two-stage-boundary-encounter-sop
Execute two-stage protocol for boundary condition encounters.
username-retrieval-service
Retrieve username data through secure verification protocols.
value-pluralism-resolver
Resolve conflicts between competing values through structured pluralistic analysis.
context-recovery
>
debug-mode
Hypothesis-driven debugging with hybrid dual-track parallel execution (Opus 4.5 + GPT 5.2). Spawns two independent chains of subagents where each reviews and improves upon its own previous work, then synthesizes findings from both tracks. Use when debugging hard-to-reproduce bugs, CI/E2E test failures, flaky tests, or when standard fixes have failed.
dspy-rb
Build type-safe LLM applications with DSPy.rb - Ruby's programmatic prompt framework with signatures, modules, agents, and optimization
researcher
|
review-pr
|
linear
Manages Linear issues, teams, and projects via CLI. Lists issues, creates tasks, views details, links issues, and runs GraphQL queries. Must use for "my Linear issues", "create Linear task", "link issues in Linear", "Linear API query", or any Linear project management request.
spec-driven-development
Use when starting any component or feature. Runs the full spec-driven development cycle: specify → plan → interface → test → implement → update docs.
revealjs
Create polished, professional reveal.js presentations. Use when the user asks to create slides, a presentation, a deck, or a slideshow. Supports themes, multi-column layouts, code highlighting, animations, speaker notes, and custom styling. Generates HTML + CSS with no build step required.
emblem-ai-agent-wallet
Connect to EmblemVault and manage crypto wallets via Emblem AI - Agent Hustle. Supports Solana, Ethereum, Base, BSC, Polygon, Hedera, and Bitcoin. Use when the user wants to check balances, review portfolio data, prepare wallet actions, and explicitly confirm blockchain operations.
commit-messages
Write clear commit messages. Use when asked to commit changes, write a commit message, prepare a commit, or describe changes for version control.
compiler-explorer
Optimize functions by generating and analyzing compiler assembly output. Use when asked to optimize a function, analyze generated assembly, or improve performance by examining what the compiler produces.
universal-workflow-init
>
chrome-devtools
Browser automation, debugging, and performance analysis using Puppeteer CLI scripts. Use for automating browsers, taking screenshots, analyzing performance, monitoring network traffic, web scraping, form automation, and JavaScript debugging.
code-review
Use when receiving code review feedback (especially if unclear or technically questionable), when completing tasks or major features requiring review before proceeding, or before making any completion/success claims. Covers three practices - receiving feedback with technical rigor over performative agreement, requesting reviews via code-reviewer subagent, and verification gates requiring evidence before any status claims. Essential for subagent-driven development, pull requests, and preventing false completion claims.
context7
Fetch up-to-date documentation and code examples for any library or framework. Use when needing API references, code examples, library documentation, or framework guides. Supports React, Next.js, MongoDB, Supabase, and thousands of other libraries.
deep-wiki
Access AI-generated documentation and insights for GitHub repositories via DeepWiki. This skill should be used when exploring unfamiliar codebases, understanding repository architecture, finding implementation patterns, or asking questions about how a GitHub project works. Supports any public GitHub repository.
gh-grep
Search real-world code examples across millions of GitHub repositories using grep.app. This skill should be used when looking for implementation patterns, API usage examples, library integration patterns, or production code references. Supports literal code search, regex patterns, and filtering by language/repo/path.
github
Interact with GitHub repositories, issues, pull requests, and code via the GitHub MCP server. This skill should be used when managing repositories, creating/updating files, working with issues and PRs, searching code/repos/users, creating branches, and performing code reviews. Supports all major GitHub API operations.
gkg
Global Knowledge Graph for codebase analysis. This skill should be used when searching for code definitions (functions, classes, methods), finding references to symbols, understanding code structure, analyzing import usage, generating repository maps, or performing impact analysis before refactoring. Supports TypeScript, JavaScript, Python, Java, and more.
sequential-thinking
Dynamic problem-solving through structured sequential thoughts. Use when breaking down complex problems, planning multi-step solutions, analyzing ambiguous requirements, debugging intricate issues, exploring design alternatives, or tackling problems where the full scope is unclear. Enables thought revision, branching, and iterative refinement.
skill-creator
Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.
