Loading...
Loading...
Found 2,225 Skills
Repository-grounded threat modeling that enumerates trust boundaries, assets, attacker capabilities, abuse paths, and mitigations, and writes a concise Markdown threat model. Use when the user asks to threat model a codebase or path, enumerate threats or abuse paths, or perform AppSec threat modeling. Do NOT use for general architecture summaries, code review, security best practices (use security-best-practices), or non-security design work.
Deploy and operate Infisical self-hosted instances with Docker, Docker Compose, and Kubernetes. Covers architecture, environment variables, ENCRYPTION_KEY management, database setup, Redis configuration, production hardening, FIPS compliance, scaling, and high availability patterns.
Guideline for designing, implementing, and verifying secure Python applications following OWASP Top 10 best practices. Use when the user wants to: (1) review Python code for security vulnerabilities, (2) design a secure Python application architecture, (3) implement security features (authentication, authorization, cryptography, input validation), (4) audit Python dependencies for known vulnerabilities, (5) create security checklists or verification plans, (6) fix security bugs or harden existing Python code, (7) set up security testing and static analysis (bandit, safety, semgrep), or (8) handle any Python security concern including injection prevention, secure deserialization, SSRF protection, secrets management, and secure deployment.
After architecture is complete, produces a flat actionable rules sheet for programmers — what you must do, what you must never do, per system and per layer. Extracted from all Accepted ADRs, technical preferences, and engine reference docs. More immediately actionable than ADRs (which explain why).
Core Power BI data modeling, source connectivity, and platform fundamentals. PROACTIVELY activate for: (1) Power BI data modeling and star-schema design, (2) relationships (active/inactive, bidirectional, USERELATIONSHIP), (3) data-source selection (DirectQuery vs Import vs Direct Lake vs composite), (4) incremental refresh setup, (5) gateway configuration (on-prem and VNet gateways), (6) streaming datasets and push-data scenarios, (7) Dataflow Gen2 basics, (8) Power BI common gotchas and pitfalls (bidirectional filtering, AutoExist, blank-row), (9) workspace identity and OAuth2 / service-principal auth, (10) semantic model architecture review. Provides: star-schema templates, mode-selection matrix, incremental refresh recipe, gateway setup steps, and a common-gotchas reference.
Build messaging agents and apps with Spectrum — Photon's unified messaging SDK. Write your handler logic once and ship it across iMessage, WhatsApp Business, the terminal, or a custom platform. Spectrum is multi-platform by design and is becoming multi-language; the current SDK is `spectrum-ts` (TypeScript), with additional language SDKs planned. Use this skill for any Spectrum question — quickstart, multi-platform setup, receiving messages, content builders, spaces and users, reactions and replies, platform narrowing, the built-in providers (iMessage cloud/local/dedicated with message effects, Terminal TUI test harness, WhatsApp Business 1:1), custom event streams, graceful shutdown, building your own provider with `definePlatform`, and the production architecture patterns Photon uses internally to ship agents that live natively inside IM apps (five-stage inbound pipeline with debounce → batch flush → mark as read → generate → send, in-flight cancellation with abort signals, drain-in-handler, carry-forward, idempotent retries via stable client GUIDs and a startIndex resume cursor, per-resource memory scope `resourceId` vs `threadId`, durable job-failure audit log). This is the entry point for the skill; consult the topic files in this directory for full reference. Keywords: spectrum, spectrum-ts, photon, unified messaging, multi-platform, multi-language, im agent, messaging agent, imessage, whatsapp, whatsapp business, terminal, tuichat, definePlatform, custom platform, platform provider, platform narrowing, app.messages, Spectrum(), space, send, reply, react, tapback, typing indicator, responding, startTyping, stopTyping, content builder, text, attachment, voice, contact, richlink, poll, group, custom content, message effects, bubble effect, screen effect, line model, dedicated line, shared pool, custom events, app.stop, lifecycle, SIGINT, graceful shutdown, message queue, debounce, batch, in-flight, cancellation, abort controller, carry forward, idempotent retry, client guid, dedup, deduplication, startIndex, resume cursor, working memory, resourceId, threadId, per-resource memory, job failure, audit log, race condition, worker crash, retry, pg-boss, queue worker, conversational agent, chat agent, native messaging, agent architecture, production agent, spectrum patterns, best practices.
Analyze an AWS architecture for cost waste, right-sizing opportunities, and pricing model improvements aligned with the Well-Architected Cost Optimization pillar.
Always use when user asks to create, generate, or build an AWS architecture diagram, cloud infrastructure diagram, or system diagram with AWS services. Also activates for draw.io diagrams mentioning AWS services like Lambda, DynamoDB, S3, API Gateway, etc.
Event Sourcing, CQRS, Saga patterns, event bus (Kafka, RabbitMQ, AWS EventBridge). Use when implementing event-driven architecture, distributed transactions, or event sourcing.
Data Cloud 360° view of a single Agentforce session. TRIGGER when user asks to trace, inspect, summarize, or describe a specific Agentforce session by session id (Agent Session UUID `019d…` or MessagingSession id `0Mw…`). Also triggers on session discovery — find/list/search sessions by time, agent, channel, outcome, or conversation text — when the user has no session id yet. DO NOT TRIGGER for design-time architecture questions (use agentforce-architecture-analyze instead) or for runtime perf/latency/SLO questions that require platform telemetry beyond Data Cloud.
Implements infrastructure as code using Terraform, Kubernetes, and cloud platforms. Designs scalable architectures, CI/CD pipelines, and observability solutions. Provides security-first DevOps practices and site reliability engineering guidance.
Train Mixture of Experts (MoE) models using DeepSpeed or HuggingFace. Use when training large-scale models with limited compute (5× cost reduction vs dense models), implementing sparse architectures like Mixtral 8x7B or DeepSeek-V3, or scaling model capacity without proportional compute increase. Covers MoE architectures, routing mechanisms, load balancing, expert parallelism, and inference optimization.