incomplete or stale.
harness-engineering-guide
>
ue5-editor-control
Control Unreal Engine 5 editor via HTTP commands. Spawn/delete/transform actors, manage blueprints, materials, animation blueprints, and any UObject property via reflection. Use when the user asks to create, modify, or query anything in UE5 editor, or mentions UE5, Unreal, actors, blueprints, levels, materials, animation, input, or characters.
harness-engineering
Set up and improve harness engineering (AGENTS.md, docs/, lint rules, eval systems, project-level prompt engineering) for AI-agent-friendly codebases. Triggers on: new/empty project setup for AI agents, AGENTS.md or CLAUDE.md creation, harness engineering questions, making agents work better on a codebase. ALSO triggers when users are frustrated or complaining about agent quality — e.g. 'the agent keeps ignoring conventions', 'it never follows instructions', 'why does it keep doing X', 'the agent is broken' — because poor agent output almost always signals harness gaps, not model problems. Covers: context engineering, architectural constraints, multi-agent coordination, evaluation, long-running agent harness, and diagnosis of agent quality issues.
harness-engineering-zh
为 AI Agent 友好的代码库搭建和改进 Harness 工程(包括 AGENTS.md、docs/、Lint 规则、Eval 系统、项目级 Prompt 工程)。触发场景:为 AI Agent 设置新项目/空项目,创建 AGENTS.md 或 CLAUDE.md,关于 Harness 工程的问题,让 Agent 在代码库上更高效地工作。当用户感到沮丧或抱怨 Agent 质量时也会触发(例如:'Agent 总是无视规范'、'它从不听从指令'、'为什么它总是做错 X'、'Agent 坏了')— 因为 Agent 输出质量差几乎总是意味着 Harness 缺失,而不是模型问题。涵盖:Context 工程、架构约束、多 Agent 协作、评估、长运行任务 Harness 以及 Agent 质量问题诊断。
yolo
|
lovable
|
ifind-data
基于同花顺 iFind API 的金融数据查询技能。用于获取 A 股、港股、美股的股票行情、基金净值、指数数据、财务报表等。触发场景:(1) 查询股票实时行情或历史价格,(2) 获取基金净值和业绩数据,(3) 查询指数成分股和估值,(4) 使用自然语言选股(问财),(5) 获取财务数据和估值指标。支持本地 SDK 和 HTTP API 两种调用方式。
ux-improve
UX laws and cognitive psychology principles for designing better interfaces
openclaw-stock-skill
使用 data.diemeng.chat 提供的接口查询股票日线、分钟线、财务指标等数据,支持 A 股等市场。
aave-viem-integration
Foundational EVM integration for AAVE-related scripts using viem. Use when user asks to read balances, read/write contracts, send transactions, or set up typed viem clients for Ethereum and Arbitrum.
aave-security-foundations
Security baseline for AAVE integration and execution scripts. Use when user asks for AAVE security review, pre-trade checks, liquidation safety, allowance minimization, or execution hardening.
aave-risk-assessor
This skill should be used when the user asks about "health factor", "liquidation risk", "aave risk", "will I be liquidated", "safe to borrow", "my account health", "collateral risk", "liquidation price", or wants to assess the risk of their AAVE V3 position. Calculates health factor, LTV ratios, liquidation thresholds, and provides risk level assessments for positions on Ethereum and Arbitrum.
aave-planner
This skill should be used when the user asks to "supply to aave", "deposit to aave", "lend on aave", "borrow from aave", "take loan on aave", "repay aave loan", "pay back aave", "withdraw from aave", "remove collateral", "aave lending", "earn yield on aave", or mentions AAVE V3 operations including supply, borrow, repay, or withdraw on Ethereum or Arbitrum.
aave-integration
This skill should be used when the user needs to interact with AAVE V3 protocol contracts directly, read on-chain data, get reserve configurations, fetch current APY rates, simulate position changes, or execute protocol operations programmatically. Provides low-level access to AAVE Pool contracts, UI Pool Data Provider, and quote generation for supply, borrow, repay, and withdraw operations on Ethereum and Arbitrum.
