supabase-audit-authenticated
Create a test user (with explicit permission) to audit what authenticated users can access vs anonymous users. Detects IDOR, cross-user access, and privilege escalation.
supabase-audit-functions
Discover and test Supabase Edge Functions for security vulnerabilities and misconfigurations.
supabase-audit-realtime
Test Supabase Realtime WebSocket channels for unauthorized subscriptions and data exposure.
supabase-audit-buckets-list
List all storage buckets and their configuration to identify the storage attack surface.
supabase-audit-buckets-public
Identify storage buckets that are publicly accessible and may contain sensitive data.
supabase-audit-buckets-read
Attempt to list and read files from storage buckets to verify access controls.
supabase-evidence
Initialize and manage the evidence collection directory for professional security audits with documented proof of findings.
supabase-extract-anon-key
Extract the Supabase anon/public API key from client-side code. This key is expected in client apps but important for RLS testing.
supabase-extract-db-string
CRITICAL - Detect exposed PostgreSQL database connection strings in client-side code. Direct DB access is a P0 issue.
supabase-extract-jwt
Extract and decode Supabase-related JWTs from client-side code, cookies, and local storage patterns.
supabase-extract-service-key
CRITICAL - Detect if the Supabase service_role key is leaked in client-side code. This is a P0 severity issue.
supabase-extract-url
Extract the Supabase project URL from client-side JavaScript code, environment variables, and configuration files.
supabase-help
Quick reference for all Supabase security audit skills with usage examples and command overview.
supabase-pentest
Orchestrate a complete Supabase security audit with guided step-by-step execution and ownership confirmation.
supabase-report-compare
Compare two security audit reports to track remediation progress and identify new vulnerabilities.
supabase-report
Generate a comprehensive Markdown security audit report with executive summary, findings, and remediation guidance.
supabase-detect
Detect if a web application uses Supabase by analyzing client-side code, network patterns, and API endpoints.
gemini-image-generator
Generate images using Google Gemini with customizable options
srt-to-structured-data
|
slides-generator
Generate interactive presentation slides using React + Tailwind. Triggers on keywords like "slides", "presentation", "PPT", "demo", "benchmark".
news-extractor
新闻站点内容提取。支持微信公众号、今日头条、网易新闻、搜狐新闻、腾讯新闻。当用户需要提取新闻内容、抓取公众号文章、爬取新闻、或获取新闻JSON/Markdown时激活。
langchain-use
LangChain 1.0 使用指南。提供 Agent、Tool、Memory、Middleware 等核心概念的快速参考。当用户需要创建 AI Agent、集成 LangChain、或解决 LangChain 相关问题时激活。
agent-team-orchestrator
|
bilibili-chapter-generator
|
test-dev
测试开发专家,基于JUnit 5 + AssertJ + Mockito + JaCoCo。
compiler-dev
编译器后端开发专家,专注于IR、CFG、SSA、数据流分析和优化Pass。
vm-dev
虚拟机开发专家,专注于字节码、指令、栈帧、内存管理和垃圾回收。
antlr4-dev
ANTLR4前端开发专家,专注于词法/语法分析、AST构建、访问者模式。
git-committer
Git提交专家,规范化提交信息和分主题提交。
ep-navigator
EP项目导航专家,提供21个EP的依赖路由、快速定位和跨EP对比。
ecommerce-competitor-analyzer
Multi-platform e-commerce competitor analysis skill that automatically scrapes product data from Amazon, Temu, Shopee and generates comprehensive analysis reports using AI. Use when you need to analyze competitor products, extract product insights, or batch analyze multiple product listings. Supports bulk processing with structured outputs including title, price, rating, reviews, and strategic analysis.