csrf-protection
Implement Cross-Site Request Forgery (CSRF) protection for API routes. Use this skill when you need to protect POST/PUT/DELETE endpoints, implement token validation, prevent cross-site attacks, or secure form submissions. Triggers include "CSRF", "cross-site request forgery", "protect form", "token validation", "withCsrf", "CSRF token", "session fixation".
dependency-supply-chain-security
Manage dependencies and supply chain security to prevent vulnerable or malicious packages. Use this skill when you need to audit dependencies, update packages, check for vulnerabilities, understand supply chain attacks, or maintain dependency security. Triggers include "dependencies", "npm audit", "supply chain", "package security", "vulnerability", "npm update", "security audit", "outdated packages".
secure-error-handling
Implement secure error handling to prevent information leakage and provide appropriate error responses. Use this skill when you need to handle errors in API routes, prevent stack trace exposure, implement environment-aware error messages, or use the error handler utilities. Triggers include "error handling", "handle errors", "error messages", "information leakage", "stack trace", "handleApiError", "production errors", "error responses".
authentication-authorization-clerk
Implement secure authentication and authorization using Clerk. Use this skill when you need to authenticate users, protect routes, check permissions, implement subscription-based access control, or integrate Clerk with your application. Triggers include "authentication", "auth", "authorization", "Clerk", "protect route", "check user", "sign in", "session", "permissions", "subscription access".
security-prompts
Library of battle-tested security prompt templates for secure feature implementation. Use when implementing forms, endpoints, authentication, authorization, file uploads, or conducting security reviews. Triggers include "security prompt", "secure form", "RBAC", "threat model", "STRIDE", "admin endpoint", "file upload", "security testing", "code review", "OWASP".
input-validation-xss-prevention
Validate and sanitize user input to prevent XSS, injection attacks, and ensure data quality. Use this skill when you need to validate forms, sanitize user input, prevent cross-site scripting, use Zod schemas, or handle any user-generated content. Triggers include "input validation", "validate input", "XSS", "cross-site scripting", "sanitize", "Zod", "injection prevention", "validateRequest", "safeTextSchema", "user input security".
payment-security-clerk-billing-stripe
Implement secure payments using Clerk Billing and Stripe without ever touching card data. Use this skill when you need to set up subscription payments, handle webhooks, implement payment gating, understand PCI-DSS compliance, or integrate Stripe Checkout. Triggers include "payment", "Stripe", "Clerk Billing", "subscription", "PCI-DSS", "credit card", "payment security", "checkout", "webhook", "billing".
rate-limiting
Implement rate limiting to prevent brute force attacks, spam, and resource abuse. Use this skill when you need to protect endpoints from automated attacks, prevent API abuse, limit request frequency, or control infrastructure costs. Triggers include "rate limiting", "rate limit", "brute force", "prevent spam", "API abuse", "resource exhaustion", "DoS", "withRateLimit", "too many requests", "429 error".
security-headers
Configure security headers to defend against clickjacking, XSS, MIME confusion, and SSL stripping attacks. Use this skill when you need to set up Content-Security-Policy, X-Frame-Options, HSTS, configure middleware headers, or understand browser security features. Triggers include "security headers", "CSP", "content security policy", "X-Frame-Options", "HSTS", "clickjacking", "MIME confusion", "middleware headers".
security-operations-deployment
Operational security guidance for deployment, monitoring, and maintenance. Use this skill when you need to understand which middlewares to apply, configure environment variables, monitor security post-deployment, or follow the pre-deployment checklist. Triggers include "security operations", "deployment security", "security monitoring", "environment variables", "when to use middleware", "pre-deployment", "security checklist", "production security".
security-architecture-overview
Understand the defense-in-depth security architecture of Secure Vibe Coding OS. Use this skill when you need to understand the overall security approach, the 5-layer security stack, OWASP scoring, or when to use other security skills. Triggers include "security architecture", "defense in depth", "security layers", "how does security work", "OWASP score", "security overview", "security principles".
security-testing-verification
Test security features and verify implementation before deployment. Use this skill when you need to test CSRF protection, rate limiting, input validation, verify security headers, run security audits, or check the pre-deployment security checklist. Triggers include "test security", "security testing", "verify security", "security checklist", "pre-deployment", "test CSRF", "test rate limit", "security verification".
