Agent Skills in category: Uncategorized

handoff-memory

Create, refresh, validate, and resume shared HANDOFF and memory documents for a repository, a workspace-wide cross-repo context, or a workstream inside a larger workspace. Use when asked to write a handoff, checkpoint progress, resume prior work, or standardize project-state notes in Git-trackable files such as `docs/HANDOFF.md`, `_memory/HANDOFF.md`, or `_memory/workstreams/checkout-flow/HANDOFF.md`.

use-youtube-data-mcp

Configure and use the hosted YouTube Data MCP end-to-end with minimal user input. Use when users want the agent to verify Node.js and `npx`, configure MCP server config (Windows/macOS, Cursor/Codex/OpenClaw/OpenCode), request API key at setup time, run post-install capability discovery (`tools/list` and `get_patch_notes`), and then strongly recommend helper skill and Python setup for full local document and spreadsheet workflows.

owasp-security

遵循 OWASP Top 10 实施安全编码实践。适用于预防安全漏洞、实现认证、保护 API 或进行安全审查。触发关键词：OWASP, security, XSS, SQL injection, CSRF, authentication security, secure coding, vulnerability, 安全编码。

deep-research

Conduct enterprise-grade research with multi-source synthesis, citation tracking, and verification. Use when user needs comprehensive analysis requiring 10+ sources, verified claims, or comparison of approaches. Triggers include "deep research", "comprehensive analysis", "research report", "compare X vs Y", or "analyze trends". Do NOT use for simple lookups, debugging, or questions answerable with 1-2 searches.

case-study-writing

seo-geo-optimizer

Comprehensive SEO/GEO/AEO analysis toolkit for optimizing content visibility across traditional search engines (Google, Bing), AI platforms (ChatGPT, Perplexity, Claude, Gemini, Grokipedia), answer engines (Google AI Overviews, Bing Copilot, featured snippets), voice assistants (Google Assistant, Siri, Alexa), and social media (Facebook, Twitter, LinkedIn, WhatsApp, Instagram). Analyzes HTML/Markdown/JSX files for metadata completeness, schema markup, keyword optimization, entity extraction, and generates multi-format audit reports with platform-specific recommendations.

["motion""framer-motion""animation""react"

motion-dev-animations

Creates 120fps GPU-accelerated animations with Motion.dev (Framer Motion successor) for React, Next.js, Svelte, and Astro projects. Use when user requests animation, motion, scroll effects, parallax, hero animations, gestures, drag interactions, spring physics, whileHover effects, whileInView animations, animated UI, micro-interactions, page transitions, or layout animations. Generates production TypeScript/JSX code with accessibility (prefers-reduced-motion) and performance validation (≥60fps). Supports entrance animations, gesture interactions (hover/tap/drag), scroll-based reveals, and layout transitions using spring physics and natural timing. Do NOT use for CSS-only transitions (use native CSS), static sites without JavaScript, Vue animations (use motion-v variant instead), or SVG/Canvas complex animations (GSAP better suited).

Motion Dev Standards

iot-architect

Expert in IoT system design, hardware selection (ESP32, LoRa), and firmware architecture (Arduino, PlatformIO). Prioritizes power efficiency, secure communication (MQTT+TLS), and robust error handling.

security-guardian

Automated security auditing for OpenClaw projects. Scans for hardcoded secrets (API keys, tokens) and container vulnerabilities (CVEs) using Trivy. Provides structured reports to help maintain a clean and secure codebase.

ai-dating

This skill enables dating and matchmaking workflows. Use it when a user asks to make friends, find a partner, run matchmaking, or provide dating preferences/profile updates. The skill should execute `dating-cli` commands to complete profile setup, task creation/update, match checking, contact reveal, and review.

api-security-tester

Execute end-to-end API security testing from attack-surface mapping through validated findings and remediation notes.

auth-flow-operator

Establish and validate authenticated test access through login, registration, session lifecycle, and role context checks.

crypto-vulnerability-analyst

Analyze cryptographic design and implementation for misuse, key-management weaknesses, and protocol-level exploit opportunities.

ai-agents

Building AI agents — tool use, chains, memory, and autonomous workflows with LLMs. Use when user mentions "AI agent", "agent development", "tool use", "function calling", "agent loop", "ReAct pattern", "agent memory", "autonomous agent", "multi-agent", "langchain agents", "crew AI", or building systems where LLMs take actions.

ai-prompting

AI prompt engineering and LLM interaction patterns. Use when user asks to "write prompts", "optimize prompts", "design system prompts", "few-shot prompting", "chain-of-thought", "prompt techniques", "LLM patterns", "prompt best practices", "model interactions", "AI assistant design", or mentions prompt optimization, LLM interactions, or generative AI patterns.

