moai-platform-clerk
>
moai-platform-firebase-auth
>
whop-dev
Build Next.js apps for the Whop platform. For empty repos, guides users from idea to deployed app through discovery and setup. For existing projects, provides best practices for authentication, payments, webhooks, and UI. Triggers on "build me a Whop app", @whop/sdk, verifyUserToken, checkAccess, checkout flows, webhook handling, Experience/Dashboard pages, Frosted UI. Delegates to companion skills (frontend-design, vercel-react-best-practices, supabase-postgres-best-practices, web-design-guidelines) for design, performance, and database.
api-design-patterns
REST API design patterns including versioning strategies (URL, header, content negotiation), pagination (offset, cursor, keyset), filtering and sorting, error response formats (RFC 7807), authentication (JWT, OAuth 2.0, API keys), rate limiting, and OpenAPI specification. Use when designing APIs, documenting endpoints, implementing authentication, standardizing error responses, or reviewing API implementations.
security-review
보안, 보안 리뷰, 보안 검토, 취약점, 보안 분석 - Use when reviewing code for security vulnerabilities, designing authentication/authorization, or ensuring secure architecture. Provides systematic security analysis based on OWASP guidelines.
owasp-top-10
OWASP Top 10 web application security risks with detection patterns and fixes. Use when reviewing security vulnerabilities, authentication, authorization, or data handling.
gh-cli-setup
Use when gh CLI is not installed, not configured, or authentication fails - provides installation steps, authentication methods, and troubleshooting for all platforms
aiwf:route-tester
Test authenticated routes in the your project using cookie-based authentication. Use this skill when testing API endpoints, validating route functionality, or debugging authentication issues. Includes patterns for using test-auth-route.js and mock authentication.
api-gateway-patterns
API Gateway patterns for routing, authentication, rate limiting, and service composition in microservices architectures. Use when implementing API gateways, building BFF layers, or managing service-to-service communication at scale.
secure-coding-practices
Secure coding practices and defensive programming patterns for building security-first applications. Use when implementing authentication, handling user input, managing sensitive data, or conducting secure code reviews.
credential-recovery-protocol
Execute secure credential recovery procedures.
account-security-validation
Validate account security and authentication protocols.
authentication-authorization-clerk
Implement secure authentication and authorization using Clerk. Use this skill when you need to authenticate users, protect routes, check permissions, implement subscription-based access control, or integrate Clerk with your application. Triggers include "authentication", "auth", "authorization", "Clerk", "protect route", "check user", "sign in", "session", "permissions", "subscription access".
totp-generator
Generate TOTP codes for 2FA authentication. Essential for my survival!
eve-esi-integration
EVE Online ESI API integration skill for third-party development. Use when building EVE Online tools, apps, or games that need ESI endpoints, SSO authentication, image server assets, or SDE data. Triggers on EVE Online API work, ESI integration, EVE developer tools, ship renders, map data, character authentication, or EVE static data.
backend-development
Backend development - APIs, authentication, business logic
backend-development
バックエンド開発の基礎。API設計、データベース設計、認証・認可、エラーハンドリング、セキュリティなど、堅牢なバックエンドシステム構築のベストプラクティス。
ios-security
iOSセキュリティ実装ガイド。認証・認可、データ暗号化、Keychain、証明書ピンニング、App Transport Security、脱獄検知、難読化など、セキュアなiOSアプリケーション開発のベストプラクティス。
security-patterns
Security architecture, authentication, authorization, and compliance patterns
graphql-security
Secure GraphQL APIs - authentication, authorization, rate limiting, and validation
ios-networking
Master iOS networking - URLSession, async/await, REST APIs, authentication
kotlin-ktor
Ktor framework - routing, authentication, WebSockets
redis-security
Master Redis security - authentication, ACL, TLS encryption, network hardening, and production security best practices
spring-security
Secure Spring Boot applications - authentication, authorization, OAuth2, JWT, CORS/CSRF protection
gcp-login
Authenticate to Google Cloud Platform using Application Default Credentials. Use when user selects GCP from cloud provider selection, or says "login to GCP", "gcloud auth", "authenticate to Google Cloud".
aws-login
Authenticate to AWS using SSO. Use when user selects AWS from cloud provider selection, or says "login to AWS", "AWS SSO", "authenticate to AWS".
rails-api
REST API specialist for Rails applications. Use when building API endpoints, implementing serialization, API versioning, JWT authentication, or creating API documentation. Focuses on RESTful design, performance, and consistency.
rails-security
Specialized skill for Rails security, authorization, and data protection. Use when implementing Pundit policies, Lockbox encryption, Blind Index searches, authentication, secure configuration, or fixing security vulnerabilities. Includes security best practices and common pitfall prevention.
bird
X/Twitter CLI for reading, searching, and posting via cookies or Sweetistics.
1password
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
mcporter
Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type generation.