prompt-classifier
自动识别prompt类型并保存到相应分类(技术/内容/教学/产品/通用),支持自动文件命名和索引管理。当用户提到"保存prompt"、"记录prompt"、"管理prompt"、"整理prompt"、"prompt库"时使用此技能。
topic-generation
快速生成3-4个文章选题方向,包含标题建议、内容大纲、工作量评估、目标受众分析和优劣势分析。当用户提到"选题"、"写什么"、"内容选题"、"文章方向"、"创作灵感"时使用此技能。
info-search-knowledge
针对新产品、新技术进行多渠道信息搜索和验证,并将可靠信息保存到知识库。优先选择权威科技媒体,忽略过时信息源。当用户提到"最新信息"、"新产品"、"新技术"、"搜索资料"、"查资料"、"了解XX"时使用此技能。
image-generation
自动为文章生成配图,支持AI生成图片、公共领域图片、免费图库图片,并上传到ImgBB图床生成Markdown链接。当用户提到"配图"、"插图"、"图片"、"生成图片"、"文章配图"时使用此技能。
personal-material-search
快速搜索用户的真实经历、观点和案例素材库(1800+条记录),为内容增加真实性和可信度。当用户提到"真实经历"、"个人案例"、"有根据"、"实际经验"、"素材库"、"找例子"时使用此技能。
article-to-x
将3000-5000字长篇文章转换为200-500字X平台(微博/小红书等)内容,保持真实风格,提供3种开头风格。当用户提到"转微博"、"发小红书"、"社交媒体"、"缩短内容"、"精简"时使用此技能。
ai-proofreading
系统化降低AI检测率至30%以下,通过三遍审校流程(内容、风格、细节)增加人味。当用户提到"AI味太重"、"像AI写的"、"降低AI检测率"、"更像人写的"、"自然一些"、"口语化"时使用此技能。
video-outline-generation
快速生成2-3个视频脚本大纲方案,包含标题建议、缩略图设计建议和完整的结构设计。当用户提到"视频大纲"、"视频脚本"、"视频策划"、"拍视频"、"视频内容"时使用此技能。
video-thumbnail-check
基于MrBeast策略检查视频标题、缩略图和内容钩子,优化点击率和观看时长。当用户提到"视频标题"、"封面图"、"缩略图"、"点击率"、"CTR"、"观看时长"、"视频开头"时使用此技能。
video-script-collaborial
将视频脚本转换为更适合实际录制的口语化表达,去除书面化语言,增加自然感和亲和力。当用户提到"视频脚本"、"录制"、"口语化"、"自然一点"、"像说话一样"、"太书面了"时使用此技能。
Newt Blueprint Generator
Generate and validate Pangolin Newt blueprint configurations in YAML or Docker Labels format. Use when creating Pangolin resource configurations, proxy resources, client resources, authentication settings, or Docker Compose blueprints.
GitLab Stack Creator
Create new GitLab stack projects from templates with proper directory structure, git configuration, validation hooks, and documentation. Use when initializing new Docker stack projects that follow GitLab stack patterns.
GitLab Stack Validator
Validates GitLab stack projects before deployment, ensuring proper architecture patterns, directory structure, secrets management, .env configuration, and Docker best practices. Use when users ask to validate a stack, check stack configuration, verify stack architecture, audit stack setup, or ensure stack deployment readiness.
SVG Logo Designer
Create professional SVG logos from descriptions and design specifications. Generates multiple logo variations with different layouts, styles, and concepts. Produces scalable vector graphics that can be used directly or exported to PNG. Use this skill when users ask to create logos, brand identities, icons, or visual marks for their designs.
UI/UX Design Review
Comprehensive design review for websites and desktop applications with extensive accessibility analysis. Use this skill when users ask you to review UI/UX designs, wireframes, mockups, prototypes, or deployed interfaces for usability, accessibility (WCAG compliance), visual design, interaction patterns, responsive design, and best practices for web and desktop applications.
GitLab Stack Config Generator
Generates service-specific configuration files for GitLab stack projects in ./config directory, using .env as the primary configuration source. Creates nginx, PostgreSQL, Redis, and custom service configs with strict validation for secrets, paths, and Docker best practices. Use when setting up service configurations, creating config templates, or ensuring configs follow stack patterns.
Web Design Builder
Create and refactor HTML5/JavaScript web designs from specifications or descriptions. Generates complete, accessible, responsive web designs with modern frameworks. Automatically verifies designs using Playwright MCP for accessibility and functionality testing. Use this skill when users ask to create web designs, mockups, landing pages, web applications, or refactor existing HTML/CSS/JS designs.
GitLab Stack Secrets Manager
Manages Docker secrets for GitLab stack projects, ensuring secrets are never in .env or docker-compose.yml, properly stored in ./secrets directory, and securely integrated with Docker secrets. Use when users need to create secrets, migrate from environment variables, validate secret configuration, audit secret usage, or ensure secrets are never committed to git.
Docker Configuration Validator
Comprehensive Docker and Docker Compose validation following best practices and security standards. Use this skill when users ask to validate Dockerfiles, review Docker configurations, check Docker Compose files, verify multi-stage builds, audit Docker security, or ensure compliance with Docker best practices. Validates syntax, security, multi-stage builds, and modern Docker Compose requirements.
Page 673 of 1486 · 74266 results