ansible

Ansible automation for server configuration, deployment, and infrastructure management. Use when user mentions "ansible", "ansible-playbook", "ansible-vault", "inventory", "playbook", "ansible role", "ansible galaxy", "configuration management", "server provisioning", "infrastructure automation", "ansible task", "ansible template", or automating server setup and deployment.

api-design

REST API design patterns, structure, and best practices. Use when user asks to "design a REST API", "create API endpoints", "write OpenAPI spec", "design API routes", "add pagination to API", "version an API", "create API schema", "design webhook endpoints", "structure API responses", "implement HATEOAS", "design API errors", "API versioning", "API deprecation", "rate limiting design", or mentions REST API design, endpoint naming, HTTP methods, status codes, API best practices, request/response design, or API documentation.

database-indexing

Database indexing strategies and query optimization. Use when user asks to "optimize queries", "create indexes", "database performance", "query analysis", "explain plans", "index selection", "slow queries", "database tuning", "schema optimization", or mentions database performance and query optimization.

api-versioning

Comprehensive guide to API versioning strategies, backward compatibility, deprecation, and lifecycle management. Use when user asks about "version API", "API compatibility", "breaking changes", "semantic versioning", "API evolution", "deprecation strategy", "backwards compatibility", "API migration", "version management", "sunset header", "API changelog", "schema versioning", "OpenAPI versioning", "GraphQL versioning", or mentions API lifecycle management, consumer migration, or version negotiation.

authentication-patterns

Authentication and authorization patterns and best practices. Use when user asks to "implement authentication", "OAuth flow", "JWT tokens", "session management", "SSO setup", "API keys", "RBAC", "SAML", "passwordless auth", "multi-factor authentication", or mentions auth design patterns and security.

aws-cli

AWS CLI mastery for S3, EC2, Lambda, IAM, and common service operations. Use when user asks to "upload to S3", "launch EC2", "deploy Lambda", "configure AWS", "AWS profiles", "check AWS resources", or any AWS command-line tasks.

base64-encoding

Encoding and decoding utilities — base64, URL encoding, hex, and hashing. Use when user mentions "base64", "encode", "decode", "url encode", "urlencode", "hex", "hash", "sha256", "md5", "checksum", "jwt decode", "binary to text", or converting between encoding formats.

brew-apt

Package manager commands for macOS (Homebrew) and Linux (apt, yum/dnf). Use when user mentions "brew", "homebrew", "apt", "apt-get", "yum", "dnf", "install package", "update packages", "package manager", "brew cask", "PPA", "system dependencies", "upgrade all", or managing system packages.

bun-runtime

Bun runtime for fast JavaScript/TypeScript execution, package management, bundling, and testing. Use when user mentions "bun", "bun run", "bun install", "bunx", "bun test", "bun build", "fast node alternative", "bun shell", or migrating from Node to Bun.

caching-strategies

Caching strategies and implementation patterns. Use when user asks to "add caching", "cache API responses", "set up CDN caching", "configure HTTP caching", "implement memoization", "cache database queries", "set cache headers", "invalidate cache", "design cache layer", "reduce API latency", "cache warming", "cache busting", "distributed caching", "Redis caching", "edge caching", or mentions caching strategies, cache invalidation, TTL, cache-aside, write-through, write-behind, CDN, browser caching, or memoization.

changelog

Changelog generation, release notes, semantic versioning, and release management. Use when user asks to "write a changelog", "generate release notes", "bump version", "follow conventional commits", "create a release", "update CHANGELOG.md", "write migration guide", "document breaking changes", "set up automated releases", "configure semantic-release", "add deprecation notice", "keep a changelog", "version a project", "squash commits before release", "manage pre-releases", "automate versioning", or any versioning, changelog automation, release notes, and release documentation tasks.

ci-cd-pipelines

CI/CD pipeline design, setup, and optimization. Use when user asks to "set up CI/CD", "create a pipeline", "configure Jenkins", "set up GitLab CI", "create CircleCI config", "automate deployments", "create build pipeline", "set up continuous deployment", "configure pipeline stages", "add pipeline caching", "pipeline security", "secret management", "artifact management", "GitHub Actions workflow", "deployment strategies", "canary deployment", or mentions CI/CD pipelines, continuous integration, continuous deployment, build automation, deployment pipelines, or pipeline optimization.

cloudflare-workers

Cloudflare Workers for edge computing, serverless functions, and global deployment. Use when user mentions "cloudflare workers", "wrangler", "edge functions", "serverless edge", "cloudflare pages", "D1 database", "R2 storage", "KV store", "workers AI", "edge computing", or deploying to Cloudflare.

