gdpr-ccpa-privacy-auditor
Audits web applications to ensure declared privacy policies match actual technical data collection practices. Use to identify discrepancies in cookie usage, tracking scripts, and user data handling.
hipaa-compliance-guard
Audits HealthTech applications for HIPAA technical safeguards like encryption and audit logging. Use when reviewing healthcare infrastructure or ensuring PHI is handled according to legal security standards.
industry-standard-reviewer
Simulates a Senior Engineer PR review to teach professional communication and industry naming standards. Use to prepare students for professional engineering environments and code review cultures.
k8s-resource-optimizer
Analyzes Kubernetes resource usage metrics and historical data to suggest optimal CPU and Memory requests and limits. Use to reduce cloud costs, prevent OOMKills, and improve overall cluster reliability by right-sizing your deployments.
license-compliance-auditor
Scans project dependencies and verifies licenses against a whitelist of approved open-source licenses. Use to ensure legal compliance in software projects and prevent the introduction of restricted licenses.
module-class-session-planner
Creates detailed lesson plans for teaching sessions including timing, talking points, and exercises. Use when preparing for live coding sessions or workshops for junior developers.
module-learning-path-generator
Generates structured, career-focused modular curriculums for software engineering students. Use when designing new educational modules or tailoring learning journeys to specific career roles.
module-project-generator
Generates end-to-end student projects that reinforce specific modular learning objectives. Use to create professional-grade portfolio pieces and assessment tasks for engineering mentees.
pedagogical-code-grader
Evaluates student code submissions based on conceptual mastery rather than just correctness. Use to provide high-quality educational feedback on architectural patterns and programming logic.
pii-sanitizer
Detects and redacts Personally Identifiable Information (PII) like emails, phone numbers, and credit cards. Use when cleaning logs, datasets, or communications to comply with GDPR/CCPA privacy standards.
poetry-uv-advisor
Optimize pyproject.toml and resolve complex dependency trees using modern tools like Poetry or uv. Use to modernize Python project management.
prompt-injection-scanner
Audits agent skill instructions and system prompts for vulnerabilities to prompt hijacking and indirect injection. Use when designing new agent skills or before deploying agents to public environments where users provide untrusted input.
pytest-optimizer
Analyze and optimize pytest suites to improve speed, identify flaky tests, and increase coverage. Use to maintain high-quality, fast-running test pipelines.
python-async-advisor
Review asynchronous Python code to identify race conditions, deadlocks, and inefficient patterns. Use when working with asyncio, aiohttp, or FastAPI.
python-config-manager
Generate and validate environment-based configuration for Python apps using Pydantic or Dynaconf. Use to ensure secure and valid runtime settings.
python-data-pipeline-designer
Design ETL workflows with data validation using tools like Pandas, Dask, or PySpark. Use when building robust data processing systems in Python.
python-dependency-resolver
Analyze and resolve Python package dependency conflicts. Use when pip install fails due to version mismatches or circular dependencies.
python-formatter-advisor
Enforce Pythonic standards using Black, Isort, and Flake8. Use to ensure consistency across large Python codebases and team environments.
python-logging-strategist
Design structured logging systems with context propagation. Use to ensure Python applications are observable and logs are machine-readable.
python-package-migrator
Plan and execute upgrades for Python libraries, handling breaking changes. Use when performing major version bumps for frameworks like Django or FastAPI.
python-performance-profiler
Identify CPU and memory bottlenecks in Python code using cProfile or memory_profiler. Use to optimize mission-critical Python services.
python-security-scanner
Detect common Python vulnerabilities such as SQL injection, unsafe deserialization, and hardcoded secrets. Use as part of a secure SDLC for Python projects.
python-testing-strategist
Design comprehensive Python test suites including unit, integration, and E2E tests. Use when establishing testing patterns for new or existing Python applications.
python-type-hints-converter
Automatically add or improve type annotations in legacy Python code. Use to improve code readability, IDE support, and catch type errors early.
python-venv-manager
Setup and validate Python virtual environments (venv, virtualenv, conda). Use to ensure isolated dependencies and correct Python versions for projects.
refactoring-suggester
Identifies code smells and provides step-by-step refactoring recipes. Use when improving legacy code maintainability or teaching students how to apply Clean Code and SOLID principles.
secret-leak-detector
Scans source code, configuration files, and git history for hardcoded credentials, API keys, and tokens. Use when auditing repositories for security leaks or ensuring sensitive data is not committed to version control.
skill-dependency-resolver
Identifies and manages execution dependencies between agent skills by analyzing their inputs and outputs. Use when building multi-step agent workflows to ensure skills are executed in the correct order and that all required data is available.
skill-validator
Validates agent skill definitions against agentskills.io and AGENTS.md rules. Use when creating or modifying skills to ensure they are machine-readable and documentation-complete.
technical-debt-visualizer
Generates a heat-map and metrics report of a repository based on code complexity, lack of tests, and 'TODO/FIXME' density. Use when you need to identify high-risk areas for refactoring or when planning technical debt reduction sprints.