agent-sop-creator
Guide for creating Agent SOPs (Standard Operating Procedures). Use this skill when the user wants to create a new SOP workflow for AI agents, write an agent procedure, or needs help with SOP format and best practices. Triggers on requests like "create an SOP", "new agent workflow", "help me write an SOP", "create a procedure for agents", or "SOP template".
data-gouv
Skill professionnel pour Claude Code permettant d'accéder, télécharger et analyser les données ouvertes françaises via data.gouv.fr. Inclut une librairie Python complète, des exemples de code, et une documentation détaillée des datasets les plus utilisés.
deep-mem
Search and retrieve memories from Nowledge Mem knowledge base with progressive disclosure. This skill should be used when the user asks to search memories, recall past knowledge, find saved information, look up conversation history, expand thread details, or mentions keywords like "记忆", "知识库", "之前说过", "我保存的", "历史对话".
backend-dev
后端开发专家,负责 Express.js + Knex.js + MySQL 8 + Redis 后端服务开发。遵循 OpenAPI 先行、TDD 推动、RBAC 安全、可观测性工程基线。处理 Provider 动态加载、缓存系统、数据库设计、内容管理 API 开发。适用于收到 Backend 部门任务卡(如 CMS-B-001)或修复类任务卡时使用。
product-planner
AI产品经理,整套"0基础 AI 协同开发系统"的源头角色与项目总导演。将自然语言需求转换为可执行的产品规划与标准化任务卡,协调 Backend/Frontend/SCF/QA/Reviewer/Deploy/Billing Guard 多部门有序并行交付。遵循易用性优先、契约优先、门禁治理、MVP-first 的工程基线。适用于收到自然语言需求时使用。
billing-guard
计费审计专家,在规划/开发/运行阶段持续审计与优化成本。评估任务卡预算、模拟调用成本、监控高成本路径,在超出预算或异常时阻断执行并提出替代方案。遵循数据驱动、三板斧优化(缓存/批量/降级)、预警阻断的工程基线。适用于规划预审、PR成本审查、运行时监控时使用。
codebuddy-deploy
部署与运维专家,负责把通过 Reviewer 与 QA 门禁的构建安全、可回滚、可观测地部署到服务器(PM2 三进程 + Nginx 反代 + 宝塔)。遵循零停机部署、健康检查、回滚≤3分钟、发布后冒烟的工程基线。处理部署编排、配置管理、流量管理、监控告警。适用于收到 Deploy 部门任务卡或需要发布上线时使用。
frontend-dev
前端开发专家,负责 Next.js 14 App Router + React 18 + TypeScript + Ant Design + Zustand 前端应用开发。遵循契约驱动、统一UI规范、访问控制、可测试性工程基线。处理登录鉴权、动态表单、内容管理UI、E2E测试。适用于收到 Frontend 部门任务卡(如 CMS-F-001)或修复类任务卡时使用。
qa-acceptance
质量验收专家,从用户视角验证交付物可用性/正确性/性能/回归。遵循阻断不合格交付、脚本化验证、数据隔离、覆盖验收标准的工程基线。使用 Playwright(E2E)、Jest+Supertest(API)、k6(性能)等工具。适用于收到 QA 部门任务卡(如 CMS-Q-001)或需要验收交付物时使用。
reviewer
代码审查员,守护质量闸口。对所有部门(Backend/Frontend/SCF/Deploy)的 PR 进行安全、性能、正确性、可维护性、可观测性的系统性审查。遵循证据先行、问题分级、签发修复卡、独立克制的工程基线。适用于收到任一部门提交 PR 或需要质量把关时使用。
scf-worker
云函数工程师,负责腾讯云 SCF 无服务器函数开发。遵循最小权限、幂等、重试+死信、可观测性工程基线。处理 COS 直传签名、回调处理、媒体转码、Webhook 转发、批处理任务。适用于收到 SCF 部门任务卡(如 CMS-S-001)或修复类任务卡时使用。
skill-creator
Create and refine Codex skills (folders containing `SKILL.md`). Use when you need help naming a skill, writing effective `name`/`description`, structuring the on-disk instructions, or adding scripts/references/assets for repeatable workflows.
memory-playbook
Cross-session persistence for user preferences, implementation guide for Memory feature.
cdp-skills
Claude Developer Platform Skills feature. Custom knowledge packages for agents, curated playbooks, and versioned expertise domains.
Page 1166 of 1445 · 72242 results