code-review

Code review checklists, PR review patterns, and feedback templates. Use when user asks to "review this code", "code review checklist", "PR review template", "review best practices", "write review feedback", or any code review tasks.

containerization-best-practices

Container and Docker best practices. Use when user asks to "optimize Docker", "Docker best practices", "container security", "image optimization", "layer caching", "multi-stage builds", "container networking", "volume management", "Docker performance", or mentions containerization strategies and Docker optimization.

curl-http

API testing with curl and httpie for HTTP requests. Use when user asks to "test API", "make HTTP request", "curl POST", "send request", "test endpoint", "debug API", or make any HTTP calls from command line.

date-time-cli

Date, time, timezone, and epoch timestamp manipulation from the command line. Use when user mentions "date command", "timestamp", "epoch", "unix timestamp", "timezone conversion", "date math", "date formatting", "ISO 8601", "convert timestamp", "time ago", or any date/time manipulation in shell.

debugging

Debugging techniques, tools, and workflows. Use when user asks to "debug this code", "find the bug", "why is this failing", "trace this error", "debug memory leak", "profile this code", "debug network issue", "fix segfault", "debug race condition", "find performance bottleneck", "step through code", "debug async", "debug concurrency", "memory profiling", "CPU profiling", or mentions debugging techniques, error tracing, stack traces, breakpoints, profiling, memory debugging, or troubleshooting code.

deno

Deno runtime for TypeScript/JavaScript with built-in tooling. Use when user mentions "deno", "deno run", "deno task", "deno deploy", "deno.json", "deno compile", "deno test", "deno bench", "deno fmt", "deno lint", "fresh framework", "deno KV", "JSR", "deno permissions", or running TypeScript natively without build steps.

dependency-audit

Dependency auditing, updating, and vulnerability management for npm, pip, and other package managers. Use when user asks to "audit dependencies", "update packages", "fix vulnerabilities", "check outdated", "npm audit", "pip audit", "upgrade dependencies safely", or any dependency management tasks.

dns-network

Network debugging with DNS lookups, connectivity testing, and latency diagnosis. Use when user mentions "dns", "dig", "nslookup", "traceroute", "ping", "network debugging", "why is this slow", "connection timeout", "dns resolution", "curl timing", "network latency", "MTR", "netcat", or diagnosing network issues.

docker-compose

Docker Compose for multi-container local development and production stacks. Use when user mentions "docker-compose", "docker compose", "multi-container", "compose file", "services", "docker networking", "compose volumes", "dev environment setup", or orchestrating multiple containers locally.

docker-helper

Docker and Docker Compose mastery for containers, images, networks, volumes, and debugging. Use when user asks to "build a container", "run docker", "debug container", "write dockerfile", "docker compose up", "check container logs", "optimize docker image", or any container operations.

dotfiles

Dotfile management with stow, chezmoi, or git bare repo for configuration sync across machines. Use when user asks to "manage dotfiles", "sync configs", "setup dotfiles", "backup shell config", or organize configuration files.

env-debug

Debug environment issues with PATH, permissions, environment variables, and configuration problems. Use when user asks to "fix PATH", "command not found", "permission denied", "debug environment", "env vars not working", "fix shell config", "debug node/python not found", or any environment troubleshooting tasks.

error-handling

Error handling patterns, strategies, and implementation. Use when user asks to "handle errors", "add error handling", "create custom errors", "handle exceptions", "implement retry logic", "add error boundaries", "design error responses", "handle async errors", "create error types", "implement graceful degradation", "error recovery", "fallback strategies", "exponential backoff", "timeout handling", "error logging", "error monitoring", or mentions error handling patterns, exception handling, error boundaries, retry strategies, circuit breakers, or error recovery.

feature-flags

Feature flag implementation, management, and best practices for gradual rollouts. Use when user mentions "feature flag", "feature toggle", "feature gate", "canary release", "percentage rollout", "A/B testing", "LaunchDarkly", "Unleash", "Flagsmith", "gradual rollout", "kill switch", "dark launch", "trunk-based development with flags", or controlling feature visibility in production.

ffmpeg

FFmpeg commands for video/audio conversion, trimming, compression, and processing. Use when user mentions "ffmpeg", "convert video", "compress video", "extract audio", "trim video", "gif from video", "video codec", "transcode", "screen recording", "merge videos", "video to mp4", "reduce file size", or any media processing task.

gh-cli

GitHub CLI (gh) mastery for issues, PRs, releases, actions, gists, and repo management. Use when user asks to "create a PR", "list issues", "check CI status", "create a release", "view workflow runs", "create a gist", "clone a repo", "fork a repo", or any GitHub operations from the command line.