microsoft-code-reference
Find working code samples, verify API signatures, and fix Microsoft SDK errors using official docs. Use whenever the user is writing, debugging, or reviewing code that touches any Microsoft SDK, .NET library, Azure client library, or Microsoft API—even if they don't ask for a "reference." Catches hallucinated methods, wrong signatures, and deprecated patterns. If the task involves producing or fixing Microsoft-related code, this is the right skill.
microsoft-docs
Understand Microsoft technologies by querying official documentation. Use whenever the user asks how something works, wants tutorials, needs configuration options, limits, quotas, or best practices for any Microsoft technology (Azure, .NET, M365, Windows, Power Platform, etc.)—even if they don't mention "docs." If the question is about understanding a concept rather than writing code, this is the right skill.
microsoft-skill-creator
Create agent skills for Microsoft technologies using official documentation. Use whenever the user wants to build, generate, or scaffold a skill for any Microsoft technology (Azure, .NET, M365, VS Code, Bicep, etc.)—even phrased casually like "make a skill for Cosmos DB." Investigates the topic via official docs, then generates a hybrid skill with essential knowledge stored locally and dynamic lookups for depth.
claude-docs-consultant
Consult official Claude Code documentation from docs.claude.com using selective fetching. Use this skill when working on Claude Code hooks, skills, subagents, MCP servers, or any Claude Code feature that requires referencing official documentation for accurate implementation. Fetches only the specific documentation needed rather than loading all docs upfront.
delegate
Delegate tasks to specialized subagents. Analyzes requirements, selects appropriate agents, and launches them with proper context while enforcing the max-2-parallel rule.
orchestrate
Manage development phases and quality gates. Use for starting new projects, advancing phases, and navigating the development lifecycle.
Active Directory Attacks
This skill should be used when the user asks to "attack Active Directory", "exploit AD", "Kerberoasting", "DCSync", "pass-the-hash", "BloodHound enumeration", "Golden Ticket", "Silver Ticket", "AS-REP roasting", "NTLM relay", or needs guidance on Windows domain penetration testing.
API Fuzzing for Bug Bounty
This skill should be used when the user asks to "test API security", "fuzz APIs", "find IDOR vulnerabilities", "test REST API", "test GraphQL", "API penetration testing", "bug bounty API testing", or needs guidance on API security assessment techniques.
AWS Penetration Testing
This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalation", "S3 bucket testing", "metadata SSRF", "Lambda exploitation", or needs guidance on Amazon Web Services security assessment.
Broken Authentication Testing
This skill should be used when the user asks to "test for broken authentication vulnerabilities", "assess session management security", "perform credential stuffing tests", "evaluate password policies", "test for session fixation", or "identify authentication bypass flaws". It provides comprehensive techniques for identifying authentication and session management weaknesses in web applications.
Burp Suite Web Application Testing
This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp Repeater", "analyze HTTP history", or "configure proxy for web testing". It provides comprehensive guidance for using Burp Suite's core features for web application security testing.
Cloud Penetration Testing
This skill should be used when the user asks to "perform cloud penetration testing", "assess Azure or AWS or GCP security", "enumerate cloud resources", "exploit cloud misconfigurations", "test O365 security", "extract secrets from cloud environments", or "audit cloud infrastructure". It provides comprehensive techniques for security assessment across major cloud platforms.
Ethical Hacking Methodology
This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning", "exploit vulnerabilities", or "write penetration test reports". It provides comprehensive ethical hacking methodology and techniques.
File Path Traversal Testing
This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI vulnerabilities", or "access files outside web root". It provides comprehensive file path traversal attack and testing methodologies.
HTML Injection Testing
This skill should be used when the user asks to "test for HTML injection", "inject HTML into web pages", "perform HTML injection attacks", "deface web applications", or "test content injection vulnerabilities". It provides comprehensive HTML injection attack techniques and testing methodologies.
IDOR Vulnerability Testing
This skill should be used when the user asks to "test for insecure direct object references," "find IDOR vulnerabilities," "exploit broken access control," "enumerate user IDs or object references," or "bypass authorization to access other users' data." It provides comprehensive guidance for detecting, exploiting, and remediating IDOR vulnerabilities in web applications.
javascript-best-practices
JavaScript coding standards and best practices. This skill should be used when writing, reviewing, or refactoring JavaScript code. Triggers on tasks involving vanilla JavaScript, DOM manipulation, async operations, or performance optimization.
laravel-best-practices
Laravel development standards. Triggers when working with Laravel applications, Eloquent ORM, Blade templates, or Livewire components.
Linux Privilege Escalation
This skill should be used when the user asks to "escalate privileges on Linux", "find privesc vectors on Linux systems", "exploit sudo misconfigurations", "abuse SUID binaries", "exploit cron jobs for root access", "enumerate Linux systems for privilege escalation", or "gain root access from low-privilege shell". It provides comprehensive techniques for identifying and exploiting privilege escalation paths on Linux systems.
Linux Production Shell Scripts
This skill should be used when the user asks to "create bash scripts", "automate Linux tasks", "monitor system resources", "backup files", "manage users", or "write production shell scripts". It provides ready-to-use shell script templates for system administration.
Page 149 of 1445 · 72243 results