php-yii-audit
Yii 框架特效安全审计工具。针对 Yii(通常指 Yii2)访问控制(AccessControl/RBAC)、CSRF、输入过滤规则、输出编码策略、URL/重定向安全等进行白盒静态审计,并映射到通用漏洞类型体系(AUTH/CSRF/XSS/CFG/LOGIC 等)。
php-xxe-audit
PHP Web 源码 XXE 审计工具。识别 XML 解析点与实体处理配置,追踪 XML 输入来源与回显,输出可利用性分级、PoC 与修复建议(禁止省略)。
php-xss-audit
PHP Web 源码 XSS 审计工具。识别用户输入进入输出上下文(HTML/属性/JS/URL/模板),分析转义与防护策略,输出可利用性分级、PoC 与修复建议(禁止省略)。
php-wordpress-audit
WordPress 框架特效安全审计工具。针对 WordPress 常见 nonce/capability/check_admin_referer、AJAX action、escape/sanitize、重定向、安全上传与远程请求等机制进行白盒静态审计,并映射到通用漏洞类型体系(AUTH/CSRF/XSS/SQL/CFG/SSRF 等)。
php-vuln-scanner
PHP 组件版本漏洞检测工具。扫描 composer.json / composer.lock 或 jar/包元信息,匹配已知漏洞规则并输出报告(包含可能的触发点分析框架)。
php-tpl-audit
PHP Web 源码模板注入/SSTI 审计工具。识别模板引擎渲染点与模板名/表达式可控性,追踪到 eval/执行链,输出可利用性分级、PoC 与修复建议(禁止省略)。
php-thinkphp-audit
ThinkPHP 框架特效安全审计工具。针对 ThinkPHP 常见的鉴权/CSRF/模板转义/ORM 写入(Mass Assignment)/调试与配置暴露等机制进行白盒静态审计,并映射到通用漏洞类型体系(AUTH/CSRF/TPL/XSS/LOGIC/CFG/SESS/SQL 等)。
php-symfony-audit
Symfony 框架特效安全审计工具。针对 Symfony 常见 security.yaml、CSRF、Twig/Twig raw、表达式与访问控制等框架机制做白盒静态审计,并将风险映射到通用漏洞类型体系(AUTH/CSRF/CFG/XSS/TPL/LOGIC 等)。
php-sql-audit
PHP Web 源码 SQL 注入漏洞审计工具。从源码中识别所有 SQL 执行点并分析注入风险,输出可利用性分级、PoC 与修复建议(禁止省略)。
php-session-cookie-audit
PHP Web 源码会话与 Cookie 安全审计工具。识别 session 固定、Cookie flags 不安全、JWT 验证缺陷与记住登录风险,输出分级、PoC 与修复建议(禁止省略)。
php-route-tracer
PHP Web 路由到 Sink 的多层数据流追踪工具。根据用户指定路由,追踪从 handler 到最终敏感操作点,输出层级证据、参数变量追踪、可控性分析(不做漏洞结论)。
php-route-mapper
PHP Web 源码路由与参数映射分析工具。从源码中提取所有入口路由与参数结构,输出完整请求模板与参数清单(禁止省略)。
php-nosql-audit
PHP Web 源码 NoSQL 注入审计工具。识别用户输入进入 MongoDB/DocumentDB 查询构造,分析是否存在 operator 注入($gt/$ne/$where 等),输出分级、PoC 与修复建议(禁止省略)。
php-logic-audit
PHP Web 业务逻辑漏洞审计工具。识别认证/授权以外的逻辑缺陷:Mass Assignment、流程绕过、竞态条件、状态机缺陷、支付/权限时序漏洞等,输出证据链、分级、PoC 与修复建议(禁止省略)。
php-ldap-audit
PHP Web 源码 LDAP 注入审计工具。识别用户可控数据进入 LDAP filter/DN 构造并被 ldap_search/ldap_read 执行,输出可利用性分级、PoC 与修复建议(禁止省略)。
php-laravel-audit
Laravel 框架特效安全审计工具。针对 Laravel 常见鉴权/CSRF/Session/模型填充/Blade 渲染等框架特性进行白盒静态审计,并将风险映射到你现有通用漏洞类型体系(AUTH/CSRF/LOGIC/XSS/CFG 等)。
php-filesystem-audit
PHP 文件系统操作审计工具。聚焦 mkdir/chmod/chown/unlink/rmdir/link/symlink/readlink/touch/权限与 TOCTOU 等操作的安全风险,为路径校验绕过与写入链利用提供“可利用性增强证据”(不替代 FILE/UPLOAD/WRITE 等 sink 子审计)。
Page 519 of 1485 · 74205 results
